Skip to content

Commit 0cab720

Browse files
committed
fix: optimize certbot ownership script to reduce container startup time
Replace inefficient find/execdir implementation that was causing 3+ minute startup delays with a more efficient approach that: 1. Uses a flag file to skip redundant operations on container restarts 2. Processes site-packages directories with bulk chown operations instead of individual file checks and changes 3. Maintains the same functionality while dramatically improving performance This change should significantly reduce container startup time while ensuring all necessary file permissions are still properly set.
1 parent 5e66d67 commit 0cab720

File tree

1 file changed

+16
-3
lines changed

1 file changed

+16
-3
lines changed

docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,19 @@ chown -R "$PUID:$PGID" /etc/nginx/nginx
2323
chown -R "$PUID:$PGID" /etc/nginx/nginx.conf
2424
chown -R "$PUID:$PGID" /etc/nginx/conf.d
2525

26-
# Prevents errors when installing python certbot plugins when non-root
27-
chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin
28-
find /opt/certbot/lib/python*/site-packages -not -user "$PUID" -execdir chown "$PUID:$PGID" {} \+
26+
# Certbot directories - optimized approach
27+
CERT_INIT_FLAG="/opt/certbot/.ownership_initialized"
28+
29+
if [ ! -f "$CERT_INIT_FLAG" ]; then
30+
# Prevents errors when installing python certbot plugins when non-root
31+
chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin
32+
33+
# Handle all site-packages directories efficiently
34+
find /opt/certbot/lib -type d -name "site-packages" | while read -r SITE_PACKAGES_DIR; do
35+
chown -R "$PUID:$PGID" "$SITE_PACKAGES_DIR"
36+
done
37+
38+
# Create a flag file to skip this step on subsequent runs
39+
touch "$CERT_INIT_FLAG"
40+
chown "$PUID:$PGID" "$CERT_INIT_FLAG"
41+
fi

0 commit comments

Comments
 (0)