# Default user is 'luminlab' with uid 1000, gid 1000 # FROM node:16-alpine AS lean FROM node:16-alpine3.18 AS lean ARG USERNAME=luminlab ARG GROUPNAME=${USERNAME} ARG USER_UID=1000 ARG USER_GID=${USER_UID} ARG CURR_GROUPNAME=node ARG CURR_USERNAME=node # ARG PY_VER=3.10 # FROM python:${PY_VER} as lean # Install nginx and give permissions to 'luminlab' # See https://www.rockyourcode.com/run-docker-nginx-as-non-root-user/ #ubuntu # RUN apt-get update && apt-get install -y python3.9 python3.9-dev USER root # RUN apt-get -y install nginx #alpine RUN apk update && apk upgrade && apk add --update python3 py3-pip RUN apk add --no-cache --upgrade bash #install command service RUN apk add openrc --no-cache #install command usermod RUN apk add --update shadow #for local checking network RUN apk --no-cache add curl RUN apk add --update nginx #ubuntu # Set up a new user named "luminlab" with user ID 1000 # RUN useradd -m -u 1000 luminlab # groupadd luminlab &&\ # usermod -aG luminlab luminlab #alpine # RUN addgroup -S luminlab && adduser -S luminlab -G luminlab RUN groupmod -n ${GROUPNAME} ${CURR_GROUPNAME} RUN usermod -g ${GROUPNAME} --login ${USERNAME} ${CURR_USERNAME} RUN mkdir -p /var/cache/nginx \ /var/log/nginx \ /var/lib/nginx RUN touch /var/run/nginx/nginx.pid #ubuntu # RUN touch /run/nginx/nginx.pid #alpine RUN touch /run/nginx/nginx.pid RUN chown -R luminlab /var/cache/nginx \ /var/log/nginx \ /var/lib/nginx \ #alpine /var/run/nginx/nginx.pid #ubuntu # /var/run/nginx.pid # RUN chmod 777 /var/cache/nginx /var/run /var/log/nginx # COPY --chown=luminlab .nginx/nginx.conf /etc/nginx/conf.d/default.conf COPY --chown=luminlab .nginx/nginx.conf /etc/nginx/nginx.conf COPY --chown=luminlab requirements.txt /app/requirements.txt RUN pip install --no-cache-dir -r /app/requirements.txt # # Set home to the user's home directory # ENV HOME=/home/luminlab \ # PATH=/home/luminlab/.local/bin:$PATH # # Set the working directory to the user's home directory # WORKDIR $HOME/app # syntax=docker/dockerfile:1.4 # ENV HOME=/home/luminlab \ # PATH=/home/luminlab/.local/bin:$PATH # RUN mkdir $HOME/app # 1. For build React app FROM lean AS dev # COPY package.json /app/package.json COPY package-lock.json /app/package-lock.json COPY --chown=luminlab . /app WORKDIR /app # RUN pip install flask # Same as npm install RUN npm ci RUN mkdir node_modules/.cache && chmod -R 777 node_modules/.cache # COPY --chown=luminlab:luminlab . . ENV CI=true ENV PORT=3000 # CMD [ "npm", "start" ] # FROM development AS build # RUN npm run build # Install dependencies and build app as non-root # USER luminlab # ENV HOME=/home/luminlab \ # PATH=/home/luminlab/.local/bin:$PATH # RUN mkdir $HOME/app # WORKDIR $HOME/app # COPY --chown=pn requirements.txt requirements.txt # RUN pip install --no-cache-dir -r requirements.txt # # Copy nginx configuration # COPY --chown=luminlab nginx.conf /etc/nginx/sites-available/default # COPY --chown=luminlab . . USER luminlab:luminlab FROM lean AS prod COPY --chown=luminlab --from=dev /app /app # Remove default nginx static assets # RUN rm -rf ./* # WORKDIR /usr/share/nginx/html WORKDIR /app COPY --chown=luminlab ./run_hf.sh /app/run_hf.sh EXPOSE 3000 EXPOSE 5000 #flask EXPOSE 8001 EXPOSE 8000 # EXPOSE 80 RUN chmod 777 /app/run_hf.sh # Copy static assets from builder stage # RUN chown -R luminlab:luminlab /var # Switch to the "user" user # ENTRYPOINT ["sh", "run_hf.sh"] # ENTRYPOINT ["/bin/bash", "/app/run_hf.sh"] CMD ["/bin/bash", "/app/run_hf.sh"] # ENTRYPOINT ["nginx", "-g", "daemon off;"]