Fix permissions when running dev container as non-root user

I wanted to pass `—user` to `docker-compose` up, but that option doesnt exist. To get around this, I had to record the uid on the host (CURRENT_UID), interpolate the variable in tools/docker-compose.yml, and detect that inside the container. I then piggy-backed on the /etc/passwd hack we use for scenarios with unpredictable uids.
2026-02-01 09:38:10 -03:30 · 2018-10-22 19:02:31 -04:00
parent 7df63830ed
commit a361b5da6e
7 changed files with 23 additions and 23 deletions
--- a/tools/docker-compose/Dockerfile
+++ b/tools/docker-compose/Dockerfile
@@ -59,10 +59,10 @@ EXPOSE 8043 8013 8080 22
 ENTRYPOINT ["/tini", "--"]
 CMD /start_development.sh

-RUN touch /venv/awx/lib/python2.7/site-packages/awx.egg-link
-RUN chmod g+rwx /venv/awx/lib/python2.7/site-packages/awx.egg-link
+# Pre-create things that we need to write to
+RUN for dir in /var/lib/awx/ /projects /.ansible /var/log/nginx /var/lib/nginx /.local; \
+  do mkdir -p $dir; chmod -R g+rwx $dir; chgrp -R root $dir; done

-RUN chmod g+w /etc/passwd
-RUN mkdir -p /projects && chmod g+w /projects
-
-USER ${UID}
+RUN for file in /etc/passwd /supervisor.conf \
+  /venv/awx/lib/python2.7/site-packages/awx.egg-link /var/run/nginx.pid; \
+  do touch $file; chmod -R g+rwx $file; chgrp -R root $file; done