1
0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2024-12-12 08:43:55 +02:00

Use non-root image for Signald

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1775

Related to https://signald.org/articles/install/docker/#migrating-from-versions-before-0180

> Prior to 0.18.0 the signald container image used the root user, which is not recommended for security reasons. This was fixed in the 0.18.0 release which will start as root, fix permissions on the volume, then drop to the non-root user and start signald. Future images will start as the non-root user, so if you’re upgrading make sure to run 0.18.0 at least once.
> A special tag, 0.18.0-non-root, will be published. it starts as the non-root user and does not fix permissions on the volume.
This commit is contained in:
Slavi Pantaleev 2022-04-21 15:53:05 +03:00
parent 79f89479e0
commit 0b5e4aa784

View File

@ -18,8 +18,9 @@ matrix_mautrix_signal_daemon_container_image_self_build: false
matrix_mautrix_signal_daemon_docker_repo: "https://mau.dev/maunium/signald.git"
matrix_mautrix_signal_daemon_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signald/docker-src"
matrix_mautrix_signal_daemon_docker_image: "docker.io/signald/signald:{{ matrix_mautrix_signal_daemon_version }}"
matrix_mautrix_signal_daemon_docker_image_force_pull: "{{ matrix_mautrix_signal_daemon_docker_image.endswith(':latest') }}"
matrix_mautrix_signal_daemon_docker_image: "docker.io/signald/signald:{{ matrix_mautrix_signal_daemon_docker_image_tag }}"
matrix_mautrix_signal_daemon_docker_image_force_pull: "{{ matrix_mautrix_signal_daemon_docker_image_tag.endswith(':latest') }}"
matrix_mautrix_signal_daemon_docker_image_tag: "{{ matrix_mautrix_signal_daemon_version }}-non-root"
matrix_mautrix_signal_base_path: "{{ matrix_base_data_path }}/mautrix-signal"
matrix_mautrix_signal_config_path: "{{ matrix_mautrix_signal_base_path }}/bridge"