Upload 32 files
Browse files- Dockerfile +7 -11
- src/server.sh +4 -3
- src/utils.sh +10 -3
Dockerfile
CHANGED
|
@@ -69,8 +69,13 @@ RUN set -eu && \
|
|
| 69 |
mkdir -p /etc/nginx/sites-enabled && \
|
| 70 |
chmod 0777 /etc/nginx/sites-enabled || true && \
|
| 71 |
# Ensure nginx runtime dirs are writable for unprivileged users
|
| 72 |
-
|
| 73 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 74 |
|
| 75 |
COPY --chmod=755 ./src /run/
|
| 76 |
COPY --chmod=755 ./web /var/www/
|
|
@@ -82,15 +87,6 @@ ADD --chmod=755 "https://github.com/qemus/fiano/releases/download/v${VERSION_UTK
|
|
| 82 |
|
| 83 |
VOLUME /storage
|
| 84 |
EXPOSE 22 5900 8006
|
| 85 |
-
WORKDIR /app
|
| 86 |
-
|
| 87 |
-
# Copy app code
|
| 88 |
-
COPY . .
|
| 89 |
-
|
| 90 |
-
# ybyjngamhtcuaupc gsmt
|
| 91 |
-
|
| 92 |
-
# Make the entire /app directory fully writeable for all users
|
| 93 |
-
RUN chmod -R 777 /app
|
| 94 |
|
| 95 |
ENV BOOT="alpine"
|
| 96 |
ENV CPU_CORES="2"
|
|
|
|
| 69 |
mkdir -p /etc/nginx/sites-enabled && \
|
| 70 |
chmod 0777 /etc/nginx/sites-enabled || true && \
|
| 71 |
# Ensure nginx runtime dirs are writable for unprivileged users
|
| 72 |
+
mkdir -p /var/lib/nginx/body /var/log/nginx /var/cache/nginx /var/run && \
|
| 73 |
+
# Prefer setting ownership to the unprivileged UID 1000 used by Spaces;
|
| 74 |
+
# if that fails (image built elsewhere), fall back to world-writable modes.
|
| 75 |
+
chown -R 1000:1000 /var/lib/nginx /var/log/nginx /var/cache/nginx /var/run 2>/dev/null || \
|
| 76 |
+
chmod -R 0777 /var/lib/nginx /var/log/nginx /var/cache/nginx /var/run || true && \
|
| 77 |
+
mkdir -p /run/shm && touch /run/shm/websocketd.log && chown 1000:1000 /run/shm/websocketd.log 2>/dev/null || \
|
| 78 |
+
chmod 0666 /run/shm/websocketd.log || true
|
| 79 |
|
| 80 |
COPY --chmod=755 ./src /run/
|
| 81 |
COPY --chmod=755 ./web /var/www/
|
|
|
|
| 87 |
|
| 88 |
VOLUME /storage
|
| 89 |
EXPOSE 22 5900 8006
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 90 |
|
| 91 |
ENV BOOT="alpine"
|
| 92 |
ENV CPU_CORES="2"
|
src/server.sh
CHANGED
|
@@ -48,9 +48,10 @@ if [[ "${WEB:-}" != [Nn]* ]]; then
|
|
| 48 |
# Start webserver
|
| 49 |
nginx -e stderr
|
| 50 |
|
| 51 |
-
# Start websocket server
|
| 52 |
-
|
| 53 |
-
|
|
|
|
| 54 |
|
| 55 |
fi
|
| 56 |
|
|
|
|
| 48 |
# Start webserver
|
| 49 |
nginx -e stderr
|
| 50 |
|
| 51 |
+
# Start websocket server — write logs to /run/shm (writable in non-root mode)
|
| 52 |
+
mkdir -p /run/shm
|
| 53 |
+
websocketd --address 127.0.0.1 --port="$WSD_PORT" /run/socket.sh >/run/shm/websocketd.log 2>&1 &
|
| 54 |
+
echo "$!" > /run/websocketd.pid
|
| 55 |
|
| 56 |
fi
|
| 57 |
|
src/utils.sh
CHANGED
|
@@ -77,7 +77,9 @@ setOwner() {
|
|
| 77 |
uid=$(stat -c '%u' "$dir")
|
| 78 |
gid=$(stat -c '%g' "$dir")
|
| 79 |
|
| 80 |
-
! chown "$uid:$gid" "$file"
|
|
|
|
|
|
|
| 81 |
|
| 82 |
return 0
|
| 83 |
}
|
|
@@ -87,13 +89,18 @@ makeDir() {
|
|
| 87 |
local dir uid gid
|
| 88 |
|
| 89 |
[ -d "$path" ] && return 0
|
| 90 |
-
! mkdir -p "$path"
|
|
|
|
|
|
|
|
|
|
| 91 |
|
| 92 |
dir=$(dirname -- "$path")
|
| 93 |
uid=$(stat -c '%u' "$dir")
|
| 94 |
gid=$(stat -c '%g' "$dir")
|
| 95 |
|
| 96 |
-
! chown "$uid:$gid" "$path"
|
|
|
|
|
|
|
| 97 |
|
| 98 |
return 0
|
| 99 |
}
|
|
|
|
| 77 |
uid=$(stat -c '%u' "$dir")
|
| 78 |
gid=$(stat -c '%g' "$dir")
|
| 79 |
|
| 80 |
+
if ! chown "$uid:$gid" "$file" 2>/dev/null; then
|
| 81 |
+
warn "Unable to chown $file to $uid:$gid (continuing without changing owner)"
|
| 82 |
+
fi
|
| 83 |
|
| 84 |
return 0
|
| 85 |
}
|
|
|
|
| 89 |
local dir uid gid
|
| 90 |
|
| 91 |
[ -d "$path" ] && return 0
|
| 92 |
+
if ! mkdir -p "$path" 2>/dev/null; then
|
| 93 |
+
warn "Cannot create directory $path"
|
| 94 |
+
return 1
|
| 95 |
+
fi
|
| 96 |
|
| 97 |
dir=$(dirname -- "$path")
|
| 98 |
uid=$(stat -c '%u' "$dir")
|
| 99 |
gid=$(stat -c '%g' "$dir")
|
| 100 |
|
| 101 |
+
if ! chown "$uid:$gid" "$path" 2>/dev/null; then
|
| 102 |
+
warn "Unable to chown $path to $uid:$gid (continuing)"
|
| 103 |
+
fi
|
| 104 |
|
| 105 |
return 0
|
| 106 |
}
|