From db42f23fcc43e528e4ad2e2735b071f279cf599e Mon Sep 17 00:00:00 2001
From: SamTV12345 <40429738+SamTV12345@users.noreply.github.com>
Date: Tue, 27 Jun 2023 22:17:55 +0200
Subject: [PATCH] Added optimized alpine image for better security and smaller
 image. (#5780)

---
 Dockerfile | 25 ++++++++++++++-----------
 1 file changed, 14 insertions(+), 11 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index bec6af428..b3ddd8299 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,15 +4,18 @@
 #
 # Author: muxator
 
-FROM node:lts-slim
+FROM node:lts-alpine
 LABEL maintainer="Etherpad team, https://github.com/ether/etherpad-lite"
 
 ARG TIMEZONE=
+
 RUN \
   [ -z "${TIMEZONE}" ] || { \
-    ln -sf /usr/share/zoneinfo/"${TIMEZONE#/usr/share/zoneinfo/}" /etc/localtime; \
-    dpkg-reconfigure -f noninteractive tzdata; \
+    apk add --no-cache tzdata && \
+    cp /usr/share/zoneinfo/${TIMEZONE} /etc/localtime && \
+    echo "${TIMEZONE}" > /etc/timezone; \
   }
+ENV TIMEZONE=${TIMEZONE}
 
 # plugins to install while building the container. By default no plugins are
 # installed.
@@ -43,6 +46,8 @@ ARG INSTALL_SOFFICE=
 # other things, assets are minified & compressed).
 ENV NODE_ENV=production
 
+# Install dependencies required for modifying access.
+RUN apk add shadow
 # Follow the principle of least privilege: run as unprivileged user.
 #
 # Running as non-root enables running this image in platforms like OpenShift
@@ -54,6 +59,8 @@ ARG EP_HOME=
 ARG EP_UID=5001
 ARG EP_GID=0
 ARG EP_SHELL=
+
+
 RUN groupadd --system ${EP_GID:+--gid "${EP_GID}" --non-unique} etherpad && \
     useradd --system ${EP_UID:+--uid "${EP_UID}" --non-unique} --gid etherpad \
         ${EP_HOME:+--home-dir "${EP_HOME}"} --create-home \
@@ -64,18 +71,14 @@ RUN mkdir -p "${EP_DIR}" && chown etherpad:etherpad "${EP_DIR}"
 
 # the mkdir is needed for configuration of openjdk-11-jre-headless, see
 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863199
-RUN export DEBIAN_FRONTEND=noninteractive; \
+RUN  \
     mkdir -p /usr/share/man/man1 && \
-    apt-get -qq update && \
-    apt-get -qq dist-upgrade && \
-    apt-get -qq --no-install-recommends install \
+    apk update && apk upgrade && \
+    apk add  \
         ca-certificates \
         git \
         ${INSTALL_ABIWORD:+abiword} \
-        ${INSTALL_SOFFICE:+libreoffice default-jre libreoffice-java-common} \
-        && \
-    apt-get -qq clean && \
-    rm -rf /var/lib/apt/lists/*
+        ${INSTALL_SOFFICE:+libreoffice openjdk8-jre libreoffice-common}
 
 USER etherpad