2025-08-12 19:34:08 +00:00
1 changed files with 14 additions and 1 deletions
--- a/15
+++ b/15
@ -29,6 +29,9 @@ VOLUME ${DATA_PATH}
 EXPOSE 25565/tcp
 ENV GID=988
 ENV UID=999
 ENV MEMORY=4G
 ENV PROXY_SECRET=00000000-0000-0000-0000-000000000000
@ -70,6 +73,13 @@ WORKDIR ${WORKDIR_PATH}/config
 # TODO: Make awk commands sapn multiple lines
 # TODO: Use one call to awk to perform substitutions
 CMD \
    # Create and switch to user with desired UID and GID.
    # All processes that create/change files in ${DATA_PATH}
    # must be run under this user.
    groupadd -g ${GID} worker && \
    useradd -M -g ${GID} -u ${UID} worker && \
    chmod -R o-rwx ${WORKDIR_PATH} && \
    # Add proxy secret
    sed -i "s/_PROXY_SECRET_/${PROXY_SECRET}/g" forwarding.secret && \
@ -118,4 +128,7 @@ CMD \
    sed -i "s/_SONAR_DB_USERNAME_/${SONAR_DB_USERNAME}/g" plugins/sonar/config.yml && \
    sed -i "s/_SONAR_DB_PASSWORD_/${SONAR_DB_PASSWORD}/g" plugins/sonar/config.yml && \
-    java -Xms${MEMORY} -Xmx${MEMORY} -XX:+UseG1GC -XX:G1HeapRegionSize=4M -XX:+UnlockExperimentalVMOptions -XX:+ParallelRefProcEnabled -XX:+AlwaysPreTouch -XX:MaxInlineLevel=15 -jar *.jar
+    # Change UID and GID of used files to desired values.
    chown -R worker:worker ${WORKDIR_PATH} && \
    su worker -c "java -Xms${MEMORY} -Xmx${MEMORY} -XX:+UseG1GC -XX:G1HeapRegionSize=4M -XX:+UnlockExperimentalVMOptions -XX:+ParallelRefProcEnabled -XX:+AlwaysPreTouch -XX:MaxInlineLevel=15 -jar *.jar"