GitHub/Anki - OBJNULLs Forgejo: Beyond coding. We Forge.

GitHub/Anki

Fork 0

mirror of https://github.com/ankitects/anki.git synced 2025-09-19 14:32:22 -04:00

Commit graph

Author	SHA1	Message	Date
Omar Kohl	eaec53bfc4	Ignore SYNC_PORT and SYNC_BASE in syncserver Dockerfile (#3716 ) Hardcode them to: SYNC_PORT=8080 SYNC_BASE=/anki_data If these env variables are passed into the container with different values, they are ignored. The reasons is if the user modifies SYNC_BASE they risk data loss since anki-sync-server will no longer write data into the volume. If they change SYNC_PORT they need to also change it when mapping this internal port to the external port of the container, which could be confusing plus it has no benefit to allow this since it's always possible to change the external port even if the internal port is fixed to 8080 (e.g. `-p 1234:8080`). In both cases there is no benefit to making these values configurable and there are risks associated. Unfortunately there is no easy way of implementing this for the Dockerfile.distroless so it's up to the user not to modify these values.	2025-01-25 19:28:55 +11:00
Omar Kohl	71e2a6f782	Introduce PUID and PGID env variables to syncserver Dockerfile (#3714 ) PUID and PGID are optional env variables to specify the user and group id of the user that the anki-sync-server process should run with. This gives more flexibility for solving permission problems with volumes and is a common pattern for Docker images (e.g. see here: https://docs.linuxserver.io/general/understanding-puid-and-pgid/) The anki-sync-server process will write any files with the permissions of the user it's running with, which can be a problem when you need to access those files from outside the container or when they are being written into a bind mount that is owned by a particular user on the host system. To be able to implement this the entrypoint.sh needs to run as root (since it needs to create a user and change file permissions). anki-sync-server then needs to be started with the user 'anki', which is why the new dependency 'su-exec' is required. The user 'anki' and group 'anki-group' can no longer be created at image build time because then their ids would be fixed. Also update the build instructions to require building the Docker image inside the directory where the Dockerfile resides since the build now needs to copy the entrypoint.sh and it seems wrong the specify the path docs/syncserver/entrypoint.sh inside the Dockerfile.	2025-01-25 18:19:38 +11:00

Author

SHA1

Message

Date

Omar Kohl

eaec53bfc4

Ignore SYNC_PORT and SYNC_BASE in syncserver Dockerfile (#3716 )

Hardcode them to:

    SYNC_PORT=8080
    SYNC_BASE=/anki_data

If these env variables are passed into the container with different values,
they are ignored.

The reasons is if the user modifies SYNC_BASE they risk data loss since
anki-sync-server will no longer write data into the volume. If they change
SYNC_PORT they need to also change it when mapping this internal port to the
external port of the container, which could be confusing plus it has no benefit
to allow this since it's always possible to change the external port even if
the internal port is fixed to 8080 (e.g. `-p 1234:8080`).

In both cases there is no benefit to making these values configurable and there
are risks associated.

Unfortunately there is no easy way of implementing this for the
Dockerfile.distroless so it's up to the user not to modify these values.

2025-01-25 19:28:55 +11:00

Omar Kohl

71e2a6f782

Introduce PUID and PGID env variables to syncserver Dockerfile (#3714 )

PUID and PGID are optional env variables to specify the user and group id of
the user that the anki-sync-server process should run with.

This gives more flexibility for solving permission problems with volumes and is
a common pattern for Docker images (e.g. see here:
https://docs.linuxserver.io/general/understanding-puid-and-pgid/)

The anki-sync-server process will write any files with the permissions of the
user it's running with, which can be a problem when you need to access those
files from outside the container or when they are being written into a bind
mount that is owned by a particular user on the host system.

To be able to implement this the entrypoint.sh needs to run as root (since it
needs to create a user and change file permissions). anki-sync-server then
needs to be started with the user 'anki', which is why the new dependency
'su-exec' is required. The user 'anki' and group 'anki-group' can no longer be
created at image build time because then their ids would be fixed.

Also update the build instructions to require building the Docker image inside
the directory where the Dockerfile resides since the build now needs to copy
the entrypoint.sh and it seems wrong the specify the path
docs/syncserver/entrypoint.sh inside the Dockerfile.

2025-01-25 18:19:38 +11:00

2 commits