Add rootless support for geonode-docker, with minimal modifications #55
Description
Hello all!
We're already finished some modifications to make GeoNode stack to run as rootless and our tests got some good results.
To make GeoNode rootless is important because some k8s-based systems needs to lower security requirements to run as root (K8s RoleBinding to run as root, with a specified ServiceAccount), and we can met with some best practices with docker containers.
We are proposing some modifications in geoserver, geoserver-data, nginx and letsencrypt images, part of them are on this repo, and Django/Celery in the main GeoNode repo. Because of this, we will split this issue into two pull requests: One for the geonode-docker and other for the main repo (and the geonode-project, either)
We are not proposing to make changes for the non-GeoNode images (PostgreSQL, RabbitMQ and Memcached), because Bitnami has a rootless images of Postgres, with PostGIS support, memcached and RabbitMQ, and if you want to make all the stack rootless, we think that change the base images from docker-library to bitnami should do the work.
So, we are finishing this first pull request with some minimal modifications to allow geoserver (and data), nginx and lets encrypt to run with a non-privileged user.
Least, not last, I have a little question: Why source the .bashrc, in addition to coloring terminal and bash-completion?
please help me @giohappy :)