diff --git a/.dockerignore b/.dockerignore index c71111c..fe70a16 100644 --- a/.dockerignore +++ b/.dockerignore @@ -9,6 +9,9 @@ db.sqlite3 var/ staticfiles/ backups/ +local-deploy-backups/ +Caddyfile.with-goggles +caddy-with-goggles.json # Local deployment secrets stay outside the repo/build context. goggles-secrets.txt diff --git a/Dockerfile b/Dockerfile index 0d19e9a..eee3ff8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,6 +17,8 @@ COPY . . # non-root user. collectstatic writes to STATIC_ROOT (/app/staticfiles), so only # that runtime-writable directory is owned by the application user. RUN useradd --system --uid 10001 --no-create-home goggles \ + && mkdir -p /home/goggles \ + && chown goggles:goggles /home/goggles \ && mkdir -p /app/staticfiles \ && chown goggles:goggles /app/staticfiles USER goggles