Urgent small fixes in the Dockerfile and Compose configs (#972)

* Freeze UID and GID for the `photoview` user inside the image; added alternative permission configs description to the Readme and Makefile (as a comment); switched the default tag in the compose from `2` to `master`, as this is the most common user misunderstanding according to the issues and Discord questions * Revert back to the tag `2` with the assumption of the release happening soon --------- Co-authored-by: Konstantin Koval
2024-06-23 15:28:02 +03:00 · 2024-06-23 15:28:02 +03:00 · f79d379e38
parent cd8d086429
commit f79d379e38
3 changed files with 9 additions and 1 deletions
--- a/3
+++ b/3
@ -62,7 +62,8 @@ ARG TARGETPLATFORM
 # See for details: https://github.com/hadolint/hadolint/wiki/DL4006
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 # Create a user to run Photoview server
-RUN useradd -r -U -m photoview \
+RUN groupadd -g 999 photoview \
+  && useradd -r -u 999 -g photoview -m photoview \
  # Required dependencies
  && apt-get update \
  && apt-get install -y curl gnupg gpg libdlib19.1 ffmpeg exiftool libheif1 sqlite3 \
--- a/README.md
+++ b/README.md
@ -105,6 +105,11 @@ All the photo galleries can do a lot of what I need, but no single one can do it

   If command(s) return `Permission denied` error, run them under the user, owning corresponding files and folders. Alternatively, run them adding `sudo ` before the command: this will switch the execution context to `root` user and ask for the root password. You have to have permission to run `sudo` in the system.

+   If you don't want to give required permissions to `others` group for your files, alternatively, you can:
+
+   - create a group on your host with GID=999 and make all the files and folders inside volumes of the `photoview` service being owned by this group; then set the appropriate permissions to the `group` section.
+   - create on your host a group with GID=999 and a user in this group with UID=999; then change the ownership of all the files and folders inside volumes of the `photoview` service to this user; then set the appropriate permissions to the `user` section.
+
   If you configured other mounts with media files from other locations on the host (like HOST_PHOTOVIEW_MEDIA_FAMILY or anything else), you need to run the same commands, as in the `Makefile` `readable` target, for each media root folder on your host manually: copy each command to your shell and replace the variable with the absolute path to an additional media root folder without the trailing `/`. Run both commands for each additional root folder.
 5. In case, you don't have `make` installed in your system or don't want to use it for the Photoview management activities, you could use the same commands from the `Makefile` and run them in your shell directly, or create your own scripts. Make sure to apply or replace the variables from your `.env` first in this case. `Makefile` is provided just for your convenience and simplicity, but is optional.
 6. Start the server by running the following command (or corresponding sequence of commands from the `Makefile`):
--- a/example/Makefile
+++ b/example/Makefile
@ -56,6 +56,8 @@ start:
 	@# mkdir -p ${HOST_PHOTOVIEW_LOCATION}/database
 	@## The next line is for PostgreSQL
 	@# mkdir -p ${HOST_PHOTOVIEW_LOCATION}/database/postgres
+	@# If you don't want to give 777 permissions to this folder, create a group with GID=999 (or user with UID=999 and group
+	@# with GID=999 and that user) and make the folder being owned by it, so you can give the 570 or 750 permissions correspondingly.
 	mkdir -p ${HOST_PHOTOVIEW_LOCATION}/storage
 	chmod 777 ${HOST_PHOTOVIEW_LOCATION}/storage
 	$(DOCKER_COMPOSE) up -d --remove-orphans