bellingcat/auto-archiver-api
1
0
Fork 0
mirror of https://github.com/bellingcat/auto-archiver-api.git synced 2026-06-08 03:28:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

fixing docker permissions

Browse Source
This commit is contained in:
msramalho
2026-03-02 16:37:29 +00:00
parent ddbd490b4d
commit 6e857f3bc3
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docker/worker/Dockerfile
View File

@@ -33,6 +33,14 @@ RUN ./poetry-venv/bin/poetry install --without dev --no-root --no-cache
COPY ../../app ./app/
COPY ../../user-groups.* ./app/
# Pre-create directories and fix ownership for non-root user (UID 1000)
# - /crawls: named volume for Browsertrix WACZ crawl data
# - /aa-api: WORKDIR, auto-archiver creates TemporaryDirectory(dir="./") here
# - /aa-api/logs, /aa-api/database, /aa-api/secrets: bind-mounted at runtime
# - /app/.venv: base image venv, seleniumbase downloads chromedriver here at runtime
RUN mkdir -p /crawls /aa-api/logs /aa-api/database /aa-api/secrets && \
chown -R 1000:1000 /crawls /aa-api /app/.venv
# Switch back to non-root user
USER 1000