eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions

Fix authentik container: create /tmp for unprivileged user
All checks were successful
Build Container (Nix) / detect (push) Successful in 1s
Details
Build Container / detect (push) Successful in 2s
Details
Build Container / build (authentik) (push) Successful in 1s
Details
Build Container (Nix) / build (authentik) (push) Successful in 54s
Details

Browse source 
buildLayeredImage doesn't create /tmp by default. The container runs
as user 65534 (nobody) which can't mkdir /tmp at runtime.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Erich Blume 2026-03-01 15:48:05 -08:00
commit 2ac353b7bf
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
containers/authentik/default.nix
View file

@ -57,8 +57,8 @@ pkgs.dockerTools.buildLayeredImage {
# authentik-django hardcodes blueprints_dir to $out/blueprints; the AUTHENTIK_BLUEPRINTS_DIR
# env var overrides it to /blueprints, where custom blueprints are mounted by k8s ConfigMap.
extraCommands = ''
mkdir -p blueprints
chmod 777 blueprints
mkdir -p blueprints tmp
chmod 777 blueprints tmp
'';
config = {