Run Mage docker image as non-root user to restrict access to the system
By default, the official Mage docker images in DockerHub are using the root users. For production deployment,
it’s recommended to use non-root users in the docker image to restrict access to the system for better security.
Here is the Dockerfile template that you can use to build your custom docker image that runs Mage as non-root user.
Copy
ARG VERSIONFROM mageai/mageai:$VERSION# Add non-root user for Mage serviceRUN adduser --disabled-password --gecos '' mage && adduser mage mage# Grant the user permissions to the Mage related directoriesRUN mkdir /home/src/mage_data; chown -R mage /home/src/mage_dataRUN mkdir /home/src/default_repo; chown -R mage /home/src/default_repoRUN pip3 install -r path/to/requirements.txt# Set the Mage userUSER mageENV PYTHONPATH="${PYTHONPATH}:/home/mage/.local/lib/python3.10/site-packages"WORKDIR /home/srcCMD ["/bin/sh", "-c", "/app/run_app.sh"]