diff --git a/CHANGELOG.md b/CHANGELOG.md index bc377a56..f98cd9a4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,16 @@ # CHANGELOG +## 2023-06-01 + +### Changed + +* Changed to using a root user for local development. This fixes an issue that was happening where Vite and other JS + related tools where throwing write permission errors when running because the web service would create files as a + non-privileged app user and then JS tools would run as a non-privileged user and then try to write to + directories owned by root. + + ## 2023-06-01 ### Changed diff --git a/config/bash/bashrc b/config/bash/bashrc index 476d890f..a46d9be4 100644 --- a/config/bash/bashrc +++ b/config/bash/bashrc @@ -1,3 +1,14 @@ +# Color prompt +PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' + +# Colorize `ls` output +export SHELL=/bin/bash +export LS_OPTIONS='--color=auto' +eval "`dircolors`" +alias ls='ls $LS_OPTIONS' +alias ll='ls $LS_OPTIONS -l' +alias l='ls $LS_OPTIONS -lA' + # some more ls aliases alias ll='ls -l' alias la='ls -A' diff --git a/config/docker/Dockerfile.web b/config/docker/Dockerfile.web index 990a71f8..a726d06c 100644 --- a/config/docker/Dockerfile.web +++ b/config/docker/Dockerfile.web @@ -38,7 +38,8 @@ RUN apt-get update \ && echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen \ && echo "LANG=en_US.UTF-8" > /etc/locale.conf \ && locale-gen en_US.UTF-8 \ - && rm -rf /var/lib/apt/lists/* + && rm -rf /var/lib/apt/lists/* \ + && echo "\nsource /srv/app/config/bash/bashrc" >> /root/.bashrc ENV VIRTUAL_ENV=/opt/venv ENV LANG=en_US.UTF-8 \ @@ -51,14 +52,8 @@ ENV LANG=en_US.UTF-8 \ WORKDIR /srv/app -RUN set -ex \ - && groupadd -r app && useradd --uid=1000 --create-home --home-dir=/home/app --no-log-init -r -g app app \ - && echo "\nsource ./config/bash/bashrc" >> /home/app/.bashrc - COPY --from=python-requirements --chown=app:app $VIRTUAL_ENV $VIRTUAL_ENV -USER app - EXPOSE 8000/tcp 8001/tcp CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"] @@ -88,14 +83,16 @@ FROM dev as prod WORKDIR /srv/app -USER root +RUN set -ex \ + && groupadd -r app --gid=1000 && useradd --uid=1000 --create-home --home-dir=/home/app --no-log-init -r -g app app \ + && echo "\nsource ./config/bash/bashrc" >> /home/app/.bashrc + +COPY --chown=app:app . . -COPY . . +USER app RUN SECRET_KEY=e python manage.py collectstatic --no-input COPY --from=js_assets --chown=app:app /srv/app/public/static/ ./collected_static -USER app - CMD ["uwsgi", "--ini", "config/uwsgi.ini", "--http", "0.0.0.0:8080"]