diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile
index 5920c5b6..a07aa688 100644
--- a/Containers/mastercontainer/Dockerfile
+++ b/Containers/mastercontainer/Dockerfile
@@ -28,7 +28,8 @@ RUN curl "https://caddyserver.com/api/download?os=linux&arch=amd64" -o "/usr/bin
RUN cd /var/www/docker-aio; \
git clone https://github.com/nextcloud/all-in-one.git .; \
- chmod 770 -R ./
+ chmod 770 -R ./; \
+ chown www-data:www-data -R ./
RUN mkdir -p /etc/apache2/certs && \
cd /etc/apache2/certs && \
diff --git a/Containers/mastercontainer/cron.sh b/Containers/mastercontainer/cron.sh
index 4b2b0838..31e1d619 100644
--- a/Containers/mastercontainer/cron.sh
+++ b/Containers/mastercontainer/cron.sh
@@ -2,6 +2,6 @@
set -eu
while true; do
- php /var/www/docker-aio/php/src/Cron/cron.php
+ sudo -u www-data php /var/www/docker-aio/php/src/Cron/cron.php
sleep 1d
done
diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh
index 0d064693..64135ae8 100644
--- a/Containers/mastercontainer/start.sh
+++ b/Containers/mastercontainer/start.sh
@@ -10,27 +10,17 @@ print_green() {
if ! [ -a "/var/run/docker.sock" ]; then
echo "Docker socket is not available. Cannot continue."
exit 1
-elif ! test -r /var/run/docker.sock; then
+elif ! sudo -u www-data test -r /var/run/docker.sock; then
echo "Trying to fix docker.sock permissions internally..."
GROUP="$(stat -c '%g' /var/run/docker.sock)"
groupadd -g "$GROUP" docker && \
- usermod -aG docker root
- if ! test -r /var/run/docker.sock; then
- echo "Docker socket is not readable by the root user. Cannot continue."
+ usermod -aG docker www-data
+ if ! sudo -u www-data test -r /var/run/docker.sock; then
+ echo "Docker socket is not readable by the www-data user. Cannot continue."
exit 1
fi
fi
-# Adjust permissions for all instances
-chown root:root -R /mnt/docker-aio-config
-chmod 770 -R /mnt/docker-aio-config
-
-# Check if volume is writeable
-if ! [ -w /mnt/docker-aio-config ]; then
- echo "/mnt/docker-aio-config is not writeable."
- exit 1
-fi
-
# Check if api version is supported
API_VERSION_FILE="$(find ./ -name DockerActionManager.php | head -1)"
API_VERSION="$(grep -oP 'const API_VERSION.*\;' "$API_VERSION_FILE" | grep -oP [0-9]+.[0-9]+ | head -1)"
@@ -50,6 +40,14 @@ fi
mkdir -p /mnt/docker-aio-config/data/
mkdir -p /mnt/docker-aio-config/session/
mkdir -p /mnt/docker-aio-config/caddy/
+mkdir -p /mnt/docker-aio-config/certs/
+
+# Adjust permissions for all instances
+chmod 770 -R /mnt/docker-aio-config
+chown www-data:www-data -R /mnt/docker-aio-config/data/
+chown www-data:www-data -R /mnt/docker-aio-config/session/
+chown root:root -R /mnt/docker-aio-config/caddy/
+chown root:root -R /mnt/docker-aio-config/certs/
# Adjust certs
GENERATED_CERTS="/mnt/docker-aio-config/certs"
diff --git a/readme.md b/readme.md
index 17474e53..860f2cc7 100644
--- a/readme.md
+++ b/readme.md
@@ -20,17 +20,12 @@ Included are:
```
curl -fsSL get.docker.com | sudo sh
```
-2. Make sure that the docker group has the correct groupid:
-
-```
-sudo groupmod -g 998 docker
-```
-3. Make sure to pull the latest image:
+2. Make sure to pull the latest image:
```
sudo docker pull nextcloud/all-in-one:latest
```
-4. Run the following command in order to start the container:
+3. Run the following command in order to start the container:
```
sudo docker run -it \
@@ -43,7 +38,7 @@ sudo docker run -it \
--volume /var/run/docker.sock:/var/run/docker.sock:ro \
nextcloud/all-in-one:latest
```
-5. After the initial startup, you should be able to open the Nextcloud AIO Interface now on port 8080 of this server.
+4. After the initial startup, you should be able to open the Nextcloud AIO Interface now on port 8080 of this server.
E.g. https://internal.ip.of.this.server:8080
If your server has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatially by opening the Nextcloud AIO Interface via:
https://your-domain-that-points-to-this-server.tld:8443