Ok. I think I might be getting closer. I read somewhere in this forum about problems running as root, and then I stumbled up on this post here that suggests running through an entrypoint.sh script.
So, I reworked the dockerfile to create an ‘appuser’ and install the forman globally as that user. Then transition to that user, when running the entrypoint.sh script.
FROM varnish:fresh-alpine as alpine
RUN apk add --update nodejs npm
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
RUN npm --global config set user appuser && \
npm --global install foreman
RUN mkdir /app
RUN chown -R appuser:appgroup /app
WORKDIR /app
COPY default.vcl /etc/varnish/default.vcl
COPY . .
RUN chmod +x /app/entrypoint.sh
RUN npm install --production
EXPOSE 3000 8080 443
USER appuser
ENTRYPOINT ["sh","./entrypoint.sh", "nf", "start"]
USER root
And then in entrypoint.sh:
#!/bin/sh
chown -R appuser:appgroup /app
su - appuser
exec "$@"
Again, builds and runs locally, fails on Fly.io though.