From 732a7f86fe1d0db698bd6c9fb2d9835599b80158 Mon Sep 17 00:00:00 2001 From: yukaidi Date: Fri, 29 May 2026 09:32:39 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20Docker=20entrypoint=20=E4=BB=A5=20root?= =?UTF-8?q?=20=E8=BF=90=E8=A1=8C=E5=86=8D=E9=99=8D=E6=9D=83=EF=BC=8C?= =?UTF-8?q?=E5=BD=BB=E5=BA=95=E8=A7=A3=E5=86=B3=20volume=20=E6=9D=83?= =?UTF-8?q?=E9=99=90=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 去掉 USER appuser,entrypoint 以 root 身份运行,先 chown 修复 volume 挂载目录的权限,再通过 su 降权到 appuser 执行应用。 --- Dockerfile | 10 +++++----- docker-entrypoint.sh | 9 +++++++++ 2 files changed, 14 insertions(+), 5 deletions(-) create mode 100644 docker-entrypoint.sh diff --git a/Dockerfile b/Dockerfile index 1104a62..a4cf774 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,10 +13,10 @@ RUN unzip netdisk-fast-download-bin.zip && \ chmod +x run.sh && \ mkdir -p db logs +COPY ./docker-entrypoint.sh /docker-entrypoint.sh +RUN chmod +x /docker-entrypoint.sh + EXPOSE 6400 6401 -RUN addgroup --system appgroup && adduser --system --ingroup appgroup appuser && \ - chown -R appuser:appgroup /app -USER appuser - -ENTRYPOINT ["sh", "run.sh"] +RUN addgroup --system appgroup && adduser --system --ingroup appgroup appuser +ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh new file mode 100644 index 0000000..762ca39 --- /dev/null +++ b/docker-entrypoint.sh @@ -0,0 +1,9 @@ +#!/bin/sh +set -e + +# Fix permissions on volume-mounted directories (runs as root) +chown -R appuser:appgroup /app/db /app/logs /app/resources 2>/dev/null || true + +# Run Java directly - entrypoint is PID 1, exec makes Java PID 1 +# Docker SIGTERM goes directly to Java, triggering ShutdownHook +exec java -Xmx${JVM_XMX:-512M} ${JVM_OPTS} -jar /app/netdisk-fast-download.jar