forked from mirror/pixelfed
opt-in fixing of user/group ownership of files
This commit is contained in:
parent
c64571e46d
commit
c12ef66c56
|
@ -103,7 +103,7 @@ When a Pixelfed container starts up, the [`ENTRYPOINT`](https://docs.docker.com/
|
|||
|
||||
1. Search the `/docker/entrypoint.d/` directory for files and for each file (in lexical order).
|
||||
1. Check if the file is executable.
|
||||
1. If the file is not executable, print an error and exit the container.
|
||||
1. If the file is *not* executable, print an error and exit the container.
|
||||
1. If the file has the extension `.envsh` the file will be [sourced](https://superuser.com/a/46146).
|
||||
1. If the file has the extension `.sh` the file will be run like a normal script.
|
||||
1. Any other file extension will log a warning and will be ignored.
|
||||
|
@ -159,6 +159,15 @@ Please see the
|
|||
* [gomplate syntax documentation](https://docs.gomplate.ca/syntax/)
|
||||
* [gomplate functions documentation](https://docs.gomplate.ca/functions/)
|
||||
|
||||
### Fixing ownership on startup
|
||||
|
||||
You can set the environment variable `ENTRYPOINT_ENSURE_OWNERSHIP_PATHS` to a list of paths that should have their `$USER` and `$GROUP` ownership changed to the configured runtime user and group during container bootstrapping.
|
||||
|
||||
The variable is a space-delimited list shown below and accepts both relative and absolute paths:
|
||||
|
||||
* `ENTRYPOINT_ENSURE_OWNERSHIP_PATHS="./storage ./bootstrap"`
|
||||
* `ENTRYPOINT_ENSURE_OWNERSHIP_PATHS="/some/other/folder"`
|
||||
|
||||
## Build settings (arguments)
|
||||
|
||||
The Pixelfed Dockerfile utilizes [Docker Multi-stage builds](https://docs.docker.com/build/building/multi-stage/) and [Build arguments](https://docs.docker.com/build/guide/build-args/).
|
||||
|
|
|
@ -3,8 +3,8 @@ source /docker/helpers.sh
|
|||
|
||||
entrypoint-set-name "$0"
|
||||
|
||||
# Copy the [storage/] skeleton files over the "real" [storage/] directory so assets are updated between versions
|
||||
run-as-runtime-user cp --recursive storage.skel/* storage/
|
||||
run-as-runtime-user php artisan storage:link
|
||||
|
||||
log-info "Ensure permissions are correct"
|
||||
chown --recursive ${RUNTIME_UID}:${RUNTIME_GID} storage/ bootstrap/
|
||||
# Ensure storage linkk are correctly configured
|
||||
run-as-runtime-user php artisan storage:link
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
#!/bin/bash
|
||||
source /docker/helpers.sh
|
||||
|
||||
entrypoint-set-name "$0"
|
||||
|
||||
# Optionally fix ownership of configured paths
|
||||
: ${ENTRYPOINT_ENSURE_OWNERSHIP_PATHS:=""}
|
||||
|
||||
declare -a ensure_ownership_paths=()
|
||||
IFS=' ' read -a ensure_ownership_paths <<<"$ENTRYPOINT_ENSURE_OWNERSHIP_PATHS"
|
||||
|
||||
if [[ ${#ensure_ownership_paths} == 0 ]]; then
|
||||
log-info "No paths has been configured for ownership fixes via [\$ENTRYPOINT_ENSURE_OWNERSHIP_PATHS]."
|
||||
|
||||
exit 0
|
||||
fi
|
||||
|
||||
for path in "${ensure_ownership_paths[@]}"; do
|
||||
log-info "Ensure ownership of [${path}] correct"
|
||||
chown --recursive ${RUNTIME_UID}:${RUNTIME_GID} "${path}"
|
||||
done
|
Loading…
Reference in New Issue