fix : mount /var/www as /mnt/apps, fix docker socket GID for www-data

- Mount host /var/www into /mnt/apps to avoid conflict with container /var/www/html - Use GID 987 (host docker group) instead of 999 for socket access - Add group_add in docker-compose for container-level GID Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-06 17:42:39 +02:00
parent 8481fe8fef
commit 3fd745196f
2 changed files with 18 additions and 18 deletions
--- a/infra/prod/Dockerfile
+++ b/infra/prod/Dockerfile
@@ -75,10 +75,8 @@ RUN echo "APP_ENV=prod" > /var/www/html/.env
 RUN mkdir -p /var/www/html/var/log /var/www/html/var/uploads \
    && chown -R www-data:www-data /var/www/html/var
-# Allow www-data to use Docker socket
+# Allow www-data to use Docker socket (GID 987 matches host's docker group)
-# The socket GID varies per host; we set it at container startup via entrypoint
+RUN groupadd -g 987 dockerhost 2>/dev/null; usermod -aG dockerhost www-data
 # As fallback, install docker group with common GID
 RUN groupadd -g 999 docker 2>/dev/null; usermod -aG docker www-data
 WORKDIR /var/www/html
 EXPOSE 80
--- a/infra/prod/docker-compose.yml
+++ b/infra/prod/docker-compose.yml
@@ -5,6 +5,8 @@ services:
        env_file: .env
        ports:
            - "8084:80"
        group_add:
            - "987"
        volumes:
            - ./config/jwt:/var/www/html/config/jwt:ro
            - ./uploads:/var/www/html/var/uploads