Set group permissions in volumes

Signed-off-by: Nicko Guyer <[email protected]>

internal/core/config.go

@@ -162,7 +162,7 @@ func getPostgresURL(member *types.Organization) string {
 
 func getSQLitePath(member *types.Organization, runtimeDir string) string {
 	if !member.External {
-		return "/etc/firefly/db/sqlite.db?_busy_timeout=5000"
+		return "/etc/firefly/data/db/sqlite.db?_busy_timeout=5000"
 	} else {
 		return path.Join(runtimeDir, member.ID+".db")
 	}

internal/docker/docker.go

@@ -48,11 +48,17 @@ func CreateVolume(ctx context.Context, volumeName string) error {
 
 func CopyFileToVolume(ctx context.Context, volumeName string, sourcePath string, destPath string) error {
 	fileName := path.Base(sourcePath)
-	return RunDockerCommand(ctx, ".", "run", "--rm", "-v", fmt.Sprintf("%s:/source/%s", sourcePath, fileName), "-v", fmt.Sprintf("%s:/dest", volumeName), "alpine", "cp", "-R", path.Join("/", "source", fileName), path.Join("/", "dest", destPath))
+	source := path.Join("/", "source", fileName)
+	dest := path.Join("/", "dest", destPath)
+	// command := fmt.Sprintf("run --rm -v %s:%s -v %s:%s alpine /bin/sh -c 'cp -R %s %s '", sourcePath, source, volumeName, dest, source, dest, dest, dest)
+	command := fmt.Sprintf("cp -R %s %s && chgrp -R 0 %s && chmod -R g+rwX %s", source, dest, dest, dest)
+	return RunDockerCommand(ctx, ".", "run", "--rm", "-v", fmt.Sprintf("%s:%s", sourcePath, source), "-v", fmt.Sprintf("%s:/dest", volumeName), "alpine", "/bin/sh", "-c", command)
 }
 
 func MkdirInVolume(ctx context.Context, volumeName string, directory string) error {
-	return RunDockerCommand(ctx, ".", "run", "--rm", "-v", fmt.Sprintf("%s:/dest", volumeName), "alpine", "mkdir", "-p", path.Join("/", "dest", directory))
+	dest := path.Join("/", "dest", directory)
+	command := fmt.Sprintf("mkdir -p %s && chgrp -R 0 %s && chmod -R g+rwX %s", dest, dest, dest)
+	return RunDockerCommand(ctx, ".", "run", "--rm", "-v", fmt.Sprintf("%s:/dest", volumeName), "alpine", "/bin/sh", "-c", command)
 }
 
 func RemoveVolume(ctx context.Context, volumeName string) error {
@@ -88,6 +94,15 @@ func RunDockerCommand(ctx context.Context, workingDir string, command ...string)
 	return err
 }
 
+func RunDockerCommandLine(ctx context.Context, workingDir string, command string) error {
+	parsedCommand := strings.Split(command, " ")
+	fmt.Println(parsedCommand)
+	dockerCmd := exec.Command("docker", parsedCommand...)
+	dockerCmd.Dir = workingDir
+	_, err := runCommand(ctx, dockerCmd)
+	return err
+}
+
 func RunDockerComposeCommand(ctx context.Context, workingDir string, command ...string) error {
 	switch ctx.Value(CtxComposeVersionKey{}) {
 	case ComposeV1:

internal/docker/docker_config.go

@@ -97,12 +97,12 @@ func CreateDockerCompose(s *types.Stack) *DockerComposeConfig {
 				},
 				Volumes: []string{
 					fmt.Sprintf("%s:/etc/firefly/firefly.core.yml:ro", configFile),
-					fmt.Sprintf("firefly_core_db_%s:/etc/firefly/db", member.ID),
+					fmt.Sprintf("firefly_core_data_%s:/etc/firefly/data", member.ID),
 				},
 				DependsOn: map[string]map[string]string{},
 				Logging:   StandardLogOptions,
 			}
-			compose.Volumes[fmt.Sprintf("firefly_core_db_%s", member.ID)] = struct{}{}
+			compose.Volumes[fmt.Sprintf("firefly_core_data_%s", member.ID)] = struct{}{}
 			compose.Services["firefly_core_"+member.ID].DependsOn["dataexchange_"+member.ID] = map[string]string{"condition": "service_started"}
 			compose.Services["firefly_core_"+member.ID].DependsOn["ipfs_"+member.ID] = map[string]string{"condition": "service_healthy"}
 		}

internal/stacks/stack_manager.go

@@ -933,6 +933,11 @@ func (s *StackManager) runFirstTimeSetup(options *types.StartOptions) (messages
 			}
 		}
 		s.patchFireFlyCoreConfigs(configDir, member, newConfig)
+
+		// Create data directory with correct permissions inside volume
+		dataVolumeName := fmt.Sprintf("%s_firefly_core_data_%s", s.Stack.Name, member.ID)
+		docker.CreateVolume(s.ctx, dataVolumeName)
+		docker.MkdirInVolume(s.ctx, dataVolumeName, "db")
 	}
 
 	// Re-write the docker-compose config again, in case new values have been added