fix: auto-fix data/history write permissions in Docker entrypoint
Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
+6
-2
@@ -22,7 +22,8 @@ ENV PORT=3130
|
|||||||
ENV HOSTNAME=0.0.0.0
|
ENV HOSTNAME=0.0.0.0
|
||||||
|
|
||||||
RUN addgroup --system --gid 1001 nodejs \
|
RUN addgroup --system --gid 1001 nodejs \
|
||||||
&& adduser --system --uid 1001 nextjs
|
&& adduser --system --uid 1001 nextjs \
|
||||||
|
&& apk add --no-cache su-exec
|
||||||
|
|
||||||
# standalone 产物
|
# standalone 产物
|
||||||
COPY --from=builder /app/.next/standalone ./
|
COPY --from=builder /app/.next/standalone ./
|
||||||
@@ -35,7 +36,10 @@ RUN mkdir -p /app/data/history \
|
|||||||
&& chown -R nextjs:nodejs /app/data \
|
&& chown -R nextjs:nodejs /app/data \
|
||||||
&& chown -R nextjs:nodejs /app
|
&& chown -R nextjs:nodejs /app
|
||||||
|
|
||||||
USER nextjs
|
COPY scripts/docker-entrypoint.sh /docker-entrypoint.sh
|
||||||
|
RUN chmod +x /docker-entrypoint.sh
|
||||||
|
|
||||||
EXPOSE 3130
|
EXPOSE 3130
|
||||||
|
|
||||||
|
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||||
CMD ["node", "server.js"]
|
CMD ["node", "server.js"]
|
||||||
|
|||||||
@@ -15,6 +15,12 @@ if [[ ! -f .env.local ]]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
mkdir -p data/history
|
mkdir -p data/history
|
||||||
|
# 容器内 nextjs 为 uid/gid 1001;bind mount 会覆盖镜像内 chown,宿主机需一致
|
||||||
|
if chown -R 1001:1001 data/history 2>/dev/null; then
|
||||||
|
echo "==> data/history 权限已设为 1001:1001"
|
||||||
|
else
|
||||||
|
echo "WARN: 无法 chown data/history,将依赖容器 entrypoint 修复权限(需 root 运行容器)"
|
||||||
|
fi
|
||||||
|
|
||||||
echo "==> 当前 commit: $(git rev-parse --short HEAD)"
|
echo "==> 当前 commit: $(git rev-parse --short HEAD)"
|
||||||
echo "==> 拉取最新代码..."
|
echo "==> 拉取最新代码..."
|
||||||
|
|||||||
@@ -0,0 +1,8 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
set -e
|
||||||
|
|
||||||
|
HISTORY_DIR="${HISTORY_DATA_DIR:-/app/data/history}"
|
||||||
|
mkdir -p "$HISTORY_DIR"
|
||||||
|
chown -R nextjs:nodejs "$HISTORY_DIR"
|
||||||
|
|
||||||
|
exec su-exec nextjs "$@"
|
||||||
Reference in New Issue
Block a user