Prepare SQLite bind mount permissions
This commit is contained in:
@@ -80,6 +80,11 @@ container's network namespace.
|
|||||||
`--sqlite` may point to a SQLite database file or to a directory. When it points
|
`--sqlite` may point to a SQLite database file or to a directory. When it points
|
||||||
to a directory, the scripts use `kosync.sqlite3` inside that directory.
|
to a directory, the scripts use `kosync.sqlite3` inside that directory.
|
||||||
|
|
||||||
|
When run as root, the scripts chown the SQLite directory and existing database
|
||||||
|
file to UID/GID `10001`, matching the published image's `kosync` user. Override
|
||||||
|
with `KOSYNC_UID` and `KOSYNC_GID` only if you run the container with a different
|
||||||
|
runtime user.
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
scripts/import-from-old-redis.sh \
|
scripts/import-from-old-redis.sh \
|
||||||
--old-container kosync \
|
--old-container kosync \
|
||||||
|
|||||||
@@ -7,6 +7,8 @@ IMAGE=sodium/kosync-rs:v2.1.1
|
|||||||
REDIS_URL=redis://127.0.0.1:6379/1
|
REDIS_URL=redis://127.0.0.1:6379/1
|
||||||
PULL=1
|
PULL=1
|
||||||
FLUSH_TARGET=0
|
FLUSH_TARGET=0
|
||||||
|
KOSYNC_UID=${KOSYNC_UID:-10001}
|
||||||
|
KOSYNC_GID=${KOSYNC_GID:-10001}
|
||||||
|
|
||||||
usage() {
|
usage() {
|
||||||
echo "Usage: $0 [--old-container NAME] [--sqlite PATH] [--image IMAGE] [--redis-url URL] [--flush-target] [--no-pull]" >&2
|
echo "Usage: $0 [--old-container NAME] [--sqlite PATH] [--image IMAGE] [--redis-url URL] [--flush-target] [--no-pull]" >&2
|
||||||
@@ -65,6 +67,18 @@ SQLITE_DIR=$(dirname "$SQLITE_ABS")
|
|||||||
SQLITE_BASE=$(basename "$SQLITE_ABS")
|
SQLITE_BASE=$(basename "$SQLITE_ABS")
|
||||||
mkdir -p "$SQLITE_DIR"
|
mkdir -p "$SQLITE_DIR"
|
||||||
|
|
||||||
|
DOCKER_USER_ARGS=
|
||||||
|
if [ "$(id -u)" -eq 0 ]; then
|
||||||
|
chown "$KOSYNC_UID:$KOSYNC_GID" "$SQLITE_DIR"
|
||||||
|
for path in "$SQLITE_ABS" "$SQLITE_ABS-wal" "$SQLITE_ABS-shm" "$SQLITE_ABS-journal"; do
|
||||||
|
if [ -e "$path" ]; then
|
||||||
|
chown "$KOSYNC_UID:$KOSYNC_GID" "$path"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
DOCKER_USER_ARGS="--user $(id -u):$(id -g)"
|
||||||
|
fi
|
||||||
|
|
||||||
if [ "$PULL" -eq 1 ]; then
|
if [ "$PULL" -eq 1 ]; then
|
||||||
docker pull "$IMAGE"
|
docker pull "$IMAGE"
|
||||||
fi
|
fi
|
||||||
@@ -80,6 +94,7 @@ if [ "$FLUSH_TARGET" -eq 1 ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
docker run --rm \
|
docker run --rm \
|
||||||
|
$DOCKER_USER_ARGS \
|
||||||
--network "container:$OLD_CONTAINER" \
|
--network "container:$OLD_CONTAINER" \
|
||||||
-v "$SQLITE_DIR:/data" \
|
-v "$SQLITE_DIR:/data" \
|
||||||
"$IMAGE" \
|
"$IMAGE" \
|
||||||
|
|||||||
@@ -6,6 +6,8 @@ SQLITE=./data/kosync.sqlite3
|
|||||||
IMAGE=sodium/kosync-rs:v2.1.1
|
IMAGE=sodium/kosync-rs:v2.1.1
|
||||||
REDIS_URL=redis://127.0.0.1:6379/1
|
REDIS_URL=redis://127.0.0.1:6379/1
|
||||||
PULL=1
|
PULL=1
|
||||||
|
KOSYNC_UID=${KOSYNC_UID:-10001}
|
||||||
|
KOSYNC_GID=${KOSYNC_GID:-10001}
|
||||||
|
|
||||||
usage() {
|
usage() {
|
||||||
echo "Usage: $0 [--old-container NAME] [--sqlite PATH] [--image IMAGE] [--redis-url URL] [--no-pull]" >&2
|
echo "Usage: $0 [--old-container NAME] [--sqlite PATH] [--image IMAGE] [--redis-url URL] [--no-pull]" >&2
|
||||||
@@ -60,6 +62,18 @@ SQLITE_DIR=$(dirname "$SQLITE_ABS")
|
|||||||
SQLITE_BASE=$(basename "$SQLITE_ABS")
|
SQLITE_BASE=$(basename "$SQLITE_ABS")
|
||||||
mkdir -p "$SQLITE_DIR"
|
mkdir -p "$SQLITE_DIR"
|
||||||
|
|
||||||
|
DOCKER_USER_ARGS=
|
||||||
|
if [ "$(id -u)" -eq 0 ]; then
|
||||||
|
chown "$KOSYNC_UID:$KOSYNC_GID" "$SQLITE_DIR"
|
||||||
|
for path in "$SQLITE_ABS" "$SQLITE_ABS-wal" "$SQLITE_ABS-shm" "$SQLITE_ABS-journal"; do
|
||||||
|
if [ -e "$path" ]; then
|
||||||
|
chown "$KOSYNC_UID:$KOSYNC_GID" "$path"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
DOCKER_USER_ARGS="--user $(id -u):$(id -g)"
|
||||||
|
fi
|
||||||
|
|
||||||
if [ "$PULL" -eq 1 ]; then
|
if [ "$PULL" -eq 1 ]; then
|
||||||
docker pull "$IMAGE"
|
docker pull "$IMAGE"
|
||||||
fi
|
fi
|
||||||
@@ -70,6 +84,7 @@ echo "redis url: $REDIS_URL"
|
|||||||
echo "sqlite: $SQLITE_ABS"
|
echo "sqlite: $SQLITE_ABS"
|
||||||
|
|
||||||
docker run --rm \
|
docker run --rm \
|
||||||
|
$DOCKER_USER_ARGS \
|
||||||
--network "container:$OLD_CONTAINER" \
|
--network "container:$OLD_CONTAINER" \
|
||||||
-v "$SQLITE_DIR:/data" \
|
-v "$SQLITE_DIR:/data" \
|
||||||
"$IMAGE" \
|
"$IMAGE" \
|
||||||
|
|||||||
Reference in New Issue
Block a user