Mirror/lidify
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
27b03e4b8fae6e05be29e8a9bc6055a9da5f761f
lidify/backend/docker-entrypoint.sh
Kevin O'Neill 021aec7a63 Initial release v1.0.0
2025-12-25 18:58:06 -06:00

60 lines
2.7 KiB
Bash
Raw Blame History

#!/bin/sh
set -e
# Security check: Refuse to run as root
if [ "$(id -u)" = "0" ]; then
echo ""
echo "╔══════════════════════════════════════════════════════════════╗"
echo "║ FATAL: CANNOT START AS ROOT ║"
echo "║ ║"
echo "║ Running as root is a security risk. This container must ║"
echo "║ run as a non-privileged user. ║"
echo "║ ║"
echo "║ Do NOT use: ║"
echo "║ - docker run --user root ║"
echo "║ - user: root in docker-compose.yml ║"
echo "║ ║"
echo "║ The container is configured to run as 'node' user. ║"
echo "╚══════════════════════════════════════════════════════════════╝"
echo ""
exit 1
fi
echo "[START] Starting Lidify Backend..."
# Docker Compose health checks ensure database and Redis are ready
# Add a small delay to be extra safe
echo "[WAIT] Waiting for services to be ready..."
sleep 3
echo "Services are ready"
# Run database migrations
echo "[DB] Running database migrations..."
npx prisma migrate deploy
# Generate Prisma client (in case of schema changes)
echo "[DB] Generating Prisma client..."
npx prisma generate
# Generate session secret if not provided
if [ -z "$SESSION_SECRET" ] || [ "$SESSION_SECRET" = "changeme-generate-secure-key" ]; then
echo "[WARN] SESSION_SECRET not set or using default. Generating random key..."
export SESSION_SECRET=$(node -e "console.log(require('crypto').randomBytes(32).toString('base64'))")
echo "Generated SESSION_SECRET (will not persist across restarts - set it in .env for production)"
fi
# Ensure encryption key is stable between restarts
if [ -z "$SETTINGS_ENCRYPTION_KEY" ]; then
echo "[WARN] SETTINGS_ENCRYPTION_KEY not set."
echo " Falling back to the default development key so encrypted data remains readable."
echo " Set SETTINGS_ENCRYPTION_KEY in your environment to a 32-character value for production."
export SETTINGS_ENCRYPTION_KEY="default-encryption-key-change-me"
fi
echo "[START] Lidify Backend starting on port ${PORT:-3006}..."
echo "[CONFIG] Music path: ${MUSIC_PATH:-/music}"
echo "[CONFIG] Environment: ${NODE_ENV:-production}"
# Execute the main command
exec "$@"
Reference in New Issue View Git Blame Copy Permalink