Docker: Improve config to fix permission problems with different users

[lastzero]

As a developer, I want the Docker (Compose) configuration to work with different users so that I don't run into permission problems.

One developer recently had issues running our example because storage/cache was not writable by the app, see community chat.

Running chmod -R 777 storage fixed the issue. Git doesn't allow to create files with 666 or 777, only 644 or 755 - and it's good like that. Instead we should find a way to run Docker with the same user that the files belong to so that the cache directory is writable without changing permissions to 777.

A pull request for our Docker config would be really amazing if some entrypoint magic can fix it.

[rafstercoder]

Permissions or existence of the cache folder are not being checked to improve performance.

Using umask seems to be a way to circumvent permissions on storage folder, something similar to what was done for Symfony 4.

It could be done when composer runs.

[andrei-dascalu]

If this hasn't been solved yet, I just wonder if it's not easier to simply have an internal volume for mounted in the place of the cache folder ?

[lastzero]

Guess there are many ways to solve this. Ideally, the container is running as www-run and not as root on production. You can specify a user and group id using Docker (Compose) for this. When building a production image, just make sure all application directories belong to www-run to avoid permission problems.

Development environments are special in that developers typically don't work as www-run, so there could be permission issues when mounting the project directory from the host and running the container as a different user.

The included Docker config is primarily for development. Providing a production environment that works for everyone is beyond the scope of this project.