fix(Dockerfile): Allow ipfs mount in Docker container

fixes #4329 License: MIT Signed-off-by: hannahhoward <[email protected]>
ipfs · Oct 4, 2018 · 87c918e · 87c918e
1 parent 181c399
commit 87c918e
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 0 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -36,6 +36,9 @@ RUN set -x \
 # Get the TLS CA certificates, they're not provided by busybox.
 RUN apt-get update && apt-get install -y ca-certificates
 
+# Install FUSE
+RUN apt-get update && apt-get install -y fuse
+
 # Now comes the actual target image, which aims to be as small as possible.
 FROM busybox:1-glibc
 MAINTAINER Lars Gierth <[email protected]>
@@ -46,8 +49,12 @@ COPY --from=0 $SRC_DIR/cmd/ipfs/ipfs /usr/local/bin/ipfs
 COPY --from=0 $SRC_DIR/bin/container_daemon /usr/local/bin/start_ipfs
 COPY --from=0 /tmp/su-exec/su-exec /sbin/su-exec
 COPY --from=0 /tmp/tini /sbin/tini
+COPY --from=0 /bin/fusermount /usr/local/bin/fusermount
 COPY --from=0 /etc/ssl/certs /etc/ssl/certs
 
+# Add suid bit on fusermount so it will run properly
+RUN chmod 4755 /usr/local/bin/fusermount
+
 # This shared lib (part of glibc) doesn't seem to be included with busybox.
 COPY --from=0 /lib/x86_64-linux-gnu/libdl-2.24.so /lib/libdl.so.2
 
@@ -64,6 +71,10 @@ RUN mkdir -p $IPFS_PATH \
   && adduser -D -h $IPFS_PATH -u 1000 -G users ipfs \
   && chown ipfs:users $IPFS_PATH
 
+# Create mount points for `ipfs mount` command
+RUN mkdir /ipfs /ipns \
+  && chown ipfs:users /ipfs /ipns
+
 # Expose the fs-repo as a volume.
 # start_ipfs initializes an fs-repo if none is mounted.
 # Important this happens after the USER directive so permission are correct.

diff --git a/Dockerfile.fast b/Dockerfile.fast
@@ -31,6 +31,10 @@ RUN set -x \
   && mv cmd/ipfs/ipfs /usr/local/bin/ipfs \
   && mv bin/container_daemon /usr/local/bin/start_ipfs
 
+# Install FUSE
+RUN apt-get update && apt-get install -y fuse
+RUN chmod 4755 /bin/fusermount
+
 # Get su-exec, a very minimal tool for dropping privileges,
 # and tini, a very minimal init daemon for containers
 ENV SUEXEC_VERSION v0.2
@@ -59,6 +63,10 @@ RUN mkdir -p $IPFS_PATH \
   && useradd -s /usr/sbin/nologin -d $IPFS_PATH -u 1000 -G users ipfs \
   && chown ipfs:users $IPFS_PATH
 
+# Create mount points for `ipfs mount` command
+RUN mkdir /ipfs /ipns \
+  && chown ipfs:users /ipfs /ipns
+
 # Expose the fs-repo as a volume.
 # start_ipfs initializes an fs-repo if none is mounted.
 VOLUME $IPFS_PATH