From 7d71d98dc179e689726d74bc5c4bc1781315df8f Mon Sep 17 00:00:00 2001
From: Maximilian Ehlers <max@ehlers.berlin>
Date: Mon, 31 Aug 2020 07:52:26 +0000
Subject: [PATCH] =?UTF-8?q?Creates=20a=20new=20lighthouse=20user=20and=20m?=
 =?UTF-8?q?akes=20it=20the=20default=20user=20to=20be=20use=E2=80=A6=20(#1?=
 =?UTF-8?q?502)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

…d in the Docker image

## Issue Addressed
https://github.com/sigp/lighthouse/issues/1459

## Proposed Changes

- Create new `lighthouse` user and group in Docker container
- Set user as the default user
---
 Dockerfile         | 2 ++
 book/src/docker.md | 6 +++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 9f6158b73..9840e2942 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,5 +12,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
   ca-certificates \
   && apt-get clean \
   && rm -rf /var/lib/apt/lists/*
+RUN groupadd -r lighthouse && useradd --no-log-init -r -g lighthouse lighthouse 
+USER lighthouse
 COPY --from=builder /usr/local/cargo/bin/lighthouse /usr/local/bin/lighthouse
 COPY --from=builder /usr/local/cargo/bin/lcli /usr/local/bin/lcli
diff --git a/book/src/docker.md b/book/src/docker.md
index 8a09e2bb4..dcb05a1f9 100644
--- a/book/src/docker.md
+++ b/book/src/docker.md
@@ -53,7 +53,7 @@ $ docker run lighthouse:local lighthouse --help
 You can run a Docker beacon node with the following command:
 
 ```bash
-$ docker run -p 9000:9000 -p 127.0.0.1:5052:5052 -v $HOME/.lighthouse:/root/.lighthouse sigp/lighthouse lighthouse --testnet medalla beacon --http --http-address 0.0.0.0
+$ docker run -p 9000:9000 -p 127.0.0.1:5052:5052 -v $HOME/.lighthouse:/home/lighthouse/.lighthouse sigp/lighthouse lighthouse --testnet medalla beacon --http --http-address 0.0.0.0
 ```
 
 > To join the altona testnet, use --testnet altona instead.
@@ -62,7 +62,7 @@ $ docker run -p 9000:9000 -p 127.0.0.1:5052:5052 -v $HOME/.lighthouse:/root/.lig
 
 ### Volumes
 
-Lighthouse uses the `/root/.lighthouse` directory inside the Docker image to
+Lighthouse uses the `/home/lighthouse/.lighthouse` directory inside the Docker image to
 store the configuration, database and validator keys. Users will generally want
 to create a bind-mount volume to ensure this directory persists between `docker
 run` commands.
@@ -71,7 +71,7 @@ The following example runs a beacon node with the data directory
 mapped to the users home directory:
 
 ```bash
-$ docker run -v $HOME/.lighthouse:/root/.lighthouse sigp/lighthouse lighthouse beacon
+$ docker run -v $HOME/.lighthouse:/home/lighthouse/.lighthouse sigp/lighthouse lighthouse beacon
 ```
 
 ### Ports