From 14e3db80b59f73b54dd4f8d9de5d2ae648cad073 Mon Sep 17 00:00:00 2001
From: Jean-Christian Denis <contact@jcdenis.fr>
Date: Fri, 13 Dec 2024 18:05:41 +0100
Subject: [PATCH] try to run entrypoint as non root user

---
 Dockerfile           | 7 +++++++
 docker-entrypoint.sh | 4 ----
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 4453611..d655e88 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -154,7 +154,14 @@ WORKDIR /var/www/dotclear/app
 
 # Add container starting script
 ADD docker-entrypoint.sh /entrypoint.sh
+USER www
 ENTRYPOINT ["/bin/sh", "/entrypoint.sh"]
+USER root 
+
+# FPM must start first in daemon mode
+# Then nginx in no daemon mode
+SHELL ["/bin/sh", "-c"]
+CMD php-fpm84 -D && nginx
 
 # Docker container healthcheck
 HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:80/fpm-ping || exit 1
\ No newline at end of file
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index bc4d199..bd26d74 100644
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -95,8 +95,4 @@ echo >&2 "│ ◦ PHP $(php84 -r "echo PHP_VERSION;")"
 echo >&2 "│ ◦ Dotclear ${VERSION_INSTALLED}"
 echo >&2 '└──'
 
-# Start web server
-php-fpm84 -D # FPM must start first in daemon mode
-nginx # Then nginx in no daemon mode
-
 exec "$@"
\ No newline at end of file