Hugging Face's logo

Spaces:
k-l-lambda
/
starry
Running

App Files Community
k-l-lambda commited on
Commit
a523941
·
1 Parent(s): ee2356f

fix: use existing node user (UID 1000) instead of creating new user

Browse files

node:20-slim already has node user with UID 1000, useradd fails.
Replace all user references with node user.

Files changed (3) hide show
  1. Dockerfile +29 -28
  2. docker-entrypoint.sh +6 -6
  3. nginx.conf +1 -1
Dockerfile CHANGED
@@ -20,19 +20,20 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
20
  # Install tsx globally
21
  RUN npm install -g tsx
22
 
23
- # --- Create user with UID 1000 (HF Space requirement) ---
24
- RUN useradd -m -u 1000 user
 
25
 
26
  # --- Configure PostgreSQL to run as user (UID 1000) ---
27
- ENV PGDATA=/home/user/pgdata
28
- RUN mkdir -p $PGDATA /home/user/run/postgresql \
29
- && chown -R user:user $PGDATA /home/user/run/postgresql \
30
  && chmod 700 $PGDATA
31
 
32
  # Initialize PostgreSQL as user
33
- USER user
34
  RUN /usr/lib/postgresql/15/bin/initdb -D $PGDATA \
35
- && echo "unix_socket_directories = '/home/user/run/postgresql'" >> $PGDATA/postgresql.conf \
36
  && echo "listen_addresses = '127.0.0.1'" >> $PGDATA/postgresql.conf \
37
  && echo "port = 5432" >> $PGDATA/postgresql.conf \
38
  && echo "local all all trust" > $PGDATA/pg_hba.conf \
@@ -41,22 +42,22 @@ USER root
41
 
42
  # --- Configure nginx ---
43
  RUN mkdir -p /var/log/nginx /var/lib/nginx/body /var/lib/nginx/proxy /var/lib/nginx/fastcgi \
44
- && chown -R user:user /var/log/nginx /var/lib/nginx /run /etc/nginx
45
 
46
  # --- Set up app directory ---
47
- ENV HOME=/home/user
48
- WORKDIR /home/user/app
49
 
50
  # --- cluster-server: install production deps ---
51
- COPY --chown=user backend/cluster-server/package.json backend/cluster-server/package-lock.json* ./backend/cluster-server/
52
  RUN cd backend/cluster-server && npm ci --omit=dev --legacy-peer-deps 2>/dev/null || npm install --omit=dev --legacy-peer-deps
53
 
54
  # --- omr bundle (pre-built) ---
55
- COPY --chown=user backend/omr/package.json ./backend/omr/
56
- COPY --chown=user backend/omr/dist/ ./backend/omr/dist/
57
 
58
  # --- omr-service: install production deps ---
59
- COPY --chown=user backend/omr-service/package.json backend/omr-service/package-lock.json* ./backend/omr-service/
60
  RUN cd backend/omr-service && ONNXRUNTIME_NODE_INSTALL=skip npm install --omit=dev 2>/dev/null \
61
  && rm -rf node_modules/onnxruntime-node/node_modules/onnxruntime-common 2>/dev/null; true
62
 
@@ -68,34 +69,34 @@ RUN npm init -y > /dev/null 2>&1 \
68
  > /dev/null 2>&1; true
69
 
70
  # --- Copy pre-built frontend ---
71
- COPY --chown=user dist/ ./dist/
72
 
73
  # --- Copy cluster-server dist ---
74
- COPY --chown=user backend/cluster-server/dist/ ./backend/cluster-server/dist/
75
- RUN ln -sf /home/user/app/backend/cluster-server/dist/src/migrations /home/user/app/backend/cluster-server/dist/migrations
76
 
77
  # --- Copy omr-service source ---
78
- COPY --chown=user backend/omr-service/src/ ./backend/omr-service/src/
79
- COPY --chown=user backend/omr-service/tsconfig.json ./backend/omr-service/
80
 
81
  # --- Gauge renderer and shared files ---
82
- COPY --chown=user backend/libs/gauge-renderer.ts ./backend/libs/
83
- COPY --chown=user backend/omr/src/gauge-server.ts ./backend/omr/src/
84
- COPY --chown=user src/pages/playground/scripts/shaders.ts ./src/pages/playground/scripts/
85
- RUN ln -sf /home/user/app/backend/omr-service/node_modules /home/user/app/backend/node_modules
86
 
87
  # --- Root tsconfig ---
88
- COPY --chown=user tsconfig.json ./
89
 
90
  # --- Config files ---
91
- COPY --chown=user docker-entrypoint.sh ./docker-entrypoint.sh
92
- COPY --chown=user nginx.conf /etc/nginx/nginx.conf
93
  RUN chmod +x docker-entrypoint.sh
94
 
95
  # Directories
96
- RUN mkdir -p /tmp/starry-uploads && chown user:user /tmp/starry-uploads
97
 
98
- USER user
99
 
100
  EXPOSE 7860
101
 
 
20
  # Install tsx globally
21
  RUN npm install -g tsx
22
 
23
+ # --- node user already has UID 1000 in node:20-slim ---
24
+ # Ensure home directory exists
25
+ RUN mkdir -p /home/node && chown node:node /home/node
26
 
27
  # --- Configure PostgreSQL to run as user (UID 1000) ---
28
+ ENV PGDATA=/home/node/pgdata
29
+ RUN mkdir -p $PGDATA /home/node/run/postgresql \
30
+ && chown -R node:node $PGDATA /home/node/run/postgresql \
31
  && chmod 700 $PGDATA
32
 
33
  # Initialize PostgreSQL as user
34
+ USER node
35
  RUN /usr/lib/postgresql/15/bin/initdb -D $PGDATA \
36
+ && echo "unix_socket_directories = '/home/node/run/postgresql'" >> $PGDATA/postgresql.conf \
37
  && echo "listen_addresses = '127.0.0.1'" >> $PGDATA/postgresql.conf \
38
  && echo "port = 5432" >> $PGDATA/postgresql.conf \
39
  && echo "local all all trust" > $PGDATA/pg_hba.conf \
 
42
 
43
  # --- Configure nginx ---
44
  RUN mkdir -p /var/log/nginx /var/lib/nginx/body /var/lib/nginx/proxy /var/lib/nginx/fastcgi \
45
+ && chown -R node:node /var/log/nginx /var/lib/nginx /run /etc/nginx
46
 
47
  # --- Set up app directory ---
48
+ ENV HOME=/home/node
49
+ WORKDIR /home/node/app
50
 
51
  # --- cluster-server: install production deps ---
52
+ COPY --chown=node backend/cluster-server/package.json backend/cluster-server/package-lock.json* ./backend/cluster-server/
53
  RUN cd backend/cluster-server && npm ci --omit=dev --legacy-peer-deps 2>/dev/null || npm install --omit=dev --legacy-peer-deps
54
 
55
  # --- omr bundle (pre-built) ---
56
+ COPY --chown=node backend/omr/package.json ./backend/omr/
57
+ COPY --chown=node backend/omr/dist/ ./backend/omr/dist/
58
 
59
  # --- omr-service: install production deps ---
60
+ COPY --chown=node backend/omr-service/package.json backend/omr-service/package-lock.json* ./backend/omr-service/
61
  RUN cd backend/omr-service && ONNXRUNTIME_NODE_INSTALL=skip npm install --omit=dev 2>/dev/null \
62
  && rm -rf node_modules/onnxruntime-node/node_modules/onnxruntime-common 2>/dev/null; true
63
 
 
69
  > /dev/null 2>&1; true
70
 
71
  # --- Copy pre-built frontend ---
72
+ COPY --chown=node dist/ ./dist/
73
 
74
  # --- Copy cluster-server dist ---
75
+ COPY --chown=node backend/cluster-server/dist/ ./backend/cluster-server/dist/
76
+ RUN ln -sf /home/node/app/backend/cluster-server/dist/src/migrations /home/node/app/backend/cluster-server/dist/migrations
77
 
78
  # --- Copy omr-service source ---
79
+ COPY --chown=node backend/omr-service/src/ ./backend/omr-service/src/
80
+ COPY --chown=node backend/omr-service/tsconfig.json ./backend/omr-service/
81
 
82
  # --- Gauge renderer and shared files ---
83
+ COPY --chown=node backend/libs/gauge-renderer.ts ./backend/libs/
84
+ COPY --chown=node backend/omr/src/gauge-server.ts ./backend/omr/src/
85
+ COPY --chown=node src/pages/playground/scripts/shaders.ts ./src/pages/playground/scripts/
86
+ RUN ln -sf /home/node/app/backend/omr-service/node_modules /home/node/app/backend/node_modules
87
 
88
  # --- Root tsconfig ---
89
+ COPY --chown=node tsconfig.json ./
90
 
91
  # --- Config files ---
92
+ COPY --chown=node docker-entrypoint.sh ./docker-entrypoint.sh
93
+ COPY --chown=node nginx.conf /etc/nginx/nginx.conf
94
  RUN chmod +x docker-entrypoint.sh
95
 
96
  # Directories
97
+ RUN mkdir -p /tmp/starry-uploads && chown node:node /tmp/starry-uploads
98
 
99
+ USER node
100
 
101
  EXPOSE 7860
102
 
docker-entrypoint.sh CHANGED
@@ -5,7 +5,7 @@ echo '=== STARRY HF Space Entrypoint ==='
5
 
6
  # ── Start PostgreSQL ──
7
  echo 'Starting PostgreSQL...'
8
- /usr/lib/postgresql/15/bin/pg_ctl -D $PGDATA -l /home/user/postgresql.log start -o "-p 5432"
9
 
10
  for i in $(seq 1 15); do
11
  if /usr/lib/postgresql/15/bin/pg_isready -h 127.0.0.1 -p 5432 -q 2>/dev/null; then
@@ -22,23 +22,23 @@ done
22
 
23
  # ── Run database migrations ──
24
  echo 'Running database migrations...'
25
- cd /home/user/app/backend/omr-service
26
- DB_HOST=127.0.0.1 DB_PORT=5432 DB_NAME=starry_omr DB_USER=user DB_PASSWORD= \
27
  npx tsx src/db/migrate.ts 2>&1 || echo 'Warning: Migration failed or skipped'
28
 
29
  # ── Start cluster-server (port 3999) ──
30
  echo 'Starting cluster-server on port 3999...'
31
- cd /home/user/app/backend/cluster-server
32
  PORT=3999 node dist/src/main.js &
33
 
34
  # ── Start omr-service (port 3080) ──
35
  echo 'Starting omr-service on port 3080...'
36
- cd /home/user/app/backend/omr-service
37
  export PORT=3080
38
  export DB_HOST=127.0.0.1
39
  export DB_PORT=5432
40
  export DB_NAME=starry_omr
41
- export DB_USER=user
42
  export DB_PASSWORD=
43
  export REGULATION_ENABLED=false
44
  npx tsx src/index.ts &
 
5
 
6
  # ── Start PostgreSQL ──
7
  echo 'Starting PostgreSQL...'
8
+ /usr/lib/postgresql/15/bin/pg_ctl -D $PGDATA -l /home/node/postgresql.log start -o "-p 5432"
9
 
10
  for i in $(seq 1 15); do
11
  if /usr/lib/postgresql/15/bin/pg_isready -h 127.0.0.1 -p 5432 -q 2>/dev/null; then
 
22
 
23
  # ── Run database migrations ──
24
  echo 'Running database migrations...'
25
+ cd /home/node/app/backend/omr-service
26
+ DB_HOST=127.0.0.1 DB_PORT=5432 DB_NAME=starry_omr DB_USER=node DB_PASSWORD= \
27
  npx tsx src/db/migrate.ts 2>&1 || echo 'Warning: Migration failed or skipped'
28
 
29
  # ── Start cluster-server (port 3999) ──
30
  echo 'Starting cluster-server on port 3999...'
31
+ cd /home/node/app/backend/cluster-server
32
  PORT=3999 node dist/src/main.js &
33
 
34
  # ── Start omr-service (port 3080) ──
35
  echo 'Starting omr-service on port 3080...'
36
+ cd /home/node/app/backend/omr-service
37
  export PORT=3080
38
  export DB_HOST=127.0.0.1
39
  export DB_PORT=5432
40
  export DB_NAME=starry_omr
41
+ export DB_USER=node
42
  export DB_PASSWORD=
43
  export REGULATION_ENABLED=false
44
  npx tsx src/index.ts &
nginx.conf CHANGED
@@ -1,5 +1,5 @@
1
  worker_processes 1;
2
- pid /home/user/nginx.pid;
3
  error_log /var/log/nginx/error.log;
4
 
5
  events {
 
1
  worker_processes 1;
2
+ pid /home/node/nginx.pid;
3
  error_log /var/log/nginx/error.log;
4
 
5
  events {