From: Lorin Hochstein <lhochstein@netflix.com>
Date: Tue, 7 Feb 2017 03:29:40 +0000 (-0800)
Subject: Run container as root user
X-Git-Url: https://git.halfball.org/?a=commitdiff_plain;h=3fd34acc5b858e2e32b25fcb4e7007e0def351d6;p=ansiblebook.git

Run container as root user

It's non-trivial to get Postgres container to run as non-root. Run as root for
simplicity
---

diff --git a/ch13/deploy.yml b/ch13/deploy.yml
index d4d6d6f..e1ee5f0 100644
--- a/ch13/deploy.yml
+++ b/ch13/deploy.yml
@@ -30,28 +30,20 @@
   become: True
   gather_facts: False
   vars:
-    docker_user: postgres
+    data_dir: /data/pgdata
   tasks:
-    - name: create the user to run postgres container
-      user: name={{ docker_user }}
-      register: docker_user_info
-    - name: define data_dir variable
-      set_fact: data_dir="{{ docker_user_info.home }}/pgdata"
     - name: create data dir with correct ownership
       file:
         path: "{{ data_dir }}"
         state: directory
-        owner: "{{ docker_user }}"
     - name: start postgres container
       docker_container:
         name: ghost_postgres
-        user: "{{ docker_user_info.uid }}:{{ docker_user_info.group }}"
         image: postgres:9.6
         ports:
           - "0.0.0.0:5432:5432"
         volumes:
           - "{{ data_dir }}:/var/lib/postgresql/data"
-          - "/etc/passwd:/etc/passwd:ro"
         env:
           POSTGRES_USER: "{{ database_user }}"
           POSTGRES_PASSWORD: "{{ database_password }}"