Fix Alpine Linux addgroup/adduser syntax for non-root user creation

Dockerfile.agent

@@ -25,21 +25,21 @@ WORKDIR /app
 
 COPY --from=builder /app/nerd-monitor-agent .
 
-# Create non-root user
+# Create entrypoint script BEFORE switching users
-RUN addgroup -D appgroup && adduser -D appuser -G appgroup
+RUN echo '#!/bin/sh' > /app/entrypoint.sh && \
-USER appuser
+    echo 'SERVER=${SERVER:-localhost:8080}' >> /app/entrypoint.sh && \
+    echo 'INTERVAL=${INTERVAL:-15s}' >> /app/entrypoint.sh && \
+    echo 'AGENT_ID=${AGENT_ID:-}' >> /app/entrypoint.sh && \
+    echo 'if [ -z "$AGENT_ID" ]; then' >> /app/entrypoint.sh && \
+    echo '  exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL"' >> /app/entrypoint.sh && \
+    echo 'else' >> /app/entrypoint.sh && \
+    echo '  exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL" --id "$AGENT_ID"' >> /app/entrypoint.sh && \
+    echo 'fi' >> /app/entrypoint.sh && \
+    chmod +x /app/entrypoint.sh
 
-# Create entrypoint script to handle environment variables
+# Create non-root user
-RUN echo '#!/bin/sh\n\
+RUN addgroup -g 1000 appgroup && adduser -D -u 1000 -G appgroup appuser
-SERVER=${SERVER:-localhost:8080}\n\
+USER appuser
-INTERVAL=${INTERVAL:-15s}\n\
-AGENT_ID=${AGENT_ID:-}\n\
-if [ -z "$AGENT_ID" ]; then\n\
-  exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL"\n\
-else\n\
-  exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL" --id "$AGENT_ID"\n\
-fi\n\
-' > /app/entrypoint.sh && chmod +x /app/entrypoint.sh
 
 # Run the agent
 ENTRYPOINT ["/app/entrypoint.sh"]

Dockerfile.server

@@ -32,8 +32,17 @@ RUN apk add --no-cache ca-certificates
 # Copy binary from builder
 COPY --from=builder /app/nerd-monitor-server .
 
+# Create entrypoint script BEFORE switching users
+RUN echo '#!/bin/sh' > /app/entrypoint.sh && \
+    echo 'ADDR=${ADDR:-0.0.0.0}' >> /app/entrypoint.sh && \
+    echo 'PORT=${PORT:-8080}' >> /app/entrypoint.sh && \
+    echo 'USERNAME=${USERNAME:-admin}' >> /app/entrypoint.sh && \
+    echo 'PASSWORD=${PASSWORD:-admin}' >> /app/entrypoint.sh && \
+    echo 'exec ./nerd-monitor-server -addr "$ADDR" -port "$PORT" -username "$USERNAME" -password "$PASSWORD"' >> /app/entrypoint.sh && \
+    chmod +x /app/entrypoint.sh
+
 # Create non-root user
-RUN addgroup -D appgroup && adduser -D appuser -G appgroup
+RUN addgroup -g 1000 appgroup && adduser -D -u 1000 -G appgroup appuser
 USER appuser
 
 # Expose port
@@ -43,14 +52,5 @@ EXPOSE 8080
 HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
     CMD wget --quiet --tries=1 --spider http://localhost:8080/login || exit 1
 
-# Create entrypoint script to handle environment variables
-RUN echo '#!/bin/sh\n\
-ADDR=${ADDR:-0.0.0.0}\n\
-PORT=${PORT:-8080}\n\
-USERNAME=${USERNAME:-admin}\n\
-PASSWORD=${PASSWORD:-admin}\n\
-exec ./nerd-monitor-server -addr "$ADDR" -port "$PORT" -username "$USERNAME" -password "$PASSWORD"\n\
-' > /app/entrypoint.sh && chmod +x /app/entrypoint.sh
-
 # Run the server
 ENTRYPOINT ["/app/entrypoint.sh"]

docker-compose.yml

@@ -1,5 +1,3 @@
-version: '3.8'
-
 # ============================================================================
 # Nerd Monitor Docker Compose Configuration
 # ============================================================================
@@ -40,7 +38,6 @@ services:
       context: .
       dockerfile: Dockerfile.server
     container_name: nerd-monitor-server
-    image: nerd-monitor-server:latest
     ports:
       - "8080:8080"
     environment:
@@ -82,7 +79,6 @@ services:
     build:
       context: .
       dockerfile: Dockerfile.agent
-    image: nerd-monitor-agent:latest
     environment:
       # Agent configuration
       SERVER: "server:8080"        # Connect to the server service