shaw/SillyTavern
1
0
Fork 0
Code Issues Pull Requests Actions 7 Packages Projects Releases Wiki Activity
Files
645b8063e1e2c623852f8bda4c05cb546e9a870d
SillyTavern/docker/docker-entrypoint.sh
T
Pavdig 78651bdf56 Docker: Build Optimization and Enhanced Non-Root/Volumeless Support (#5024) 
* docker: optimize build layers and enhance permission handling

- Pre-created hardcoded dirs in Dockerfile to support volumeless non-root runs.
- Enhanced slightly docker-entrypoint.sh with robust volume detection and safer chown logic.
- Included legacy 'backups' directory... again.
- Added dos2unix to install list.
- Updated .dockerignore
- Updated comments
- Smaller fixes

* fix(docker): removed unnecessary comment, and the... *sighs* backups dir, again

* Exclude DS_Store everywhere

* Exclude tests and all jsconfigs from docker images

* Exclude local plugins from docker builds

* fix(docker): backups are back... yay xD

* feat(docker): add robust healthcheck script

- Added `docker/healthcheck.cjs`: A standalone, dependency-free Node.js script for verifying server status.
- Updated `Dockerfile`: Added HEALTHCHECK instruction and script copy step.
- Features: Auto-detects port from env/config, handles IPv4/IPv6 fallback, auto-retries HTTPS on socket hangup, and sets custom User-Agent.

* Fix .dockerignore permission

* Revert "feat(docker): add robust healthcheck script"

This reverts commit fa634fb08884cdef9245a12271cb9a13b487365f.

---------

Co-authored-by: Cohee <18619528+Cohee1207@users.noreply.github.com>
2026-01-17 22:51:50 +02:00

100 lines
3.5 KiB
Bash
Raw Blame History

#!/bin/sh
# Function to handle startup logic (Config check + Postinstall + Start)
start_sillytavern() {
local PREFIX="$1"
shift # Remove the first argument (PREFIX) so $@ contains the rest
# Config Check
if [ ! -e "config/config.yaml" ]; then
echo "Resource not found, copying from defaults: config.yaml"
$PREFIX cp "default/config.yaml" "config/config.yaml"
fi
# Execute postinstall to auto-populate config.yaml with missing values
$PREFIX npm run postinstall
# Start the server
exec $PREFIX node server.js --listen "$@"
}
# Dirs that MUST be present at this point (e.g for volumeless docker runs).
# Please update list, if in the future a related perm issue appear.
CORE_DIRS="config data plugins public/scripts/extensions/third-party backups"
# Mounted Volumes (External)
# Parse mounts, handling files vs directories
RAW_MOUNTS=$(awk -v app_path="/home/node/app" '$2 ~ "^" app_path {print $2}' /proc/mounts)
MOUNTED_DIRS=""
for mount in $RAW_MOUNTS; do
if [ -f "$mount" ]; then
# If it is a mounted file (e.g. cert.pem), we want to check its PARENT directory
# so that the app can write adjacent files (e.g. key.pem).
PARENT_DIR=$(dirname "$mount")
# Performance Safety: If the file is in the root of the app,
# we do NOT add the parent (App Root), or we will recursively scan the whole app.
[ "$PARENT_DIR" != "/home/node/app" ] && MOUNTED_DIRS="$MOUNTED_DIRS $PARENT_DIR" || MOUNTED_DIRS="$MOUNTED_DIRS $mount"
else
# It is a directory, add it directly
MOUNTED_DIRS="$MOUNTED_DIRS $mount"
fi
done
# Combine dirs for checks
CHECK_DIRS=$(echo "$CORE_DIRS $MOUNTED_DIRS" | tr ' ' '\n' | sort -u)
# Ensure the needed directories exist
for dir in $CHECK_DIRS; do
if [ ! -e "$dir" ]; then
echo "Creating missing directory: $dir"
mkdir -p "$dir" 2>/dev/null || echo "Warning: Could not create $dir" >&2
fi
done
# Mode Selection
if [ "$(id -u)" = "0" ]; then
# Check if PUID/PGID variables are provided
if [ -n "$PUID" ] && [ -n "$PGID" ]; then
echo "Mode: PUID/PGID (UID:$PUID GID:$PGID)"
# Update the internal 'node' user to match requested IDs
groupmod -o -g "$PGID" node
usermod -o -u "$PUID" -g "$PGID" node
for dir in $CHECK_DIRS; do
if [ -d "$dir" ]; then
# Runs chown only if there is an mismatch
DIR_UID=$(stat -c '%u' "$dir")
DIR_GID=$(stat -c '%g' "$dir")
if [ "$DIR_UID" != "$PUID" ] || [ "$DIR_GID" != "$PGID" ]; then
echo "(Detected mismatch) Adjusting permissions for: $dir."
chown -R node:node "$dir" || echo "Warning: Failed to update permissions for '$dir'." >&2
fi
fi
done
# Fix config file specifically
chown node:node "config/config.yaml" 2>/dev/null
# Set execution prefix to run as 'node' user
EXEC_PREFIX="su-exec node:node"
else
# Default: Run as Root (original behavior)
echo "Mode: Default (Root)"
EXEC_PREFIX=""
fi
else
# Non-Root Mode (Docker CLI --user flag)
echo "Mode: Strict Non-Root (UID: $(id -u))"
# We CANNOT auto-fix permissions in this mode because we lack privileges.
# Relying solely on the user configuring their host permissions correctly.
EXEC_PREFIX=""
fi
# Calling function with the determined prefix
start_sillytavern "$EXEC_PREFIX" "$@"
Reference in New Issue View Git Blame Copy Permalink