curo/Business-Management
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e117a33a7373ef8f526ab2e8626b688107a3e17a
Business-Management/TODO.md
T
curo1305 a5baef73d9 Implement rootless containers for all services 
- backend: appuser UID/GID 1001 via useradd, USER directive, --chown on COPY
- frontend builder: appuser UID/GID 1001 via adduser, USER directive
- frontend prod: switch to nginxinc/nginx-unprivileged:alpine (nginx UID 101), listen on 8080
- docker-compose: explicit user: for all services (70:70 db, 1001:1001 backend/frontend-dev, 101:101 frontend-prod)
- nginx.conf: listen 8080 to match unprivileged image

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-13 17:18:02 +02:00

531 B
Raw Blame History

TODO

Infrastructure

  • Rootless containers — run backend and frontend containers as non-root users (add USER directive to Dockerfiles, map UID/GID appropriately)
  • Persistent storage — ensure database data, config files, and any uploaded assets survive container restarts and rebuilds (named volumes, bind mounts for config)
  • Docker development workflow — document and streamline the full dev loop: hot reload, one-command startup, migration handling, seed data, and how to attach a debugger
Reference in New Issue View Git Blame Copy Permalink