From ce8c58e953d4b840e87e76c76d50562fa750e750 Mon Sep 17 00:00:00 2001 From: null Date: Fri, 22 May 2026 03:48:28 -0500 Subject: [PATCH] feat(docker): add DOCKER_UID and DOCKER_GID to .env and update compose.yml for user permissions --- .env.example | 6 ++++++ compose.yml | 4 ++++ 2 files changed, 10 insertions(+) diff --git a/.env.example b/.env.example index f44dbae..9889fc7 100644 --- a/.env.example +++ b/.env.example @@ -29,6 +29,12 @@ AUTH_MODE=local # REQUIRED when AUTH_MODE=local (must be non-placeholder and at least 50 chars). LOCAL_AUTH_TOKEN= +# --- Docker user (must match host uid:gid so containers can read host-owned files) --- +# Run `id -u` and `id -g` on your host to get the right values. +# Defaults to 1000:1000 which is correct for most single-user Linux installs. +DOCKER_UID=1000 +DOCKER_GID=1000 + # --- AI provider credentials (local mode only) --- # Pipeline reads local credential files on every boot and upserts provider rows # automatically — no manual configuration required if you have Claude Code or diff --git a/compose.yml b/compose.yml index f12f4e4..bd755d4 100644 --- a/compose.yml +++ b/compose.yml @@ -33,6 +33,10 @@ services: # like `backend/templates/`. context: . dockerfile: backend/Dockerfile + # Run as the host user so the container can read credential files mounted + # from the host (e.g. ~/.claude/.credentials.json which has mode 600). + # Set DOCKER_UID / DOCKER_GID in .env if your host uid:gid differs from 1000:1000. + user: "${DOCKER_UID:-1000}:${DOCKER_GID:-1000}" env_file: - ./backend/.env environment: