From 12ff9f4c39e9fa79e1903b2c67ea2069f213b1be Mon Sep 17 00:00:00 2001 From: Cody Hiar Date: Wed, 13 Feb 2019 02:45:48 +0000 Subject: Update to run as non root user --- Dockerfile | 28 ++++++++++++++++------------ Makefile | 2 +- README.md | 46 +++++++++++++++++++++++----------------------- 3 files changed, 40 insertions(+), 36 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6d06f45..c22fc48 100644 --- a/Dockerfile +++ b/Dockerfile @@ -75,27 +75,31 @@ RUN cd /opt && pip3 install -r py3_requirements.txt ######################################## # Personalizations ######################################## +# Setup non root user +RUN groupadd -g 1000 thorny +RUN useradd -m -d /home/thorny -s /bin/bash -g thorny -u 1000 thorny +USER thorny # Add some aliases -ADD bashrc /root/.bashrc +COPY --chown=thorny bashrc /home/thorny/.bashrc # Add my git config -ADD gitconfig /etc/gitconfig -# Change the workdir, Put it inside root so I can see neovim settings in finder -WORKDIR /root/app +COPY --chown=thorny gitconfig /home/thorny/.gitconfig # Neovim needs this so that can work -RUN infocmp $TERM | sed 's/kbs=^[hH]/kbs=\\177/' > /tmp/$TERM.ti -RUN tic /tmp/$TERM.ti +RUN infocmp $TERM | sed 's/kbs=^[hH]/kbs=\\177/' > /home/thorny/$TERM.ti +RUN tic /home/thorny/$TERM.ti # Command for the image CMD ["/bin/bash"] # Add nvim config. Put this last since it changes often -ADD nvim /root/.config/nvim +COPY --chown=thorny nvim /home/thorny/.config/nvim # Install neovim plugins RUN nvim -i NONE -c PlugInstall -c quitall > /dev/null 2>&1 -RUN cd /root/.config/nvim/plugged/YouCompleteMe && python3 install.py +RUN cd /home/thorny/.config/nvim/plugged/YouCompleteMe && python3 install.py # Add flake8 config, don't trigger a long build process -ADD flake8 /root/.flake8 +COPY --chown=thorny flake8 /home/thorny/.flake8 # Add local vim-options, can override the one inside -ADD vim-options /root/.config/nvim/plugged/vim-options +COPY --chown=thorny vim-options /home/thorny/.config/nvim/plugged/vim-options # Add isort config, also changes often -ADD isort.cfg /root/.isort.cfg +COPY --chown=thorny isort.cfg /home/thorny/.isort.cfg # Add ranger config -ADD rc.conf /root/.config/ranger/rc.conf +COPY --chown=thorny rc.conf /home/thorny/.config/ranger/rc.conf +# Set the workdir +WORKDIR /src diff --git a/Makefile b/Makefile index 9d82a45..23fc47e 100644 --- a/Makefile +++ b/Makefile @@ -19,7 +19,7 @@ build-nocache: ## Build the base image with no cache docker build --no-cache=true -t thornycrackers/neovim . up: build ## Bring the container up - docker run -dP -v $(CURDIR):/root/app --name $(CONTAINERNAME) $(IMAGENAME) /bin/bash -c 'while true; do echo hi; sleep 1; done;' + docker run -dP -v $(CURDIR):/src --name $(CONTAINERNAME) $(IMAGENAME) /bin/bash -c 'while true; do echo hi; sleep 1; done;' down: ## Stop the container docker stop $(CONTAINERNAME) || echo 'No container to stop' diff --git a/README.md b/README.md index 2679052..8927429 100644 --- a/README.md +++ b/README.md @@ -1,38 +1,36 @@ # Dockerized Neovim -Run neovim in a container and be cool like all the other cool kids. I'm -currently trying to have as little dependancies installed on my host -machine as possible. +An exercise in masochism. In an effort to have a portable development neovim +setup and learn more about docker, I've put my entire neovim setup into a docker +container. To experiment with this image you can pull it from the [docker +hub][1] repository: -# Step 1: Build the image - -The are 2 small steps that occur in this step. First we build the binaries -for shellcheck, because I want to only have couple of MB's in binaries vs -installing haskell. This creates a folder called 'package' at the root -directory which we then import to our main neovim image. The second step -is actually compiling the the neovim package which is just installing some -stuff and copying the binaries. This can all be done with a single make -command `make build` - -# Step 2: Run the image +``` +$ docker pull thornycrackers/neovim +``` -Say you have a local file called 'test.php' and you are in the same -directory as the file. To open that file with the neovim container simply -run the following +### Running the image +The image is setup internally to uid `1000`. You can check your user id with +`id -u` and if your id is different than `1000` you will have to build the +container yourself (e.g. change the `1000` numbers to your id and run `make +build`). If you want to try creating a file, say `test.txt` you could run the +following command: ``` -$ docker run -i -t -v $(pwd):/src thornycrackers/neovim /bin/sh -c 'nvim /src/test.php' +$ docker run -i -t -v $(pwd):/src thornycrackers/neovim /bin/bash -c 'nvim /src/test.txt' ``` -This will open up neovim and when you exit neovim it will exit the container. +After you exit the neovim container your host should have the `test.txt` file +with the correct user permissions # Step 3: Make this command a little more useful So using that command is awesome but a little cumbersome everytime you -want to run it against a different file. Create a file called 'nvim' and +want to run it against a different file. Create a file called `nvim` and make sure to give it executable permissions and place it somewhere in your -$PATH. Copy the following inside of the 'nvim' executable file. +$PATH. Copy the following inside of the `nvim` executable file(make sure to +chmod +x the file) ``` #!/bin/bash @@ -47,11 +45,11 @@ else fi # Run the docker command -docker run -i -t -P -v "$dir_name":/src thornycrackers/neovim /bin/sh -c "cd /src;nvim $file_name" +docker run -i -t -P -v "$dir_name":/src thornycrackers/neovim /bin/sh -c "cd /src; nvim $file_name" ``` Now you can run neovim as if you would regularly. The only gotcha I've -deiscovered so far is that because you are mounting to the docker +discovered so far is that because you are mounting to the docker container you cannot go above the folder you open neovim in. This is a pretty rare case in my trials of using this but it is something to note. @@ -59,3 +57,5 @@ a pretty rare case in my trials of using this but it is something to note. I do set the git identity to myself inside the Dockerfile so be aware that you might want to change it to yourself. + +[1]: https://hub.docker.com/r/thornycrackers/neovim -- cgit v1.2.3