How to run an nginx container as non root?

Question

Every time I try to run the container as non root, I get the following error:

 the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:2

Dockerfile:

FROM nginx:1.17.6
RUN chown -R nginx:nginx /var/cache/nginx && \
        chown -R nginx:nginx /var/log/nginx && \
        chown -R nginx:nginx /etc/nginx/conf.d
RUN chmod -R 777 /etc/nginx/conf.d

USER nginx

COPY app/build /usr/share/nginx/html

RUN rm /etc/nginx/conf.d/default.conf

COPY nginx/nginx.conf /etc/nginx/conf.d


CMD ["nginx","-g","daemon off;"]

Answer 1

Use the rootless docker-imager from nginx.

Image

nginxinc/nginx-unprivileged  

DockerHub
https://hub.docker.com/r/nginxinc/nginx-unprivileged

GitHub
https://github.com/nginxinc/docker-nginx-unprivileged

Answer 2

You can remove (or comment) the user directive at the top of your nginx.conf file.

This directive is relevant when you run nginx as root. It defines the user possessing the pid of your nginx subprocesses.

When you don't run nginx as root this directive is irrelevant, your nginx subprocesses run with your current user.