fix: unify DATA_DIR default to /var/lib/webhooker for all environments
All checks were successful
check / check (push) Successful in 1m4s
All checks were successful
check / check (push) Successful in 1m4s
Remove devDataDir() XDG-based logic. Both dev and prod now default DATA_DIR to /var/lib/webhooker. Update Dockerfile and README to match.
This commit is contained in:
user
15
README.md
15
README.md
@@ -59,7 +59,6 @@ or `prod` (default: `dev`). The setting controls several behaviors:
|
||||
|
||||
| Behavior | `dev` | `prod` |
|
||||
| --------------------- | -------------------------------- | ------------------------------- |
|
||||
| Default `DATA_DIR` | `$XDG_DATA_HOME/webhooker` (or `$HOME/.local/share/webhooker`) | `/data` |
|
||||
| CORS | Allows any origin (`*`) | Disabled (no-op) |
|
||||
| Session cookie Secure | `false` (works over plain HTTP) | `true` (requires HTTPS) |
|
||||
|
||||
@@ -71,7 +70,7 @@ TTY detection, and security headers are always applied.
|
||||
| ----------------------- | ----------------------------------- | -------- |
|
||||
| `WEBHOOKER_ENVIRONMENT` | `dev` or `prod` | `dev` |
|
||||
| `PORT` | HTTP listen port | `8080` |
|
||||
| `DATA_DIR` | Directory for all SQLite databases | `$XDG_DATA_HOME/webhooker` (dev) / `/data` (prod) |
|
||||
| `DATA_DIR` | Directory for all SQLite databases | `/var/lib/webhooker` |
|
||||
| `DEBUG` | Enable debug logging | `false` |
|
||||
| `METRICS_USERNAME` | Basic auth username for `/metrics` | `""` |
|
||||
| `METRICS_PASSWORD` | Basic auth password for `/metrics` | `""` |
|
||||
@@ -90,16 +89,16 @@ is only displayed once.
|
||||
```bash
|
||||
docker run -d \
|
||||
-p 8080:8080 \
|
||||
-v /path/to/data:/data \
|
||||
-v /path/to/data:/var/lib/webhooker \
|
||||
-e WEBHOOKER_ENVIRONMENT=prod \
|
||||
webhooker:latest
|
||||
```
|
||||
|
||||
The container runs as a non-root user (`webhooker`, UID 1000), exposes
|
||||
port 8080, and includes a health check against
|
||||
`/.well-known/healthcheck`. The `/data` volume holds all SQLite
|
||||
databases: the main application database (`webhooker.db`) and the
|
||||
per-webhook event databases (`events-{uuid}.db`). Mount this as a
|
||||
`/.well-known/healthcheck`. The `/var/lib/webhooker` volume holds all
|
||||
SQLite databases: the main application database (`webhooker.db`) and
|
||||
the per-webhook event databases (`events-{uuid}.db`). Mount this as a
|
||||
persistent volume to preserve data across container restarts.
|
||||
|
||||
## Rationale
|
||||
@@ -845,8 +844,8 @@ The Dockerfile uses a multi-stage build:
|
||||
golangci-lint, downloads dependencies, copies source, runs `make
|
||||
check` (format verification, linting, tests, compilation).
|
||||
2. **Runtime stage** (`alpine:3.21`) — copies the binary, creates the
|
||||
`/data` directory for all SQLite databases, runs as non-root user,
|
||||
exposes port 8080, includes a health check.
|
||||
`/var/lib/webhooker` directory for all SQLite databases, runs as
|
||||
non-root user, exposes port 8080, includes a health check.
|
||||
|
||||
The builder uses Debian rather than Alpine because GORM's SQLite
|
||||
dialect pulls in CGO-dependent headers at compile time. The runtime
|
||||
|
||||
Reference in New Issue
Block a user