CODEWITHSUNDEEP
linuxamazon-web-servicesamazon-ec2amazon-elastic-beanstalk
terreb
terreb

Reputation: 1467

How to set folder permissions for a particular container on Elastic Beanstalk

I have troubles setting permissions for a web folder on Elastic Beanstalk. I run multiple containers using custom docker images in one instance: apache-php, mysql, memcached, etc.. For the container "apache-php" I map a folder with my yii2 application to /var/www/html/.

When I manually make a bundle and do upload / deploy via Elastic Beanstalk console I sure have right permissions for the folder and everything works fine.

Now, when I deploy the app using "eb deploy", it drops all permissions and I get a server error and "The directory is not writable by the Web process: /var/www/html/backend/web/assets" in logs.

I can connect via ssh and set necessary permissions manually, but sure this is not convenient, since needs to be done every time I re-deploy the app.

So, my questions is what is the best way to automatically set permission for particular folder in particular container on Elastic Beanstalk?

Perhaps, I can use .ebextensions, but I didn't find how to run "container_commands" for particular container.

Upvotes: 8

Views: 14365

Answers (2)

Tony Chiboucas
Tony Chiboucas

Reputation: 5683

AWS EB Deployment starts your app in /var/app/ondeck

  1. When deploying elastic beanstalk, your app is first unzipped into /var/app/ondeck/
    • Most likely, your local folder being deployed does not have the permissions you want on them.
  2. If you need to make adjustments to your app, or the shell, during deployment, .ebextensions/*.config is the right place to do it.

Container commands should be run to that path

But keep in mind, that these commands will run EVERY time you deploy, whether needed or not, unless you use some method to test for pre-config.

container_commands:
  08user_config:
    test: test ! -f  /opt/elasticbeanstalk/.preconfig-complete
    command: |
      echo "jail-me" > /home/ec2-user/.userfile
  09writable_dirs:
    command: |
       chmod -R 770 /var/app/ondeck/backend/web/assets
       chmod -R 770 /var/app/ondeck/[path]
  99complete:
    command: |
      touch /opt/elasticbeanstalk/.preconfig-complete

files:
  "/etc/profile.d/myalias.sh":
    mode: "000644"
    owner: root
    group: root
    content: |
      alias webroot='cd /var/www/html/backend/web; ls -al --color;'
      echo " ========== "
      echo " The whole point of Elastic Beanstalk is that you shouldn't need to SSH into the server. "
      echo " ========== "

Upvotes: 17

Rohit Banga
Rohit Banga

Reputation: 18918

Yes you should use ebextensions.

Create a folder in your app source root called .ebextensions. Create a file with a .config extension say 01-folder-permissions.config. Files are processed in lexicographical order of their name.

Contents of the file can be:

container_commands:
    change_permissions:
        command: chmod 777 /var/www/some-folder

Replace with appropriate folder and permissions. Read about container commands here.

Upvotes: -2

Related Questions