Jennie Robinson Faber
ed05044464
- nginx: deny all requests to hidden files (/.git/config was publicly readable) - nginx: remove CSS injection and /custom/ static file serving - cron: install script deps at build time into /opt to avoid ro mount conflict - docker-compose: widen cron build context for package.json COPY - Delete unused theme/ghost-guild.css
24 lines
557 B
Docker
24 lines
557 B
Docker
FROM alpine:3.20
|
|
|
|
RUN apk add --no-cache \
|
|
bash \
|
|
docker-cli \
|
|
git \
|
|
nodejs \
|
|
npm \
|
|
openssh-client \
|
|
gzip
|
|
|
|
WORKDIR /app
|
|
|
|
# Install script dependencies at build time (into /opt so the ro volume mount doesn't shadow them)
|
|
COPY scripts/package*.json /opt/scripts-deps/
|
|
RUN cd /opt/scripts-deps && npm install --omit=dev
|
|
ENV NODE_PATH=/opt/scripts-deps/node_modules
|
|
|
|
COPY cron/crontab /etc/crontabs/root
|
|
COPY cron/entrypoint.sh /entrypoint.sh
|
|
RUN chmod +x /entrypoint.sh
|
|
|
|
ENTRYPOINT ["/entrypoint.sh"]
|
|
CMD ["crond", "-f", "-l", "2"]
|