diff --git a/.gitignore b/.gitignore
index 275cd63..706eb41 100644
--- a/.gitignore
+++ b/.gitignore
@@ -13,7 +13,7 @@
/data/reg/test.servnest.test.zone
/data/tor-config/*
/data/tor-keys/*
-/logs/sftpgo/sftpgo.log
+/logs/sftpgo/*.log
/logs/php/error.log
/logs/cronie/*.log
/logs/nginx/servnest-access.log
@@ -21,6 +21,11 @@
/logs/apache/error.log
/data/certbot/accounts/acme-staging-v02.api.letsencrypt.org/directory/*/*.json
/sock/knot/knot.pid
-/data/knot/confdb/*.mdb
+/data/knot/*/*.mdb
+/data/knot/keys/keys/*.pem
/data/knot/servnest.test.invalid.zone
/tmp/tor/*
+/tmp/cronie/cron.reboot
+/tmp/php/exec.txt
+/tmp/php/index.html
+/tmp/*/*.pid
diff --git a/README.md b/README.md
index b382732..02b5133 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
-# podman-compose setup
+# ServNest setup with Compose
-## Use
+## Use with Podman
### Preparation
@@ -15,7 +15,7 @@ knotc --confdb data/knot/confdb conf-import conf/knot.conf
cp data/reg/servnest.test.zone.default data/reg/servnest.test.zone
cp data/reg/test.servnest.test.zone.default data/reg/test.servnest.test.zone
chmod u=rwX,g=rX,o=rX -R conf core
-chmod u=rwX,g=rwX,o=rwX logs/sftpgo logs/php sock/php logs/apache logs/nginx sock/tor-client sock/nginx-onion sock/knot data/knot data/knot/confdb data/knot/confdb/*.mdb tmp/nginx tmp/certbot tmp/acme data/reg data/reg/*.zone core/db core/db/servnest.db
+chmod u=rwX,g=rwX,o=rwX logs/sftpgo logs/php sock/php logs/apache logs/nginx sock/tor-client sock/nginx-onion sock/knot data/knot data/knot/confdb data/knot/confdb/*.mdb tmp/nginx tmp/certbot tmp/acme tmp/apache tmp/nginx-run tmp/php data/reg data/reg/*.zone core/db core/db/servnest.db
chmod u=rwX,g=rX,o= sock/tor-control
wget https://dl-cdn.alpinelinux.org/alpine/v3.20/releases/x86_64/alpine-minirootfs-3.20.2-x86_64.tar.gz
wget https://github.com/drakkan/sftpgo/archive/refs/tags/v2.6.2.tar.gz -O sftpgo-v2.6.2.tar.gz
@@ -50,6 +50,14 @@ podman image rm --all
podman rm $(podman container list --external -q)
```
+## Use with rootless Docker
+
+```shell
+export DOCKER_HOST=unix:///run/user/$(id -u)/docker.sock
+```
+
+Then use the instructions for Podman but replace `podman` with `docker` in command names.
+
## License
This project is published under the Cooperative Nonviolent Public License No Attributions, version 7 or any later version (CNPL-NAv7+), as found in [`LICENSE.md`](LICENSE.md) or at .
diff --git a/apache.Containerfile b/apache.Containerfile
index 65a2170..552f2c1 100644
--- a/apache.Containerfile
+++ b/apache.Containerfile
@@ -1,4 +1,4 @@
-FROM servnest_alpine
+FROM servnest-alpine
RUN apk add apache2 apache2-brotli
RUN chown apache: /run/apache2/
USER apache
diff --git a/compose.yaml b/compose.yaml
index 916bb9f..437af7b 100644
--- a/compose.yaml
+++ b/compose.yaml
@@ -57,6 +57,7 @@ services:
- ./conf/http-messages/:/srv/servnest/ht/http-messages/:ro
- ./data/ht/:/srv/servnest/ht/:ro
- ./logs/apache/:/var/log/apache2/:rw
+ - ./tmp/apache/:/run/apache2/:rw
php:
extends:
file: base.yaml
@@ -93,6 +94,7 @@ services:
- ./logs/certbot/:/var/log/letsencrypt/:rw
- ./tmp/acme/:/srv/servnest/acme/:rw
- ./tmp/certbot/:/var/lib/letsencrypt/:rw
+ - ./tmp/php/:/tmp/:rw
mem_limit: 256mb
# For sudo
security_opt:
@@ -109,6 +111,7 @@ services:
volumes:
- ./conf/cronie:/etc/cron.d/servnest:ro
- ./logs/cronie/:/var/log/cronie/:rw
+ - ./tmp/cronie/:/var/run/:rw
nginx:
extends:
file: base.yaml
@@ -129,4 +132,5 @@ services:
- ./sock/nginx-onion/:/run/nginx-onion/:rw
- ./logs/nginx/:/var/lib/nginx/logs/:rw
- ./tmp/nginx/:/var/lib/nginx/tmp/:rw
+ - ./tmp/nginx-run/:/run/nginx/:rw
- ./tmp/acme/:/srv/servnest/acme/:ro
diff --git a/cronie.Containerfile b/cronie.Containerfile
index 6662993..ed55ec1 100644
--- a/cronie.Containerfile
+++ b/cronie.Containerfile
@@ -1,4 +1,4 @@
-FROM servnest_php
+FROM servnest-php
USER root
RUN apk add cronie moreutils
CMD ["crond", "-n", "-s"]
diff --git a/knot.Containerfile b/knot.Containerfile
index bc2d90e..6ceed28 100644
--- a/knot.Containerfile
+++ b/knot.Containerfile
@@ -1,4 +1,4 @@
-FROM servnest_alpine
+FROM servnest-alpine
RUN apk add knot
USER knot
CMD ["knotd", "--confdb", "/var/lib/knot/confdb/"]
diff --git a/nginx.Containerfile b/nginx.Containerfile
index 334632f..2d3d395 100644
--- a/nginx.Containerfile
+++ b/nginx.Containerfile
@@ -1,4 +1,4 @@
-FROM servnest_alpine
+FROM servnest-alpine
RUN apk add nginx nginx-mod-http-headers-more openssl
RUN openssl req -quiet -subj '/' -new -newkey RSA:3072 -days 3650 -nodes -x509 -keyout /etc/ssl/private/servnest.key -out /etc/ssl/certs/servnest.crt \
&& openssl req -quiet -subj '/CN=servnest.test' -new -newkey RSA:3072 -days 3650 -nodes -x509 -keyout /etc/ssl/private/servnest.test.key -out /etc/ssl/certs/servnest.test.crt \
diff --git a/php.Containerfile b/php.Containerfile
index e637dbe..31cc4e6 100644
--- a/php.Containerfile
+++ b/php.Containerfile
@@ -1,4 +1,4 @@
-FROM servnest_alpine
+FROM servnest-alpine
RUN apk add \
php83 \
php83-fpm \
diff --git a/sftpgo.Containerfile b/sftpgo.Containerfile
index 59802b5..46d9aae 100644
--- a/sftpgo.Containerfile
+++ b/sftpgo.Containerfile
@@ -1,4 +1,4 @@
-FROM servnest_alpine AS builder
+FROM servnest-alpine AS builder
RUN apk add go
ARG SFTPGO
ADD $SFTPGO /
@@ -8,7 +8,7 @@ RUN cp -r openapi ./internal/bundle/openapi && \
cp -r static ./internal/bundle/static
RUN go build -tags nogcs,nos3,noazblob,nobolt,nomysql,nopgsql,nosqlite,noportable,nometrics,bundle -o /usr/local/bin/sftpgo && strip /usr/local/bin/sftpgo
-FROM servnest_alpine
+FROM servnest-alpine
RUN apk add openssh-keygen bash
RUN mkdir /etc/sftpgo/ && ssh-keygen -f /etc/sftpgo/ed25519 -t ed25519 -N "" -C ""
RUN touch /etc/sftpgo/banner.txt
diff --git a/tmp/apache/.gitkeep b/tmp/apache/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/tmp/cronie/.gitkeep b/tmp/cronie/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/tmp/nginx-run/.gitkeep b/tmp/nginx-run/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/tmp/php/.gitkeep b/tmp/php/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/tor.Containerfile b/tor.Containerfile
index 0a09e58..aac960a 100644
--- a/tor.Containerfile
+++ b/tor.Containerfile
@@ -1,3 +1,3 @@
-FROM servnest_alpine
+FROM servnest-alpine
RUN apk add tor
CMD ["tor", "--hush"]