denshooter/oma-memorial
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: entrypoint script fixes data dir permissions at runtime

Browse Source 
Container starts as root, creates data dirs, chowns to nextjs,
then drops to nextjs user via su-exec.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
denshooter
2026-02-18 13:26:27 +01:00
parent f13b1ba878
commit 70ac6c132f
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Dockerfile
+5 -2
View File
@@ -28,7 +28,10 @@ COPY --from=builder /app/public ./public
RUN mkdir -p /app/data/uploads/photos /app/data/uploads/videos /app/data/uploads/music \ RUN mkdir -p /app/data/uploads/photos /app/data/uploads/videos /app/data/uploads/music \
&& chown -R nextjs:nodejs /app/data && chown -R nextjs:nodejs /app/data
USER nextjs # Entrypoint fixes data dir permissions at runtime (volume mount overrides)
RUN apk add --no-cache su-exec \
&& printf '#!/bin/sh\nmkdir -p /app/data/uploads/photos /app/data/uploads/videos /app/data/uploads/music\nchown -R nextjs:nodejs /app/data 2>/dev/null || true\nexec su-exec nextjs node server.js\n' > /app/entrypoint.sh \
&& chmod +x /app/entrypoint.sh
EXPOSE 3000 EXPOSE 3000
CMD ["node", "server.js"] CMD ["/app/entrypoint.sh"]