fix: DockerSecretsResolver - don't normalize absolute paths like /var/www/html/...
Some checks failed
Deploy Application / deploy (push) Has been cancelled
Some checks failed
Deploy Application / deploy (push) Has been cancelled
This commit is contained in:
@@ -41,18 +41,23 @@ services:
|
||||
|
||||
php:
|
||||
container_name: php
|
||||
user: "1000:1000" # Run as host user to prevent permission issues
|
||||
# No user directive - container runs as root, entrypoint handles user switching
|
||||
# PHP-FPM needs to run as root to drop privileges properly
|
||||
volumes:
|
||||
# Host-Mounts für direkten Zugriff (Development-friendly)
|
||||
- ./:/var/www/html:${VOLUME_MODE:-cached}
|
||||
- ./storage/logs:/var/www/html/storage/logs:rw
|
||||
- ./storage/uploads:/var/www/html/storage/uploads:rw
|
||||
- ./storage/analytics:/var/www/html/storage/analytics:rw
|
||||
# Docker Socket für Docker-Management aus dem Container heraus
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- PHP_IDE_CONFIG=${PHP_IDE_CONFIG:-serverName=docker}
|
||||
- APP_ENV=${APP_ENV:-development}
|
||||
- APP_DEBUG=${APP_DEBUG:-true}
|
||||
- XDEBUG_MODE=${XDEBUG_MODE:-debug}
|
||||
# Database connection to external PostgreSQL Stack
|
||||
- DB_HOST=postgres # External PostgreSQL Stack service name
|
||||
# Use Docker Secrets via *_FILE pattern (Framework supports this automatically)
|
||||
- DB_PASSWORD_FILE=/run/secrets/db_user_password
|
||||
- REDIS_PASSWORD_FILE=/run/secrets/redis_password
|
||||
@@ -61,6 +66,8 @@ services:
|
||||
- db_user_password
|
||||
- redis_password
|
||||
- app_key
|
||||
networks:
|
||||
- app-internal # Connect to external PostgreSQL Stack
|
||||
restart: ${RESTART_POLICY:-unless-stopped}
|
||||
# NOTE: env_file not needed - Framework automatically loads .env.base → .env.local
|
||||
# Environment variables are loaded by EncryptedEnvLoader in the PHP application
|
||||
@@ -172,6 +179,12 @@ networks:
|
||||
internal: ${NETWORK_BACKEND_INTERNAL:-false}
|
||||
cache:
|
||||
internal: ${NETWORK_CACHE_INTERNAL:-false}
|
||||
app-internal:
|
||||
external: true # External network created by PostgreSQL Infrastructure Stack
|
||||
name: app-internal
|
||||
traefik-public:
|
||||
external: true # External network created by Traefik Infrastructure Stack
|
||||
name: traefik-public
|
||||
|
||||
# Docker Secrets Configuration
|
||||
# Secrets are stored in ./secrets/ directory (relative to this file)
|
||||
|
||||
Reference in New Issue
Block a user