surtur
ab67773917
this change solves the issue I recently had after setting SELinux to Enforcing mode and the containers suddenly could not access files from the bind mounts anymore. the solution is to mount volumes with either z (preferable here) or Z to have them automatically relabelled If you volume mount a image with -v /SOURCE:/DESTINATION:z docker will automatically relabel the content for you to s0. If you volume mount with a Z, then the label will be specific to the container, and not be able to be shared between containers. ref: https://www.projectatomic.io/blog/2015/06/using-volumes-with-docker-can-cause-problems-with-selinux/ pertains: * Makefile (volume args for kaniko) * docker-compose.yml ($PWD to /src mount and a db volume) [skip ci]
41 lines
1.0 KiB
YAML
41 lines
1.0 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
netcoreultimateapp-dev:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile.dev
|
|
ports:
|
|
- 127.0.0.1:8001:5000
|
|
volumes:
|
|
- $PWD:/src:z
|
|
environment:
|
|
ASPNETCORE_ENVIRONMENT: Development
|
|
DB_CONNECTION_STRING: "User ID=postgres;Password=679968312e029a806c1905c40ec331aa199a1eb86bd0b9eb04057933e449bdc9ef8ef292a39b68cafa5689c901a17266;Server=db;Port=5432;Database=pwt;Integrated Security=true;Pooling=true;"
|
|
DOTNET_CLI_TELEMETRY_OPTOUT: "true"
|
|
restart: always
|
|
cap_drop:
|
|
- NET_ADMIN
|
|
- SYS_ADMIN
|
|
depends_on:
|
|
- db
|
|
|
|
db:
|
|
container_name: 'db'
|
|
image: postgres:13.1-alpine
|
|
ports:
|
|
- 127.0.0.1:5432:5432
|
|
volumes:
|
|
- dbdata:/var/lib/postgresql/data:z
|
|
environment:
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: 679968312e029a806c1905c40ec331aa199a1eb86bd0b9eb04057933e449bdc9ef8ef292a39b68cafa5689c901a17266
|
|
POSTGRES_INITDB_ARGS: "--data-checksums"
|
|
restart: always
|
|
cap_drop:
|
|
- NET_ADMIN
|
|
- SYS_ADMIN
|
|
|
|
volumes:
|
|
dbdata:
|