Cutlery/immich
1
0
Fork 1
mirror of https://github.com/immich-app/immich.git synced 2025-07-09 03:04:16 -04:00
Code Issues Packages Projects Releases Wiki Activity

chore: docker permissions

Browse Source
This commit is contained in:
Min Idzelis 2025-07-05 16:24:17 +00:00
parent 139b9694db
commit 315615c8a9
3 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docker/docker-compose.dev.yml
View File

@ -35,6 +35,7 @@ services:
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
user: ${S_UID:-0}:${S_GID:-0}
environment:
IMMICH_REPOSITORY: immich-app/immich
IMMICH_REPOSITORY_URL: https://github.com/immich-app/immich
@ -66,8 +67,8 @@ services:
immich-web:
container_name: immich_web
image: immich-web-dev:latest
# Needed for rootless docker setup, see https://github.com/moby/moby/issues/45919
# user: 0:0
# user: 0:0 needed for rootless docker setup, see https://github.com/moby/moby/issues/45919
user: ${W_UID:-1000}:${W_GID:-1000}
build:
context: ../
dockerfile: web/Dockerfile

17
server/Dockerfile
View File

@ -6,7 +6,12 @@ RUN apt-get update && apt-get install --no-install-recommends -yqq tini make
WORKDIR /usr/src/app
COPY ./server/package* ./server/
WORKDIR /usr/src/app/server
RUN npm ci && \
RUN echo "umask 000" >> /etc/profile && \
echo "umask 000" >> /etc/bash.bashrc && \
umask 000 && \
chmod o+wx /usr/src/app && \
chmod o+wx /usr/src/app/server && \
npm ci && \
# exiftool-vendored.pl, sharp-linux-x64 and sharp-linux-arm64 are the only ones we need
# they're marked as optional dependencies, so we need to copy them manually after pruning
rm -rf node_modules/@img/sharp-libvips* && \
@ -28,17 +33,14 @@ RUN apt-get update && \
RUN usermod -aG sudo node
RUN echo "node ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
RUN mkdir -p /workspaces/immich
RUN chown node -R /workspaces
COPY --chown=node:node --chmod=777 ../.devcontainer/server/*.sh /immich-devcontainer/
COPY --chmod=777 ../.devcontainer/server/*.sh /immich-devcontainer/
USER node
COPY --chown=node:node .. /tmp/create-dep-cache/
COPY .. /tmp/create-dep-cache/
WORKDIR /tmp/create-dep-cache
RUN make ci-all && rm -rf /tmp/create-dep-cache
FROM dev-container-server AS dev-container-mobile
USER root
# Enable multiarch for arm64 if necessary
RUN if [ "$(dpkg --print-architecture)" = "arm64" ]; then \
dpkg --add-architecture amd64 && \
@ -64,7 +66,6 @@ RUN mkdir -p ${FLUTTER_HOME} \
&& rm flutter.tar.xz \
&& chown -R node ${FLUTTER_HOME}
USER node
RUN sudo apt-get update \
&& wget -qO- https://dcm.dev/pgp-key.public | sudo gpg --dearmor -o /usr/share/keyrings/dcm.gpg \
&& echo 'deb [signed-by=/usr/share/keyrings/dcm.gpg arch=amd64] https://dcm.dev/debian stable main' | sudo tee /etc/apt/sources.list.d/dart_stable.list \

5
web/Dockerfile
View File

@ -9,7 +9,10 @@ COPY --chown=node:node ./open-api ./open-api/
COPY --chown=node:node Makefile ./
WORKDIR /usr/src/app/web
RUN npm ci
RUN umask 000 && \
find /usr/src/app -type d -exec chmod o+rwx {} \; && \
find /usr/src/app -type f -exec chmod o+rw {} \; && \
npm ci
ENV CHOKIDAR_USEPOLLING=true
EXPOSE 24678