feat: UID changed to 7000 to avoid colisions

homecentr · Apr 17, 2024 · beaaf10 · beaaf10
1 parent f86fdae
commit beaaf10
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -4,7 +4,10 @@ FROM node:lts-bookworm
 RUN npm install -g Haraka@3.0.2 && \
     npm install -g express@4.18.2 && \
     # Initialize a configuration directory
-    haraka -i /haraka
+    haraka -i /haraka && \
+    # Create non-root user
+    groupadd -g 7000 haraka && \
+    useradd -rm -g haraka -u 7000 haraka
 
 WORKDIR /haraka
 
@@ -14,16 +17,16 @@ RUN npm install @mailprotector/haraka-plugin-prometheus@1.0.6 --save
 COPY ./fs/ /
 
     # Prepare for non-root execution
-RUN chgrp -R node /haraka && \
-    chown -R node /haraka
+RUN chgrp -R haraka /haraka && \
+    chown -R haraka /haraka
 
 EXPOSE 2525
 EXPOSE 9904
 
 VOLUME [ "/haraka" ]
 
 WORKDIR /
-USER node
+USER haraka
 
 ENTRYPOINT [ "haraka" ]
 CMD [ "-c", "/haraka" ]
diff --git a/README.md b/README.md
@@ -39,4 +39,4 @@ services:
 The container is regularly scanned for vulnerabilities and updated. Further info can be found in the [Security tab](https://github.com/homecentr/docker-haraka-relay/security).
 
 ### Container user
-The container runs as a non-root user with UID/GID 1000 by default.
+The container runs as a non-root user with UID/GID 7000 by default.