Mascali/piston
1
0
Fork 0
mirror of https://github.com/engineer-man/piston.git synced 2025-04-20 20:16:26 +02:00
Code Issues Projects Releases Wiki Activity

api: harden process limit

Browse source
This commit is contained in:
Thomas Hobson 2021-02-22 22:51:19 +13:00
parent 94d179762b
commit 9b1a9bf8b3
No known key found for this signature in database
GPG key ID: 9F1FD9D87950DB6F
2 changed files with 20 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

10
api/Dockerfile
View file

@ -1,13 +1,5 @@
FROM node:15.8.0-alpine3.13
RUN apk add --no-cache gnupg tar bash coreutils shadow
RUN for i in $(seq 1000 1500); do \
groupadd -g $i runner$i && \
useradd -M runner$i -g $i -u $i && \
echo "runner$i soft nproc 64" >> /etc/security/limits.conf && \
echo "runner$i hard nproc 64" >> /etc/security/limits.conf && \
echo "runner$i soft nofile 2048" >> /etc/security/limits.conf && \
echo "runner$i hard nofile 2048" >> /etc/security/limits.conf ;\
done
RUN apk add --no-cache gnupg tar bash coreutils util-linux
ENV NODE_ENV=production
WORKDIR /piston_api