ci: docker_tag=ext - Migrate to Debian base with minimal packages

Dockerfile

@@ -16,33 +16,33 @@ RUN cargo build --release
 FROM debian:bookworm-slim
 RUN apt-get update && apt-get upgrade -y && \
     apt-get install -y --fix-missing \
-    ca-certificates curl jq && \
+    ca-certificates curl jq git && \
     rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
-# Créer l'utilisateur bitcoin
+# Création d'un utilisateur non-root
-RUN useradd -m -d /home/bitcoin -u 1000 bitcoin
+RUN useradd -m -u 1000 appuser && \
+    mkdir -p /app && chown -R appuser:appuser /app
 
 COPY --from=builder /app/target/release/sdk_relay /usr/local/bin/sdk_relay
-RUN chown bitcoin:bitcoin /usr/local/bin/sdk_relay && \
+RUN chmod +x /usr/local/bin/sdk_relay && \
-    chmod 755 /usr/local/bin/sdk_relay
+    chown appuser:appuser /usr/local/bin/sdk_relay
 
 # Configuration via build arg
 ARG CONF
-RUN echo "$CONF" > /home/bitcoin/.conf && \
+RUN echo "$CONF" > /app/.conf && \
-    chown bitcoin:bitcoin /home/bitcoin/.conf && \
+    chown appuser:appuser /app/.conf && \
-    chmod 644 /home/bitcoin/.conf
+    chmod 644 /app/.conf
 
 # Créer le répertoire .4nk avec les bonnes permissions
-RUN mkdir -p /home/bitcoin/.4nk && \
+RUN mkdir -p /app/.4nk && \
-    chown -R bitcoin:bitcoin /home/bitcoin/.4nk && \
+    chown -R appuser:appuser /app/.4nk && \
-    chmod 755 /home/bitcoin/.4nk
+    chmod 755 /app/.4nk
 
-WORKDIR /home/bitcoin
+WORKDIR /app
-USER bitcoin
+USER appuser
-ENV HOME=/home/bitcoin
+ENV HOME=/app
 
-VOLUME ["/home/bitcoin/.4nk"]
+VOLUME ["/app/.4nk"]
-VOLUME ["/home/bitcoin/.bitcoin"]
 
 EXPOSE 8090 8091
-ENTRYPOINT ["sdk_relay", "--config", "/home/bitcoin/.conf"]
+ENTRYPOINT ["sdk_relay", "--config", "/app/.conf"]