Change /sbin/init to /sbin/init-docker - start nginx and php-fpm non-root

2024-12-30 23:27:46 +11:00 · 2024-12-30 23:27:46 +11:00 · 1db72c181a
commit 1db72c181a
parent d62cc85c97
3 changed files with 13 additions and 5 deletions
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@ -51,11 +51,19 @@ COPY msmtprc /etc/
 COPY docker/www.conf /usr/local/etc/php-fpm.d/
 COPY docker/nginx-app.conf /etc/nginx/http.d/default.conf
-COPY docker/init /sbin/
+COPY docker/init-docker /sbin/init-docker
-RUN chmod 550 /sbin/init && chown 0:0 /sbin/init
+
 # Startup as non-root configuration
 RUN chmod 550 /sbin/init-docker && chown www-data:0 /sbin/init-docker
 RUN addgroup nginx www-data && addgroup www-data nginx \
 	&& chgrp www-data /run/nginx /var/log/nginx /var/lib/nginx/tmp \
 	&& chmod g+w /run/nginx /var/log/nginx \
 	&& chmod g+rwx /var/lib/nginx/tmp
 RUN sed -i -e 's/user nginx;/#user nginx;/' /etc/nginx/nginx.conf
 USER www-data
 VOLUME [ "/var/cache/composer" ]
 WORKDIR /var/www/html
 EXPOSE 80
-ENTRYPOINT [ "/sbin/init" ]
+ENTRYPOINT [ "/sbin/init-docker" ]
 CMD [ "php-fpm" ]
--- a/docker/init-docker
+++ b/docker/init-docker
--- a/docker/www.conf
+++ b/docker/www.conf
@ -1,12 +1,12 @@
 [www]
-group = www-data
+;group = www-data
 listen = 127.0.0.1:9000
 pm = dynamic
 pm.max_children = 25
 pm.max_spare_servers = 10
 pm.min_spare_servers = 5
 pm.start_servers = 10
-user = www-data
+;user = www-data
 prefix = /var/www/html
 php_admin_value[memory_limit] = 512M
 php_admin_value[max_execution_time] = 300