Oskar Kapala
19fd8799d9
node-agent had no USER instruction and no user: in compose, running as root and writing root-owned files to /opt/homelab bind-mount. - Dockerfile: add useradd -m -u 1000 homelab + USER homelab - docker-compose.yml: add user: "1000:1000" and group_add: ["999"] (GID 999 = docker group on VPS) to retain docker.sock access Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
25 lines
718 B
Docker
25 lines
718 B
Docker
FROM python:3.11-slim
|
|
|
|
WORKDIR /app
|
|
|
|
# openssh-client + rsync: used for optional event shipping to VPS
|
|
# (only active when VPS_EVENTS_HOST is set in the environment)
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
openssh-client \
|
|
rsync \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# docker SDK : container health checks and cleanup (dangling images, prune)
|
|
# psutil : fallback system metrics (not used in main path; /proc is primary)
|
|
# pyyaml : may be needed for reading host config snippets
|
|
RUN pip install --no-cache-dir "docker>=6.0" psutil pyyaml
|
|
|
|
RUN useradd -m -u 1000 homelab
|
|
|
|
COPY src/ /app/src/
|
|
|
|
ENV PYTHONUNBUFFERED=1
|
|
|
|
USER homelab
|
|
CMD ["python", "src/node_agent.py"]
|