[英]File permissions for mounted volumes in docker
Currently using WSL2 ubuntu with docker-desktop for windows with WSL integration.目前使用 WSL2 ubuntu 和 docker-desktop for windows with WSL integration。
docker-compose.yml file docker-compose.yml 文件
version: '3.9'
services:
wordpress:
# default port 9000 (FastCGI)
image: wordpress:6.1.1-fpm
container_name: wp-wordpress
env_file:
- .env
restart: unless-stopped
networks:
- wordpress
depends_on:
- database
volumes:
- ${WORDPRESS_LOCAL_HOME}:/var/www/html
- ${WORDPRESS_UPLOADS_CONFIG}:/usr/local/etc/php/conf.d/uploads.ini
# - /path/to/repo/myTheme/:/var/www/html/wp-content/themes/myTheme
environment:
- WORDPRESS_DB_HOST=${WORDPRESS_DB_HOST}
- WORDPRESS_DB_NAME=${WORDPRESS_DB_NAME}
- WORDPRESS_DB_USER=${WORDPRESS_DB_USER}
- WORDPRESS_DB_PASSWORD=${WORDPRESS_DB_PASSWORD}
database:
# default port 3306
image: mysql:latest
container_name: wp-database
env_file:
- .env
restart: unless-stopped
networks:
- wordpress
environment:
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
volumes:
- ${MYSQL_LOCAL_HOME}:/var/lib/mysql
command:
- '--default-authentication-plugin=mysql_native_password'
nginx:
# default ports 80, 443 - expose mapping as needed to host
image: nginx:latest
container_name: wp-nginx
env_file:
- .env
restart: unless-stopped
networks:
- wordpress
depends_on:
- wordpress
ports:
- 8080:80 # http
- 8443:443 # https
volumes:
- ${WORDPRESS_LOCAL_HOME}:/var/www/html
- ${NGINX_CONF}:/etc/nginx/conf.d/default.conf
- ${NGINX_SSL_CERTS}:/etc/nginx/certs
- ${NGINX_LOGS}:/var/log/nginx
adminer:
# default port 8080
image: adminer:latest
container_name: wp-adminer
restart: unless-stopped
networks:
- wordpress
depends_on:
- database
ports:
- "9000:8080"
networks:
wordpress:
name: wp-wordpress
driver: bridge
I'm just starting out with development using docker.我刚开始使用 docker 进行开发。 The file on the local storage(in the Linux file system) was initially owned by www-data so I changed it to my linux username using
sudo chown -R username:username wordpress/
because it wasn't writeable.本地存储(在 Linux 文件系统中)上的文件最初由 www-data 所有,所以我使用
sudo chown -R username:username wordpress/
将其更改为我的 linux 用户名,因为它不可写。 But doing this doesn't allow me to upload files(from wordpress interface) or write to files inside the nginx container unless the ownership is changed back to www-data:www-data.但是这样做不允许我上传文件(从 wordpress 界面)或写入 nginx 容器内的文件,除非所有权被改回 www-data:www-data。
Things I've tried:我尝试过的事情:
docker exec -it <cname> bash
and changing the ownership of the uploads directory and writing files to my username.(after adding user with adduser username
)docker exec -it <cname> bash
在 nginx 容器内启动 bash 会话并更改上传目录的所有权并将文件写入我的用户名。(在使用adduser username
添加用户之后)user username username
user username username
I don't know what else to try except sudo chmod -R a+rwx
in the main directory.除了主目录中的
sudo chmod -R a+rwx
之外,我不知道还能尝试什么。
default.conf:默认.conf:
# default.conf
# redirect to HTTPS
server {
listen 80;
listen [::]:80;
server_name wordpress-docker.test;
location / {
# update port as needed for host mapped https
rewrite ^ https://wordpress-docker.test:8443$request_uri? permanent;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name wordpress-docker.test;
index index.php index.html index.htm;
root /var/www/html;
server_tokens off;
client_max_body_size 75M;
# update ssl files as required by your deployment
ssl_certificate /etc/nginx/certs/localhost+2.pem;
ssl_certificate_key /etc/nginx/certs/localhost+2-key.pem;
# logging
access_log /var/log/nginx/wordpress.access.log;
error_log /var/log/nginx/wordpress.error.log;
# some security headers ( optional )
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri = 404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location ~ /\.ht {
deny all;
}
location = /favicon.ico {
log_not_found off; access_log off;
}
location = /favicon.svg {
log_not_found off; access_log off;
}
location = /robots.txt {
log_not_found off; access_log off; allow all;
}
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
expires max;
log_not_found off;
}
}
Folder struct:文件夹结构:
|-config
|--uploads.ini
|-dbdata
|-logs
|-nginx
|--certs
|--default.conf
|-wordpress
|-.env
|-docker-compose.yml
Refering to this answer, this is how I resolved my issue:参考这个答案,这就是我解决问题的方式:
Add your user to the www-data group将您的用户添加到 www-data 组
sudo usermod -a -G www-data username
Give rw permissions to the www-data group(f flag applies the permissions only to files and leaves the directories)授予 www-data 组 rw 权限(f 标志仅将权限应用于文件并保留目录)
sudo find wordpress -type f -exec chmod g+rw {} +
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.