Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue with Volume Management for local_secure_restricted Storage Option #521

Open
Daschi1 opened this issue Dec 21, 2024 · 0 comments
Open

Issue with Volume Management for local_secure_restricted Storage Option #521

Daschi1 opened this issue Dec 21, 2024 · 0 comments

Comments

@Daschi1
Copy link

Daschi1 commented Dec 21, 2024

I am encountering a problem with volume management when using the solidnerd/docker-bookstack image in conjunction with the local_secure_restricted storage option in BookStack. The problem stems from how the Dockerfile declares volumes and the resulting behavior in Docker Compose.

Problem Details:

  1. BookStack Storage Option Impact:

    • When using the local_secure_restricted storage option, files are stored in storage/uploads/images and storage/uploads/files instead of public/uploads and storage/uploads.
    • This change is aligned with secure file storage but introduces conflicts with the Dockerfile’s declared volumes.

  2. Dockerfile Volume Declarations:

    • The Dockerfile declares the following volumes: 
      VOLUME ["/var/www/bookstack/public/uploads", "/var/www/bookstack/storage/uploads"]
    • Docker automatically creates anonymous volumes for these paths if they are not explicitly overridden in docker-compose.yml.

  3. User Volume Mapping Conflicts:

    • In my setup, I use a single external volume, bookstack-storage, to store all persistent data.
    • However, due to the Dockerfile’s VOLUME declarations, I must explicitly map the corresponding subdirectories (e.g., public/uploads and storage/uploads) to avoid anonymous volumes.
    • This requires hardcoding the host path for the external volume, which reduces portability and scalability.

    Example workaround in docker-compose.yml:

    volumes:
  - bookstack-storage:/var/www/bookstack/storage
  # Explicitly map subdirectories to prevent anonymous volumes
  - /var/lib/docker/volumes/bookstack-storage/_data/uploads:/var/www/bookstack/storage/uploads
  - /var/lib/docker/volumes/bookstack-storage/_data/public/uploads:/var/www/bookstack/public/uploads
    • This approach is not ideal as it:
      • Requires hardcoding the host path (e.g., /var/lib/docker/volumes/bookstack-storage/_data).
      • Reduces portability and adds complexity to the setup.

Request for Discussion and Potential Fix:

I would like to discuss potential ways to address this issue. A few ideas include:

  1. Revisiting VOLUME Declarations:

    • Consider removing the VOLUME declarations for /public/uploads and /storage/uploads from the Dockerfile. This would allow users to manage all volumes explicitly in their docker-compose.yml files without interference.

  2. Environment Variable-Based Volume Control:

    • Introduce an environment variable to enable or disable the automatic creation of volumes for /public/uploads and /storage/uploads.

  3. Improved Documentation:

    • Update documentation to explain the behavior of the VOLUME directive and provide a recommended approach for users wanting to use a single volume (e.g., with the local_secure_restricted option).

Conclusion:

This issue complicates the use of local_secure_restricted storage in Dockerized setups and creates challenges for those who want to use a single volume for storage. Addressing this would improve usability and scalability for users of this project.

Looking forward to hearing your thoughts and discussing possible solutions!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Daschi1