refactor: Update environment configuration and initialization script for improved user/group handling and permissions setup. (#113)

Author: terabytesoftw

.env

@@ -1,8 +1,11 @@
 # User and Group settings
-GROUP_ID=1000
-GROUP_NAME=www-data
+# For automatic host user detection, run before docker-compose:
+# export USER_ID=$(id -u) && export GROUP_ID=$(id -g)
+# Otherwise, these defaults will be used:
 USER_ID=1000
+GROUP_ID=1000
 USER_NAME=www-data
+GROUP_NAME=www-data
 
 # Yii2 environment settings
 YII_DEBUG=true

docker-compose.frankenphp.yml

@@ -12,24 +12,23 @@ services:
     entrypoint: ["/usr/local/bin/entrypoint.sh"]
     env_file:
       - .env
+    environment:
+      TZ: "UTC"
+      YII_DEBUG: "${YII_DEBUG:-false}"
+      YII_ENV: "${YII_ENV:-prod}"
+    ports:
+      - '8081:80'
+      - '8444:443'
+      - '8444:443/udp'
     restart: always
-    working_dir: /app
     volumes:
       - ./:/app
-      - ~/.composer-docker/cache:/root/.composer/cache:delegated
+      - ${HOME}/.composer-docker/cache:/var/www/.composer/cache:delegated
       - caddy_data:/data
       - caddy_config:/config
-    ports:
-      - '8081:80'
-      - '8444:443'
-      - '8444:443/udp'
-    environment:
-      TZ: "UTC"
-      YII_DEBUG: "${YII_DEBUG:-false}"
-      YII_ENV: "${YII_ENV:-prod}"
+    working_dir: /app
     tty: true
 
-# Volumes needed for Caddy certificates and configuration
 volumes:
   caddy_data:
   caddy_config:

docker/frankenphp/Dockerfile

@@ -34,16 +34,23 @@ ENV COMPOSER_ALLOW_SUPERUSER=1
 # Change PHP config
 COPY docker/php/php.ini /usr/local/etc/php/conf.d/base.ini
 
-# Install supervisord and Node.js (includes npm)
-RUN apt-get update && apt-get install -y \
+# Install supervisord, gosu, and Node.js (version simple)
+RUN apt-get update && apt-get install -y --no-install-recommends \
     supervisor \
     curl \
-    --no-install-recommends \
+    gosu \
     && curl -fsSL https://deb.nodesource.com/setup_lts.x | bash - \
     && apt-get install -y nodejs \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
+# Apply the user/group IDs to www-data
+RUN usermod -u ${USER_ID} www-data && groupmod -g ${GROUP_ID} www-data
+
+# Create composer and npm cache directories with proper ownership
+RUN mkdir -p /var/www/.composer/cache /var/www/.npm && \
+    chown -R www-data:www-data /var/www/.composer /var/www/.npm
+
 # Copy supervisord config
 COPY docker/frankenphp/supervisord/supervisord.conf /etc/supervisor/supervisord.conf
 
@@ -64,7 +71,7 @@ RUN chmod +x /usr/local/bin/init.sh /usr/local/bin/entrypoint.sh && \
     # Test that scripts have valid syntax
     bash -n /usr/local/bin/init.sh && \
     bash -n /usr/local/bin/entrypoint.sh && \
-    echo "Scripts validated successfully"
+    echo "✓ Scripts validated successfully..."
 
 # Use ENTRYPOINT to guarantee execution
 ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]

docker/frankenphp/supervisord/conf.d/frankenphp.conf

@@ -1,13 +1,13 @@
 [program:frankenphp]
 command=/usr/local/bin/frankenphp run --config /etc/caddy/Caddyfile
-autostart=true
 autorestart=true
-priority=10
+autostart=true
 killasgroup=true
-stopasgroup=true
-stopsignal=QUIT
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
+priority=10
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stopasgroup=true
+stopsignal=QUIT
 user=www-data

docker/init.sh

@@ -8,6 +8,12 @@ NC='\033[0m'
 
 echo -e "${GREEN}Starting container setup...${NC}"
 
+# Create necessary Caddy directories with proper permissions
+echo -e "${YELLOW}Creating Caddy directories...${NC}"
+mkdir -p /data/caddy/locks /config/caddy
+chown -R www-data:www-data /data /config
+chmod -R 755 /data /config
+
 # Create necessary Yii2 directories if they don't exist
 echo -e "${YELLOW}Creating Yii2 directories...${NC}"
 mkdir -p /app/runtime/cache
@@ -48,29 +54,34 @@ echo -e "${GREEN}Setup completed.${NC}"
 if [ -f "/app/composer.json" ] && [ ! -d "/app/vendor" ]; then
     echo -e "${YELLOW}Installing Composer dependencies...${NC}"
 
-    # Install dependencies based on environment
+    # Give www-data write access without exposing the tree to everyone
+    chown -R www-data:www-data /app && \
+    chmod -R u+rwX,g+rwX /app
+
+    # Create and configure npm cache directory for www-data
+    mkdir -p /var/www/.npm
+    chown -R www-data:www-data /var/www/.npm
+
+    # Install dependencies with proper environment variables
     if [ "$YII_ENV" = "prod" ]; then
         # Production: exclude dev dependencies and optimize autoloader
-        composer install --no-dev --optimize-autoloader --no-interaction
+        gosu www-data env \
+            HOME=/var/www \
+            COMPOSER_HOME=/var/www/.composer \
+            COMPOSER_CACHE_DIR=/var/www/.composer/cache \
+            npm_config_cache=/var/www/.npm \
+            composer install --no-dev --optimize-autoloader --no-interaction
     else
         # Development: include dev dependencies
-        composer install --optimize-autoloader --no-interaction
-    fi
-
-    # Set proper ownership for vendor directory if possible
-    if chown -R www-data:www-data /app/vendor 2>/dev/null; then
-        echo -e "${GREEN}✓ Vendor directory ownership set${NC}"
+        gosu www-data env \
+            HOME=/var/www \
+            COMPOSER_HOME=/var/www/.composer \
+            COMPOSER_CACHE_DIR=/var/www/.composer/cache \
+            npm_config_cache=/var/www/.npm \
+            composer install --optimize-autoloader --no-interaction
     fi
 
-    echo -e "${GREEN}✓ Composer dependencies installed successfully.${NC}"
-fi
-
-# Set permissions for node_modules directory if it exists
-if chown -R www-data:www-data /app/node_modules 2>/dev/null; then
-    chmod -R 775 /app/node_modules
-    echo -e "${GREEN}✓ Node modules directory ownership set${NC}"
-else
-    echo -e "${YELLOW}⚠ Node modules directory ownership could not be set (mounted volume?)${NC}"
+    echo -e "${GREEN}✓ Composer dependencies installed successfully${NC}"
 fi
 
 echo -e "${GREEN}Starting supervisord...${NC}"