From 41033e32e04f3d36b77aa9b2597e5c414486f06a Mon Sep 17 00:00:00 2001
From: Jacek Kowalski <Jacek@jacekk.info>
Date: Wed, 18 Oct 2017 20:58:34 +0000
Subject: [PATCH] Run image as user unifi using USER directive and not sudo

---
 Dockerfile |   24 ++++++++++++++++--------
 1 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 3968933..5c8419b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,21 +1,29 @@
-FROM debian
+FROM openjdk:8-jre-slim
 MAINTAINER Jacek Kowalski <Jacek@jacekk.info>
 
-ENV UNIFI_VERSION 4.8.17
+ENV UNIFI_VERSION 5.4.19
 
 RUN apt-get update \
-	&& apt-get -y dist-upgrade \
-	&& apt-get -y install wget jsvc openjdk-7-jre-headless mongodb-server binutils \
-	&& apt-get -y clean
+	&& apt-get -y install \
+		wget jsvc mongodb-server binutils procps sudo \
+	&& apt-get -y clean \
+	&& rm -Rf /var/lib/apt/lists/*
 
 RUN cd /tmp \
-	&& wget "http://dl.ubnt.com/unifi/${UNIFI_VERSION}/unifi_sysvinit_all.deb" \
+	&& wget "https://www.ubnt.com/downloads/unifi/${UNIFI_VERSION}/unifi_sysvinit_all.deb" \
 	&& dpkg -i unifi_sysvinit_all.deb \
-	&& rm -rf /var/lib/unifi/*
+	&& rm -rf unifi_sysvinit_all.deb /var/lib/unifi/* \
+	&& groupadd -r -g 500 unifi \
+	&& useradd -r -d /usr/lib/unifi -u 500 -g 500 unifi \
+	&& mkdir /usr/lib/unifi/data /var/lib/unifi \
+	&& chown -Rf unifi:unifi /usr/lib/unifi /var/lib/unifi
 
 EXPOSE 8080 8081 8443 8843 8880
 
 VOLUME /usr/lib/unifi/data
 
 WORKDIR /var/lib/unifi
-CMD ["/usr/bin/java", "-Xmx1024M", "-jar", "/usr/lib/unifi/lib/ace.jar", "start"]
+COPY run.sh /run.sh
+CMD /run.sh
+
+USER unifi

--
Gitblit v1.9.1