Bind mounts override the image's chown, so the container's nextjs user (uid 1001) couldn't write to /app/data when it was mounted from a host dir owned by someone else. Start as root, fix ownership in an entrypoint, then drop to nextjs via su-exec. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Executable
+10
@@ -0,0 +1,10 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
# /app/data is usually a bind mount from the host, so whatever permissions the
|
||||
# image set during build don't survive. Fix ownership on boot, then drop root.
|
||||
if [ -d /app/data ]; then
|
||||
chown -R nextjs:nodejs /app/data 2>/dev/null || true
|
||||
fi
|
||||
|
||||
exec su-exec nextjs:nodejs "$@"
|
||||
Reference in New Issue
Block a user