From 942f17b2f436a28eccd341e4ec2f3d04fe4648ca Mon Sep 17 00:00:00 2001
From: dousha <lijiahao34@live.com>
Date: Sat, 21 May 2022 13:25:59 +0800
Subject: [PATCH 1/2] fix docker file permissions so 777 is no longer needed

---
 Dockerfile      | 10 ++++++++--
 start-docker.sh |  4 ++++
 2 files changed, 12 insertions(+), 2 deletions(-)
 create mode 100755 start-docker.sh

diff --git a/Dockerfile b/Dockerfile
index 7f03916de..0687992b7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,13 +18,19 @@ RUN set -x \
         nasm \
         libpng-dev \
         python3 \
+        wget \
     && npm install --production \
     && apk del .build-dependencies
 
+# Some setup tools need to be kept
+RUN apk add --no-cache su-exec
+
 # Bundle app source
 COPY . .
 
-USER node
+# Add application user and setup proper volume permissions
+RUN adduser -s /bin/false node; exit 0
 
+# Start the application
 EXPOSE 8080
-CMD [ "node", "./src/www" ]
+CMD [ "./start-docker.sh" ]
diff --git a/start-docker.sh b/start-docker.sh
new file mode 100755
index 000000000..e214560ea
--- /dev/null
+++ b/start-docker.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+chown -R node:node /home/node
+su-exec node node ./src/www

From 308b0f746404c9de4fa9863460c5010a23cdc932 Mon Sep 17 00:00:00 2001
From: Jiahao Lee <lijiahao34@live.com>
Date: Sun, 22 May 2022 03:35:26 +0800
Subject: [PATCH 2/2] Remove unneeded packages

---
 Dockerfile | 1 -
 1 file changed, 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 0687992b7..018d634e9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,7 +18,6 @@ RUN set -x \
         nasm \
         libpng-dev \
         python3 \
-        wget \
     && npm install --production \
     && apk del .build-dependencies