fix permissions issues for autoconf and fix volume for ghost example

autoconf/Dockerfile

@@ -12,6 +12,9 @@ RUN apk add py3-pip apache2-utils bash certbot curl logrotate openssl && \
     mkdir /opt/scripts && \
     addgroup -g 101 nginx && \
     adduser -h /var/cache/nginx -g nginx -s /sbin/nologin -G nginx -D -H -u 101 nginx && \
+    mkdir /etc/letsencrypt && \
+    chown root:nginx /etc/letsencrypt && \
+    chmod 770 /etc/letsencrypt && \
     mkdir /var/log/letsencrypt && \
     chown root:nginx /var/log/letsencrypt && \
     chmod 770 /var/log/letsencrypt && \
@@ -25,7 +28,11 @@ RUN apk add py3-pip apache2-utils bash certbot curl logrotate openssl && \
     chown root:nginx /var/log/jobs.log && \
     chmod 770 /var/log/jobs.log && \
     chown -R root:nginx /opt/confs/nginx && \
-    chmod -R 770 /opt/confs/nginx
+    chmod -R 770 /opt/confs/nginx && \
+    mkdir /acme-challenge && \
+    chown root:nginx /acme-challenge && \
+    chmod 770 /acme-challenge
+
 
 COPY autoconf/misc/logrotate.conf /etc/logrotate.conf
 COPY scripts/* /opt/scripts/

autoconf/Dockerfile-amd64

@@ -7,10 +7,14 @@ COPY --from=builder /etc/nginx/ /opt/confs/nginx
 RUN apk add py3-pip apache2-utils bash certbot curl logrotate openssl && \
     pip3 install docker requests && \
     mkdir /opt/entrypoint && \
-    mkdir -p /opt/confs/site  && \
+    mkdir -p /opt/confs/site && \
     mkdir -p /opt/confs/global && \
+    mkdir /opt/scripts && \
     addgroup -g 101 nginx && \
     adduser -h /var/cache/nginx -g nginx -s /sbin/nologin -G nginx -D -H -u 101 nginx && \
+    mkdir /etc/letsencrypt && \
+    chown root:nginx /etc/letsencrypt && \
+    chmod 770 /etc/letsencrypt && \
     mkdir /var/log/letsencrypt && \
     chown root:nginx /var/log/letsencrypt && \
     chmod 770 /var/log/letsencrypt && \
@@ -24,7 +28,10 @@ RUN apk add py3-pip apache2-utils bash certbot curl logrotate openssl && \
     chown root:nginx /var/log/jobs.log && \
     chmod 770 /var/log/jobs.log && \
     chown -R root:nginx /opt/confs/nginx && \
-    chmod -R 770 /opt/confs/nginx
+    chmod -R 770 /opt/confs/nginx && \
+    mkdir /acme-challenge && \
+    chown root:nginx /acme-challenge && \
+    chmod 770 /acme-challenge
 
 COPY autoconf/misc/logrotate.conf /etc/logrotate.conf
 COPY scripts/* /opt/scripts/

autoconf/Dockerfile-arm32v7

@@ -15,8 +15,12 @@ RUN apk add py3-pip apache2-utils bash certbot curl logrotate openssl && \
     mkdir /opt/entrypoint && \
     mkdir -p /opt/confs/site && \
     mkdir -p /opt/confs/global && \
+    mkdir /opt/scripts && \
     addgroup -g 101 nginx && \
     adduser -h /var/cache/nginx -g nginx -s /sbin/nologin -G nginx -D -H -u 101 nginx && \
+    mkdir /etc/letsencrypt && \
+    chown root:nginx /etc/letsencrypt && \
+    chmod 770 /etc/letsencrypt && \
     mkdir /var/log/letsencrypt && \
     chown root:nginx /var/log/letsencrypt && \
     chmod 770 /var/log/letsencrypt && \
@@ -30,7 +34,10 @@ RUN apk add py3-pip apache2-utils bash certbot curl logrotate openssl && \
     chown root:nginx /var/log/jobs.log && \
     chmod 770 /var/log/jobs.log && \
     chown -R root:nginx /opt/confs/nginx && \
-    chmod -R 770 /opt/confs/nginx
+    chmod -R 770 /opt/confs/nginx && \
+    mkdir /acme-challenge && \
+    chown root:nginx /acme-challenge && \
+    chmod 770 /acme-challenge
 
 COPY autoconf/misc/logrotate.conf /etc/logrotate.conf
 COPY scripts/* /opt/scripts/

autoconf/Dockerfile-arm64v8

@@ -15,8 +15,12 @@ RUN apk add py3-pip apache2-utils bash certbot curl logrotate openssl && \
     mkdir /opt/entrypoint && \
     mkdir -p /opt/confs/site && \
     mkdir -p /opt/confs/global && \
+    mkdir /opt/scripts && \
     addgroup -g 101 nginx && \
     adduser -h /var/cache/nginx -g nginx -s /sbin/nologin -G nginx -D -H -u 101 nginx && \
+    mkdir /etc/letsencrypt && \
+    chown root:nginx /etc/letsencrypt && \
+    chmod 770 /etc/letsencrypt && \
     mkdir /var/log/letsencrypt && \
     chown root:nginx /var/log/letsencrypt && \
     chmod 770 /var/log/letsencrypt && \
@@ -30,7 +34,10 @@ RUN apk add py3-pip apache2-utils bash certbot curl logrotate openssl && \
     chown root:nginx /var/log/jobs.log && \
     chmod 770 /var/log/jobs.log && \
     chown -R root:nginx /opt/confs/nginx && \
-    chmod -R 770 /opt/confs/nginx
+    chmod -R 770 /opt/confs/nginx && \
+    mkdir /acme-challenge && \
+    chown root:nginx /acme-challenge && \
+    chmod 770 /acme-challenge
 
 COPY autoconf/misc/logrotate.conf /etc/logrotate.conf
 COPY scripts/* /opt/scripts/

autoconf/Dockerfile-i386

@@ -9,8 +9,12 @@ RUN apk add py3-pip apache2-utils bash certbot curl logrotate openssl && \
     mkdir /opt/entrypoint && \
     mkdir -p /opt/confs/site && \
     mkdir -p /opt/confs/global && \
+    mkdir /opt/scripts && \
     addgroup -g 101 nginx && \
     adduser -h /var/cache/nginx -g nginx -s /sbin/nologin -G nginx -D -H -u 101 nginx && \
+    mkdir /etc/letsencrypt && \
+    chown root:nginx /etc/letsencrypt && \
+    chmod 770 /etc/letsencrypt && \
     mkdir /var/log/letsencrypt && \
     chown root:nginx /var/log/letsencrypt && \
     chmod 770 /var/log/letsencrypt && \
@@ -24,7 +28,10 @@ RUN apk add py3-pip apache2-utils bash certbot curl logrotate openssl && \
     chown root:nginx /var/log/jobs.log && \
     chmod 770 /var/log/jobs.log && \
     chown -R root:nginx /opt/confs/nginx && \
-    chmod -R 770 /opt/confs/nginx
+    chmod -R 770 /opt/confs/nginx && \
+    mkdir /acme-challenge && \
+    chown root:nginx /acme-challenge && \
+    chmod 770 /acme-challenge
 
 COPY autoconf/misc/logrotate.conf /etc/logrotate.conf
 COPY scripts/* /opt/scripts/

entrypoint/permissions.sh

@@ -6,20 +6,24 @@ if [ ! -w "/etc/letsencrypt" ] || [ ! -r "/etc/letsencrypt" ] || [ ! -x "/etc/le
 	exit 1
 fi
 
-# /www
-if [ ! -r "/www" ] || [ ! -x "/www" ] ; then
-	echo "[!] ERROR - wrong permissions on /www"
-	exit 2
-fi
+if [ -f "/usr/sbin/nginx" ] ; then
+	# /www
+	if [ ! -r "/www" ] || [ ! -x "/www" ] ; then
+		echo "[!] ERROR - wrong permissions on /www"
+		exit 2
+	fi
 
-# /etc/nginx
-if [ ! -w "/etc/nginx" ] || [ ! -r "/etc/nginx" ] || [ ! -x "/etc/nginx" ] ; then
-	echo "[!] ERROR - wrong permissions on /etc/nginx"
-	exit 3
 fi
 
 # /acme-challenge
 if [ ! -w "/acme-challenge" ] || [ ! -r "/acme-challenge" ] || [ ! -x "/acme-challenge" ] ; then
 	echo "[!] ERROR - wrong permissions on /acme-challenge"
+	exit 3
+fi
+
+# /etc/nginx
+if [ ! -w "/etc/nginx" ] || [ ! -r "/etc/nginx" ] || [ ! -x "/etc/nginx" ] ; then
+	echo "[!] ERROR - wrong permissions on /etc/nginx"
 	exit 4
 fi
+

examples/ghost/docker-compose.yml

@@ -25,6 +25,6 @@ services:
   myghost:
     image: ghost:alpine
     volumes:
-      - ./data-ghost:/
+      - ./data-ghost:/var/lib/ghost/content
     environment:
       - url=https://www.website.com                          # replace with your domain