Fix readonly filesystem issues - use bind mount for storage and .env in /app/data
This commit is contained in:
Your Name
@@ -55,6 +55,10 @@ RUN cd /app/code && \
|
||||
rm -rf node_modules && \
|
||||
chown -R cloudron:cloudron /app/code/public
|
||||
|
||||
# Remove storage directory as it will be mounted from /run
|
||||
RUN rm -rf /app/code/storage && \
|
||||
mkdir -p /app/code/storage
|
||||
|
||||
# Copy configuration files
|
||||
COPY nginx.conf /etc/nginx/sites-available/default
|
||||
COPY supervisor.conf /etc/supervisor/conf.d/anonaddy.conf
|
||||
@@ -80,9 +84,11 @@ RUN mkdir -p /tmp/data && \
|
||||
# Set permissions
|
||||
RUN chmod +x /app/code/start.sh && \
|
||||
chown -R cloudron:cloudron /app/code && \
|
||||
chmod -R 755 /app/code/storage && \
|
||||
chmod -R 755 /app/code/bootstrap/cache
|
||||
|
||||
# Create volume mount points for writable directories
|
||||
VOLUME ["/app/data", "/run", "/tmp"]
|
||||
|
||||
# Configure PHP-FPM to run as cloudron user
|
||||
RUN sed -i 's/user = www-data/user = cloudron/g' /etc/php/8.3/fpm/pool.d/www.conf && \
|
||||
sed -i 's/group = www-data/group = cloudron/g' /etc/php/8.3/fpm/pool.d/www.conf && \
|
||||
|
||||
25
start.sh
25
start.sh
@@ -14,13 +14,12 @@ fi
|
||||
chown -R cloudron:cloudron /app/data
|
||||
chmod -R 755 /app/data/storage
|
||||
|
||||
# Link storage directory to Laravel storage
|
||||
rm -rf /app/code/storage
|
||||
ln -sf /app/data/storage /app/code/storage
|
||||
# Bind mount storage to /app/code/storage
|
||||
mount --bind /app/data/storage /app/code/storage
|
||||
|
||||
# Create .env file
|
||||
# Create .env file in /app/data
|
||||
echo "==> Configuring application environment"
|
||||
cat > /app/code/.env <<EOF
|
||||
cat > /app/data/.env <<EOF
|
||||
APP_NAME="AnonAddy"
|
||||
APP_ENV=production
|
||||
APP_DEBUG=false
|
||||
@@ -73,17 +72,21 @@ LOG_LEVEL=info
|
||||
BCRYPT_ROUNDS=12
|
||||
EOF
|
||||
|
||||
# Create symlink for .env in /run (writable location)
|
||||
ln -sf /app/data/.env /run/.env
|
||||
ln -sf /app/data/.env /app/code/.env 2>/dev/null || true
|
||||
|
||||
# Generate APP_KEY if it doesn't exist
|
||||
if [ ! -f "/app/data/app_key" ]; then
|
||||
echo "==> Generating application key"
|
||||
cd /app/code
|
||||
sudo -u cloudron php artisan key:generate --force
|
||||
# Save the key to persistent storage
|
||||
grep "APP_KEY=" /app/code/.env | cut -d= -f2 > /app/data/app_key
|
||||
grep "APP_KEY=" /app/data/.env | cut -d= -f2 > /app/data/app_key
|
||||
else
|
||||
echo "==> Using existing application key"
|
||||
APP_KEY=$(cat /app/data/app_key)
|
||||
sed -i "s|APP_KEY=.*|APP_KEY=${APP_KEY}|g" /app/code/.env
|
||||
sed -i "s|APP_KEY=.*|APP_KEY=${APP_KEY}|g" /app/data/.env
|
||||
fi
|
||||
|
||||
# Generate ANONADDY_SECRET if it doesn't exist
|
||||
@@ -91,16 +94,16 @@ if [ ! -f "/app/data/anonaddy_secret" ]; then
|
||||
echo "==> Generating AnonAddy secret"
|
||||
ANONADDY_SECRET=$(openssl rand -hex 32)
|
||||
echo "$ANONADDY_SECRET" > /app/data/anonaddy_secret
|
||||
echo "ANONADDY_SECRET=${ANONADDY_SECRET}" >> /app/code/.env
|
||||
echo "ANONADDY_SECRET=${ANONADDY_SECRET}" >> /app/data/.env
|
||||
else
|
||||
echo "==> Using existing AnonAddy secret"
|
||||
ANONADDY_SECRET=$(cat /app/data/anonaddy_secret)
|
||||
echo "ANONADDY_SECRET=${ANONADDY_SECRET}" >> /app/code/.env
|
||||
echo "ANONADDY_SECRET=${ANONADDY_SECRET}" >> /app/data/.env
|
||||
fi
|
||||
|
||||
# Set proper ownership
|
||||
chown cloudron:cloudron /app/code/.env
|
||||
chmod 640 /app/code/.env
|
||||
chown cloudron:cloudron /app/data/.env
|
||||
chmod 640 /app/data/.env
|
||||
|
||||
# Run database migrations
|
||||
echo "==> Running database migrations"
|
||||
|
||||
Reference in New Issue
Block a user