diff options
| author |  Daenney <daenney@users.noreply.github.com> | 2023-06-04 18:55:57 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2023-06-04 18:55:57 +0200 |
| commit | 45773a0bf441b6e8a9aa4f5abdef16a7085677e6 (patch) | |
| tree | b484cc6ab35b19eef560a37f5485c6fed09a3cbc | |
| parent | [chore] tidy + test timelines a bit better (#1865) (diff) | |
| download | gotosocial-45773a0bf441b6e8a9aa4f5abdef16a7085677e6.tar.xz | |
[bugfix/docs] AppArmor profile for SQLite (#1864)
Our default configuration places the SQLite DB in /gotosocial/, but the
AppArmor profile doesn't allow us to write there. Instead of making the
whole directory writable, add a writable area in /gotosocial/db/ instead
and advise in the docs to move the DB there.
| -rw-r--r-- | docs/installation_guide/advanced.md | 3 | ||||
| -rw-r--r-- | example/apparmor/gotosocial | 1 |
2 files changed, 4 insertions, 0 deletions
diff --git a/docs/installation_guide/advanced.md b/docs/installation_guide/advanced.md index 677ea47bc..ecd73fdbe 100644 --- a/docs/installation_guide/advanced.md +++ b/docs/installation_guide/advanced.md @@ -256,6 +256,9 @@ line under `[Service]`: AppArmorProfile=gotosocial ``` +If you're using SQLite, the AppArmor profile expects the database in +`/gotosocial/db/` so you'll need to adjust your configuration paths accordingly. + For other deployment methods (e.g. a managed Kubernetes cluster), you should review your platform's documentation for how to deploy an application with an AppArmor profile. diff --git a/example/apparmor/gotosocial b/example/apparmor/gotosocial index 341bfd205..40686194d 100644 --- a/example/apparmor/gotosocial +++ b/example/apparmor/gotosocial @@ -9,6 +9,7 @@ profile gotosocial flags=(attach_disconnected, mediate_deleted) { /usr/local/bin/gotosocial mrix, owner /gotosocial/{,**} r, + owner /gotosocial/db/* wk, owner /gotosocial/storage/** wk, # Allow GoToSocial to write logs |