mirror of
https://github.com/gristlabs/grist-core.git
synced 2024-10-27 20:44:07 +00:00
a8431c69a7
De-escalates to a normal user when the docker image is run as root. Allows GRIST_DOCKER_USER and GRIST_DOCKER_GROUP to be passed to override the default de-escalation behaviour. Backwards compatible with previous root installations. -------- This change adds a new docker_entrypoint.sh, which when run as root de-escalates to the provided user, defaulting to grist:grist. This is similar to the approach used by the official postgres docker image. To achieve backwards compatibility, it changes ownership of any files in `/persist` to the user it's given at runtime. Since the docker container is typically run as root, this should always work. If the container is run as a standard user from the very start: * It's the admin's responsibility to ensure `/persist` is writable by that user. * `/grist` remains owned by root and is read-only. |
||
|---|---|---|
| .. | ||
| docker | ||
| grist | ||
| gvisor | ||
| pyodide | ||
| bundle_as_wheel.sh | ||
| docker_entrypoint.sh | ||
| gen_js_schema.py | ||
| install_tz.js | ||
| MANIFEST.in | ||
| requirements3.in | ||
| requirements3.txt | ||
| requirements.txt | ||
| run.sh | ||
| setup.py | ||
| supervisor.mjs | ||
| watch.sh | ||