mirror of
https://github.com/avatao-content/baseimage-tutorial-framework
synced 2024-11-22 18:41:32 +00:00
Implement TFW & challenge solver user separation
This commit is contained in:
parent
68fc4ca050
commit
19f819c142
@ -53,14 +53,17 @@ COPY nginx/nginx.conf ${TFW_NGINX_CONF}
|
|||||||
COPY nginx/default.conf ${TFW_NGINX_DEFAULT}
|
COPY nginx/default.conf ${TFW_NGINX_DEFAULT}
|
||||||
COPY lib ${TFW_LIB_DIR}
|
COPY lib ${TFW_LIB_DIR}
|
||||||
|
|
||||||
|
RUN for dir in "${TFW_LIB_DIR}" "/etc/nginx" "/etc/supervisor"; do \
|
||||||
|
chown -R root:root "$dir" && chmod -R 700 "$dir"; \
|
||||||
|
done
|
||||||
|
|
||||||
ONBUILD ARG BUILD_CONTEXT="."
|
ONBUILD ARG BUILD_CONTEXT="."
|
||||||
ONBUILD ARG NOFRONTEND=""
|
ONBUILD ARG NOFRONTEND=""
|
||||||
|
|
||||||
ONBUILD COPY ${BUILD_CONTEXT}/nginx/components/ ${TFW_NGINX_COMPONENTS}
|
ONBUILD COPY ${BUILD_CONTEXT}/nginx/components/ ${TFW_NGINX_COMPONENTS}
|
||||||
ONBUILD COPY ${BUILD_CONTEXT}/supervisor/components/ ${TFW_SUPERVISORD_COMPONENTS}
|
ONBUILD COPY ${BUILD_CONTEXT}/supervisor/components/ ${TFW_SUPERVISORD_COMPONENTS}
|
||||||
|
|
||||||
ONBUILD RUN chown -R ${AVATAO_USER} /var/log/nginx /var/lib/nginx &&\
|
ONBUILD RUN for f in "${TFW_NGINX_DEFAULT}" ${TFW_NGINX_COMPONENTS}/*.conf; do \
|
||||||
for f in "${TFW_NGINX_DEFAULT}" ${TFW_NGINX_COMPONENTS}/*.conf; do \
|
|
||||||
envsubst "$(printenv | cut -d= -f1 | grep TFW_ | sed -e 's/^/$/g')" < $f > $f~ && mv $f~ $f ;\
|
envsubst "$(printenv | cut -d= -f1 | grep TFW_ | sed -e 's/^/$/g')" < $f > $f~ && mv $f~ $f ;\
|
||||||
done
|
done
|
||||||
ONBUILD VOLUME ["/etc/nginx", "/var/lib/nginx", "/var/log/nginx"]
|
ONBUILD VOLUME ["/etc/nginx", "/var/lib/nginx", "/var/log/nginx"]
|
||||||
|
@ -5,6 +5,7 @@ from tfw.components.terminado_mini_server import TerminadoMiniServer
|
|||||||
from tfw.event_handler_base import TriggerlessEventHandler
|
from tfw.event_handler_base import TriggerlessEventHandler
|
||||||
from tfw.config import TFWENV
|
from tfw.config import TFWENV
|
||||||
from tfw.config.logs import logging
|
from tfw.config.logs import logging
|
||||||
|
from tao.config import TAOENV
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
@ -14,7 +15,7 @@ class TerminadoEventHandler(TriggerlessEventHandler):
|
|||||||
super().__init__(key)
|
super().__init__(key)
|
||||||
self.working_directory = TFWENV.TERMINADO_DIR
|
self.working_directory = TFWENV.TERMINADO_DIR
|
||||||
self._historymonitor = monitor
|
self._historymonitor = monitor
|
||||||
self.terminado_server = TerminadoMiniServer('/terminal', TFWENV.TERMINADO_PORT, TFWENV.TERMINADO_WD, ['bash'])
|
self.terminado_server = TerminadoMiniServer('/terminal', TFWENV.TERMINADO_PORT, TFWENV.TERMINADO_WD, ['sudo', '-u', TAOENV.USER, 'bash'])
|
||||||
self.commands = {'write': self.write,
|
self.commands = {'write': self.write,
|
||||||
'read': self.read}
|
'read': self.read}
|
||||||
if self._historymonitor:
|
if self._historymonitor:
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
[supervisord]
|
[supervisord]
|
||||||
user=user
|
user=root
|
||||||
logfile = /tmp/supervisord.log
|
logfile = /tmp/supervisord.log
|
||||||
loglevel = debug
|
loglevel = debug
|
||||||
pidfile = /tmp/supervisord.pid
|
pidfile = /tmp/supervisord.pid
|
||||||
|
Loading…
Reference in New Issue
Block a user