I am encountering a problem with volume management when using the solidnerd/docker-bookstack image in conjunction with the local_secure_restricted storage option in BookStack. The problem stems from how the Dockerfile declares volumes and the resulting behavior in Docker Compose.
Problem Details:
-
BookStack Storage Option Impact:
- When using the
local_secure_restricted storage option, files are stored in storage/uploads/images and storage/uploads/files instead of public/uploads and storage/uploads.
- This change is aligned with secure file storage but introduces conflicts with the Dockerfile’s declared volumes.
-
Dockerfile Volume Declarations:
- The Dockerfile declares the following volumes:
VOLUME ["/var/www/bookstack/public/uploads", "/var/www/bookstack/storage/uploads"]
- Docker automatically creates anonymous volumes for these paths if they are not explicitly overridden in
docker-compose.yml.
-
User Volume Mapping Conflicts:
- In my setup, I use a single external volume,
bookstack-storage, to store all persistent data.
- However, due to the Dockerfile’s
VOLUME declarations, I must explicitly map the corresponding subdirectories (e.g., public/uploads and storage/uploads) to avoid anonymous volumes.
- This requires hardcoding the host path for the external volume, which reduces portability and scalability.
Example workaround in docker-compose.yml:
volumes:
- bookstack-storage:/var/www/bookstack/storage
# Explicitly map subdirectories to prevent anonymous volumes
- /var/lib/docker/volumes/bookstack-storage/_data/uploads:/var/www/bookstack/storage/uploads
- /var/lib/docker/volumes/bookstack-storage/_data/public/uploads:/var/www/bookstack/public/uploads
- This approach is not ideal as it:
- Requires hardcoding the host path (e.g.,
/var/lib/docker/volumes/bookstack-storage/_data).
- Reduces portability and adds complexity to the setup.
Request for Discussion and Potential Fix:
I would like to discuss potential ways to address this issue. A few ideas include:
-
Revisiting VOLUME Declarations:
- Consider removing the
VOLUME declarations for /public/uploads and /storage/uploads from the Dockerfile. This would allow users to manage all volumes explicitly in their docker-compose.yml files without interference.
-
Environment Variable-Based Volume Control:
- Introduce an environment variable to enable or disable the automatic creation of volumes for
/public/uploads and /storage/uploads.
-
Improved Documentation:
- Update documentation to explain the behavior of the
VOLUME directive and provide a recommended approach for users wanting to use a single volume (e.g., with the local_secure_restricted option).
Conclusion:
This issue complicates the use of local_secure_restricted storage in Dockerized setups and creates challenges for those who want to use a single volume for storage. Addressing this would improve usability and scalability for users of this project.
Looking forward to hearing your thoughts and discussing possible solutions!
I am encountering a problem with volume management when using the
solidnerd/docker-bookstackimage in conjunction with thelocal_secure_restrictedstorage option in BookStack. The problem stems from how the Dockerfile declares volumes and the resulting behavior in Docker Compose.Problem Details:
BookStack Storage Option Impact:
local_secure_restrictedstorage option, files are stored instorage/uploads/imagesandstorage/uploads/filesinstead ofpublic/uploadsandstorage/uploads.Dockerfile Volume Declarations:
docker-compose.yml.User Volume Mapping Conflicts:
bookstack-storage, to store all persistent data.VOLUMEdeclarations, I must explicitly map the corresponding subdirectories (e.g.,public/uploadsandstorage/uploads) to avoid anonymous volumes.Example workaround in
docker-compose.yml:/var/lib/docker/volumes/bookstack-storage/_data).Request for Discussion and Potential Fix:
I would like to discuss potential ways to address this issue. A few ideas include:
Revisiting
VOLUMEDeclarations:VOLUMEdeclarations for/public/uploadsand/storage/uploadsfrom the Dockerfile. This would allow users to manage all volumes explicitly in theirdocker-compose.ymlfiles without interference.Environment Variable-Based Volume Control:
/public/uploadsand/storage/uploads.Improved Documentation:
VOLUMEdirective and provide a recommended approach for users wanting to use a single volume (e.g., with thelocal_secure_restrictedoption).Conclusion:
This issue complicates the use of
local_secure_restrictedstorage in Dockerized setups and creates challenges for those who want to use a single volume for storage. Addressing this would improve usability and scalability for users of this project.Looking forward to hearing your thoughts and discussing possible solutions!