How to run as a user and not root
hopenbr opened this issue · comments
Brian Hop commented
Hello,
I need to run as a user other than root
FROM tiangolo/uvicorn-gunicorn-fastapi:python3.8-alpine3.10
COPY ./app /app
COPY requirements.txt ./
RUN pip install --no-cache-dir -r requirements.txt \
&& addgroup -S appgroup && adduser -S appuser -G appgroup
USER appuser
Yet when I run image from above dockerfile it errors with below msg
Same code works without issues when I remove USER
line above and run as root user
Checking for script in /app/prestart.sh
Running script /app/prestart.sh
Running inside /app/prestart.sh, you could add migrations to this file, e.g.:
#! /usr/bin/env bash
# Let the DB start
sleep 10;
# Run migrations
alembic upgrade head
{"loglevel": "info", "workers": 2, "bind": "0.0.0.0:80", "graceful_timeout": 120, "timeout": 120, "keepalive": 5, "errorlog": "-", "accesslog": "-", "workers_per_core": 1.0, "use_max_workers": null, "host": "0.0.0.0", "port": "80"}
[2020-06-18 19:16:07 +0000] [1] [INFO] Starting gunicorn 20.0.4
[2020-06-18 19:16:07 +0000] [1] [ERROR] Retrying in 1 second.
[2020-06-18 19:16:08 +0000] [1] [ERROR] Retrying in 1 second.
[2020-06-18 19:16:09 +0000] [1] [ERROR] Retrying in 1 second.
[2020-06-18 19:16:10 +0000] [1] [ERROR] Retrying in 1 second.
[2020-06-18 19:16:11 +0000] [1] [ERROR] Retrying in 1 second.
[2020-06-18 19:16:12 +0000] [1] [ERROR] Can't connect to ('0.0.0.0', 80)
what am I missing?
Brian Hop commented
okay think it the default port 80 issue
needed to change the port via
ENV PORT 8080
working fine now
Sebastián Ramírez commented
Cool! Thanks for reporting back and closing the issue
Thomas commented
For whose using classic fastapi "python" image (not the alpine one) the command to add a user:
RUN useradd -ms /bin/bash appuser
USER appuser