github/claude-relay-service
1
0
Fork 0
mirror of https://github.com/Wei-Shaw/claude-relay-service.git synced 2026-01-23 20:37:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: 解决Docker权限问题,预先创建配置文件

Browse Source 
- 在Dockerfile中预先创建config.js和.env文件避免运行时权限问题
- 设置正确的目录权限(755)和文件所有者(claude:nodejs)
- 简化docker-entrypoint.sh脚本,只处理文件内容修改而非创建
- 添加调试信息和错误处理
- 确保claude用户有足够权限修改配置文件

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
shaw
2025-07-19 02:12:17 +08:00
parent 5d4b39b7a7
commit 0eb2561a8a
2 changed files with 32 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
Dockerfile
View File

@@ -34,9 +34,20 @@ COPY --chown=claude:nodejs . .
COPY --chown=claude:nodejs docker-entrypoint.sh /usr/local/bin/ COPY --chown=claude:nodejs docker-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh RUN chmod +x /usr/local/bin/docker-entrypoint.sh
# 📁 创建必要目录 # 📁 创建必要目录并设置权限
RUN mkdir -p logs data temp && \ RUN mkdir -p logs data temp && \
chown -R claude:nodejs logs data temp chown -R claude:nodejs /app logs data temp && \
chmod -R 755 /app && \
chmod -R 775 logs data temp
# 🔧 预先创建配置文件避免权限问题
RUN if [ ! -f "/app/config/config.js" ] && [ -f "/app/config/config.example.js" ]; then \
cp /app/config/config.example.js /app/config/config.js; \
fi && \
if [ ! -f "/app/.env" ] && [ -f "/app/.env.example" ]; then \
cp /app/.env.example /app/.env; \
fi && \
chown claude:nodejs /app/config/config.js /app/.env 2>/dev/null || true
# 🔐 切换到非 root 用户 # 🔐 切换到非 root 用户
USER claude USER claude

42
docker-entrypoint.sh
View File

@@ -22,23 +22,27 @@ if [ ! -f "/app/config/config.js" ]; then
fi fi
fi fi
# 检查并创建 .env 文件 # 检查并配置 .env 文件(文件已在构建时创建)
if [ ! -f "/app/.env" ]; then if [ -f "/app/.env" ]; then
echo "📋 检测到 .env 不存在,从模板创建..." echo "📋 配置 .env 文件..."
if [ -f "/app/.env.example" ]; then
cp /app/.env.example /app/.env
# 生成随机的 JWT_SECRET (64字符) # 生成随机的 JWT_SECRET (64字符)
if [ -z "$JWT_SECRET" ]; then if [ -z "$JWT_SECRET" ]; then
JWT_SECRET=$(grep "^JWT_SECRET=" /app/.env | cut -d'=' -f2)
if [ -z "$JWT_SECRET" ] || [ "$JWT_SECRET" = "your-jwt-secret-here" ]; then
JWT_SECRET=$(generate_random_string 64) JWT_SECRET=$(generate_random_string 64)
echo "🔑 生成 JWT_SECRET" echo "🔑 生成 JWT_SECRET"
fi fi
fi
# 生成随机的 ENCRYPTION_KEY (32字符) # 生成随机的 ENCRYPTION_KEY (32字符)
if [ -z "$ENCRYPTION_KEY" ]; then if [ -z "$ENCRYPTION_KEY" ]; then
ENCRYPTION_KEY=$(grep "^ENCRYPTION_KEY=" /app/.env | cut -d'=' -f2)
if [ -z "$ENCRYPTION_KEY" ] || [ "$ENCRYPTION_KEY" = "your-encryption-key-here" ]; then
ENCRYPTION_KEY=$(generate_random_string 32) ENCRYPTION_KEY=$(generate_random_string 32)
echo "🔑 生成 ENCRYPTION_KEY" echo "🔑 生成 ENCRYPTION_KEY"
fi fi
fi
# 更新 .env 文件中的密钥 # 更新 .env 文件中的密钥
sed -i "s/JWT_SECRET=.*/JWT_SECRET=${JWT_SECRET}/" /app/.env sed -i "s/JWT_SECRET=.*/JWT_SECRET=${JWT_SECRET}/" /app/.env
@@ -47,35 +51,11 @@ if [ ! -f "/app/.env" ]; then
# 设置 Redis 配置以连接到容器内的 Redis # 设置 Redis 配置以连接到容器内的 Redis
sed -i "s/REDIS_HOST=.*/REDIS_HOST=redis/" /app/.env sed -i "s/REDIS_HOST=.*/REDIS_HOST=redis/" /app/.env
echo "✅ .env 已创建并配置" echo "✅ .env 已配置"
else else
echo "❌ 错误: .env.example 不存在" echo "❌ 错误: .env 文件不存在"
exit 1 exit 1
fi fi
else
echo "✅ 检测到已有 .env 文件"
# 确保环境变量中有必要的密钥
if [ -z "$JWT_SECRET" ]; then
# 从 .env 文件读取
JWT_SECRET=$(grep "^JWT_SECRET=" /app/.env | cut -d'=' -f2)
if [ -z "$JWT_SECRET" ] || [ "$JWT_SECRET" = "your-jwt-secret-here" ]; then
JWT_SECRET=$(generate_random_string 64)
sed -i "s/JWT_SECRET=.*/JWT_SECRET=${JWT_SECRET}/" /app/.env
echo "🔑 更新 JWT_SECRET"
fi
fi
if [ -z "$ENCRYPTION_KEY" ]; then
# 从 .env 文件读取
ENCRYPTION_KEY=$(grep "^ENCRYPTION_KEY=" /app/.env | cut -d'=' -f2)
if [ -z "$ENCRYPTION_KEY" ] || [ "$ENCRYPTION_KEY" = "your-encryption-key-here" ]; then
ENCRYPTION_KEY=$(generate_random_string 32)
sed -i "s/ENCRYPTION_KEY=.*/ENCRYPTION_KEY=${ENCRYPTION_KEY}/" /app/.env
echo "🔑 更新 ENCRYPTION_KEY"
fi
fi
fi
# 导出环境变量 # 导出环境变量
export JWT_SECRET export JWT_SECRET