fix: detect Docker socket GID for container permissions

The Docker socket group varies by host (e.g., GID 1001 on WSL2). Hardcoding group_add: ["0"] doesn't work when the socket is owned by a different group. The installer now detects the socket GID at install time via stat. The main docker-compose.yml uses a configurable DOCKER_GID env var (defaults to 0). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-13 18:39:20 +02:00
parent 4fe642b91d
commit 8b9045b0e2
3 changed files with 12 additions and 3 deletions
--- a/installer/install.sh
+++ b/installer/install.sh
@@ -649,6 +649,7 @@ TENANT_ORG_NAME=${TENANT_ORG_NAME:-}

 # Docker
 DOCKER_SOCKET=${DOCKER_SOCKET}
+DOCKER_GID=$(stat -c '%g' "${DOCKER_SOCKET}" 2>/dev/null || echo "0")

 # Provisioning images
 CAMELEER_SAAS_PROVISIONING_SERVERIMAGE=${REGISTRY}/cameleer3-server:${VERSION}
@@ -881,11 +882,16 @@ EOF
    echo "      - ${MONITORING_NETWORK}" >> "$f"
  fi

-  cat >> "$f" << 'EOF'
+  # Detect Docker socket GID for container access
+  local docker_gid
+  docker_gid=$(stat -c '%g' "${DOCKER_SOCKET:-/var/run/docker.sock}" 2>/dev/null || echo "0")
+  cat >> "$f" << EOF
    group_add:
-      - "0"
+      - "${docker_gid}"

 volumes:
+EOF
+  cat >> "$f" << 'EOF'
  pgdata:
  chdata:
  certs: