mirror of https://github.com/Chocobozzz/PeerTube
use gosu to fix /data permissions errors
parent
864e782bc2
commit
399d20eae6
|
@ -50,18 +50,6 @@ balancer, although any HTTP reverse proxy will work fine. See the example
|
|||
Nginx configuration `support/nginx/peertube` file to get an idea of
|
||||
recommendations and requirements to run PeerTube the most efficiently.
|
||||
|
||||
When starting the containers for the first time, you will get permissions errors for the data volume, like this one:
|
||||
|
||||
```
|
||||
Error: EACCES: permission denied, mkdir '/data/logs'
|
||||
```
|
||||
|
||||
The peertube user inside the container has a UID and GID of 991 so you have to change the folder's owner, in the case you're using `./data`:
|
||||
|
||||
```
|
||||
chown -R 991:991 data/
|
||||
```
|
||||
|
||||
**Important**: note that you'll get the initial `root` user password from the
|
||||
program output, so check out your logs to find them.
|
||||
|
||||
|
|
|
@ -1,13 +1,45 @@
|
|||
FROM node:8-stretch
|
||||
|
||||
RUN set -ex; \
|
||||
if ! command -v gpg > /dev/null; then \
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends \
|
||||
gnupg \
|
||||
dirmngr \
|
||||
; \
|
||||
rm -rf /var/lib/apt/lists/*; \
|
||||
fi
|
||||
|
||||
# Install dependencies
|
||||
RUN apt-get update \
|
||||
&& apt-get -y install ffmpeg \
|
||||
&& rm /var/lib/apt/lists/* -fR
|
||||
|
||||
# Add peertube user
|
||||
RUN groupadd -g 991 peertube \
|
||||
&& useradd -u 991 -g peertube -m peertube
|
||||
RUN groupadd -r peertube \
|
||||
&& useradd -r -g peertube -m peertube
|
||||
|
||||
# grab gosu for easy step-down from root
|
||||
# https://github.com/tianon/gosu/releases
|
||||
ENV GOSU_VERSION 1.10
|
||||
RUN set -ex; \
|
||||
\
|
||||
fetchDeps='ca-certificates wget'; \
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends $fetchDeps; \
|
||||
rm -rf /var/lib/apt/lists/*; \
|
||||
\
|
||||
dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
|
||||
wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
|
||||
wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
|
||||
gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
|
||||
rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc; \
|
||||
chmod +x /usr/local/bin/gosu; \
|
||||
gosu nobody true; \
|
||||
\
|
||||
apt-get purge -y --auto-remove wget
|
||||
|
||||
# Download the latest version
|
||||
RUN git clone https://github.com/Chocobozzz/PeerTube /app \
|
||||
|
@ -25,7 +57,13 @@ RUN cp /app/config/default.yaml /app/support/docker/production/config/default.ya
|
|||
ENV NODE_ENV production
|
||||
ENV NODE_CONFIG_DIR /app/support/docker/production/config
|
||||
|
||||
USER root
|
||||
RUN mkdir /data && chown peertube:peertube /data
|
||||
VOLUME /data
|
||||
|
||||
COPY docker-entrypoint.sh /usr/local/bin/
|
||||
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||
|
||||
# Run the application
|
||||
CMD ["npm", "start"]
|
||||
VOLUME ["/data"]
|
||||
EXPOSE 9000
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
# first arg is `-f` or `--some-option`
|
||||
# or first arg is `something.conf`
|
||||
if [ "${1#-}" != "$1" ] || [ "${1%.conf}" != "$1" ]; then
|
||||
set -- npm "$@"
|
||||
fi
|
||||
|
||||
# allow the container to be started with `--user`
|
||||
if [ "$1" = 'npm' -a "$(id -u)" = '0' ]; then
|
||||
chown -R peertube: /data
|
||||
exec gosu peertube "$0" "$@"
|
||||
fi
|
||||
|
||||
exec "$@"
|
Loading…
Reference in New Issue