[英]How to deal with permissions using docker - nginx / php-fpm
I'm trying to deploy a very simple Symfony application using nginx & php-fpm via Docker.我正在尝试通过 Docker 使用 nginx 和 php-fpm 部署一个非常简单的 Symfony 应用程序。
Two docker services :两个码头服务:
1. web : running nginx 1. web : 运行 nginx
2. php : running php-fpm; 2. php : 运行 php-fpm; containing application source.
包含应用程序源。
I want to build images that can be deployed without any external dependency.我想构建可以在没有任何外部依赖的情况下部署的图像。 That's why I'm copying source code within the php container .
这就是我在php 容器中复制源代码的原因。
On development process;关于开发过程; i'm overriding /var/www/html volume with local path.
我正在用本地路径覆盖/var/www/html卷。
# file: php-fpm/Dockerfile
FROM php:7.1-fpm-alpine
COPY ./vendor /var/www/html
COPY . /var/www/html
VOLUME /var/www/html
Now the docker-compose configuration file.现在是 docker-compose 配置文件。
# file : docker-compose-prod.yml
version: '2'
services:
web:
image: "private/web"
ports:
- 80:80
volumes_from:
- php
php:
image: "private/php"
ports:
- 9000:9000
The problem is about permissions.问题在于权限。
When accessing localhost, Symfony is botting up, but cache / logs / sessions folders are not writable.访问本地主机时,Symfony 正在运行,但缓存/日志/会话文件夹不可写。
I'm not sure about the problem.我不确定这个问题。 But how can I be sure about the following:
但是我怎么能确定以下几点:
Note: I'm building images from MacbookPro;注意:我正在从 MacbookPro 构建图像; cache / logs / sessions are 777.
缓存/日志/会话是 777。
docker-compose.yml supports a user
directive under services. docker-compose.yml 支持服务下的
user
指令。 The docs only mention it in the run
command, but it works the same.文档只在
run
命令中提到它,但它的工作原理是一样的。
I have a similar setup and this is how I do it:我有一个类似的设置,这就是我的做法:
# file : docker-compose-prod.yml
version: '2'
services:
web:
image: "private/web"
ports:
- 80:80
volumes_from:
- php
php:
image: "private/php"
ports:
- 9000:9000
user: "$UID"
I have to run export UID
before running docker-compose
and then that sets the default user to my current user.我必须在运行
docker-compose
之前运行export UID
,然后将默认用户设置为我的当前用户。 This allows logging / caching etc. to work as expected.这允许日志记录/缓存等按预期工作。
I am using this solution "Docker for Symfony" https://github.com/StaffNowa/docker-symfony我正在使用这个解决方案“Docker for Symfony” https://github.com/StaffNowa/docker-symfony
New features on新功能
./d4d start
./d4s stop
./d4d help
I've found a solution;我找到了解决办法; But if someone can explain best practices, it will be appreciate !
但是,如果有人可以解释最佳实践,将不胜感激!
Folders cache / logs / sessions from docker context where not empty (on host).来自 docker 上下文的文件夹缓存/日志/会话,其中不为空(在主机上)。
Now that folders have been flushed, Symfony creates them with good permissions.现在文件夹已被刷新,Symfony 以良好的权限创建它们。
I've found people using usermod to change UID, ie: 1000 for www-data / nginx ... But it seems to be an ugly hack.我发现有人使用usermod来更改 UID,即:1000 用于 www-data / nginx ......但这似乎是一个丑陋的黑客。 What do you think about ?
你怎么看?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.