search

AtomGraph / LinkedDataHub

The low-code Knowledge Graph application platform. Apache license.
https://atomgraph.github.io/LinkedDataHub/
Apache License 2.0
493 stars 124 forks source link

Permission problems on mounted folders on Linux #78

Closed namedgraph closed 3 years ago

namedgraph commented 3 years ago

After testing the setup instructions on WSL 2 (Ubuntu 18.04), we noticed that there are file permission problems due to stricter permissions on Linux. Mounted folders certs and data are being created by the root user of the containers. Subsequently, non-root user on the host machine does not have sufficient access to the files in those folders, e.g. when using the CLI to access the API openssl does not have permissions to read the PEM files.

The solution is to move out SSL certificate/key creation out of the LDH entrypoint and put them into a separate setup script, which would be executed by the (non-root) user on the host machine, giving the created files the right permissions. And again mounting those files into LDH.

namedgraph commented 3 years ago

WIP in the nginx-ssl-termination branch.