sandbox-web-ide/backend/server/dockerfile

FROM node:20

# Security: Drop all capabilities
USER root
RUN apt-get update && apt-get install -y libcap2-bin
RUN setcap cap_net_bind_service=+ep /usr/local/bin/node

WORKDIR /code

COPY package*.json ./

RUN npm install

COPY . .

RUN npm run build

# Security: Create non-root user and assign ownership
RUN useradd -m appuser
RUN mkdir projects && chown -R appuser:appuser projects
USER appuser

# todo user namespace mapping

EXPOSE 5173
EXPOSE 4000

CMD [ "node", "dist/index.js" ]
improve prompting + add dockerfile for ws 2024-05-03 12:56:44 -07:00			`FROM node:20`

improve orchestrator, docker settings, and ui layouts 2024-05-12 22:06:11 -07:00			`# Security: Drop all capabilities`
			`USER root`
start kv 2024-05-25 01:16:25 -07:00			`RUN apt-get update && apt-get install -y libcap2-bin`
			`RUN setcap cap_net_bind_service=+ep /usr/local/bin/node`
improve orchestrator, docker settings, and ui layouts 2024-05-12 22:06:11 -07:00
improve prompting + add dockerfile for ws 2024-05-03 12:56:44 -07:00			`WORKDIR /code`

			`COPY package*.json ./`

			`RUN npm install`

			`COPY . .`

			`RUN npm run build`

start kv 2024-05-25 01:16:25 -07:00			`# Security: Create non-root user and assign ownership`
works 2024-05-25 20:13:31 -07:00			`RUN useradd -m appuser`
			`RUN mkdir projects && chown -R appuser:appuser projects`
			`USER appuser`
firejail 2024-05-24 01:28:50 -07:00
works 2024-05-25 20:13:31 -07:00			`# todo user namespace mapping`
start kv 2024-05-25 01:16:25 -07:00
revert to local hosting 2024-05-26 17:28:52 -07:00			`EXPOSE 5173`
works 2024-05-25 20:13:31 -07:00			`EXPOSE 4000`
improve prompting + add dockerfile for ws 2024-05-03 12:56:44 -07:00
start kv 2024-05-25 01:16:25 -07:00			`CMD [ "node", "dist/index.js" ]`