From 251a5392ef0d2b9dcb59f13e1d0f2717432e5b97 Mon Sep 17 00:00:00 2001 From: hyungi Date: Wed, 10 Jun 2026 15:11:03 +0900 Subject: [PATCH] =?UTF-8?q?fix(services):=20playwright-fetcher=20pwuser=20?= =?UTF-8?q?=EC=8B=A4=ED=96=89=20=E2=80=94=20root=20Chromium=20sandbox=20?= =?UTF-8?q?=ED=95=A8=EC=A0=95=20=ED=9A=8C=ED=94=BC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Claude Fable 5 --- services/playwright-fetcher/Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/services/playwright-fetcher/Dockerfile b/services/playwright-fetcher/Dockerfile index 86d0487..aa7c9e2 100644 --- a/services/playwright-fetcher/Dockerfile +++ b/services/playwright-fetcher/Dockerfile @@ -9,6 +9,10 @@ RUN pip install --no-cache-dir -r requirements.txt COPY server.py . +# root 로 Chromium 실행 시 sandbox 비활성 강제됨 — 이미지 내장 pwuser(uid 1000)로 실행. +# /auth ro mount(호스트 hyungi uid 1000, mode 600)도 동일 uid 라 판독 가능. +USER pwuser + # internal-only — compose 네트워크 전용, host 포트 미매핑 (caddy 라우트 금지) EXPOSE 3400 CMD ["uvicorn", "server:app", "--host", "0.0.0.0", "--port", "3400"]