maybe it's about perms?

2025-10-15 13:38:41 +03:00
parent 54daf46d06
commit 529dd0460d
3 changed files with 62 additions and 5 deletions
--- a/.env.example
+++ b/.env.example
@@ -12,8 +12,8 @@ GID=1000
 ADMIN_TOKEN=your-secure-admin-token-here

 # Optional: Service configuration (defaults shown)
-DEPLOY_ROOT=/var/www/tingz-docs
-RELEASE_ROOT=/var/www/tingz-deploys
+DEPLOY_ROOT=/var/www/docs
+RELEASE_ROOT=/var/www/deploys
 DB_PATH=/data/deployer.db

 # Optional: Upload and retention settings
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -7,10 +7,12 @@ services:
      args:
        UID: ${UID}
        GID: ${GID}
+    # for the volumes below, ensure the server user has write access
+    # "server user" is the user that UID and GID's are passed with env variables
    volumes:
-      - ./data:/data
-      - ./docs:/var/www/docs
-      - ./deploys:/var/www/deploys
+      - ./volumes/data:/data # SQLite DB
+      - ./volumes/docs:/var/www/docs # published files
+      - ./volumes/deploys:/var/www/deploys # releases
    ports:
      - "${HOST}:${PORT}:8080"
    user: "${UID}:${GID}"
--- a/pre-docker-deploy.sh
+++ b/pre-docker-deploy.sh
@@ -0,0 +1,55 @@
+#!/usr/bin/env bash
+set -euxo pipefail
+
+echo "=== tingz pre-docker script ==="
+echo "This script assumes you're running it on a Debian 12+ system."
+echo "This script assumes you haven't created a tingz user & group yet."
+echo "This script assumes you are using the default volumes directory structure."
+echo
+echo "Description:"
+echo "This script creates a tingz user & group,"
+echo "creates and sets permissions for volumes,"
+echo "and creates a .env.development file."
+echo
+
+echo "1. Check dependencies"
+commands=(docker adduser addgroup cut getent)
+for cmd in "${commands[@]}"; do
+  if ! command -v "$cmd" &> /dev/null; then
+    echo "Error: $cmd could not be found"
+    exit 1
+  fi
+done
+
+echo "2. Add tingz user & group"
+addgroup --system tingz
+GID=$(getent group tingz | cut -d: -f3)
+adduser --ingroup tingz --system --no-create-home --uid ${GID} --shell /usr/sbin/nologin tingz
+
+echo "3. Verify tingz group and user"
+getent group tingz
+getent passwd tingz
+
+echo "4. Create and set permissions for volumes"
+mkdir -p volumes/data volumes/docs volumes/deploys
+chown -R tingz:tingz volumes
+
+echo "5. Create .env.development file"
+cat > .env.tmp << EOF
+#ADMIN_TOKEN=
+HOST=127.0.0.1
+PORT=8080
+UID=${GID}
+GID=${GID}
+DEPLOY_ROOT=/var/www/docs
+RELEASE_ROOT=/var/www/deploys
+DB_PATH=/data/deployer.db
+MAX_UPLOAD_SIZE=104857600
+EOF
+
+echo "Please verify .env.temp and move into .env if everything is correct"
+echo "=== .env.tmp ==="
+cat .env.tmp
+echo "=== .env ==="
+
+echo "Done"