Antony Messerli ca7a3390c2 Implement rootless Docker container with enhanced security and preserved TFTP logging (#87) ... * Implement rootless Docker container with preserved TFTP logging - Convert all processes to run as non-root user (nbxyz) for enhanced security - Add customizable PUID/PGID environment variables for volume permission management - Implement privilege dropping using gosu for secure initialization - Optimize Dockerfile with multi-stage build and better caching - Create dnsmasq wrapper script to ensure TFTP logs appear in docker logs - Configure supervisord to properly forward dnsmasq output to container stdout - Maintain full TFTP/PXE boot debugging functionality for users Security improvements: - All application processes (nginx, webapp, dnsmasq) run as nbxyz user - Only supervisord initialization runs as root, then drops privileges - Proper permission management for all service directories - Configurable user/group IDs via PUID/PGID environment variables Performance optimizations: - Multi-stage Docker build reduces final image size - Better layer caching for faster rebuilds - Optimized package installation and cleanup 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Update Dockerfile Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update root/init.sh Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>		2025-06-12 00:19:27 -05:00
..
dnsmasq-wrapper.sh	Implement rootless Docker container with enhanced security and preserved TFTP logging (#87)	2025-06-12 00:19:27 -05:00