[GH-ISSUE #509] Volumes in Docker #308

New issue

Open

opened 2026-02-27 15:58:12 +03:00 by kerem · 3 comments

kerem commented

2026-02-27 15:58:12 +03:00

Owner

Originally created by @cairoapcampos on GitHub (Jun 27, 2022).
Original GitHub issue: https://github.com/retspen/webvirtcloud/issues/509

I found the link below on how to create volumes for webvirtcloud:

https://www.nodinrogers.com/post/2021-12-30-webvirtcloud-in-a-docker-container/

Is this the best way to create volumes in a production environment?

Originally created by @cairoapcampos on GitHub (Jun 27, 2022). Original GitHub issue: https://github.com/retspen/webvirtcloud/issues/509 I found the link below on how to create volumes for webvirtcloud: <https://www.nodinrogers.com/post/2021-12-30-webvirtcloud-in-a-docker-container/> Is this the best way to create volumes in a production environment?

kerem commented

2026-02-27 15:58:12 +03:00

Author

Owner

@cairoapcampos commented on GitHub (Jun 27, 2022):

I've already made some changes locally that have comments in bold. See the docker file below.

Some doubts:

1° Is it possible to change the script webvirtcloud/conf/runit/secret_generator.py not to generate keys that have quotes?

2° Is it possible to run the container with a non-root user?

FROM phusion/baseimage:jammy-1.0.0

EXPOSE 80
EXPOSE 6080

# Use baseimage-docker's init system.
CMD ["/sbin/my_init"]


RUN echo 'APT::Get::Clean=always;' >> /etc/apt/apt.conf.d/99AutomaticClean

RUN apt-get update -qqy \
    && DEBIAN_FRONTEND=noninteractive apt-get -qyy install \
	--no-install-recommends \
	git \
	python3-venv \
	python3-dev \
	python3-lxml \
	libvirt-dev \
	zlib1g-dev \
	nginx \
	pkg-config \
	gcc \
	libldap2-dev \
	libssl-dev \
	libsasl2-dev \
	libsasl2-modules \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# Modified Now

COPY . /srv/webvirtcloud
Run mkdir /srv/webvirtcloud/data && \
   mkdir /var/www/.ssh && \
    cp /srv/webvirtcloud/webvirtcloud/settings.py.template /srv/webvirtcloud/webvirtcloud/settings.py && \
    sed -i "s|db.sqlite3|data/db.sqlite3|" /srv/webvirtcloud/webvirtcloud/settings.py && \
    sed -i "s/SECRET_KEY \= \"\"/SECRET_KEY = \"$(python3 /srv/webvirtcloud/conf/runit/secret_generator.py)\"/" /srv/webvirtcloud/webvirtcloud/settings.py && \
    chown -R www-data:www-data /srv/webvirtcloud && \
   chown www-data:www-data /var/www/.ssh

# Setup webvirtcloud
WORKDIR /srv/webvirtcloud
RUN python3 -m venv venv && \
	. venv/bin/activate && \
	pip3 install -U pip && \
	pip3 install wheel && \
	pip3 install -r conf/requirements.txt && \
	chown -R www-data:www-data /srv/webvirtcloud

RUN . venv/bin/activate && \
    python3 manage.py migrate && \
	chown -R www-data:www-data /srv/webvirtcloud

# Setup Nginx
RUN printf "\n%s" "daemon off;" >> /etc/nginx/nginx.conf && \
	rm /etc/nginx/sites-enabled/default && \
	chown -R www-data:www-data /var/lib/nginx

COPY conf/nginx/webvirtcloud.conf /etc/nginx/conf.d/

# Register services to runit
RUN	mkdir /etc/service/nginx && \
	mkdir /etc/service/nginx-log-forwarder && \
	mkdir /etc/service/webvirtcloud && \
	mkdir /etc/service/novnc
COPY conf/runit/nginx				/etc/service/nginx/run
COPY conf/runit/nginx-log-forwarder	/etc/service/nginx-log-forwarder/run
COPY conf/runit/novncd.sh			/etc/service/novnc/run
COPY conf/runit/webvirtcloud.sh		/etc/service/webvirtcloud/run

# Define mountable directories.

VOLUME ["/srv/webvirtcloud/data","/var/www/.ssh"]

WORKDIR /srv/webvirtcloud

@cairoapcampos commented on GitHub (Jun 27, 2022): I've already made some changes locally that have comments in bold. See the docker file below. Some doubts: 1° Is it possible to change the script webvirtcloud/conf/runit/secret_generator.py not to generate keys that have quotes? 2° Is it possible to run the container with a non-root user? ``` FROM phusion/baseimage:jammy-1.0.0 EXPOSE 80 EXPOSE 6080 # Use baseimage-docker's init system. CMD ["/sbin/my_init"] RUN echo 'APT::Get::Clean=always;' >> /etc/apt/apt.conf.d/99AutomaticClean RUN apt-get update -qqy \ && DEBIAN_FRONTEND=noninteractive apt-get -qyy install \ --no-install-recommends \ git \ python3-venv \ python3-dev \ python3-lxml \ libvirt-dev \ zlib1g-dev \ nginx \ pkg-config \ gcc \ libldap2-dev \ libssl-dev \ libsasl2-dev \ libsasl2-modules \ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ``` **# Modified Now** ``` COPY . /srv/webvirtcloud Run mkdir /srv/webvirtcloud/data && \ mkdir /var/www/.ssh && \ cp /srv/webvirtcloud/webvirtcloud/settings.py.template /srv/webvirtcloud/webvirtcloud/settings.py && \ sed -i "s|db.sqlite3|data/db.sqlite3|" /srv/webvirtcloud/webvirtcloud/settings.py && \ sed -i "s/SECRET_KEY \= \"\"/SECRET_KEY = \"$(python3 /srv/webvirtcloud/conf/runit/secret_generator.py)\"/" /srv/webvirtcloud/webvirtcloud/settings.py && \ chown -R www-data:www-data /srv/webvirtcloud && \ chown www-data:www-data /var/www/.ssh ``` ``` # Setup webvirtcloud WORKDIR /srv/webvirtcloud RUN python3 -m venv venv && \ . venv/bin/activate && \ pip3 install -U pip && \ pip3 install wheel && \ pip3 install -r conf/requirements.txt && \ chown -R www-data:www-data /srv/webvirtcloud RUN . venv/bin/activate && \ python3 manage.py migrate && \ chown -R www-data:www-data /srv/webvirtcloud # Setup Nginx RUN printf "\n%s" "daemon off;" >> /etc/nginx/nginx.conf && \ rm /etc/nginx/sites-enabled/default && \ chown -R www-data:www-data /var/lib/nginx COPY conf/nginx/webvirtcloud.conf /etc/nginx/conf.d/ # Register services to runit RUN mkdir /etc/service/nginx && \ mkdir /etc/service/nginx-log-forwarder && \ mkdir /etc/service/webvirtcloud && \ mkdir /etc/service/novnc COPY conf/runit/nginx /etc/service/nginx/run COPY conf/runit/nginx-log-forwarder /etc/service/nginx-log-forwarder/run COPY conf/runit/novncd.sh /etc/service/novnc/run COPY conf/runit/webvirtcloud.sh /etc/service/webvirtcloud/run ``` **# Define mountable directories.** ``` VOLUME ["/srv/webvirtcloud/data","/var/www/.ssh"] ``` ``` WORKDIR /srv/webvirtcloud ```

kerem commented

2026-02-27 15:58:12 +03:00

Author

Owner

@catborise commented on GitHub (Jun 28, 2022):

"1° Is it possible to change the script webvirtcloud/conf/runit/secret_generator.py not to generate keys that have quotes?"

it is done. i will upload new version of this generator. it generates urlsafe(without quota) secrets.

we especially did not automate settings.py modification. some user may want to use mysql/postgresql instead of "db.sqlite3"...
volumes also related with this situation.

@catborise commented on GitHub (Jun 28, 2022): "1° Is it possible to change the script webvirtcloud/conf/runit/secret_generator.py not to generate keys that have quotes?" - it is done. i will upload new version of this generator. it generates urlsafe(without quota) secrets. we especially did not automate settings.py modification. some user may want to use mysql/postgresql instead of "db.sqlite3"... volumes also related with this situation.

kerem commented

2026-02-27 15:58:12 +03:00

Author

Owner

@cairoapcampos commented on GitHub (Aug 24, 2022):

This question can be closed.

I'll try the tip in the link to see if it's possible to use a non-root user:

https://github.com/phusion/baseimage-docker/issues/617

Thanks for changing the script webvirtcloud/conf/runit/secret_generator.py.

@cairoapcampos commented on GitHub (Aug 24, 2022): This question can be closed. I'll try the tip in the link to see if it's possible to use a non-root user: https://github.com/phusion/baseimage-docker/issues/617 Thanks for changing the script **webvirtcloud/conf/runit/secret_generator.py**.