Drop privs when running admin too

main
Florent Daigniere 2 years ago
parent 42cd5bf2dc
commit 699be6f9fa

@ -9,23 +9,23 @@ LABEL version=$VERSION
RUN set -euxo pipefail \
; apk add --no-cache libressl mariadb-connector-c postgresql-libs
COPY --from=assets /work/static/ ./mailu/static/
EXPOSE 80/tcp
HEALTHCHECK CMD curl -skfLo /dev/null http://localhost/sso/login
VOLUME ["/data","/dkim"]
ENV FLASK_APP=mailu
COPY --from=assets /work/static/ ./mailu/static/
COPY audit.py /
COPY start.py /
COPY migrations/ ./migrations/
COPY mailu/ ./mailu/
RUN set -euxo pipefail \
; venv/bin/pybabel compile -d mailu/translations
RUN echo $VERSION >/version
EXPOSE 80/tcp
HEALTHCHECK CMD curl -skfLo /dev/null http://localhost/sso/login?next=ui.index
VOLUME ["/data","/dkim"]
ENV FLASK_APP=mailu
CMD /start.py

@ -2,8 +2,14 @@
import os
import logging as log
from pwd import getpwnam
import sys
os.system("chown mailu:mailu -R /data /dkim")
mailu_id = getpwnam('mailu')
os.setgid(mailu_id.pw_gid)
os.setuid(mailu_id.pw_uid)
log.basicConfig(stream=sys.stderr, level=os.environ.get("LOG_LEVEL", "INFO"))
os.system("flask mailu advertise")

Loading…
Cancel
Save