docker: Add env var to control capabilities (#8552)

As it's not simple to run a container under Docker/Kubernetes as non-root but with additional capabilities, add an internal hack.
author: Jakob Borg <jakob@kastelo.net> 2022-09-26 13:39:41 +0200
committer: GitHub <noreply@github.com> 2022-09-26 13:39:41 +0200
commit: 361f7ae56435806c373d02d179c7a60caf845ddf (patch)
tree: 8c738f70266fb58296716b0f25399b0433623e7e /Dockerfile
parent: 1cd2f5a91ff853a5136b1110dd05efcf0065a576 (diff)
download: syncthing-361f7ae56435806c373d02d179c7a60caf845ddf.tar.gz
syncthing-361f7ae56435806c373d02d179c7a60caf845ddf.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/Dockerfile b/Dockerfile
index e7d9ebbbb..7c4913be6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,12 +15,12 @@ EXPOSE 8384 22000/tcp 22000/udp 21027/udp
 
 VOLUME ["/var/syncthing"]
 
-RUN apk add --no-cache ca-certificates su-exec tzdata
+RUN apk add --no-cache ca-certificates su-exec tzdata libcap
 
 COPY --from=builder /src/syncthing /bin/syncthing
 COPY --from=builder /src/script/docker-entrypoint.sh /bin/entrypoint.sh
 
-ENV PUID=1000 PGID=1000 HOME=/var/syncthing
+ENV PUID=1000 PGID=1000 HOME=/var/syncthing PCAP=
 
 HEALTHCHECK --interval=1m --timeout=10s \
   CMD nc -z 127.0.0.1 8384 || exit 1
author	Jakob Borg <jakob@kastelo.net>	2022-09-26 13:39:41 +0200
committer	GitHub <noreply@github.com>	2022-09-26 13:39:41 +0200
commit	361f7ae56435806c373d02d179c7a60caf845ddf (patch)
tree	8c738f70266fb58296716b0f25399b0433623e7e /Dockerfile
parent	1cd2f5a91ff853a5136b1110dd05efcf0065a576 (diff)
download	syncthing-361f7ae56435806c373d02d179c7a60caf845ddf.tar.gz syncthing-361f7ae56435806c373d02d179c7a60caf845ddf.zip