From bb659ee27ab2fd4c90c801151603defc4da7211a Mon Sep 17 00:00:00 2001 From: Carey Metcalfe Date: Fri, 8 Aug 2025 07:36:57 -0400 Subject: Optimize how much data needs to be `chown`/`chmod`ed on container startup (#7793) * Optimize how much data needs to be `chown`/`chmod`ed on container startup This works around an issue where `chmod`/`chown` operations inside a container can be extremely slow when using the `overlay2` storage driver, resulting in 10min+ container startup times. It modifies the owner of the webapp when building the container so that only the `data` and `extensions` directories (which are commonly mapped as volumes into the container) have to be modified by the `access-permissions.sh` script at container startup. When not running via docker the behaviour of the `access-permissions.sh` script is unchanged. * Take DATA_PATH environment variable into account when fixing permissions * Revert change to using bash for arrays (the alpine image doesn't include `bash`) * A few more improvements * Slightly tweak reapply permissions variable - lowercase to indicate it's not an env variable - use 0/1 to address potentially-irrational paranoia about unset variables * Remove conditional logic to skip reapplying permissions Also documents why in a comment so it's not missed in the future. --------- Co-authored-by: Alexandre Alapetite --- Docker/Dockerfile | 2 +- Docker/Dockerfile-Alpine | 2 +- Docker/Dockerfile-Newest | 2 +- Docker/Dockerfile-Oldest | 2 +- Docker/entrypoint.sh | 6 ++++-- 5 files changed, 8 insertions(+), 6 deletions(-) (limited to 'Docker') diff --git a/Docker/Dockerfile b/Docker/Dockerfile index ab7bcacb9..9dc24fe60 100644 --- a/Docker/Dockerfile +++ b/Docker/Dockerfile @@ -16,7 +16,7 @@ RUN apt-get update && \ RUN mkdir -p /var/www/FreshRSS/ /run/apache2/ WORKDIR /var/www/FreshRSS -COPY . /var/www/FreshRSS +COPY --chown=root:www-data . /var/www/FreshRSS COPY ./Docker/*.Apache.conf /etc/apache2/sites-available/ ARG FRESHRSS_VERSION diff --git a/Docker/Dockerfile-Alpine b/Docker/Dockerfile-Alpine index 74729f53a..26cccd6c9 100644 --- a/Docker/Dockerfile-Alpine +++ b/Docker/Dockerfile-Alpine @@ -13,7 +13,7 @@ RUN apk add --no-cache \ RUN mkdir -p /var/www/FreshRSS /run/apache2/ WORKDIR /var/www/FreshRSS -COPY . /var/www/FreshRSS +COPY --chown=root:www-data . /var/www/FreshRSS COPY ./Docker/*.Apache.conf /etc/apache2/conf.d/ ARG FRESHRSS_VERSION diff --git a/Docker/Dockerfile-Newest b/Docker/Dockerfile-Newest index 96b9660db..470e66733 100644 --- a/Docker/Dockerfile-Newest +++ b/Docker/Dockerfile-Newest @@ -14,7 +14,7 @@ RUN echo 'http://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/reposit RUN mkdir -p /var/www/FreshRSS /run/apache2/ WORKDIR /var/www/FreshRSS -COPY . /var/www/FreshRSS +COPY --chown=root:www-data . /var/www/FreshRSS COPY ./Docker/*.Apache.conf /etc/apache2/conf.d/ ARG FRESHRSS_VERSION diff --git a/Docker/Dockerfile-Oldest b/Docker/Dockerfile-Oldest index 38fbadede..e31c75f20 100644 --- a/Docker/Dockerfile-Oldest +++ b/Docker/Dockerfile-Oldest @@ -13,7 +13,7 @@ RUN apk add --no-cache \ RUN mkdir -p /var/www/FreshRSS /run/apache2/ WORKDIR /var/www/FreshRSS -COPY . /var/www/FreshRSS +COPY --chown=root:www-data . /var/www/FreshRSS COPY ./Docker/*.Apache.conf /etc/apache2/conf.d/ ARG FRESHRSS_VERSION diff --git a/Docker/entrypoint.sh b/Docker/entrypoint.sh index 47a132d53..88e00bbce 100755 --- a/Docker/entrypoint.sh +++ b/Docker/entrypoint.sh @@ -45,7 +45,7 @@ if [ -n "$CRON_MIN" ]; then -r "s#^[^ ]+ #$CRON_MIN #" | crontab - fi -./cli/access-permissions.sh +./cli/access-permissions.sh --only-userdirs php -f ./cli/prepare.php >/dev/null @@ -82,6 +82,8 @@ if [ -n "$FRESHRSS_USER" ]; then fi fi -./cli/access-permissions.sh +# Fix permissions of data added by prepare.php as well as a potential +# installation/user setup +./cli/access-permissions.sh --only-userdirs exec "$@" -- cgit v1.2.3