&& useradd -r -g peertube -m peertube
# grab gosu for easy step-down from root
-# https://github.com/tianon/gosu/releases
-ENV GOSU_VERSION 1.10
-RUN set -ex; \
- \
- fetchDeps='ca-certificates wget'; \
- apt-get update; \
- apt-get install -y --no-install-recommends $fetchDeps; \
- rm -rf /var/lib/apt/lists/*; \
- \
- dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
- wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
- wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
- export GNUPGHOME="$(mktemp -d)"; \
- for server in $(shuf -e ha.pool.sks-keyservers.net \
- hkp://p80.pool.sks-keyservers.net:80 \
- keyserver.ubuntu.com \
- hkp://keyserver.ubuntu.com:80 \
- pgp.mit.edu) ; do \
- gpg --keyserver "$server" --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 && break || : ; \
- done; \
- gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
- rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
- chmod +x /usr/local/bin/gosu; \
- gosu nobody true; \
- \
- apt-get purge -y --auto-remove wget
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y gosu; \
+ rm -rf /var/lib/apt/lists/*; \
+ gosu nobody true
# Install PeerTube
WORKDIR /app
projects / oweals / peertube.git / commitdiff