From 7a370b1e029edce8d29743945c5cc7ab554d001d Mon Sep 17 00:00:00 2001 From: Serreau Jovann Date: Thu, 26 Mar 2026 10:53:28 +0100 Subject: [PATCH] Fix Docker socket access: add docker GID to PHP container group The PHP container user needs the docker group to read the socket. Uses DOCKER_GID env var in dev (defaults to 989) and dynamic GID detection via Ansible stat in prod. Co-Authored-By: Claude Opus 4.6 (1M context) --- ansible/deploy.yml | 9 +++++++++ ansible/docker-compose-prod.yml.j2 | 2 ++ docker-compose-dev.yml | 2 ++ 3 files changed, 13 insertions(+) diff --git a/ansible/deploy.yml b/ansible/deploy.yml index 1826b1f..95d1589 100644 --- a/ansible/deploy.yml +++ b/ansible/deploy.yml @@ -12,6 +12,15 @@ args: chdir: /var/www/e-ticket + - name: Get Docker socket GID + stat: + path: /var/run/docker.sock + register: docker_sock + + - name: Set docker_gid fact + set_fact: + docker_gid: "{{ docker_sock.stat.gid }}" + tasks: - name: Deploy .env.local template: diff --git a/ansible/docker-compose-prod.yml.j2 b/ansible/docker-compose-prod.yml.j2 index c1d82aa..691b5dc 100644 --- a/ansible/docker-compose-prod.yml.j2 +++ b/ansible/docker-compose-prod.yml.j2 @@ -8,6 +8,8 @@ services: deploy: replicas: 2 restart: unless-stopped + group_add: + - "{{ docker_gid }}" volumes: - .:/app - /var/run/docker.sock:/var/run/docker.sock:ro diff --git a/docker-compose-dev.yml b/docker-compose-dev.yml index 5a00627..2153f4a 100644 --- a/docker-compose-dev.yml +++ b/docker-compose-dev.yml @@ -5,6 +5,8 @@ services: dockerfile: Dockerfile container_name: e_ticket_php restart: unless-stopped + group_add: + - "${DOCKER_GID:-989}" volumes: - .:/app - /var/run/docker.sock:/var/run/docker.sock:ro