Merge pull request #188 from computerfr33k/workspace-user
Use workspace as non-root user
This commit is contained in:
		| @@ -227,6 +227,8 @@ You can select your own combination of container form this list: | |||||||
| docker exec -it {Workspace-Container-Name} bash | docker exec -it {Workspace-Container-Name} bash | ||||||
| ``` | ``` | ||||||
| Replace `{Workspace-Container-Name}` with your Workspace container name. | Replace `{Workspace-Container-Name}` with your Workspace container name. | ||||||
|  | <br /> | ||||||
|  | Add `--user=laradock` to have files created as your host's user. (don't forget to change the PUID (User id) and PGID (group id) variables in docker-compose.yml). | ||||||
| <br> | <br> | ||||||
| To find the containers names type `docker-compose ps`. | To find the containers names type `docker-compose ps`. | ||||||
|  |  | ||||||
| @@ -657,7 +659,7 @@ More details about this [here](https://github.com/jenssegers/laravel-mongodb#ins | |||||||
| 7 - Test it: | 7 - Test it: | ||||||
|  |  | ||||||
| - First let your Models extend from the Mongo Eloquent Model. Check the [documentation](https://github.com/jenssegers/laravel-mongodb#eloquent). | - First let your Models extend from the Mongo Eloquent Model. Check the [documentation](https://github.com/jenssegers/laravel-mongodb#eloquent). | ||||||
| - Enter the Workspace Container `docker exec -it laradock_workspace_1 bash`. | - Enter the Workspace Container `docker exec -it --user=laradock laradock_workspace_1 bash`. | ||||||
| - Migrate the Database `php artisan migrate`. | - Migrate the Database `php artisan migrate`. | ||||||
|  |  | ||||||
|  |  | ||||||
|   | |||||||
| @@ -12,6 +12,8 @@ services: | |||||||
|                 - INSTALL_XDEBUG=false |                 - INSTALL_XDEBUG=false | ||||||
|                 - INSTALL_NODE=false |                 - INSTALL_NODE=false | ||||||
|                 - COMPOSER_GLOBAL_INSTALL=false |                 - COMPOSER_GLOBAL_INSTALL=false | ||||||
|  |                 - PUID=1000 | ||||||
|  |                 - PGID=1000 | ||||||
|         volumes_from: |         volumes_from: | ||||||
|             - volumes_source |             - volumes_source | ||||||
|         tty: true |         tty: true | ||||||
|   | |||||||
| @@ -60,12 +60,25 @@ RUN if [ ${INSTALL_MONGO} = true ]; then \ | |||||||
|     echo "extension=mongodb.so" >> /etc/php/7.0/cli/php.ini \ |     echo "extension=mongodb.so" >> /etc/php/7.0/cli/php.ini \ | ||||||
| ;fi | ;fi | ||||||
|  |  | ||||||
|  | ##################################### | ||||||
|  | # Non-Root User: | ||||||
|  | ##################################### | ||||||
|  |  | ||||||
|  | # Add a non-root user to prevent files being created with root permissions on host machine. | ||||||
|  | ARG PUID=1000 | ||||||
|  | ARG PGID=1000 | ||||||
|  | RUN groupadd -g $PGID laradock && \ | ||||||
|  |     useradd -u $PUID -g laradock -m laradock | ||||||
|  |      | ||||||
|  | # Now switch to our laradock user for the rest of user setup | ||||||
|  | USER laradock | ||||||
|  |  | ||||||
| ##################################### | ##################################### | ||||||
| # Composer: | # Composer: | ||||||
| ##################################### | ##################################### | ||||||
|  |  | ||||||
| # Add the composer.json | # Add the composer.json | ||||||
| ADD ./composer.json /root/.composer/composer.json | ADD ./composer.json /home/laradock/.composer/composer.json | ||||||
|  |  | ||||||
| # Check if global install need to be runned | # Check if global install need to be runned | ||||||
| ARG COMPOSER_GLOBAL_INSTALL=true | ARG COMPOSER_GLOBAL_INSTALL=true | ||||||
| @@ -84,13 +97,13 @@ ARG INSTALL_NODE=true | |||||||
| ENV INSTALL_NODE ${INSTALL_NODE} | ENV INSTALL_NODE ${INSTALL_NODE} | ||||||
| RUN if [ ${INSTALL_NODE} = true ]; then \ | RUN if [ ${INSTALL_NODE} = true ]; then \ | ||||||
|     # Install nvm (A Node Version Manager) |     # Install nvm (A Node Version Manager) | ||||||
|     curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.31.1/install.sh | bash \ |     curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.31.3/install.sh | bash \ | ||||||
| ;fi | ;fi | ||||||
| # Again check if NVM needs to be installed | # Again check if NVM needs to be installed | ||||||
| # I had to split this condifiton link this because when I get it inside the above if statment is refuses to work! | # I had to split this condition link this because when I get it inside the above if statement is refuses to work! | ||||||
| ENV if [ ${INSTALL_NODE} = true ]; then \ | ENV if [ ${INSTALL_NODE} = true ]; then \ | ||||||
|     # Set the ENV |     # Set the ENV | ||||||
|     NVM_DIR=/root/.nvm \ |     NVM_DIR=/home/laradock/.nvm \ | ||||||
|     # Install NodeJS with NVM |     # Install NodeJS with NVM | ||||||
|     RUN . ~/.nvm/nvm.sh && \ |     RUN . ~/.nvm/nvm.sh && \ | ||||||
|         nvm install stable && \ |         nvm install stable && \ | ||||||
| @@ -99,6 +112,14 @@ ENV if [ ${INSTALL_NODE} = true ]; then \ | |||||||
|         npm install -g gulp bower \ |         npm install -g gulp bower \ | ||||||
| ;fi | ;fi | ||||||
|  |  | ||||||
|  | # Wouldn't execute when added to the RUN statement in the above block | ||||||
|  | # Source NVM when loading bash since ~/.profile isn't loaded on non-login shell | ||||||
|  | RUN if [ ${INSTALL_NODE} = true ]; then \ | ||||||
|  |     echo "" >> ~/.bashrc && \ | ||||||
|  |     echo 'export NVM_DIR="$HOME/.nvm"' >> ~/.bashrc && \ | ||||||
|  |     echo '[ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh"  # This loads nvm' >> ~/.bashrc \ | ||||||
|  | ;fi | ||||||
|  |  | ||||||
| # | # | ||||||
| #-------------------------------------------------------------------------- | #-------------------------------------------------------------------------- | ||||||
| # Final Touch | # Final Touch | ||||||
| @@ -106,6 +127,7 @@ ENV if [ ${INSTALL_NODE} = true ]; then \ | |||||||
| # | # | ||||||
|  |  | ||||||
| # Clean up | # Clean up | ||||||
|  | USER root | ||||||
| RUN apt-get clean && \ | RUN apt-get clean && \ | ||||||
|     rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* |     rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* | ||||||
|  |  | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user
	 Mahmoud Zalt
					Mahmoud Zalt