Skip to content
Snippets Groups Projects
Verified Commit 8f7748d1 authored by David Beniamine's avatar David Beniamine
Browse files

Enforce file permissions

parent 1c11fec3
Branches
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
.env.sample
+ 3
0
View file @ 8f7748d1
...@@ -3,9 +3,12 @@ COMPOSE_FILE=docker-compose.yml:dev.yml ...@@ -3,9 +3,12 @@ COMPOSE_FILE=docker-compose.yml:dev.yml
# For prod # For prod
#COMPOSE_FILE=docker-compose.yml:traefik.yml #COMPOSE_FILE=docker-compose.yml:traefik.yml
NAME=filebrowser NAME=filebrowser
VERSION=v2
# Hostname for prod `FQDN` ex HOSTS=`files.example.org` # Hostname for prod `FQDN` ex HOSTS=`files.example.org`
HOSTS= HOSTS=
DEV_PORT=8080 DEV_PORT=8080
DATA_PATH=./data/files DATA_PATH=./data/files
UID=1000 UID=1000
GID=1000 GID=1000
DEFAULT_PERMS_DIR=755
DEFAULT_PERMS_FILE=644
docker-compose.yml
+ 7
1
View file @ 8f7748d1
...@@ -2,8 +2,14 @@ version: "3" ...@@ -2,8 +2,14 @@ version: "3"
services: services:
filebrowser: filebrowser:
image: filebrowser/filebrowser:v2 build:
context: docker/
args:
VERSION:
user: "${UID}:${GID}" user: "${UID}:${GID}"
volumes: volumes:
- ./data/database.db:/database.db - ./data/database.db:/database.db
- ${DATA_PATH}:/srv - ${DATA_PATH}:/srv
environment:
DEFAULT_PERMS_DIR:
DEFAULT_PERMS_FILE:
docker/Dockerfile 0 → 100644
+ 6
0
View file @ 8f7748d1
ARG VERSION=v2
FROM filebrowser/filebrowser:${VERSION}
COPY entrypoint.sh /
RUN apk add inotify-tools
ENTRYPOINT '/entrypoint.sh'
docker/entrypoint.sh 0 → 100755
+ 15
0
View file @ 8f7748d1
#!/bin/sh
set_perms() {
inotifywait --monitor --recursive --quiet --event create /srv --format "%w%f" | \
while read f;do
if [ -d "$f" ]; then
chmod -R $DEFAULT_PERMS_DIR "$f"
else
chmod $DEFAULT_PERMS_FILE "$f"
fi
done
}
set_perms &
exec /filebrowser
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment