From 3a94541de7f2fc764e9cfdbb1167ea37000f487c Mon Sep 17 00:00:00 2001 From: cuqmbr Date: Tue, 12 Aug 2025 19:16:05 +0300 Subject: [PATCH 1/2] rearranged Dockerfile statements and add remove cache after locale installation --- Dockerfile | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 46766c7..39348d8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,19 +15,22 @@ RUN mkdir ${DATA_PATH}/logs && \ # Generate unicode locale so that cyrillic characters display properly RUN apt-get update -y && apt-get install -y locales && \ echo en_US.UTF-8 UTF-8 > /etc/locale.gen && \ - dpkg-reconfigure --frontend=noninteractive locales + dpkg-reconfigure --frontend=noninteractive locales && \ + rm -Rf var/lib/apt/lists/* ENV LANG en_US.UTF-8 VOLUME ${DATA_PATH} +EXPOSE 25565/tcp + + ENV MEMORY=1G ENV PROXY_SECRET=change_me -WORKDIR ${WORKDIR_PATH}/config -EXPOSE 25565/tcp +WORKDIR ${WORKDIR_PATH}/config CMD \ sed -i "s/_PROXY_SECRET_/${PROXY_SECRET}/g" settings.yml && \ From 89b19b820d0c758cedbe95529c42a22f4f726ff9 Mon Sep 17 00:00:00 2001 From: cuqmbr Date: Tue, 12 Aug 2025 19:16:39 +0300 Subject: [PATCH 2/2] add uid/gid selection to run application as in Dockerfile --- Dockerfile | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 39348d8..1ef47de 100644 --- a/Dockerfile +++ b/Dockerfile @@ -33,5 +33,18 @@ ENV PROXY_SECRET=change_me WORKDIR ${WORKDIR_PATH}/config CMD \ + # Create and switch to user with desired UID and GID. + # All processes that create/change files in ${DATA_PATH} + # must be run under this user. + groupadd -g ${GID} worker && \ + useradd -M -g ${GID} -u ${UID} worker && \ + chmod -R o-rwx ${WORKDIR_PATH} && \ + + # Add proxy secret sed -i "s/_PROXY_SECRET_/${PROXY_SECRET}/g" settings.yml && \ - java -Xms${MEMORY} -Xmx${MEMORY} -jar *.jar --nogui + + # Change UID and GID of used files to desired values. + chown -R worker:worker ${WORKDIR_PATH} && \ + + # Launch + su worker -c "java -Xms${MEMORY} -Xmx${MEMORY} -jar *.jar --nogui"