From d48d4d9d84123925327896bff9e7be20778463f8 Mon Sep 17 00:00:00 2001
From: Neffi42 <114996380+Neffi42@users.noreply.github.com>
Date: Mon, 5 Aug 2024 19:06:11 +0200
Subject: [PATCH] updated Django to run as non-root

---
 django/Dockerfile | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/django/Dockerfile b/django/Dockerfile
index 0e2789d5..c0f9c53f 100644
--- a/django/Dockerfile
+++ b/django/Dockerfile
@@ -4,6 +4,11 @@ WORKDIR /app
 EXPOSE 8000
 VOLUME [ "/app" ]
 
+RUN groupadd -r appUser && useradd -r -g appUser appUser
+RUN chown appUser:appUser /app
+RUN mkdir /static
+RUN chown appUser:appUser /static
+
 ENV PYTHONDONTWRITEBYTECODE 1
 ENV PYTHONUNBUFFERED=1
 
@@ -16,4 +21,6 @@ RUN pip install --no-cache-dir -r requirements.txt
 COPY conf/entrypoint.sh /entrypoint.sh
 RUN chmod a+x /entrypoint.sh
 
+USER appUser
+
 CMD [ "/entrypoint.sh" ]