From ba9c80b9b4a7e479ca7d7c1474861b638e951d0c Mon Sep 17 00:00:00 2001 From: Jp Date: Thu, 26 Feb 2026 11:08:20 +0800 Subject: [PATCH] fix(Dockerfile): set proper permissions and remove CI directories The previous COPY instruction with --chown flag was not recursively setting permissions. Explicitly set directory and file permissions for the www-data user and remove unnecessary CI directories to reduce image size and potential security exposure. --- Dockerfile | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index e761cb2..c06a2fa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,8 +27,12 @@ RUN apt-get clean && rm -rf /var/lib/apt/lists/* # Get latest Composer COPY --from=docker.io/library/composer:latest /usr/bin/composer /usr/bin/composer -# Copy application files -COPY --chown=www-data:www-data . /var/www +# Copy application files and fix permissions +COPY . /var/www +RUN chown -R www-data:www-data /var/www && \ + find /var/www -type d -exec chmod 755 {} + && \ + find /var/www -type f -exec chmod 644 {} + && \ + rm -rf /var/www/.circleci /var/www/.github # Change current user to www USER www-data @@ -36,4 +40,4 @@ USER www-data # Expose port 8000 EXPOSE 8000 -CMD ["php", "artisan", "serve", "--host=0.0.0.0", "--port=8000"] +CMD ["php", "artisan", "serve", "--host=0.0.0.0", "--port=8000"] \ No newline at end of file