mirror of
https://github.com/seaweedfs/seaweedfs.git
synced 2025-11-08 10:17:28 +08:00
b8bef0328b
* add non-root user * using -g more clearly expresses the intent of setting the primary group for the new user * no cache * read only * specific perm
44 lines
980 B
Docker
44 lines
980 B
Docker
FROM alpine AS final
|
|
LABEL author="Chris Lu"
|
|
COPY ./weed /usr/bin/
|
|
COPY ./weed_pub* /usr/bin/
|
|
COPY ./weed_sub* /usr/bin/
|
|
RUN mkdir -p /etc/seaweedfs
|
|
COPY ./filer.toml /etc/seaweedfs/filer.toml
|
|
COPY ./entrypoint.sh /entrypoint.sh
|
|
|
|
# Install dependencies and create non-root user
|
|
RUN apk add --no-cache fuse curl && \
|
|
addgroup -g 1000 seaweed && \
|
|
adduser -D -u 1000 -g seaweed seaweed
|
|
|
|
# volume server grpc port
|
|
EXPOSE 18080
|
|
# volume server http port
|
|
EXPOSE 8080
|
|
# filer server grpc port
|
|
EXPOSE 18888
|
|
# filer server http port
|
|
EXPOSE 8888
|
|
# master server shared grpc port
|
|
EXPOSE 19333
|
|
# master server shared http port
|
|
EXPOSE 9333
|
|
# s3 server http port
|
|
EXPOSE 8333
|
|
# webdav server http port
|
|
EXPOSE 7333
|
|
|
|
# Create data directory and set proper ownership for seaweed user
|
|
RUN mkdir -p /data/filerldb2 && \
|
|
chown -R seaweed:seaweed /data && \
|
|
chmod 755 /entrypoint.sh
|
|
|
|
VOLUME /data
|
|
WORKDIR /data
|
|
|
|
# Switch to non-root user
|
|
USER seaweed
|
|
|
|
ENTRYPOINT ["/entrypoint.sh"]
|