mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2024-11-14 01:20:27 +00:00
9228128907
- avoid running gunicorn as root user - use setcap to allow gunicorn starting with a privileged port - write permission only on /app/configs folder - su command removed from entrypoint.sh, because it runs as pda user
18 lines
455 B
Bash
Executable File
18 lines
455 B
Bash
Executable File
#!/bin/sh
|
|
set -euo pipefail
|
|
cd /app
|
|
|
|
GUNICORN_TIMEOUT="${GUINCORN_TIMEOUT:-120}"
|
|
GUNICORN_WORKERS="${GUNICORN_WORKERS:-4}"
|
|
GUNICORN_LOGLEVEL="${GUNICORN_LOGLEVEL:-info}"
|
|
BIND_ADDRESS="${BIND_ADDRESS:-0.0.0.0:80}"
|
|
|
|
GUNICORN_ARGS="-t ${GUNICORN_TIMEOUT} --workers ${GUNICORN_WORKERS} --bind ${BIND_ADDRESS} --log-level ${GUNICORN_LOGLEVEL}"
|
|
if [ "$1" == gunicorn ]; then
|
|
/bin/sh -c "flask db upgrade"
|
|
exec "$@" $GUNICORN_ARGS
|
|
|
|
else
|
|
exec "$@"
|
|
fi
|