Skip to content

Commit cbd253e

Browse files
johnpcjohnpc
authored
feat: enable non-root container behavior (#15)
Co-authored-by: John Corser <[email protected]>
1 parent e61a2bf commit cbd253e

File tree

2 files changed

+38
-29
lines changed

2 files changed

+38
-29
lines changed

Dockerfile

Lines changed: 37 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,17 @@
11
# Use Node.js LTS (Long Term Support) as base image
22
FROM node:20-bullseye
33

4-
# Set working directory
5-
WORKDIR /app
4+
# Create app user and group with configurable UID/GID
5+
ENV PUID=1000
6+
ENV PGID=1000
67

8+
RUN mkdir -p /app
9+
RUN chown node:node /app
10+
11+
# Modify existing node user instead of creating new one
12+
RUN groupmod -g ${PGID} node && \
13+
usermod -u ${PUID} -g ${PGID} node && \
14+
chown -R node:node /home/node
715
RUN apt-get clean
816

917
# Install system dependencies including ffmpeg, Python, and cron
@@ -15,27 +23,21 @@ RUN apt-get update && apt-get install -y \
1523
cron \
1624
&& rm -rf /var/lib/apt/lists/*
1725

18-
# Install pipx
19-
RUN python3 -m pip install --user pipx \
20-
&& python3 -m pipx ensurepath
21-
22-
# Add pipx to PATH
23-
ENV PATH="/root/.local/bin:$PATH"
24-
25-
# Install ffsubsync and autosubsync using pipx
26-
RUN pipx install ffsubsync \
27-
&& pipx install autosubsync
26+
USER node
27+
# Set working directory
28+
WORKDIR /app
2829

2930
# Copy package.json and package-lock.json (if available)
30-
COPY package*.json ./
31+
COPY --chown=node:node package*.json ./
3132

3233
# Install Node.js dependencies while skipping husky installation
3334
ENV HUSKY=0
3435
RUN npm install --ignore-scripts
3536

3637
# Copy the rest of your application
37-
COPY . .
38-
RUN mv bin/* /root/.local/bin/
38+
COPY --chown=node:node . .
39+
RUN mkdir -p /home/node/.local/bin/
40+
RUN cp bin/* /home/node/.local/bin/
3941

4042
# Build TypeScript
4143
RUN npm run build
@@ -44,27 +46,33 @@ RUN npm run build
4446
# Set default cron schedule (if not provided by environment variable)
4547
ENV CRON_SCHEDULE="0 0 * * *"
4648

47-
# Create startup script with environment variable
49+
# Install pipx
50+
RUN python3 -m pip install --user pipx \
51+
&& python3 -m pipx ensurepath
52+
53+
# Add pipx to PATH
54+
ENV PATH="/home/node/.local/bin:$PATH"
55+
56+
# Install ffsubsync and autosubsync using pipx
57+
RUN pipx install ffsubsync \
58+
&& pipx install autosubsync
59+
60+
61+
# Create startup script with proper permissions
4862
RUN echo '#!/bin/bash\n\
49-
# Add cron job\n\
50-
echo "${CRON_SCHEDULE} cd /app && /usr/local/bin/node /app/dist/index.js >> /var/log/cron.log 2>&1" > /etc/cron.d/subsyncarr\n\
51-
chmod 0644 /etc/cron.d/subsyncarr\n\
52-
crontab /etc/cron.d/subsyncarr\n\
53-
\n\
54-
# Start cron\n\
55-
service cron start\n\
63+
# Add cron job to user crontab\n\
64+
crontab - <<EOF\n\
65+
${CRON_SCHEDULE} cd /app && /usr/local/bin/node /app/dist/index.js >> /var/log/subsyncarr/cron.log 2>&1\n\
66+
EOF\n\
5667
\n\
5768
# Run the initial instance of the app\n\
5869
node dist/index.js\n\
59-
\n\
60-
# Keep container running\n\
61-
tail -f /var/log/cron.log' > /app/startup.sh
70+
mkdir -p /app/logs/\n\
71+
touch /app/logs/app.log\n\
72+
tail -f /app/logs/app.log' > /app/startup.sh
6273

6374
# Make startup script executable
6475
RUN chmod +x /app/startup.sh
6576

66-
# Create log file
67-
RUN touch /var/log/cron.log
68-
6977
# Use startup script as entrypoint
7078
CMD ["/app/startup.sh"]

src/findAllSrtFiles.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ export async function findAllSrtFiles(config: ScanConfig): Promise<string[]> {
2222
entry.isFile() &&
2323
extname(entry.name).toLowerCase() === '.srt' &&
2424
!entry.name.includes('.ffsubsync.') &&
25+
!entry.name.includes('.alass.') &&
2526
!entry.name.includes('.autosubsync.')
2627
) {
2728
files.push(fullPath);

0 commit comments

Comments
 (0)