From 207592ff57938536eafa99f2632d670d2bb9457e Mon Sep 17 00:00:00 2001
From: ben
Date: Sat, 4 Mar 2023 22:22:22 +0100
Subject: Isolating containers from internet access to enhance security.

---
 src/aichat/Dockerfile | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'src/aichat/Dockerfile')

diff --git a/src/aichat/Dockerfile b/src/aichat/Dockerfile
index 406dde2..a4d33bd 100644
--- a/src/aichat/Dockerfile
+++ b/src/aichat/Dockerfile
@@ -7,8 +7,15 @@ RUN update-ca-certificates
 RUN cargo install --target x86_64-unknown-linux-musl aichat
 
 ADD src/aichat/entrypoint.sh /entrypoint.sh
-ADD src/aichat/config.yaml /aichat_config_tpl.yaml
-
 RUN chmod 755 entrypoint.sh
 
+RUN useradd -ms /bin/bash aichat
+USER aichat
+WORKDIR /home/aichat
+
+RUN mkdir -p /home/aichat/.config/aichat
+
+ADD src/aichat/config.yaml /home/aichat/.config/aichat/config.yaml
+ADD src/aichat/roles /home/aichat/.config/aichat/roles
+
 ENTRYPOINT ["/entrypoint.sh"]
-- 
cgit v1.2.3