mathias/hyperguild
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases Wiki Activity

fix: add .dockerignore and non-root USER to Dockerfile

Browse Source
This commit is contained in:
Mathias Bergqvist
2026-04-20 20:27:42 +02:00
parent 7ce544a051
commit 3796cfca87
2 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.dockerignore Normal file
View File

@@ -0,0 +1,10 @@
.git
.gitea
.worktrees
.DS_Store
*.log
.env*
.vscode
.idea
bin/
brain/

5
Dockerfile
View File

@@ -29,6 +29,9 @@ COPY --from=builder /out/supervisor /usr/local/bin/supervisor
# Bake in config (models.yaml + skill discipline files) # Bake in config (models.yaml + skill discipline files)
COPY config/ /app/config/ COPY config/ /app/config/
# Run as non-root
RUN groupadd -r supervisor && useradd -r -g supervisor -d /app supervisor
WORKDIR /app WORKDIR /app
# brain/ is writable state — mount a PersistentVolume here # brain/ is writable state — mount a PersistentVolume here
@@ -40,6 +43,8 @@ ENV SUPERVISOR_BRAIN_DIR=/app/brain
ENV SUPERVISOR_SESSIONS_DIR=/app/brain/sessions ENV SUPERVISOR_SESSIONS_DIR=/app/brain/sessions
ENV SUPERVISOR_PORT=3200 ENV SUPERVISOR_PORT=3200
USER supervisor
EXPOSE 3200 EXPOSE 3200
ENTRYPOINT ["/usr/local/bin/supervisor"] ENTRYPOINT ["/usr/local/bin/supervisor"]