From 529dd0460d631285995841d8344d0b2cf1e1d234 Mon Sep 17 00:00:00 2001 From: Yigid BALABAN Date: Wed, 15 Oct 2025 13:38:41 +0300 Subject: [PATCH] maybe it's about perms? --- .env.example | 4 ++-- docker-compose.yml | 8 ++++--- pre-docker-deploy.sh | 55 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 62 insertions(+), 5 deletions(-) create mode 100644 pre-docker-deploy.sh diff --git a/.env.example b/.env.example index 6cf0d10..b70382b 100644 --- a/.env.example +++ b/.env.example @@ -12,8 +12,8 @@ GID=1000 ADMIN_TOKEN=your-secure-admin-token-here # Optional: Service configuration (defaults shown) -DEPLOY_ROOT=/var/www/tingz-docs -RELEASE_ROOT=/var/www/tingz-deploys +DEPLOY_ROOT=/var/www/docs +RELEASE_ROOT=/var/www/deploys DB_PATH=/data/deployer.db # Optional: Upload and retention settings diff --git a/docker-compose.yml b/docker-compose.yml index 2e24efc..e31c409 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,10 +7,12 @@ services: args: UID: ${UID} GID: ${GID} + # for the volumes below, ensure the server user has write access + # "server user" is the user that UID and GID's are passed with env variables volumes: - - ./data:/data - - ./docs:/var/www/docs - - ./deploys:/var/www/deploys + - ./volumes/data:/data # SQLite DB + - ./volumes/docs:/var/www/docs # published files + - ./volumes/deploys:/var/www/deploys # releases ports: - "${HOST}:${PORT}:8080" user: "${UID}:${GID}" diff --git a/pre-docker-deploy.sh b/pre-docker-deploy.sh new file mode 100644 index 0000000..c78a2f2 --- /dev/null +++ b/pre-docker-deploy.sh @@ -0,0 +1,55 @@ +#!/usr/bin/env bash +set -euxo pipefail + +echo "=== tingz pre-docker script ===" +echo "This script assumes you're running it on a Debian 12+ system." +echo "This script assumes you haven't created a tingz user & group yet." +echo "This script assumes you are using the default volumes directory structure." +echo +echo "Description:" +echo "This script creates a tingz user & group," +echo "creates and sets permissions for volumes," +echo "and creates a .env.development file." +echo + +echo "1. Check dependencies" +commands=(docker adduser addgroup cut getent) +for cmd in "${commands[@]}"; do + if ! command -v "$cmd" &> /dev/null; then + echo "Error: $cmd could not be found" + exit 1 + fi +done + +echo "2. Add tingz user & group" +addgroup --system tingz +GID=$(getent group tingz | cut -d: -f3) +adduser --ingroup tingz --system --no-create-home --uid ${GID} --shell /usr/sbin/nologin tingz + +echo "3. Verify tingz group and user" +getent group tingz +getent passwd tingz + +echo "4. Create and set permissions for volumes" +mkdir -p volumes/data volumes/docs volumes/deploys +chown -R tingz:tingz volumes + +echo "5. Create .env.development file" +cat > .env.tmp << EOF +#ADMIN_TOKEN= +HOST=127.0.0.1 +PORT=8080 +UID=${GID} +GID=${GID} +DEPLOY_ROOT=/var/www/docs +RELEASE_ROOT=/var/www/deploys +DB_PATH=/data/deployer.db +MAX_UPLOAD_SIZE=104857600 +EOF + +echo "Please verify .env.temp and move into .env if everything is correct" +echo "=== .env.tmp ===" +cat .env.tmp +echo "=== .env ===" + +echo "Done" \ No newline at end of file