rooty/fab-manager
1
0
Fork 0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2025-02-19 13:54:25 +01:00
Code Issues Releases Activity

Run the docker image with the system user

Browse Source
This commit is contained in:
Sylvain 2022-06-13 14:11:43 +02:00
parent eba9c43809
commit e51e736eb9
5 changed files with 46 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@ -4,8 +4,10 @@
- Improved docker image building time
- Use relative paths in mount scripts
- During the setup, auto configure the main domain
- Run the docker image with the system user
- During the setup, autoconfigure the main domain
- Fix a bug: unable to generate the secret key base during the setup
- [TODO DEPLOY] `\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/scripts/set-docker-user.sh | bash`
## v5.4.4 2022 June 8

4
Dockerfile
View File

@ -52,7 +52,9 @@ RUN mkdir -p /var/log/supervisor && \
mkdir -p /usr/src/app/tmp/sockets && \
mkdir -p /usr/src/app/tmp/pids && \
mkdir -p /usr/src/app/tmp/cache && \
chmod -R a+w /usr/src/app/tmp
mkdir -p /usr/src/app/log && \
chmod -R a+w /usr/src/app/tmp && \
chmod -R a+w /usr/src/app/log
# Install Javascript packages
WORKDIR /usr/src/app

36
scripts/set-docker-user.sh Executable file
View File

@ -0,0 +1,36 @@
#!/usr/bin/env bash
yq() {
docker run --rm -i -v "${PWD}:/workdir" mikefarah/yq:4 "$@"
}
config()
{
echo -ne "Checking user... "
if [[ "$(whoami)" != "root" ]] && ! groups | grep docker
then
echo "Please add your current user to the docker group OR run this script as root."
echo "current user is not allowed to use docker, exiting..."
exit 1
fi
SERVICE="$(yq eval '.services.*.image | select(. == "sleede/fab-manager*") | path | .[-2]' docker-compose.yml)"
echo -e "\n"
}
set_user()
{
CURRENT_VALUE=$(yq eval ".services.$SERVICE.user" docker-compose.yml)
USER_ID="$(id -u):$(id -g)"
if [[ "$CURRENT_VALUE" == "USER_ID" || "$CURRENT_VALUE" == "null" ]]; then
yq -i eval ".services.$SERVICE.user |= \"$USER_ID\"" docker-compose.yml
echo "Service user was set to $USER_ID for $SERVICE"
fi
}
proceed()
{
config
set_user
}
proceed "$@"

5
setup/docker-compose.yml
View File

@ -7,6 +7,7 @@ services:
RACK_ENV: production
env_file:
- ./config/env
user: 1000:100
volumes:
- ./public/packs:/usr/src/app/public/packs
- ./public/uploads:/usr/src/app/public/uploads
@ -23,7 +24,6 @@ services:
- redis
- elasticsearch
restart: always
postgres:
image: postgres:9.6
volumes:
@ -31,7 +31,6 @@ services:
restart: always
environment:
POSTGRES_HOST_AUTH_METHOD: trust
elasticsearch:
image: elasticsearch:5.6
environment:
@ -44,13 +43,11 @@ services:
- ./elasticsearch/config:/usr/share/elasticsearch/config
- ./elasticsearch:/usr/share/elasticsearch/data
restart: always
redis:
image: redis:6-alpine
volumes:
- ./redis:/data
restart: always
nginx:
image: nginx:latest
ports:

3
setup/setup.sh
View File

@ -298,6 +298,9 @@ prepare_docker()
fi
fi
# set the current user in the docker-compose.yml, as the owner of the process
sed -i.bak "s/USER_ID/$(id -u):$(id -g)/g" "$FABMANAGER_PATH/docker-compose.yml"
cd "$FABMANAGER_PATH" && docker-compose pull
}