From ab8351fbb89a4f99a02315ac13711a5c985426fa Mon Sep 17 00:00:00 2001 From: Dennis Benz Date: Mon, 16 Dec 2024 14:31:43 +0100 Subject: [PATCH 1/2] Add docker entrypoint script --- Dockerfile | 6 +++--- entrypoint.sh | 9 +++++++++ 2 files changed, 12 insertions(+), 3 deletions(-) create mode 100755 entrypoint.sh diff --git a/Dockerfile b/Dockerfile index b5d7a0a..ef692de 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,11 +13,11 @@ RUN pip install --no-cache-dir -r /kiwi/requirements.txt COPY . /kiwi WORKDIR /kiwi -# Set the user to 'nobody' for security -USER nobody +# Create non-root user for security +RUN useradd -s /bin/bash streamlituser # Healthcheck to ensure the app is running HEALTHCHECK CMD curl --fail http://localhost:8501/_stcore/health || exit 1 # Run the Streamlit app -ENTRYPOINT ["streamlit", "run", "app.py", "--server.port=8501", "--server.address=0.0.0.0"] \ No newline at end of file +ENTRYPOINT ["./entrypoint.sh"] diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100755 index 0000000..28ef7fa --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +set -e + +# Keep package yt-dlp updated on container start up +pip install --no-cache-dir yt-dlp + +# Run with streamlit user for security +runuser -u streamlituser -- streamlit run app.py --server.port=8501 --server.address=0.0.0.0 "$@" From c2e3ec8871440e48c4a700448c162cd50f24b71a Mon Sep 17 00:00:00 2001 From: Dennis Benz Date: Mon, 6 Jan 2025 14:23:45 +0100 Subject: [PATCH 2/2] Add upgrade option to pip install --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 28ef7fa..d195462 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -3,7 +3,7 @@ set -e # Keep package yt-dlp updated on container start up -pip install --no-cache-dir yt-dlp +pip install --upgrade --no-cache-dir yt-dlp # Run with streamlit user for security runuser -u streamlituser -- streamlit run app.py --server.port=8501 --server.address=0.0.0.0 "$@"