Fix readonly filesystem issues - use bind mount for storage and .env in /app/data
This commit is contained in:
Your Name
@@ -55,6 +55,10 @@ RUN cd /app/code && \
|
|||||||
rm -rf node_modules && \
|
rm -rf node_modules && \
|
||||||
chown -R cloudron:cloudron /app/code/public
|
chown -R cloudron:cloudron /app/code/public
|
||||||
|
|
||||||
|
# Remove storage directory as it will be mounted from /run
|
||||||
|
RUN rm -rf /app/code/storage && \
|
||||||
|
mkdir -p /app/code/storage
|
||||||
|
|
||||||
# Copy configuration files
|
# Copy configuration files
|
||||||
COPY nginx.conf /etc/nginx/sites-available/default
|
COPY nginx.conf /etc/nginx/sites-available/default
|
||||||
COPY supervisor.conf /etc/supervisor/conf.d/anonaddy.conf
|
COPY supervisor.conf /etc/supervisor/conf.d/anonaddy.conf
|
||||||
@@ -80,9 +84,11 @@ RUN mkdir -p /tmp/data && \
|
|||||||
# Set permissions
|
# Set permissions
|
||||||
RUN chmod +x /app/code/start.sh && \
|
RUN chmod +x /app/code/start.sh && \
|
||||||
chown -R cloudron:cloudron /app/code && \
|
chown -R cloudron:cloudron /app/code && \
|
||||||
chmod -R 755 /app/code/storage && \
|
|
||||||
chmod -R 755 /app/code/bootstrap/cache
|
chmod -R 755 /app/code/bootstrap/cache
|
||||||
|
|
||||||
|
# Create volume mount points for writable directories
|
||||||
|
VOLUME ["/app/data", "/run", "/tmp"]
|
||||||
|
|
||||||
# Configure PHP-FPM to run as cloudron user
|
# Configure PHP-FPM to run as cloudron user
|
||||||
RUN sed -i 's/user = www-data/user = cloudron/g' /etc/php/8.3/fpm/pool.d/www.conf && \
|
RUN sed -i 's/user = www-data/user = cloudron/g' /etc/php/8.3/fpm/pool.d/www.conf && \
|
||||||
sed -i 's/group = www-data/group = cloudron/g' /etc/php/8.3/fpm/pool.d/www.conf && \
|
sed -i 's/group = www-data/group = cloudron/g' /etc/php/8.3/fpm/pool.d/www.conf && \
|
||||||
|
|||||||
25
start.sh
25
start.sh
@@ -14,13 +14,12 @@ fi
|
|||||||
chown -R cloudron:cloudron /app/data
|
chown -R cloudron:cloudron /app/data
|
||||||
chmod -R 755 /app/data/storage
|
chmod -R 755 /app/data/storage
|
||||||
|
|
||||||
# Link storage directory to Laravel storage
|
# Bind mount storage to /app/code/storage
|
||||||
rm -rf /app/code/storage
|
mount --bind /app/data/storage /app/code/storage
|
||||||
ln -sf /app/data/storage /app/code/storage
|
|
||||||
|
|
||||||
# Create .env file
|
# Create .env file in /app/data
|
||||||
echo "==> Configuring application environment"
|
echo "==> Configuring application environment"
|
||||||
cat > /app/code/.env <<EOF
|
cat > /app/data/.env <<EOF
|
||||||
APP_NAME="AnonAddy"
|
APP_NAME="AnonAddy"
|
||||||
APP_ENV=production
|
APP_ENV=production
|
||||||
APP_DEBUG=false
|
APP_DEBUG=false
|
||||||
@@ -73,17 +72,21 @@ LOG_LEVEL=info
|
|||||||
BCRYPT_ROUNDS=12
|
BCRYPT_ROUNDS=12
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
# Create symlink for .env in /run (writable location)
|
||||||
|
ln -sf /app/data/.env /run/.env
|
||||||
|
ln -sf /app/data/.env /app/code/.env 2>/dev/null || true
|
||||||
|
|
||||||
# Generate APP_KEY if it doesn't exist
|
# Generate APP_KEY if it doesn't exist
|
||||||
if [ ! -f "/app/data/app_key" ]; then
|
if [ ! -f "/app/data/app_key" ]; then
|
||||||
echo "==> Generating application key"
|
echo "==> Generating application key"
|
||||||
cd /app/code
|
cd /app/code
|
||||||
sudo -u cloudron php artisan key:generate --force
|
sudo -u cloudron php artisan key:generate --force
|
||||||
# Save the key to persistent storage
|
# Save the key to persistent storage
|
||||||
grep "APP_KEY=" /app/code/.env | cut -d= -f2 > /app/data/app_key
|
grep "APP_KEY=" /app/data/.env | cut -d= -f2 > /app/data/app_key
|
||||||
else
|
else
|
||||||
echo "==> Using existing application key"
|
echo "==> Using existing application key"
|
||||||
APP_KEY=$(cat /app/data/app_key)
|
APP_KEY=$(cat /app/data/app_key)
|
||||||
sed -i "s|APP_KEY=.*|APP_KEY=${APP_KEY}|g" /app/code/.env
|
sed -i "s|APP_KEY=.*|APP_KEY=${APP_KEY}|g" /app/data/.env
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Generate ANONADDY_SECRET if it doesn't exist
|
# Generate ANONADDY_SECRET if it doesn't exist
|
||||||
@@ -91,16 +94,16 @@ if [ ! -f "/app/data/anonaddy_secret" ]; then
|
|||||||
echo "==> Generating AnonAddy secret"
|
echo "==> Generating AnonAddy secret"
|
||||||
ANONADDY_SECRET=$(openssl rand -hex 32)
|
ANONADDY_SECRET=$(openssl rand -hex 32)
|
||||||
echo "$ANONADDY_SECRET" > /app/data/anonaddy_secret
|
echo "$ANONADDY_SECRET" > /app/data/anonaddy_secret
|
||||||
echo "ANONADDY_SECRET=${ANONADDY_SECRET}" >> /app/code/.env
|
echo "ANONADDY_SECRET=${ANONADDY_SECRET}" >> /app/data/.env
|
||||||
else
|
else
|
||||||
echo "==> Using existing AnonAddy secret"
|
echo "==> Using existing AnonAddy secret"
|
||||||
ANONADDY_SECRET=$(cat /app/data/anonaddy_secret)
|
ANONADDY_SECRET=$(cat /app/data/anonaddy_secret)
|
||||||
echo "ANONADDY_SECRET=${ANONADDY_SECRET}" >> /app/code/.env
|
echo "ANONADDY_SECRET=${ANONADDY_SECRET}" >> /app/data/.env
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Set proper ownership
|
# Set proper ownership
|
||||||
chown cloudron:cloudron /app/code/.env
|
chown cloudron:cloudron /app/data/.env
|
||||||
chmod 640 /app/code/.env
|
chmod 640 /app/data/.env
|
||||||
|
|
||||||
# Run database migrations
|
# Run database migrations
|
||||||
echo "==> Running database migrations"
|
echo "==> Running database migrations"
|
||||||
|
|||||||
Reference in New Issue
Block a user