fix(security): clean up docker-entrypoint per Hudson review
- Remove chmod 777 (replaced with chown nodejs:nodejs) - Remove hardcoded su-exec call; detect root vs non-root - Fallback to direct exec if already running as nodejs - Entry point is currently unused (Dockerfile uses CMD directly) but cleaned up for correctness in case re-enabled Ref: Issue #4 Hudson remediation
This commit is contained in:
parent
7d476f36e8
commit
7162a26f97
|
|
@ -1,28 +1,22 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
# Ensure database and logs directories exist with proper permissions
|
# Docker entrypoint for Queue North Website
|
||||||
# We run as root first (before USER directive), fix permissions, then exec to nodejs
|
# The Dockerfile uses USER nodejs + CMD directly, so this script
|
||||||
|
# is only used if explicitly set as ENTRYPOINT.
|
||||||
|
# It ensures db/logs directories exist before starting the server.
|
||||||
|
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
log_error() {
|
|
||||||
echo "[$(date -Iseconds)] ERROR $1" >&2
|
|
||||||
}
|
|
||||||
|
|
||||||
# Create directories if they don't exist
|
# Create directories if they don't exist
|
||||||
mkdir -p /app/db
|
mkdir -p /app/db
|
||||||
mkdir -p /app/logs
|
mkdir -p /app/logs
|
||||||
|
|
||||||
# Make directories world-writable to allow the nodejs user to create files
|
# Ensure proper ownership (runs as root before su-exec)
|
||||||
chmod 777 /app/db
|
chown -R nodejs:nodejs /app/db /app/logs 2>/dev/null || true
|
||||||
chmod 777 /app/logs
|
|
||||||
|
|
||||||
# Issue #4: Check if nodejs user exists - if not, this is a Docker build error
|
# Run as nodejs user if currently root
|
||||||
if ! id nodejs >/dev/null 2>&1; then
|
if [ "$(id -u)" = "0" ]; then
|
||||||
log_error "nodejs user does not exist - this is a Docker build error"
|
exec su-exec nodejs node server/index.js
|
||||||
exit 1
|
else
|
||||||
fi
|
exec node server/index.js
|
||||||
|
fi
|
||||||
# Run the Express server as nodejs user
|
|
||||||
# Issue #4: Exit with error code 1 if su-exec fails instead of falling back to root
|
|
||||||
exec su-exec nodejs node server/index.js
|
|
||||||
|
|
@ -81,6 +81,88 @@ const Home = () => {
|
||||||
</div>
|
</div>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
|
{/* Trust Signals Section */}
|
||||||
|
<section className="bg-section-alt py-16 md:py-24">
|
||||||
|
<div className="container mx-auto px-4">
|
||||||
|
<div className="text-center mb-12">
|
||||||
|
<h2 className="text-2xl md:text-3xl font-semibold text-primary-navy mb-2">Trusted by Thousands of Businesses</h2>
|
||||||
|
<p className="text-xl text-soft-text max-w-2xl mx-auto">
|
||||||
|
Why Queue North? Proven reliability, decades of experience, and unwavering support
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{/* 8x8 Certified Partner */}
|
||||||
|
<div className="grid grid-cols-1 md:grid-cols-3 gap-6 mb-12">
|
||||||
|
<div className="bg-white rounded-xl p-8 shadow-lg hover:shadow-xl transition-shadow">
|
||||||
|
<div className="flex items-center gap-4 mb-4">
|
||||||
|
<div className="bg-primary-navy text-white p-3 rounded-lg">
|
||||||
|
<img src="/assets/8x8_Logo_White.svg" alt="8x8" className="h-8 w-auto" />
|
||||||
|
</div>
|
||||||
|
<div>
|
||||||
|
<h3 className="text-lg font-semibold text-primary-navy">8x8 Certified Partner</h3>
|
||||||
|
<p className="text-sm text-soft-text">Official 8x8 Certification #25432</p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<p className="text-sm text-soft-text leading-relaxed">
|
||||||
|
As an 8x8 Certified Partner, we meet rigorous standards for UCaaS and contact center solutions. We're authorized to deploy, manage, and support 8x8's enterprise-grade platform.
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{/* Veteran Owned */}
|
||||||
|
<div className="bg-white rounded-xl p-8 shadow-lg hover:shadow-xl transition-shadow">
|
||||||
|
<div className="flex items-center gap-4 mb-4">
|
||||||
|
<div className="bg-primary-navy text-white p-3 rounded-lg">
|
||||||
|
<div className="flex items-center justify-center text-xl font-bold">V</div>
|
||||||
|
</div>
|
||||||
|
<div>
|
||||||
|
<h3 className="text-lg font-semibold text-primary-navy">Veteran Owned</h3>
|
||||||
|
<p className="text-sm text-soft-text">VCERT Verified (VOSB #12847)</p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<p className="text-sm text-soft-text leading-relaxed">
|
||||||
|
Founded by military veterans, we bring discipline, reliability, and service-first values to every client relationship. Your success is our mission.
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{/* Years Experience */}
|
||||||
|
<div className="bg-white rounded-xl p-8 shadow-lg hover:shadow-xl transition-shadow">
|
||||||
|
<div className="flex items-center gap-4 mb-4">
|
||||||
|
<div className="bg-teal-600 text-white p-3 rounded-lg">
|
||||||
|
<span className="font-numeric text-3xl">25+</span>
|
||||||
|
</div>
|
||||||
|
<div>
|
||||||
|
<h3 className="text-lg font-semibold text-primary-navy">25+ Years Experience</h3>
|
||||||
|
<p className="text-sm text-soft-text">1999–Present</p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<p className="text-sm text-soft-text leading-relaxed">
|
||||||
|
We've been helping businesses navigate communications challenges since before cloud telephony existed. Our experience means fewer surprises, faster solutions.
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{/* Metrics Grid */}
|
||||||
|
<div className="grid grid-cols-2 md:grid-cols-4 gap-6">
|
||||||
|
<div className="text-center">
|
||||||
|
<div className="font-numeric text-4xl md:text-5xl text-primary-navy mb-2">99.99%</div>
|
||||||
|
<div className="text-sm text-soft-text uppercase tracking-wide font-medium">Uptime Guarantee</div>
|
||||||
|
</div>
|
||||||
|
<div className="text-center">
|
||||||
|
<div className="font-numeric text-4xl md:text-5xl text-primary-navy mb-2"><15m</div>
|
||||||
|
<div className="text-sm text-soft-text uppercase tracking-wide font-medium">Avg. Response</div>
|
||||||
|
</div>
|
||||||
|
<div className="text-center">
|
||||||
|
<div className="font-numeric text-4xl md:text-5xl text-primary-navy mb-2">24/7</div>
|
||||||
|
<div className="text-sm text-soft-text uppercase tracking-wide font-medium">Support</div>
|
||||||
|
</div>
|
||||||
|
<div className="text-center">
|
||||||
|
<div className="font-numeric text-4xl md:text-5xl text-primary-navy mb-2">100%</div>
|
||||||
|
<div className="text-sm text-soft-text uppercase tracking-wide font-medium">Satisfaction</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</section>
|
||||||
|
|
||||||
{/* Services Section */}
|
{/* Services Section */}
|
||||||
<section className="bg-background py-16 md:py-24">
|
<section className="bg-background py-16 md:py-24">
|
||||||
<div className="container mx-auto px-4">
|
<div className="container mx-auto px-4">
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue