2025-10-22 19:10:33 -07:00
# Security Configuration
## Non-Root User Support
2025-10-23 19:42:34 -07:00
BentoPDF now uses nginx-unprivileged for enhanced security. This follows the Principle of Least Privilege and is essential for production environments.
2025-10-22 19:10:33 -07:00
### Security Benefits
- **Reduced Attack Surface**: If compromised, attackers won't have root privileges
- **Compliance**: Meets security standards like SOC 2, PCI DSS
- **Kubernetes/OpenShift Compatibility**: Works with security policies that require non-root execution
- **System Protection**: Prevents system-wide damage if the application is compromised
### Usage
2025-10-23 19:42:34 -07:00
#### Default Configuration (nginx-unprivileged)
2025-10-25 15:05:36 +05:30
2025-10-22 19:10:33 -07:00
```bash
docker build -t bentopdf .
2025-10-23 19:42:34 -07:00
docker run -p 8080:8080 bentopdf
2025-10-22 19:10:33 -07:00
```
2025-10-23 19:42:34 -07:00
#### Simple Mode
2025-10-25 15:05:36 +05:30
2025-10-22 19:10:33 -07:00
```bash
2025-10-23 19:42:34 -07:00
# Build with simple mode enabled
docker build --build-arg SIMPLE_MODE=true -t bentopdf-simple .
2025-10-22 19:10:33 -07:00
# Run the container
2025-10-23 19:42:34 -07:00
docker run -p 8080:8080 bentopdf-simple
2025-10-22 19:10:33 -07:00
```
#### Kubernetes Example
2025-10-25 15:05:36 +05:30
2025-10-22 19:10:33 -07:00
```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: bentopdf
spec:
template:
spec:
securityContext:
runAsNonRoot: true
runAsUser: 2000
runAsGroup: 2000
containers:
2025-10-25 15:05:36 +05:30
- name: bentopdf
image: bentopdf:latest
ports:
- containerPort: 8080
2025-10-22 19:10:33 -07:00
```
#### Docker Compose Example
2025-10-25 15:05:36 +05:30
2025-10-22 19:10:33 -07:00
```yaml
version: '3.8'
services:
bentopdf:
build:
context: .
dockerfile: Dockerfile
args:
2025-10-23 19:42:34 -07:00
SIMPLE_MODE: false
2025-10-22 19:10:33 -07:00
ports:
2025-10-25 15:05:36 +05:30
- '8080:8080'
2025-10-22 19:10:33 -07:00
security_opt:
- no-new-privileges:true
```
### Verification
To verify the container is running as non-root:
```bash
# Check the user inside the container
docker exec <container_id> whoami
2025-10-23 19:42:34 -07:00
# Should output: nginx
2025-10-22 19:10:33 -07:00
# Check the user ID
docker exec <container_id> id
2025-10-23 19:42:34 -07:00
# Should show UID/GID for nginx user (typically 101)
2025-10-22 19:10:33 -07:00
```
### Security Best Practices
2025-10-23 19:42:34 -07:00
1. **Use nginx-unprivileged ** : Built-in non-root user with minimal privileges
2. **Regular Updates ** : Keep the base image updated (currently using 1.29-alpine)
3. **Port 8080 ** : Use high port numbers to avoid requiring root privileges
2025-10-22 19:10:33 -07:00
4. **Security Scanning ** : Regularly scan images for vulnerabilities
5. **Network Policies ** : Implement network segmentation
### Troubleshooting
If you encounter permission issues:
2025-10-23 19:42:34 -07:00
1. **Check file ownership ** : Ensure all application files are owned by the nginx user
2. **Verify PID directory ** : Ensure `/etc/nginx/tmp/` directory exists and is writable
3. **Port binding ** : Ensure port 8080 is available and not blocked by firewall
2025-10-22 19:10:33 -07:00
### Migration from Root
If migrating from a root-based setup:
2025-10-23 19:42:34 -07:00
1. Update your Dockerfile to use nginx-unprivileged base image
2. Change port mappings from 80 to 8080 in all configurations
3. Update nginx.conf to use `/etc/nginx/tmp/nginx.pid` for PID file
4. Rebuild your images with the new security settings
5. Update your deployment configurations (Kubernetes, Docker Compose, etc.)
6. Test thoroughly in a staging environment
