From 8343ed7fcfe1994d82bbac973e7bcda47170daff Mon Sep 17 00:00:00 2001
From: Freyja Odinthrir <freyja@raer.me>
Date: Fri, 6 Sep 2024 02:14:46 -0700
Subject: [PATCH] Update docker deployment to rootless docker.

---
 .docker/.conf/nginx/nginx.conf            | 2 +-
 .docker/.conf/supervisor/supervisord.conf | 2 +-
 .docker/Dockerfile                        | 7 ++++++-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/.docker/.conf/nginx/nginx.conf b/.docker/.conf/nginx/nginx.conf
index eac684b..b156fa5 100644
--- a/.docker/.conf/nginx/nginx.conf
+++ b/.docker/.conf/nginx/nginx.conf
@@ -1,5 +1,5 @@
 worker_processes 4;
-pid /run/nginx.pid;
+pid /tmp/nginx.pid;
 
 
 error_log /dev/stderr info;
diff --git a/.docker/.conf/supervisor/supervisord.conf b/.docker/.conf/supervisor/supervisord.conf
index 11c40b8..6b75833 100644
--- a/.docker/.conf/supervisor/supervisord.conf
+++ b/.docker/.conf/supervisor/supervisord.conf
@@ -2,7 +2,7 @@
 nodaemon=true
 logfile=/dev/null
 logfile_maxbytes=0
-pidfile=/run/supervisord.pid
+pidfile=/tmp/supervisord.pid
 
 
 [program:nginx]
diff --git a/.docker/Dockerfile b/.docker/Dockerfile
index 1297372..c0935e7 100644
--- a/.docker/Dockerfile
+++ b/.docker/Dockerfile
@@ -4,12 +4,17 @@
 ##      Used by automation. Can be built manually for testing.
 ##
 ####
-FROM alpine:3.17
+FROM alpine:3.20
 RUN apk add nginx supervisor
 RUN mkdir -p /var/www
 RUN rm -rf /etc/nginx
 COPY dist /var/www/build
 COPY .conf/nginx /etc/nginx
 COPY .conf/supervisor/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+RUN chown -R nobody /var/www
+RUN chown -R nobody /etc/nginx
+RUN chown -R nobody /var/www/build
+RUN chown -R nobody /etc/supervisor/conf.d/
+USER nobodys
 CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
 EXPOSE 80
\ No newline at end of file