diff --git a/Dockerfile b/Dockerfile index 83bce0fb..934ba835 100644 --- a/Dockerfile +++ b/Dockerfile @@ -90,6 +90,7 @@ ENV LD_LIBRARY_PATH=${PREFIX_DIR}/lib ENV GUACD_LOG_LEVEL=info ARG RUNTIME_DEPENDENCIES=" \ + netcat-openbsd \ ca-certificates \ ghostscript \ fonts-liberation \ @@ -100,15 +101,25 @@ ARG RUNTIME_DEPENDENCIES=" \ COPY --from=builder ${PREFIX_DIR} ${PREFIX_DIR} # Bring runtime environment up to date and install runtime dependencies -RUN apt-get update && \ - apt-get install -y $RUNTIME_DEPENDENCIES && \ - apt-get install -y $(cat "${PREFIX_DIR}"/DEPENDENCIES) && \ +RUN apt-get update && \ + apt-get install -y --no-install-recommends $RUNTIME_DEPENDENCIES && \ + apt-get install -y --no-install-recommends $(cat "${PREFIX_DIR}"/DEPENDENCIES) && \ rm -rf /var/lib/apt/lists/* # Link FreeRDP plugins into proper path RUN ${PREFIX_DIR}/bin/link-freerdp-plugins.sh \ ${PREFIX_DIR}/lib/freerdp2/libguac*.so +# Checks the operating status every 5 minutes with a timeout of 5 seconds +HEALTHCHECK --interval=5m --timeout=5s CMD nc -z 127.0.0.1 4822 || exit 1 + +# Create a new user guacd +ARG UID=1000 +RUN useradd --system --create-home --shell /usr/sbin/nologin --uid $UID --no-user-group guacd + +# Run with user guacd +USER guacd + # Expose the default listener port EXPOSE 4822