1

I have a docker container managed by docker-compose that on startup will run a build script to add a bunch of files onto a volume mapped to a host folder, since the container is always running as root it keeps creating files which are root in the parent folder, how can I set docker-compose such that files created will be by the same user as the user who ran docker-compose up on the host file system?

docker-compose file

version: "2"
services:

  # Data API and authentication/authorization
  api:
    build:
      context: ../api/
      dockerfile: Dockerfile.dev
    hostname: api
    depends_on:
      - db
      - redis
    environment:
      - CORS_ORIGIN=http://localhost:3000,http://localhost:3001
      - DATABASE_URL=postgres://postgres@db:5432/dev
      - DATABASE_DEBUG=false
      - REDIS_URL=redis://redis:6379/0
      - SESSION_SECRET=wZjwhFtzQsd7r87W6AZw45Sm
      - FACEBOOK_ID=1821424564802638
      - FACEBOOK_SECRET=2339bdf25f236a42fc3a18280bf455e8
      - GOOGLE_ID=xxxxx.apps.googleusercontent.com
      - GOOGLE_SECRET=xxxxx
      - TWITTER_KEY=xxxxx
      - TWITTER_SECRET=xxxxx
    ports:
      - "8080:8080"
      - "127.0.0.1:9229:9229" # V8 inspector for tools/run.js
      - "127.0.0.1:9230:9230" # V8 inspector for src/server.js
    volumes:
      - yarn:/home/node/.cache/yarn
      - ../api/:/usr/src/app
    command: node tools/run.js # or, `node --inspect=0.0.0.0:9229 tools/run.js`

  # SQL and document data store
  db:
    image: postgres:9.6.5-alpine
    read_only: true
    tmpfs:
      - /tmp
      - /var/run/postgresql
    volumes:
      - db:/var/lib/postgresql/data
      - ./postgres-initdb.sh:/docker-entrypoint-initdb.d/initdb.sh
    # ports:
    #   - "127.0.0.1:5432:5432" # you can override it via docker-compose.override.yml

  # Distributed in-memory cache
  redis:
    image: redis:4.0.2-alpine
    read_only: true
    volumes:
      - redis:/data

volumes:
  db:
  redis:
  yarn:

dockerfile.dev on api directory

FROM node:8.6.0-alpine

# Set a working directory
WORKDIR /usr/src/app

# If you have native dependencies, you'll need extra tools
RUN apk add --no-cache make g++ python2 libsodium-dev && \
  npm install -g node-gyp && \
  mkdir -p /home/node/.cache/yarn && \
  chown -R node:node /home/node/.cache/yarn && \
  chmod 777 /home/node/.cache/yarn

VOLUME /home/node/.cache/yarn
Improve this question

1 Answer 1

Reset to default
3

There is no straightforward way to do this, but you can create a user inside a container with the same User and Group id as your host user has. You can do this during docker-compose build using build arguments.

in dockerfile

ARG UID
ARG GID

RUN groupadd -g $GID %group_name% && useradd -u $UID -g $GID --create-home -s /bin/bash %user_name%

USER %user_name%

in docker-compose.yml

version: "2"
services:

  api:
    build:
      context: ../api/
      dockerfile: Dockerfile.dev
      args:
        UID: %your uid%
        GID: %you gid%

Update 1 (Automation)

In order to make this process easier for mulitple users you can automate it a bit.

in docker-compose.yml you can use variable substitution like this:

version: "2"
services:

  api:
    build:
      context: ../api/
      dockerfile: Dockerfile.dev
        args:
          UID: ${UID_VAR}
          GID: ${GID_VAR}

than you can write script, which generates .env file in repo for a particular user (suppose it's name is init.sh):

echo "UID_VAR=`id -u $USER`" > .env && echo "GID_VAR=`id -g $USER`" >> .env

So each your users will do something like this:

git clone repo
cd repo
./init.sh # generates .env
docker-compose build # earch user is have to build container because of GID and UID
docker-compose up
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I will have many users share this repository, does this mean they will each have to do this?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.