From 3b2e7cdd12d8cd1e19e82b8a8a871037c152e363 Mon Sep 17 00:00:00 2001 From: MiTHRAL Date: Wed, 13 May 2026 22:16:06 -0400 Subject: [PATCH] Run container as host deploy user --- .env.deploy.example | 2 ++ .env.example | 2 ++ README.md | 7 +++++++ compose.yaml | 1 + 4 files changed, 12 insertions(+) diff --git a/.env.deploy.example b/.env.deploy.example index 6d140a6..a0dc0d8 100644 --- a/.env.deploy.example +++ b/.env.deploy.example @@ -1,5 +1,7 @@ DISCORD_BOT_TOKEN=replace-with-your-discord-bot-token DISCORD_CHANNEL_ID=1504278732070981683 +PUID=1000 +PGID=1000 ARCHIVE_STATUS_CONFIG=services.json ARCHIVE_STATUS_STATE=state/status-message.json CHECK_INTERVAL_SECONDS=60 diff --git a/.env.example b/.env.example index c351831..e81cd8b 100644 --- a/.env.example +++ b/.env.example @@ -1,5 +1,7 @@ DISCORD_BOT_TOKEN=replace-with-your-discord-bot-token DISCORD_CHANNEL_ID=1504278732070981683 +PUID=1000 +PGID=1000 ARCHIVE_STATUS_CONFIG=services.json ARCHIVE_STATUS_STATE=state/status-message.json CHECK_INTERVAL_SECONDS=60 diff --git a/README.md b/README.md index 4891241..ba1a4a1 100644 --- a/README.md +++ b/README.md @@ -106,12 +106,19 @@ Paste the generated password hash into `.env` before starting the container. Make sure Docker can read the service config and write runtime state: ```sh +printf 'PUID=%s\nPGID=%s\n' "$(id -u)" "$(id -g)" >> .env chmod 600 .env chmod 644 services.json mkdir -p state chmod 755 state ``` +If `state/` or `services.json` were created by a previous container as another user, fix ownership once: + +```sh +sudo chown -R "$(id -u):$(id -g)" services.json state +``` + The bot stores the Discord message ID in `state/status-message.json`. Keep that file mounted so the bot edits the same message after restarts. The deploy compose joins your existing reverse-proxy network: diff --git a/compose.yaml b/compose.yaml index a87e171..6195f4d 100644 --- a/compose.yaml +++ b/compose.yaml @@ -3,6 +3,7 @@ services: build: . container_name: archive-status-bot restart: unless-stopped + user: "${PUID:-1000}:${PGID:-1000}" env_file: - .env expose: