Change to using a root user for local development

epicserve · epicserve · commit 8840355f333d · 2023-08-29T08:17:17.000-05:00
This fixes an issue that was happening where Vite and other JS related
tools where throwing write permission errors when running because the
web service would create files as non-privileged app user and then JS
tools would run as a non-privileged user and then try to write to
directories owned by root.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,16 @@
 # CHANGELOG
 
 
+## 2023-06-01
+
+### Changed
+
+* Changed to using a root user for local development. This fixes an issue that was happening where Vite and other JS
+  related tools where throwing write permission errors when running because the web service would create files as a
+  non-privileged app user and then JS tools would run as a non-privileged user and then try to write to
+  directories owned by root.
+
+
 ## 2023-06-01
 
 ### Changed
diff --git a/config/bash/bashrc b/config/bash/bashrc
@@ -1,3 +1,14 @@
+# Color prompt
+PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
+
+# Colorize `ls` output
+export SHELL=/bin/bash
+export LS_OPTIONS='--color=auto'
+eval "`dircolors`"
+alias ls='ls $LS_OPTIONS'
+alias ll='ls $LS_OPTIONS -l'
+alias l='ls $LS_OPTIONS -lA'
+
 # some more ls aliases
 alias ll='ls -l'
 alias la='ls -A'
diff --git a/config/docker/Dockerfile.web b/config/docker/Dockerfile.web
@@ -38,7 +38,8 @@ RUN apt-get update \
     && echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen \
     && echo "LANG=en_US.UTF-8" > /etc/locale.conf \
     && locale-gen en_US.UTF-8 \
-    && rm -rf /var/lib/apt/lists/*
+    && rm -rf /var/lib/apt/lists/* \
+    && echo "\nsource /srv/app/config/bash/bashrc" >> /root/.bashrc
 
 ENV VIRTUAL_ENV=/opt/venv
 ENV LANG=en_US.UTF-8 \
@@ -51,14 +52,8 @@ ENV LANG=en_US.UTF-8 \
 
 WORKDIR /srv/app
 
-RUN set -ex \
-    && groupadd -r app && useradd --uid=1000 --create-home --home-dir=/home/app --no-log-init -r -g app app \
-    && echo "\nsource ./config/bash/bashrc" >> /home/app/.bashrc
-
 COPY --from=python-requirements --chown=app:app $VIRTUAL_ENV $VIRTUAL_ENV
 
-USER app
-
 EXPOSE 8000/tcp 8001/tcp
 
 CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"]
@@ -88,14 +83,16 @@ FROM dev as prod
 
 WORKDIR /srv/app
 
-USER root
+RUN set -ex \
+    && groupadd -r app --gid=1000 && useradd --uid=1000 --create-home --home-dir=/home/app --no-log-init -r -g app app \
+    && echo "\nsource ./config/bash/bashrc" >> /home/app/.bashrc
+
+COPY --chown=app:app . .
 
-COPY . .
+USER app
 
 RUN SECRET_KEY=e python manage.py collectstatic --no-input
 
 COPY --from=js_assets --chown=app:app /srv/app/public/static/ ./collected_static
 
-USER app
-
 CMD ["uwsgi", "--ini", "config/uwsgi.ini", "--http", "0.0.0.0:8080"]
