tmdinosaurcenter/kiosk-guestbook
1
0
Fork 0
mirror of https://github.com/tmdinosaurcenter/kiosk-guestbook.git synced 2026-06-04 00:17:44 -06:00
Code Issues Packages Projects Releases Wiki Activity

fix: resolve volume permission error for non-root container user

Browse Source 
Entrypoint now runs as root, chowns the data directory to appuser,
then drops privileges via gosu before starting Gunicorn. This prevents
sqlite3.OperationalError on mounted volumes owned by root.
This commit is contained in:
Steve Dogiakos
2026-03-09 23:07:49 -06:00
parent 78ef3eeb85
commit 05bcf10614
2 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
entrypoint.sh
+8 -3
View File
@@ -1,7 +1,12 @@
#!/bin/sh
# Fix ownership of the data directory so appuser can write the database.
# This runs as root (no USER directive in Dockerfile) and is safe because
# we immediately drop privileges via gosu before starting the app.
DATA_DIR=$(dirname "${DATABASE_PATH:-/data/guestbook.db}")
chown -R appuser:appuser "$DATA_DIR"
# Process index.html.template to create index.html
# Adjust the path if your template is located somewhere else
envsubst < /app/templates/index.html.template > /app/templates/index.html
# Start Gunicorn; using an environment variable for workers (default is 3)
exec gunicorn --bind 0.0.0.0:8000 app:app --workers ${GUNICORN_WORKERS:-3}
# Drop to appuser and start Gunicorn
exec gosu appuser gunicorn --bind 0.0.0.0:8000 app:app --workers ${GUNICORN_WORKERS:-3}