mirror of
https://github.com/coder/coder.git
synced 2025-03-14 10:09:57 +00:00
75f417630b
Addresses https://github.com/coder/coder/issues/15663. This PR saves the entire coder home directory in a Docker volume to make the dev tunnel URL persistent across container restarts. I initially wanted to persist only the config directory, but Docker Compose cannot set permissions on a named volume unless the directory it’s mounted on already exists within the container. The `/home/coder/.config` directory, however, is not created by default in the Dockerfile. When I attempt to mount it, [Docker creates it with root permissions](https://github.com/moby/moby/issues/2259#issue-21132999), and Coder cannot write to it. I encounter the following error: ``` coder-1 | Started HTTP listener at http://0.0.0.0:7080 coder-1 | Opening tunnel so workspaces can connect to your deployment. For production scenarios, specify an external access URL coder-1 | Encountered an error running "coder server", see "coder server --help" for more information coder-1 | error: create tunnel: read or generate config: get config path: mkdirall config dir "/home/coder/.config/coderv2": mkdir /home/coder/.config/coderv2: permission denied ``` Creating the directory in the Dockerfile would resolve the issue for new images but would break `docker-compose.yml` for all existing Coder images. Mounting the entire home directory avoids this problem, but it makes it less clear to admins which files need to be persisted. It’s a trade-off - I believe keeping Docker Compose backwards-compatible is more important, and I hope the added comment clarifies the purpose of the volume for new users.
55 lines
2.1 KiB
YAML
55 lines
2.1 KiB
YAML
version: "3.9"
|
|
services:
|
|
coder:
|
|
# This MUST be stable for our documentation and
|
|
# other automations.
|
|
image: ghcr.io/coder/coder:${CODER_VERSION:-latest}
|
|
ports:
|
|
- "7080:7080"
|
|
environment:
|
|
CODER_PG_CONNECTION_URL: "postgresql://${POSTGRES_USER:-username}:${POSTGRES_PASSWORD:-password}@database/${POSTGRES_DB:-coder}?sslmode=disable"
|
|
CODER_HTTP_ADDRESS: "0.0.0.0:7080"
|
|
# You'll need to set CODER_ACCESS_URL to an IP or domain
|
|
# that workspaces can reach. This cannot be localhost
|
|
# or 127.0.0.1 for non-Docker templates!
|
|
CODER_ACCESS_URL: "${CODER_ACCESS_URL}"
|
|
# If the coder user does not have write permissions on
|
|
# the docker socket, you can uncomment the following
|
|
# lines and set the group ID to one that has write
|
|
# permissions on the docker socket.
|
|
#group_add:
|
|
# - "998" # docker group on host
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
# Run "docker volume rm coder_coder_home" to reset the dev tunnel url (https://abc.xyz.try.coder.app).
|
|
# This volume is not required in a production environment - you may safely remove it.
|
|
# Coder can recreate all the files it needs on restart.
|
|
- coder_home:/home/coder
|
|
depends_on:
|
|
database:
|
|
condition: service_healthy
|
|
database:
|
|
# Minimum supported version is 13.
|
|
# More versions here: https://hub.docker.com/_/postgres
|
|
image: "postgres:16"
|
|
ports:
|
|
- "5432:5432"
|
|
environment:
|
|
POSTGRES_USER: ${POSTGRES_USER:-username} # The PostgreSQL user (useful to connect to the database)
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-password} # The PostgreSQL password (useful to connect to the database)
|
|
POSTGRES_DB: ${POSTGRES_DB:-coder} # The PostgreSQL default database (automatically created at first launch)
|
|
volumes:
|
|
- coder_data:/var/lib/postgresql/data # Use "docker volume rm coder_coder_data" to reset Coder
|
|
healthcheck:
|
|
test:
|
|
[
|
|
"CMD-SHELL",
|
|
"pg_isready -U ${POSTGRES_USER:-username} -d ${POSTGRES_DB:-coder}",
|
|
]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 5
|
|
volumes:
|
|
coder_data:
|
|
coder_home:
|