From 53753bc9046f73f64d424460079c1130bb276ab3 Mon Sep 17 00:00:00 2001 From: Klaas van Schelven Date: Wed, 30 Jul 2025 17:06:36 +0200 Subject: [PATCH] non-root docker: create bugsink-owned /data dir without it, won't even build (/data creation happened during build b/c migrations triggered it when the settings were loaded) See #176 --- Dockerfile | 6 +++++- Dockerfile.fromwheel | 6 +++++- bugsink/conf_templates/docker.py.template | 4 ---- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6ace0d6..1f02ff3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -46,7 +46,11 @@ COPY bugsink/conf_templates/docker.py.template bugsink_conf.py # Git is needed by setuptools_scm to get the version from the git tag RUN apt update && apt install -y git RUN pip install -e . -RUN groupadd -r bugsink && useradd -r -g bugsink bugsink + +RUN groupadd -r bugsink \ + && useradd -r -g bugsink bugsink \ + && mkdir -p /data \ + && chown -R bugsink:bugsink /data USER bugsink diff --git a/Dockerfile.fromwheel b/Dockerfile.fromwheel index 96801aa..476011b 100644 --- a/Dockerfile.fromwheel +++ b/Dockerfile.fromwheel @@ -73,7 +73,11 @@ RUN --mount=type=cache,target=/var/cache/buildkit/pip \ COPY bugsink/conf_templates/docker.py.template bugsink_conf.py COPY gunicorn.docker.conf.py /app/ -RUN groupadd -r bugsink && useradd -r -g bugsink bugsink +RUN groupadd -r bugsink \ + && useradd -r -g bugsink bugsink \ + && mkdir -p /data \ + && chown -R bugsink:bugsink /data + USER bugsink RUN ["bugsink-manage", "migrate", "snappea", "--database=snappea"] diff --git a/bugsink/conf_templates/docker.py.template b/bugsink/conf_templates/docker.py.template index ff1ea4a..a390c54 100644 --- a/bugsink/conf_templates/docker.py.template +++ b/bugsink/conf_templates/docker.py.template @@ -103,10 +103,6 @@ else: # which allows for throwaway setups (no volume mounted) to work out of the box. DATABASES['default']['NAME'] = os.getenv("DATABASE_PATH", '/data/db.sqlite3') database_path = os.path.dirname(DATABASES['default']['NAME']) - if not os.path.exists(database_path): - print(f"WARNING: {database_path} dir does not exist; creating it.") - print("WARNING: data will be lost when the container is removed.") - os.makedirs(database_path) if os.getenv("EMAIL_HOST"):