Apply some good security practices

[bordenit]

1. Don't run as root.
2. Apply securityContext
3. If it works, I can trust using your container more as it's forced to not run as root in more ways than 1.

[cmoulliard]

3. If it works, I can trust using your container more as it's forced to not run as root in more ways than 1.

Have you tested on your cluster the change you propose (= dockerfile and helm's deploy manifest) ? @bordenit

Remark: Many thanks to propose a PR ;-)

[cmoulliard]

Have you tested on your cluster the change you propose (= dockerfile and helm's deploy manifest) ? @bordenit

[bordenit]

Sorry for the delay, yeah I built my own container from your Dockerfile and use these settings in my Kubernetes deployment. It has been running fine since I submitted the PR. Mainly use this at home for internal applications with Nginx.

[cmoulliard]

Some documentation and Helm changes are needed in order to tell the user that, for security reason, we don't run as root anymore the container, that UID/GUID could be pass as ARG to the docker build and should be, of course, overridden using the Helm chart, etc @bordenit

[cmoulliard]

Some documentation and Helm changes are needed in order to tell the user that, for security reason, we don't run as root anymore the container, that UID/GUID could be pass as ARG to the docker build and should be, of course, overridden using the Helm chart, etc @bordenit

Can you have a look please ?

[bordenit]

@cmoulliard I have moved away from GoDaddy since they have locked down their API to people who have 10 or more domains. I switched to Cloudfare and don't intend to spend more time on this. So, closing issue.