2774f97d57
Running an Appsmith as a non-root user: ```sh docker run --name appsmith --user 70:70 ``` The `70:70` figures are the UID and GID respectively. It can mostly be any number, safe to user figures are 70 to 79, or anything above 200 and below 65000. The important bit, is that it shouldn't change on restart or manual updates etc. No product functionality should be affected when running as a non-root user.
30 lines
786 B
Bash
30 lines
786 B
Bash
#!/usr/bin/env bash
|
|
|
|
set -e
|
|
|
|
ENV_PATH="/appsmith-stacks/configuration/docker.env"
|
|
PRE_DEFINED_ENV_PATH="$TMP/pre-define.env"
|
|
if [[ -f /appsmith-stacks/configuration/docker.env ]]; then
|
|
echo 'Load environment configuration'
|
|
set -o allexport
|
|
. "$ENV_PATH"
|
|
. "$PRE_DEFINED_ENV_PATH"
|
|
set +o allexport
|
|
fi
|
|
|
|
if [[ -n $APPSMITH_CUSTOM_DOMAIN ]]; then
|
|
data_path="/appsmith-stacks/data/certificate"
|
|
domain="$APPSMITH_CUSTOM_DOMAIN"
|
|
rsa_key_size=4096
|
|
|
|
certbot certonly --webroot --webroot-path="$data_path/certbot" \
|
|
--register-unsafely-without-email \
|
|
--domains $domain \
|
|
--rsa-key-size $rsa_key_size \
|
|
--agree-tos \
|
|
--force-renewal
|
|
supervisorctl restart editor
|
|
else
|
|
echo 'Custom domain not configured. Cannot enable SSL without a custom domain.' >&2
|
|
fi
|