How to set folder permissions for a particular container on Elastic Beanstalk
AWS EB Deployment starts your app in /var/app/ondeck
- When deploying elastic beanstalk, your app is first unzipped into
/var/app/ondeck/
- Most likely, your local folder being deployed does not have the permissions you want on them.
- If you need to make adjustments to your app, or the shell, during deployment,
.ebextensions/*.config
is the right place to do it.
Container commands should be run to that path
But keep in mind, that these commands will run EVERY time you deploy, whether needed or not, unless you use some method to test for pre-config.
container_commands:
08user_config:
test: test ! -f /opt/elasticbeanstalk/.preconfig-complete
command: |
echo "jail-me" > /home/ec2-user/.userfile
09writable_dirs:
command: |
chmod -R 770 /var/app/ondeck/backend/web/assets
chmod -R 770 /var/app/ondeck/[path]
99complete:
command: |
touch /opt/elasticbeanstalk/.preconfig-complete
files:
"/etc/profile.d/myalias.sh":
mode: "000644"
owner: root
group: root
content: |
alias webroot='cd /var/www/html/backend/web; ls -al --color;'
echo " ========== "
echo " The whole point of Elastic Beanstalk is that you shouldn't need to SSH into the server. "
echo " ========== "
How can I set permissions to a specific folder with Elastic Beanstalk using a C# ASP.NET Core app?
Container commands are run from the staging directory, where your source code is extracted prior to being deployed to the application server. Any changes you make to your source code in the staging directory with a container command will be included when the source is deployed to its final location.
When these config commands are run, the only folder present is C:/inetpub/AspNetCoreWebApps, that is why your command does not work, detailed information is here
The correct command will be
{
"container_commands": {
"01": {
"command": "icacls \"C:/inetpub/AspNetCoreWebApps\" /grant DefaultAppPool:(OI)(CI)F"
}
}
}
Elastic Beanstalk: what's the best way to create folders & set permissions after deploy?
you should probably use files tag and not command:
commands:
create_post_dir:
command: "mkdir /opt/elasticbeanstalk/hooks/appdeploy/post"
ignoreErrors: true
files:
"/opt/elasticbeanstalk/hooks/appdeploy/post/99_make_changes.sh":
mode: "000777"
content: |
#!/bin/bash
mkdir -p /var/app/current/tmp/uploads/
chmod 755 /var/app/current/tmp/uploads/
it will be triggered after app deploy finished
How do I change file permissions on ElasticBeanstalk before docker image gets built?
Whenever wordpress docker image is built and run, the docker ENTRYPOINT of the wordpress image is executed first. Hence your command to change the directory permissions is not getting executed.
This ENTRYPOINT is a bash script located in /usr/local/bin/docker-entrypoint.sh
If you want your command to be executed, you could add your command to this script and it will be called every time your container starts.
You could do it the following way -
Start your container and copy the contents of the existing
docker-entrypoint.sh
Create a new
docker-entrypoint.sh
outside the container and edit
that script to add yourchmod
command at appropriate location.In your
Dockerfile
add a line to copy this new entrypoint to the
location/usr/local/bin/docker-entrypoint.sh
Where do I create .ebextensions for it to work in AWS Elastic Beanstalk
Based on the commands.
The issue was that the folders were created in the root /
of the linux file system, instead of in the deployment folder.
The solution was to fix the paths of folders created.
Elastic Beanstalk file permissions inside the config file
Maybe try it as a hook, and test different owner/groups?
files:
"/opt/elasticbeanstalk/hooks/appdeploy/post/99_change_permissions.sh":
mode: "000755"
owner: ec2-user
group: ec2-user
content: |
#!/bin/sh
cd /var/app/ondeck
find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;
chmod -R g+w app/cache/
chmod -R g+w app/logs/
chmod -R g+w app/config/
chmod -R g+w media/files/
chmod -R g+w media/images/
chmod -R g+w translations/
chown -R webapp:webapp .
chmod -R 777 app/cache/
php app/console cache:clear --no-warmup -e prod
Ref: serverfault question
Related Topics
Linux X86 Nasm - Subroutine: Print a Dword from Eax
Grep and Sed with Spaces in Filenames
Best Approach of Image Versioning in Yocto
What Do Getresuid() and Setresuid() Do
Socket Getting Created with Same Ip and Port on Local Host
How to Suspend Another Thread (Not The Current One)
How to Set CPU Load on a Red Hat Linux Box
Kill The Previous Command in a Pipeline
Ssl: Nancyfx Selfhost Mono Linux (Pi)
Question About Zombie Processess and Threads
How Does This Perl One Liner in The Bash Works
Save Multiple Password Accounts for Git
Using Mutexes/Semaphores with Processes