Mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2024-10-31 22:40:01 +00:00
Code Issues Projects Releases Packages Wiki Activity

[bugfix/docs] AppArmor profile for SQLite (#1864)

Browse source 
Our default configuration places the SQLite DB in /gotosocial/, but the
AppArmor profile doesn't allow us to write there. Instead of making the
whole directory writable, add a writable area in /gotosocial/db/ instead
and advise in the docs to move the DB there.
This commit is contained in:
Daenney 2023-06-04 18:55:57 +02:00 committed by GitHub
parent 97bc2e713a
commit 45773a0bf4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
docs/installation_guide/advanced.md
View file

@ -256,6 +256,9 @@ line under `[Service]`:
AppArmorProfile=gotosocial
```
If you're using SQLite, the AppArmor profile expects the database in
`/gotosocial/db/` so you'll need to adjust your configuration paths accordingly.
For other deployment methods (e.g. a managed Kubernetes cluster), you should
review your platform's documentation for how to deploy an application with an
AppArmor profile.

1
example/apparmor/gotosocial
View file

@ -9,6 +9,7 @@ profile gotosocial flags=(attach_disconnected, mediate_deleted) {
/usr/local/bin/gotosocial mrix,
owner /gotosocial/{,**} r,
owner /gotosocial/db/* wk,
owner /gotosocial/storage/** wk,
# Allow GoToSocial to write logs