fix(frigate-notify): set WorkingDir=/app and create writable /app
The upstream binary expects CWD=/app (relative config.yml lookup, lumberjack logfile at ./log/app.log). Without this, the pod crashed on startup — the ConfigMap-mounted /app/config.yml wasn't found and zerolog spammed "mkdir log: permission denied" as it tried to create ./log at / as nonroot. Creates /app as 1777 (tmp-style) so nonroot can write logs; WorkingDir set to /app so the default config path resolves correctly. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
c88b6d773c
commit
e92805409e
1 changed files with 9 additions and 0 deletions
|
|
@ -43,8 +43,17 @@ pkgs.dockerTools.buildLayeredImage {
|
||||||
pkgs.tzdata
|
pkgs.tzdata
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# Upstream Dockerfile expects WORKDIR=/app (config at ./config.yml, logfile at
|
||||||
|
# ./log/app.log via lumberjack). Create /app world-writable so nonroot can
|
||||||
|
# write logs; the config is mounted in from a ConfigMap.
|
||||||
|
extraCommands = ''
|
||||||
|
mkdir -p app
|
||||||
|
chmod 1777 app
|
||||||
|
'';
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
Entrypoint = [ "${frigate-notify}/bin/frigate-notify" ];
|
Entrypoint = [ "${frigate-notify}/bin/frigate-notify" ];
|
||||||
|
WorkingDir = "/app";
|
||||||
Env = [
|
Env = [
|
||||||
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||||
"TZDIR=${pkgs.tzdata}/share/zoneinfo"
|
"TZDIR=${pkgs.tzdata}/share/zoneinfo"
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue