Add logs directory bind mount with entrypoint permission fix

- Add ./logs:/app/logs volume mount to docker-compose.yaml for log access - Create entrypoint.sh script that fixes directory ownership at startup - Install gosu in Dockerfile for secure privilege dropping - Use ENTRYPOINT to run permission fix as root, then drop to krawl user This ensures bind-mounted directories have correct permissions even when Docker creates them as root on the host.
2026-01-02 13:52:51 -06:00
parent d458eb471d
commit 349c149335
3 changed files with 18 additions and 3 deletions
--- a/12
+++ b/12
@@ -4,19 +4,25 @@ LABEL org.opencontainers.image.source=https://github.com/BlessedRebuS/Krawl

 WORKDIR /app

+# Install gosu for dropping privileges
+RUN apt-get update && apt-get install -y --no-install-recommends gosu && \
+    rm -rf /var/lib/apt/lists/*
+
 COPY requirements.txt /app/
 RUN pip install --no-cache-dir -r requirements.txt

 COPY src/ /app/src/
 COPY wordlists.json /app/
+COPY entrypoint.sh /app/

 RUN useradd -m -u 1000 krawl && \
-    chown -R krawl:krawl /app
-
-USER krawl
+    mkdir -p /app/logs /app/data && \
+    chown -R krawl:krawl /app && \
+    chmod +x /app/entrypoint.sh

 EXPOSE 5000

 ENV PYTHONUNBUFFERED=1

+ENTRYPOINT ["/app/entrypoint.sh"]
 CMD ["python3", "src/server.py"]