From f3cb0790570aa9aae29cd5df56af129644f9477e Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Fri, 11 Jul 2025 16:09:11 -0400 Subject: [PATCH 1/4] fix: Update Dockerfile and init script to include su-exec for user permissions and install Composer dependencies as www-data user. --- docker/frankenphp/Dockerfile | 3 ++- docker/init.sh | 11 +++-------- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/docker/frankenphp/Dockerfile b/docker/frankenphp/Dockerfile index 80f0b97..86bf5ba 100644 --- a/docker/frankenphp/Dockerfile +++ b/docker/frankenphp/Dockerfile @@ -34,10 +34,11 @@ ENV COMPOSER_ALLOW_SUPERUSER=1 # Change PHP config COPY docker/php/php.ini /usr/local/etc/php/conf.d/base.ini -# Install supervisord and Node.js (includes npm) +# Install supervisord, Node.js, and su-exec RUN apt-get update && apt-get install -y \ supervisor \ curl \ + su-exec \ --no-install-recommends \ && curl -fsSL https://deb.nodesource.com/setup_lts.x | bash - \ && apt-get install -y nodejs \ diff --git a/docker/init.sh b/docker/init.sh index 6fd8671..a223dae 100644 --- a/docker/init.sh +++ b/docker/init.sh @@ -48,18 +48,13 @@ echo -e "${GREEN}Setup completed.${NC}" if [ -f "/app/composer.json" ] && [ ! -d "/app/vendor" ]; then echo -e "${YELLOW}Installing Composer dependencies...${NC}" - # Install dependencies based on environment + # Install dependencies based on environment AS www-data user if [ "$YII_ENV" = "prod" ]; then # Production: exclude dev dependencies and optimize autoloader - composer install --no-dev --optimize-autoloader --no-interaction + su-exec www-data composer install --no-dev --optimize-autoloader --no-interaction else # Development: include dev dependencies - composer install --optimize-autoloader --no-interaction - fi - - # Set proper ownership for vendor directory if possible - if chown -R www-data:www-data /app/vendor 2>/dev/null; then - echo -e "${GREEN}✓ Vendor directory ownership set${NC}" + su-exec www-data composer install --optimize-autoloader --no-interaction fi echo -e "${GREEN}✓ Composer dependencies installed successfully.${NC}" From 223cae0fd5d44b79dfc5cd0de3fc13cd56899721 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Fri, 11 Jul 2025 16:15:12 -0400 Subject: [PATCH 2/4] fix: Replace su-exec with gosu for user permissions in Dockerfile and init script. --- docker/frankenphp/Dockerfile | 5 ++--- docker/init.sh | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/docker/frankenphp/Dockerfile b/docker/frankenphp/Dockerfile index 86bf5ba..7b306b4 100644 --- a/docker/frankenphp/Dockerfile +++ b/docker/frankenphp/Dockerfile @@ -35,11 +35,10 @@ ENV COMPOSER_ALLOW_SUPERUSER=1 COPY docker/php/php.ini /usr/local/etc/php/conf.d/base.ini # Install supervisord, Node.js, and su-exec -RUN apt-get update && apt-get install -y \ +RUN apt-get update && apt-get install -y --no-install-recommends \ supervisor \ curl \ - su-exec \ - --no-install-recommends \ + gosu \ && curl -fsSL https://deb.nodesource.com/setup_lts.x | bash - \ && apt-get install -y nodejs \ && apt-get clean \ diff --git a/docker/init.sh b/docker/init.sh index a223dae..1879816 100644 --- a/docker/init.sh +++ b/docker/init.sh @@ -51,10 +51,10 @@ if [ -f "/app/composer.json" ] && [ ! -d "/app/vendor" ]; then # Install dependencies based on environment AS www-data user if [ "$YII_ENV" = "prod" ]; then # Production: exclude dev dependencies and optimize autoloader - su-exec www-data composer install --no-dev --optimize-autoloader --no-interaction + gosu www-data composer install --no-dev --optimize-autoloader --no-interaction else # Development: include dev dependencies - su-exec www-data composer install --optimize-autoloader --no-interaction + gosu www-data composer install --optimize-autoloader --no-interaction fi echo -e "${GREEN}✓ Composer dependencies installed successfully.${NC}" From 31b3789b9a177bf1384f53fd2961222978df3ae7 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Fri, 11 Jul 2025 16:34:14 -0400 Subject: [PATCH 3/4] fix: Ensure user/group IDs are applied to www-data in Dockerfile and streamline entrypoint script. --- docker/entrypoint.sh | 2 +- docker/frankenphp/Dockerfile | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index c22af76..7ce7385 100644 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -1,5 +1,5 @@ #!/bin/bash -+set -euo pipefail +set -euo pipefail echo "=== Container Starting ===" echo "Running initialization script..." diff --git a/docker/frankenphp/Dockerfile b/docker/frankenphp/Dockerfile index 7b306b4..3508fdc 100644 --- a/docker/frankenphp/Dockerfile +++ b/docker/frankenphp/Dockerfile @@ -44,6 +44,9 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* +# Apply the user/group IDs to www-data +RUN usermod -u ${USER_ID} www-data && groupmod -g ${GROUP_ID} www-data + # Copy supervisord config COPY docker/frankenphp/supervisord/supervisord.conf /etc/supervisor/supervisord.conf From 740885e799aa729499b977ff7d8874d2e8ee5182 Mon Sep 17 00:00:00 2001 From: Wilmer Arambula Date: Fri, 11 Jul 2025 17:00:23 -0400 Subject: [PATCH 4/4] fix: Enhance Composer installation process by setting environment variables and ensuring /app directory is writable for www-data user. --- docker/init.sh | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/docker/init.sh b/docker/init.sh index 1879816..c8e47e4 100644 --- a/docker/init.sh +++ b/docker/init.sh @@ -48,16 +48,33 @@ echo -e "${GREEN}Setup completed.${NC}" if [ -f "/app/composer.json" ] && [ ! -d "/app/vendor" ]; then echo -e "${YELLOW}Installing Composer dependencies...${NC}" + # Set up composer environment variables for www-data user + export HOME=/var/www + export COMPOSER_HOME=/var/www/.composer + export COMPOSER_CACHE_DIR=/var/www/.composer/cache + + # Create composer cache directory and set ownership + echo -e "${YELLOW}Setting up composer cache...${NC}" + mkdir -p /var/www/.composer/cache + chown -R www-data:www-data /var/www/.composer + + # Make /app writable by www-data (critical for mounted volumes) + echo -e "${YELLOW}Ensuring /app is writable...${NC}" + chmod 777 /app + # Install dependencies based on environment AS www-data user if [ "$YII_ENV" = "prod" ]; then # Production: exclude dev dependencies and optimize autoloader - gosu www-data composer install --no-dev --optimize-autoloader --no-interaction + gosu www-data env HOME=/var/www COMPOSER_HOME=/var/www/.composer COMPOSER_CACHE_DIR=/var/www/.composer/cache \ + composer install --no-dev --optimize-autoloader --no-interaction else # Development: include dev dependencies - gosu www-data composer install --optimize-autoloader --no-interaction + gosu www-data env HOME=/var/www COMPOSER_HOME=/var/www/.composer COMPOSER_CACHE_DIR=/var/www/.composer/cache \ + composer install --optimize-autoloader --no-interaction fi echo -e "${GREEN}✓ Composer dependencies installed successfully.${NC}" + echo -e "${GREEN}✓ Both vendor/ and node_modules/ should have correct permissions.${NC}" fi echo -e "${GREEN}Starting supervisord...${NC}"