dragonlock2/matthewtran.com
1
0
Fork 0
mirror of https://github.com/dragonlock2/matthewtran.com.git synced 2026-06-28 01:58:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

(untested) make nginx run as non-root

Browse Source
This commit is contained in:
Matthew Tran
2025-02-19 03:16:52 -08:00
parent dd072e76d8
commit 36c4019c01
9 changed files with 104 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files
website/Dockerfile
+7 -11
View File
@@ -5,18 +5,14 @@ ENV TZ=America/Los_Angeles
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
RUN apt-get update && apt-get -y upgrade
RUN apt-get install -y nginx certbot python3-certbot-nginx python3-pip
RUN apt-get install -y nginx certbot python3-pip
RUN pip3 install sendgrid --break-system-packages
RUN rm /etc/nginx/sites-enabled/default
USER ubuntu
WORKDIR /home/ubuntu
RUN mkdir nginx certbot
# enable site
# TODO make the website code not terrible ;-;
COPY matthewtran.com /etc/nginx/sites-available
RUN ln -s /etc/nginx/sites-available/matthewtran.com /etc/nginx/sites-enabled/matthewtran.com
COPY html /var/www/matthewtran.com/html
# start script
WORKDIR /root
COPY sendgrid.ke[y] ip_update.py ./
COPY entry.sh ./
COPY --chown=ubuntu:ubuntu html ./html
COPY --chown=ubuntu:ubuntu sendgrid.ke[y] ip_update.py ./
COPY --chown=ubuntu:ubuntu server.conf entry.sh ./