[bugfix/docs] AppArmor profile for SQLite (#1864)
Our default configuration places the SQLite DB in /gotosocial/, but the AppArmor profile doesn't allow us to write there. Instead of making the whole directory writable, add a writable area in /gotosocial/db/ instead and advise in the docs to move the DB there.
This commit is contained in:
parent
c4905ef728
commit
d9d0c66899
|
@ -256,6 +256,9 @@ line under `[Service]`:
|
|||
AppArmorProfile=gotosocial
|
||||
```
|
||||
|
||||
If you're using SQLite, the AppArmor profile expects the database in
|
||||
`/gotosocial/db/` so you'll need to adjust your configuration paths accordingly.
|
||||
|
||||
For other deployment methods (e.g. a managed Kubernetes cluster), you should
|
||||
review your platform's documentation for how to deploy an application with an
|
||||
AppArmor profile.
|
||||
|
|
|
@ -9,6 +9,7 @@ profile gotosocial flags=(attach_disconnected, mediate_deleted) {
|
|||
/usr/local/bin/gotosocial mrix,
|
||||
|
||||
owner /gotosocial/{,**} r,
|
||||
owner /gotosocial/db/* wk,
|
||||
owner /gotosocial/storage/** wk,
|
||||
|
||||
# Allow GoToSocial to write logs
|
||||
|
|
Loading…
Reference in New Issue