You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Mounting volumes into Docker containers is safe as long as you properly manage file permissions. Ensure the volume is only writable by the container user, and limit access to sensitive data.
FROM node:20.17-alpine3.20 as base
LABEL fly_launch_runtime="Remix"# Create a non-root userRUN addgroup -S appgroup && adduser -S appuser -G appgroup
# Remix app lives hereWORKDIR /app
# Set production environmentENV NODE_ENV=production
ENV APP_DATABASE_URL=/data/sqlite.db
# Create the data directory and set permissionsRUN mkdir /data && chown appuser:appgroup /data && chmod 755 /data
# Throw-away build stage to reduce size of final imageFROM base as build
# Install node modulesCOPY --link package-lock.json package.json ./
RUN npm ci --include=dev
# Copy application codeCOPY --link . .
# Build applicationRUN npm run build
# Remove development dependenciesRUN npm prune --omit=dev
# Final stage for app imageFROM base
# Copy built applicationCOPY --from=build /app/build /app/build
COPY --from=build /app/node_modules /app/node_modules
COPY --from=build /app/package.json /app/package.json
COPY --from=build /app/server.mjs /app/server.mjs
COPY --from=build /app/migrations /app/migrations
# Ensure the non-root user has access to /dataRUN chown -R appuser:appgroup /app /data
# Switch to the non-root userUSER appuser
# Start the server by default, this can be overwritten at runtimeEXPOSE 3000
CMD [ "npm", "run", "start" ]
Mounting volumes into Docker containers is safe as long as you properly manage file permissions. Ensure the volume is only writable by the container user, and limit access to sensitive data.
Fra chat
https://chatgpt.com/c/6710066e-1cc4-800e-8617-751009d1d33d
The text was updated successfully, but these errors were encountered: