mirrors/homebox
1
0
Fork 1
mirror of https://github.com/hay-kot/homebox.git synced 2025-07-06 18:48:34 +00:00
Code Issues Projects Releases Packages Wiki Activity

feat: Low-Privileged and Distroless Docker Image (#372)

Browse source 
* feat: use distroless image and non-root user

* fix: remove conflicts after merge

* chore: Commen the Dockerfile

* chore: Update documentation to reflect image changes

* Split docker build in latest and latest-rootless

One more job added to the publish Github Action, to build and push TAG-rootless
images.

* fix: add missing workflow

* feat: update documentation about double tags

* feat: update readme with double tags

---------

Co-authored-by: daniele <daniele@coolbyte.eu>
This commit is contained in:
D M 2023-05-13 21:38:57 +03:00 committed by GitHub
parent 56c98e6e3a
commit 66e25ba068
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 86 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

16
docs/docs/quick-start.md
View file

@ -4,14 +4,24 @@
Great for testing out the application, but not recommended for stable use. Checkout the docker-compose for the recommended deployment.
For each image there are two tags, respectively the regular tag and $TAG-rootless, which uses a non-root image.
```sh
docker run -d \
# If using the rootless image, ensure data
# folder has correct permissions
$ mkdir -p /path/to/data/folder
$ chown 65532:65532 -R /path/to/data/folder
# ---------------------------------------
# Run the image
$ docker run -d \
--name homebox \
--restart unless-stopped \
--publish 3100:7745 \
--env TZ=Europe/Bucharest \
--volume /path/to/data/folder/:/data \
ghcr.io/hay-kot/homebox:latest
# ghcr.io/hay-kot/homebox:latest-rootless
```
## Docker-Compose
@ -22,6 +32,7 @@ version: "3.4"
services:
homebox:
image: ghcr.io/hay-kot/homebox:latest
# image: ghcr.io/hay-kot/homebox:latest-rootless
container_name: homebox
restart: always
environment:
@ -38,6 +49,9 @@ volumes:
driver: local
```
!!! note
If you use the `rootless` image, and instead of using named volumes you would prefer using a hostMount directly (e.g., `volumes: [ /path/to/data/folder:/data ]`) you need to `chown` the chosen directory in advance to the `65532` user (as shown in the Docker example above).
## Env Variables & Configuration
| Variable | Default | Description |