barbercollie/ReadMeABook
1
0
Fork 1
mirror of https://github.com/kikootwo/ReadMeABook.git synced 2026-06-02 20:30:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
4ded2cf219ffb03ed41e27d9e06cb79f9e28d078
ReadMeABook/docker-compose.yml
T
kikootwo dfc34df3d1 Add configurable file/dir perms and UMASK support 
Introduce file and directory permission settings (fileChmod, dirChmod) end-to-end. UI: new controls in Paths settings with octal validation and defaults (664/775). API: GET exposes defaults; PUT validates octal strings and upserts configuration keys (file_chmod, dir_chmod) and clears related cache keys. Runtime: read config values in file utilities and services (FileOrganizer, direct-download, chapter-merger, epub-fixer) to apply mkdir modes and chmod files/dirs; FileOrganizer now accepts fileMode/dirMode and getFileOrganizer reads/parses DB settings. Docker: add UMASK option to docker-compose and propagate/apply UMASK in entrypoint/app-start scripts. Tests: update mocks to account for config service usage.
2026-03-09 16:37:30 -04:00

125 lines
5.5 KiB
YAML
Raw Blame History

services:
readmeabook:
image: ghcr.io/kikootwo/readmeabook:latest
# build:
# context: .
# dockerfile: dockerfile.unified
container_name: readmeabook
restart: unless-stopped
ports:
- "3030:3030"
volumes:
# Application config and cache
- ./config:/app/config
- ./cache:/app/cache
# Downloads and media directories
- ./downloads:/downloads
- ./media:/media
# Book Drop: optional folder for Manual Import (Admin → audiobook → Manual Import)
# Map any host folder here and it will appear as a browsable root in the file picker.
# Example: - /path/to/your/audiobooks:/bookdrop
# - ./bookdrop:/bookdrop
# PostgreSQL data persistence
- ./pgdata:/var/lib/postgresql/data
# Redis data persistence
- ./redis:/var/lib/redis
environment:
# ========================================================================
# RECOMMENDED: User/Group ID Mapping (Hybrid Approach)
# ========================================================================
# Set these to match your host user for proper file ownership
# Run 'id' on your host to find your UID and GID
#
# How it works:
# - postgres user: Keeps UID 103 (PostgreSQL requirement), uses your PGID
# - redis/node: Fully remapped to your PUID:PGID
#
# File ownership on host:
# - PostgreSQL data (/var/lib/postgresql/data): UID 103, GID <your-PGID>
# - Everything else (/downloads, /media, /config): <your-PUID>:<your-PGID>
#
# For LXC: You only need to passthrough/map container UID 103
# See documentation/deployment/unified.md for LXC examples
#
PUID: 1000
PGID: 1000
# ========================================================================
# OPTIONAL: File Permission Mask
# ========================================================================
# Set a umask to control default file permissions for all files created
# by the application. Common values:
# - 002: Group-writable (files: 664, dirs: 775) - recommended for shared access
# - 022: Group-readable only (files: 644, dirs: 755) - more restrictive
# UMASK: "002"
# ========================================================================
# OPTIONAL: Secrets (auto-generated on first run if not provided)
# ========================================================================
# Uncomment and set these if you want to use custom secrets:
# JWT_SECRET: "your-custom-jwt-secret-here"
# JWT_REFRESH_SECRET: "your-custom-jwt-refresh-secret-here"
# CONFIG_ENCRYPTION_KEY: "your-custom-encryption-key-here"
# POSTGRES_PASSWORD: "your-custom-postgres-password-here"
# ========================================================================
# OPTIONAL: External PostgreSQL and Redis
# ========================================================================
# To use external PostgreSQL or Redis instances instead of the internal ones,
# uncomment and configure the appropriate URL(s):
#
# External PostgreSQL example:
# DATABASE_URL: "postgresql://username:password@postgres.example.com:5432/readmeabook"
#
# External Redis example:
# REDIS_URL: "redis://redis.example.com:6379"
# REDIS_URL: "redis://:password@redis.example.com:6379" # With password
#
# Note: When using external services:
# - The internal PostgreSQL/Redis will NOT start (smart detection)
# - You do NOT need to mount ./pgdata or ./redis volumes
# - Ensure your external services are accessible from the container
# ========================================================================
# OPTIONAL: Rootless Podman Support
# ========================================================================
# Set to "true" ONLY if running with rootless Podman.
# This skips gosu UID/GID switching since the user namespace already
# handles mapping. Do NOT enable for Docker or LXC - it will cause
# files to be created as root.
# ROOTLESS_CONTAINER: "true"
# ========================================================================
# OPTIONAL: Application Configuration
# ========================================================================
# Only set these if you need non-default values:
# POSTGRES_USER: "readmeabook"
# POSTGRES_DB: "readmeabook"
# PLEX_CLIENT_IDENTIFIER: "readmeabook-custom-id"
# PLEX_PRODUCT_NAME: "ReadMeABook"
# LOG_LEVEL: "info"
# DISABLE_LOCAL_LOGIN: "true" # Set to "true" to disable local login (force OAuth)
# ALLOW_WEAK_PASSWORD: "true" # Set to "true" to remove minimum password length requirement
# ========================================================================
# IMPORTANT: Public URL Configuration (Required for OAuth)
# ========================================================================
# Set this to your public URL for OAuth callbacks (Plex/OIDC authentication)
# Format: https://your-domain.com (no trailing slash)
# REQUIRED if accessing from outside localhost or using OIDC/Plex OAuth
# See: documentation/backend/services/environment.md
# PUBLIC_URL: "https://readmeabook.yourdomain.com"
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3030/api/health"]
interval: 30s
timeout: 10s
retries: 3
start_period: 60s
Reference in New Issue View Git Blame Copy Permalink