diff --git a/src/Admin/Dockerfile b/src/Admin/Dockerfile index 57da39a4e0..8a83d521db 100644 --- a/src/Admin/Dockerfile +++ b/src/Admin/Dockerfile @@ -1,13 +1,17 @@ FROM microsoft/aspnetcore:2.0.5 +USER root RUN groupadd -g 999 bitwarden && \ useradd -r -u 999 -g bitwarden bitwarden -USER bitwarden +USER bitwarden WORKDIR /app EXPOSE 80 COPY obj/Docker/publish . - COPY entrypoint.sh / + +USER root RUN chmod +x /entrypoint.sh + +USER bitwarden ENTRYPOINT ["/entrypoint.sh"] diff --git a/src/Api/Dockerfile b/src/Api/Dockerfile index 7238300b1d..a1ac1a658c 100644 --- a/src/Api/Dockerfile +++ b/src/Api/Dockerfile @@ -1,5 +1,6 @@ FROM microsoft/aspnetcore:2.0.5 +USER root RUN apt-get update \ && apt-get install -y --no-install-recommends \ cron \ @@ -7,17 +8,23 @@ RUN apt-get update \ RUN groupadd -g 999 bitwarden && \ useradd -r -u 999 -g bitwarden bitwarden -USER bitwarden +USER bitwarden WORKDIR /app EXPOSE 80 COPY obj/Docker/publish/Api . - COPY obj/Docker/publish/Jobs /jobs + +USER root RUN mv /jobs/crontab /etc/cron.d/bitwarden-cron \ && chmod 0644 /etc/cron.d/bitwarden-cron \ && touch /var/log/cron.log +USER bitwarden COPY entrypoint.sh / + +USER root RUN chmod +x /entrypoint.sh + +USER bitwarden ENTRYPOINT ["/entrypoint.sh"] diff --git a/src/Icons/Dockerfile b/src/Icons/Dockerfile index 9085b4f474..705f84d63c 100644 --- a/src/Icons/Dockerfile +++ b/src/Icons/Dockerfile @@ -1,5 +1,6 @@ FROM microsoft/aspnetcore:2.0.5 +USER root RUN apt-get update \ && apt-get install -y --no-install-recommends \ unzip \ @@ -7,8 +8,8 @@ RUN apt-get update \ RUN groupadd -g 999 bitwarden && \ useradd -r -u 999 -g bitwarden bitwarden -USER bitwarden +USER bitwarden WORKDIR /tmp COPY iconserver.sha256 . RUN curl -L -o iconserver.zip https://github.com/mat/besticon/releases/download/v3.6.0/iconserver_linux_amd64.zip \ @@ -21,5 +22,9 @@ EXPOSE 80 COPY obj/Docker/publish . COPY entrypoint.sh / + +USER root RUN chmod +x /entrypoint.sh + +USER bitwarden ENTRYPOINT ["/entrypoint.sh"] diff --git a/src/Icons/entrypoint.sh b/src/Icons/entrypoint.sh index 6e716551ba..31c44c0614 100644 --- a/src/Icons/entrypoint.sh +++ b/src/Icons/entrypoint.sh @@ -1,4 +1,4 @@ #!/bin/sh -/etc/iconserver/iconserver & +/iconserver/iconserver & dotnet /app/Icons.dll iconsSettings:bestIconBaseUrl=http://localhost:8080 diff --git a/src/Identity/Dockerfile b/src/Identity/Dockerfile index 57da39a4e0..8a83d521db 100644 --- a/src/Identity/Dockerfile +++ b/src/Identity/Dockerfile @@ -1,13 +1,17 @@ FROM microsoft/aspnetcore:2.0.5 +USER root RUN groupadd -g 999 bitwarden && \ useradd -r -u 999 -g bitwarden bitwarden -USER bitwarden +USER bitwarden WORKDIR /app EXPOSE 80 COPY obj/Docker/publish . - COPY entrypoint.sh / + +USER root RUN chmod +x /entrypoint.sh + +USER bitwarden ENTRYPOINT ["/entrypoint.sh"] diff --git a/util/Attachments/Dockerfile b/util/Attachments/Dockerfile index e8879368c9..eec51825c4 100644 --- a/util/Attachments/Dockerfile +++ b/util/Attachments/Dockerfile @@ -1,7 +1,11 @@ FROM bitwarden/server +USER bitwarden EXPOSE 80 - COPY entrypoint.sh / + +USER root RUN chmod +x /entrypoint.sh + +USER bitwarden ENTRYPOINT ["/entrypoint.sh"] diff --git a/util/MsSql/Dockerfile b/util/MsSql/Dockerfile index c6c9d0db81..d45bbb7490 100644 --- a/util/MsSql/Dockerfile +++ b/util/MsSql/Dockerfile @@ -1,18 +1,26 @@ FROM microsoft/mssql-server-linux:2017-CU4 +USER root RUN apt-get update \ && apt-get install -y --no-install-recommends \ cron \ && rm -rf /var/lib/apt/lists/* +RUN groupadd -g 999 bitwarden && \ + useradd -r -u 999 -g bitwarden bitwarden + COPY crontab /etc/cron.d/bitwarden-cron RUN chmod 0644 /etc/cron.d/bitwarden-cron \ && touch /var/log/cron.log +USER bitwarden COPY backup-db.sql / COPY backup-db.sh / -RUN chmod +x /backup-db.sh - COPY entrypoint.sh / + +USER root +RUN chmod +x /backup-db.sh RUN chmod +x /entrypoint.sh + +USER bitwarden ENTRYPOINT ["/entrypoint.sh"] diff --git a/util/Nginx/Dockerfile b/util/Nginx/Dockerfile index dbde5ebcf7..ce37e28bd5 100644 --- a/util/Nginx/Dockerfile +++ b/util/Nginx/Dockerfile @@ -1,9 +1,17 @@ FROM nginx:1.12 +USER root +RUN groupadd -g 999 bitwarden && \ + useradd -r -u 999 -g bitwarden bitwarden + +USER bitwarden COPY nginx.conf /etc/nginx COPY proxy.conf /etc/nginx COPY mime.types /etc/nginx - COPY entrypoint.sh / + +USER root RUN chmod +x /entrypoint.sh + +USER bitwarden ENTRYPOINT ["/entrypoint.sh"] diff --git a/util/Server/Dockerfile b/util/Server/Dockerfile index dfa84babd1..49774362dc 100644 --- a/util/Server/Dockerfile +++ b/util/Server/Dockerfile @@ -1,7 +1,8 @@ FROM microsoft/aspnetcore:2.0.5 +USER root RUN groupadd -g 999 bitwarden && \ useradd -r -u 999 -g bitwarden bitwarden -USER bitwarden +USER bitwarden COPY obj/Docker/publish /bitwarden_server diff --git a/util/Setup/Dockerfile b/util/Setup/Dockerfile index d780a514bd..85132b040f 100644 --- a/util/Setup/Dockerfile +++ b/util/Setup/Dockerfile @@ -1,13 +1,14 @@ FROM microsoft/dotnet:2.0.5-runtime +USER root RUN apt-get update \ && apt-get install -y --no-install-recommends \ openssl \ -&& rm -rf /var/lib/apt/lists/* + && rm -rf /var/lib/apt/lists/* RUN groupadd -g 999 bitwarden && \ useradd -r -u 999 -g bitwarden bitwarden -USER bitwarden +USER bitwarden WORKDIR /app COPY obj/Docker/publish .