nonroot user (ui container)

docker-compose.yml

@@ -4,8 +4,13 @@ volumes:
     frontend_home:
 
 services:
+    # Frontend
     ui:
-        build: ui/docker
+        build: 
+            context: ui/docker
+            args: 
+                NONROOT_UID: 1000
+                NONROOT_GID: 1000
         restart: 'unless-stopped'
         volumes: 
             - "frontend_home:/home/node"
@@ -13,10 +18,12 @@ services:
         ports: 
             - 8000:8000
 
+    # Backend
     api:
         build: api
         restart: 'no'
 
+    # Common Proxy
     dev-proxy:
         build: dev-proxy
         restart: 'no'

ui/docker/Dockerfile

@@ -1,13 +1,28 @@
 FROM node:lts-alpine
 LABEL maintainer="joern-michael.miehe@lenaisten.de"
 
+# vue services directory
 WORKDIR /srv/vue
 
+# install vue cli
 RUN set -ex; \
     yarn global add @vue/cli
 
+# user setup
+ARG NONROOT_UID=1000
+ARG NONROOT_GID=1000
+
+# recycle node user
+RUN set -ex; \
+    deluser --remove-home node; \
+    addgroup -g ${NONROOT_GID} node; \
+    adduser --disabled-password --gecos '' --uid "${NONROOT_UID}" --ingroup node node
+
+# user change
 USER node
 
+# persistent home directory
 VOLUME [ "/home/node" ]
 
+# run vue ui
 CMD [ "vue", "ui", "-H", "0.0.0.0" ]