Merge pull request #188 from computerfr33k/workspace-user

Use workspace as non-root user

README.md

@@ -227,6 +227,8 @@ You can select your own combination of container form this list:
 docker exec -it {Workspace-Container-Name} bash
 ```
 Replace `{Workspace-Container-Name}` with your Workspace container name.
+<br />
+Add `--user=laradock` to have files created as your host's user. (don't forget to change the PUID (User id) and PGID (group id) variables in docker-compose.yml).
 <br>
 To find the containers names type `docker-compose ps`.
 
@@ -657,7 +659,7 @@ More details about this [here](https://github.com/jenssegers/laravel-mongodb#ins
 7 - Test it:
 
 - First let your Models extend from the Mongo Eloquent Model. Check the [documentation](https://github.com/jenssegers/laravel-mongodb#eloquent).
-- Enter the Workspace Container `docker exec -it laradock_workspace_1 bash`.
+- Enter the Workspace Container `docker exec -it --user=laradock laradock_workspace_1 bash`.
 - Migrate the Database `php artisan migrate`.
 
 

docker-compose.yml

@@ -12,6 +12,8 @@ services:
                 - INSTALL_XDEBUG=false
                 - INSTALL_NODE=false
                 - COMPOSER_GLOBAL_INSTALL=false
+                - PUID=1000
+                - PGID=1000
         volumes_from:
             - volumes_source
         tty: true

workspace/Dockerfile

@@ -60,12 +60,25 @@ RUN if [ ${INSTALL_MONGO} = true ]; then \
     echo "extension=mongodb.so" >> /etc/php/7.0/cli/php.ini \
 ;fi
 
+#####################################
+# Non-Root User:
+#####################################
+
+# Add a non-root user to prevent files being created with root permissions on host machine.
+ARG PUID=1000
+ARG PGID=1000
+RUN groupadd -g $PGID laradock && \
+    useradd -u $PUID -g laradock -m laradock
+    
+# Now switch to our laradock user for the rest of user setup
+USER laradock
+
 #####################################
 # Composer:
 #####################################
 
 # Add the composer.json
-ADD ./composer.json /root/.composer/composer.json
+ADD ./composer.json /home/laradock/.composer/composer.json
 
 # Check if global install need to be runned
 ARG COMPOSER_GLOBAL_INSTALL=true
@@ -84,13 +97,13 @@ ARG INSTALL_NODE=true
 ENV INSTALL_NODE ${INSTALL_NODE}
 RUN if [ ${INSTALL_NODE} = true ]; then \
     # Install nvm (A Node Version Manager)
-    curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.31.1/install.sh | bash \
+    curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.31.3/install.sh | bash \
 ;fi
 # Again check if NVM needs to be installed
-# I had to split this condifiton link this because when I get it inside the above if statment is refuses to work!
+# I had to split this condition link this because when I get it inside the above if statement is refuses to work!
 ENV if [ ${INSTALL_NODE} = true ]; then \
     # Set the ENV
-    NVM_DIR=/root/.nvm \
+    NVM_DIR=/home/laradock/.nvm \
     # Install NodeJS with NVM
     RUN . ~/.nvm/nvm.sh && \
         nvm install stable && \
@@ -99,6 +112,14 @@ ENV if [ ${INSTALL_NODE} = true ]; then \
         npm install -g gulp bower \
 ;fi
 
+# Wouldn't execute when added to the RUN statement in the above block
+# Source NVM when loading bash since ~/.profile isn't loaded on non-login shell
+RUN if [ ${INSTALL_NODE} = true ]; then \
+    echo "" >> ~/.bashrc && \
+    echo 'export NVM_DIR="$HOME/.nvm"' >> ~/.bashrc && \
+    echo '[ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh"  # This loads nvm' >> ~/.bashrc \
+;fi
+
 #
 #--------------------------------------------------------------------------
 # Final Touch
@@ -106,6 +127,7 @@ ENV if [ ${INSTALL_NODE} = true ]; then \
 #
 
 # Clean up
+USER root
 RUN apt-get clean && \
     rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*