hanh.tonguyen/paperclip
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #400 from AiMagic5000/fix/docker-non-root-node-user

Browse Source 
fix(docker): run production server as non-root node user
This commit is contained in:
Dotta
2026-03-09 12:18:20 -05:00
committed by GitHub
parent 9859bac440 57406dbc90
commit 200dd66f63
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Dockerfile
View File

@@ -32,8 +32,10 @@ RUN test -f server/dist/index.js || (echo "ERROR: server build output missing" &
FROM base AS production FROM base AS production
WORKDIR /app WORKDIR /app
COPY --from=build /app /app COPY --chown=node:node --from=build /app /app
RUN npm install --global --omit=dev @anthropic-ai/claude-code@latest @openai/codex@latest opencode-ai RUN npm install --global --omit=dev @anthropic-ai/claude-code@latest @openai/codex@latest opencode-ai \
&& mkdir -p /paperclip \
&& chown node:node /paperclip
ENV NODE_ENV=production \ ENV NODE_ENV=production \
HOME=/paperclip \ HOME=/paperclip \
@@ -49,4 +51,5 @@ ENV NODE_ENV=production \
VOLUME ["/paperclip"] VOLUME ["/paperclip"]
EXPOSE 3100 EXPOSE 3100
USER node
CMD ["node", "--import", "./server/node_modules/tsx/dist/loader.mjs", "server/dist/index.js"] CMD ["node", "--import", "./server/node_modules/tsx/dist/loader.mjs", "server/dist/index.js"]