Kyle Isom
0722d60308
Run containers as user 0:0 (root inside container = kyle on host via rootless podman UID mapping). This allows the container process to read /srv/metacrypt/ files owned by kyle. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
36 lines
933 B
YAML
36 lines
933 B
YAML
services:
|
|
metacrypt:
|
|
build:
|
|
context: ../..
|
|
dockerfile: Dockerfile.api
|
|
container_name: metacrypt
|
|
restart: unless-stopped
|
|
# Run as root inside container — rootless podman maps this to the
|
|
# host user (kyle), so files in /srv/metacrypt/ are accessible.
|
|
user: "0:0"
|
|
ports:
|
|
- "127.0.0.1:18443:8443"
|
|
- "127.0.0.1:19443:9443"
|
|
volumes:
|
|
- /srv/metacrypt:/srv/metacrypt
|
|
healthcheck:
|
|
test: ["CMD", "metacrypt", "status", "--addr", "https://localhost:8443", "--ca-cert", "/srv/metacrypt/certs/ca.pem"]
|
|
interval: 30s
|
|
timeout: 5s
|
|
retries: 3
|
|
start_period: 10s
|
|
|
|
metacrypt-web:
|
|
build:
|
|
context: ../..
|
|
dockerfile: Dockerfile.web
|
|
container_name: metacrypt-web
|
|
restart: unless-stopped
|
|
user: "0:0"
|
|
ports:
|
|
- "127.0.0.1:18080:8080"
|
|
volumes:
|
|
- /srv/metacrypt:/srv/metacrypt
|
|
depends_on:
|
|
- metacrypt
|