-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathBase.Dockerfile
More file actions
37 lines (30 loc) · 1.11 KB
/
Base.Dockerfile
File metadata and controls
37 lines (30 loc) · 1.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# Base image with Liberica OpenJRE and Pandoc
FROM bellsoft/liberica-openjre-debian:25
# Install dependencies
RUN apt-get update && \
apt-get install -y wget texlive-xetex && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Install latest pandoc with architecture detection
RUN ARCH=$(dpkg --print-architecture) && \
if [ "$ARCH" = "amd64" ]; then \
PANDOC_URL="https://github.com/jgm/pandoc/releases/download/3.8.2.1/pandoc-3.8.2.1-1-amd64.deb"; \
elif [ "$ARCH" = "arm64" ]; then \
PANDOC_URL="https://github.com/jgm/pandoc/releases/download/3.8.2.1/pandoc-3.8.2.1-1-arm64.deb"; \
else \
echo "Unsupported architecture: $ARCH" && exit 1; \
fi && \
wget "$PANDOC_URL" && \
dpkg -i pandoc-*.deb && \
rm pandoc-*.deb
# Create application user for security
RUN useradd --create-home --shell /bin/bash kotbusta
# Create app and data directories with proper permissions
RUN mkdir -p /app/data && \
chown -R kotbusta:kotbusta /app
# Switch to non-root user
USER kotbusta
# Set working directory
WORKDIR /app
# Expose port (for documentation purposes)
EXPOSE 8080