diff --git a/debian/Dockerfile b/debian/Dockerfile
index 03612064f6ff96e2267be80faa214c66e30ced63..0aac4a82b91025aae04f1ba4e460af35176ab3e1 100644
--- a/debian/Dockerfile
+++ b/debian/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:12.16.0
+FROM node:12.16.0-slim
# Build arguments to change source url, branch or tag
ARG CODIMD_REPOSITORY=https://github.com/codimd/server.git
@@ -10,6 +10,12 @@ ARG DEBIAN_FRONTEND=noninteractive
ENV DOCKERIZE_VERSION=v0.6.1
ENV NODE_ENV=production
+RUN apt-get update && \
+ apt-get install --no-install-recommends -y \
+ ca-certificates \
+ wget && \
+ rm -r /var/lib/apt/lists/*
+
RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz && \
tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz && \
rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz
@@ -17,19 +23,25 @@ RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSI
ENV GOSU_VERSION 1.11
COPY ["resources/gosu-gpg.key", "/tmp/gosu.key"]
RUN set -ex; \
+ apt-get update && \
+ apt-get install --no-install-recommends -qy \
+ gpg && \
dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
- \
+
# verify the signature
export GNUPGHOME="$(mktemp -d)"; \
gpg --no-tty --import /tmp/gosu.key; \
gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
- \
+
chmod +x /usr/local/bin/gosu; \
# verify that the binary works
- gosu nobody true
+ gosu nobody true && \
+ apt-get autoremove --purge -qy \
+ gpg && \
+ rm -r /var/lib/apt/lists/*
# Add configuraton files
COPY ["resources/config.json", "resources/.sequelizerc", "/files/"]