Isolating containers from internet access to enhance security.

author: ben 2023-03-04 22:22:22 +0100
committer: ben 2025-03-04 21:47:15 +0100
commit: 207592ff57938536eafa99f2632d670d2bb9457e (patch)
tree: 25e89078fad54f86d2691b21e8390b36e44e1aa5 /src/aichat/Dockerfile
parent: f3eae794ace20d10edc4e970ce6258a47fb3b4d9 (diff)
download: ai_env-207592ff57938536eafa99f2632d670d2bb9457e.tar.gz
ai_env-207592ff57938536eafa99f2632d670d2bb9457e.tar.bz2
ai_env-207592ff57938536eafa99f2632d670d2bb9457e.tar.xz
1 files changed, 9 insertions, 2 deletions
diff --git a/src/aichat/Dockerfile b/src/aichat/Dockerfile
index 406dde2..a4d33bd 100644
--- a/src/aichat/Dockerfile
+++ b/src/aichat/Dockerfile
@@ -7,8 +7,15 @@ RUN update-ca-certificates
 RUN cargo install --target x86_64-unknown-linux-musl aichat
 
 ADD src/aichat/entrypoint.sh /entrypoint.sh
-ADD src/aichat/config.yaml /aichat_config_tpl.yaml
-
 RUN chmod 755 entrypoint.sh
 
+RUN useradd -ms /bin/bash aichat
+USER aichat
+WORKDIR /home/aichat
+
+RUN mkdir -p /home/aichat/.config/aichat
+
+ADD src/aichat/config.yaml /home/aichat/.config/aichat/config.yaml
+ADD src/aichat/roles /home/aichat/.config/aichat/roles
+
 ENTRYPOINT ["/entrypoint.sh"]
author	ben	2023-03-04 22:22:22 +0100
committer	ben	2025-03-04 21:47:15 +0100
commit	207592ff57938536eafa99f2632d670d2bb9457e (patch)
tree	25e89078fad54f86d2691b21e8390b36e44e1aa5 /src/aichat/Dockerfile
parent	f3eae794ace20d10edc4e970ce6258a47fb3b4d9 (diff)
download	ai_env-207592ff57938536eafa99f2632d670d2bb9457e.tar.gz ai_env-207592ff57938536eafa99f2632d670d2bb9457e.tar.bz2 ai_env-207592ff57938536eafa99f2632d670d2bb9457e.tar.xz