Enhance Dockerfile and config.py for improved user permissions and default paths
All checks were successful
Docker Build / docker (push) Successful in 22s
All checks were successful
Docker Build / docker (push) Successful in 22s
This commit is contained in:
64
Dockerfile
64
Dockerfile
@@ -1,50 +1,66 @@
|
||||
FROM python:3.11-slim-bookworm
|
||||
|
||||
# Install system dependencies (inotify-tools for extra file watching if needed)
|
||||
# Install gosu for proper privilege dropping
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
gosu \
|
||||
inotify-tools \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Create app user and directories
|
||||
RUN groupadd -r animemgr && useradd -r -g animemgr animemgr \
|
||||
&& mkdir -p /app /drop /media /config /data
|
||||
# Create app user
|
||||
RUN groupadd -r -g 1000 animemgr && useradd -r -u 1000 -g animemgr animemgr
|
||||
|
||||
# Create directories with proper ownership
|
||||
RUN mkdir -p /app /drop /media /config /data /app/logs && \
|
||||
chown -R animemgr:animemgr /config /data /app/logs
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# Install Python dependencies
|
||||
# Install Python dependencies (as root)
|
||||
COPY requirements.txt .
|
||||
RUN pip install --no-cache-dir -r requirements.txt
|
||||
|
||||
# Copy application code
|
||||
COPY core/ ./core/
|
||||
COPY web/ ./web/
|
||||
COPY main.py .
|
||||
COPY --chown=animemgr:animemgr core/ ./core/
|
||||
COPY --chown=animemgr:animemgr web/ ./web/
|
||||
COPY --chown=animemgr:animemgr main.py .
|
||||
|
||||
# Create entrypoint script
|
||||
# Create example config
|
||||
COPY --chown=animemgr:animemgr config.toml.example /app/config.toml.example
|
||||
|
||||
# Entrypoint script that handles permissions and user switching
|
||||
RUN echo '#!/bin/bash\n\
|
||||
set -e\n\
|
||||
\n\
|
||||
# Default IDs\n\
|
||||
USER_ID=${PUID:-1000}\n\
|
||||
GROUP_ID=${PGID:-1000}\n\
|
||||
\n\
|
||||
# Adjust animemgr user/group IDs if requested\n\
|
||||
if [ "$USER_ID" != "1000" ] || [ "$GROUP_ID" != "1000" ]; then\n\
|
||||
groupmod -g "$GROUP_ID" animemgr 2>/dev/null || true\n\
|
||||
usermod -u "$USER_ID" animemgr 2>/dev/null || true\n\
|
||||
fi\n\
|
||||
\n\
|
||||
# Create default config if missing\n\
|
||||
if [ ! -f /config/config.toml ]; then\n\
|
||||
echo "Creating default config.toml..."\n\
|
||||
cp /app/config.toml.example /config/config.toml\n\
|
||||
echo "Please edit /config/config.toml and restart the container"\n\
|
||||
chown animemgr:animemgr /config/config.toml\n\
|
||||
echo "ERROR: Please edit /config/config.toml and restart the container"\n\
|
||||
exit 1\n\
|
||||
fi\n\
|
||||
\n\
|
||||
# Set permissions based on environment variables\n\
|
||||
if [ ! -z "$PUID" ] && [ ! -z "$PGID" ]; then\n\
|
||||
usermod -u "$PUID" animemgr\n\
|
||||
groupmod -g "$PGID" animemgr\n\
|
||||
chown -R animemgr:animemgr /app /data\n\
|
||||
fi\n\
|
||||
# Ensure volume directories are owned by the user\n\
|
||||
chown -R animemgr:animemgr /config /data 2>/dev/null || true\n\
|
||||
\n\
|
||||
exec "$@"' > /entrypoint.sh \
|
||||
&& chmod +x /entrypoint.sh
|
||||
|
||||
# Create example config for first-run detection
|
||||
COPY config.toml.example /app/config.toml.example
|
||||
|
||||
# Switch to non-root (optional - remove if you need root for file permissions)
|
||||
USER animemgr
|
||||
# If drop/media folders are mounted, chown them too (optional, might fail if root-owned host folders)\n\
|
||||
chown animemgr:animemgr /drop /media 2>/dev/null || true\n\
|
||||
\n\
|
||||
# Run as animemgr user\n\
|
||||
exec gosu animemgr "$@"' > /entrypoint.sh && \
|
||||
chmod +x /entrypoint.sh
|
||||
|
||||
# Expose port
|
||||
EXPOSE 5000
|
||||
|
||||
VOLUME ["/config", "/data", "/drop", "/media"]
|
||||
|
||||
@@ -4,14 +4,14 @@ from pathlib import Path
|
||||
|
||||
DEFAULT_CONFIG = {
|
||||
'general': {
|
||||
'drop_folder': '/path/to/drop',
|
||||
'media_folder': '/path/to/media',
|
||||
'drop_folder': "/drop",
|
||||
'media_folder': "/media",
|
||||
'scan_interval': 30,
|
||||
'video_extensions': ['.mkv', '.mp4', '.avi', '.mov', '.webm'],
|
||||
'check_stable_seconds': 5 # Wait for file to be fully written
|
||||
'check_stable_seconds': 5
|
||||
},
|
||||
'renamer': {
|
||||
'script_path': 'rename.py',
|
||||
'script_path': '/app/rename.py',
|
||||
'python_executable': 'python',
|
||||
'default_flags': ['--execute']
|
||||
},
|
||||
@@ -22,7 +22,7 @@ DEFAULT_CONFIG = {
|
||||
'notify_on': ['no_match', 'copy_error', 'rename_error', 'unhandled_exception']
|
||||
},
|
||||
'database': {
|
||||
'path': 'anime_manager.db'
|
||||
'path': '/data/anime_manager.db'
|
||||
},
|
||||
'logging': {
|
||||
'level': 'INFO',
|
||||
@@ -30,7 +30,7 @@ DEFAULT_CONFIG = {
|
||||
}
|
||||
}
|
||||
|
||||
def init_config(config_path='config.toml'):
|
||||
def init_config(config_path='/config/config.toml'):
|
||||
if not os.path.exists(config_path):
|
||||
with open(config_path, 'w') as f:
|
||||
toml.dump(DEFAULT_CONFIG, f)
|
||||
|
||||
Reference in New Issue
Block a user