mirror of
https://github.com/deuill/coreos-home-server.git
synced 2024-09-21 13:40:45 +00:00
Run Prosody, LetsEncrypt as root
This is until we figure out the permissions issues that are causing service failures.
This commit is contained in:
parent
fa1b87af5a
commit
d6e9b9db4d
@ -1,6 +1 @@
|
|||||||
FROM docker.io/goacme/lego:v4.4.0
|
FROM docker.io/goacme/lego:v4.4.0
|
||||||
|
|
||||||
RUN addgroup --system --gid 10000 letsencrypt
|
|
||||||
RUN adduser --system --uid 10000 --ingroup letsencrypt --home /var/lib/letsencrypt letsencrypt
|
|
||||||
|
|
||||||
USER letsencrypt
|
|
||||||
|
@ -19,7 +19,5 @@ RUN prosodyctl check config
|
|||||||
VOLUME /var/lib/prosody
|
VOLUME /var/lib/prosody
|
||||||
ENV __FLUSH_LOG yes
|
ENV __FLUSH_LOG yes
|
||||||
|
|
||||||
USER prosody
|
|
||||||
EXPOSE 5222 5269 5280 5347
|
EXPOSE 5222 5269 5280 5347
|
||||||
|
|
||||||
ENTRYPOINT ["prosody"]
|
ENTRYPOINT ["prosody"]
|
||||||
|
@ -25,6 +25,10 @@ admins = {}
|
|||||||
-- For more information see: https://prosody.im/doc/libevent
|
-- For more information see: https://prosody.im/doc/libevent
|
||||||
use_libevent = true
|
use_libevent = true
|
||||||
|
|
||||||
|
-- Run Prosody under a restricted user and group, to prevent runaway permissions.
|
||||||
|
prosody_user = "prosody"
|
||||||
|
prosody_group = "prosody"
|
||||||
|
|
||||||
-- Prosody will always look in its source directory for modules, but
|
-- Prosody will always look in its source directory for modules, but
|
||||||
-- this option allows you to specify additional locations where Prosody
|
-- this option allows you to specify additional locations where Prosody
|
||||||
-- will look for modules first. For community modules, see https://modules.prosody.im/
|
-- will look for modules first. For community modules, see https://modules.prosody.im/
|
||||||
|
Loading…
Reference in New Issue
Block a user