From 0cab720f235d84e865f284cca33e9389d9a5faa2 Mon Sep 17 00:00:00 2001 From: Aditya Date: Sun, 20 Apr 2025 20:38:54 +1000 Subject: [PATCH] fix: optimize certbot ownership script to reduce container startup time Replace inefficient find/execdir implementation that was causing 3+ minute startup delays with a more efficient approach that: 1. Uses a flag file to skip redundant operations on container restarts 2. Processes site-packages directories with bulk chown operations instead of individual file checks and changes 3. Maintains the same functionality while dramatically improving performance This change should significantly reduce container startup time while ensuring all necessary file permissions are still properly set. --- .../s6-rc.d/prepare/30-ownership.sh | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index 378cc9caa..17bfa1a95 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -23,6 +23,19 @@ chown -R "$PUID:$PGID" /etc/nginx/nginx chown -R "$PUID:$PGID" /etc/nginx/nginx.conf chown -R "$PUID:$PGID" /etc/nginx/conf.d -# Prevents errors when installing python certbot plugins when non-root -chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin -find /opt/certbot/lib/python*/site-packages -not -user "$PUID" -execdir chown "$PUID:$PGID" {} \+ +# Certbot directories - optimized approach +CERT_INIT_FLAG="/opt/certbot/.ownership_initialized" + +if [ ! -f "$CERT_INIT_FLAG" ]; then + # Prevents errors when installing python certbot plugins when non-root + chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin + + # Handle all site-packages directories efficiently + find /opt/certbot/lib -type d -name "site-packages" | while read -r SITE_PACKAGES_DIR; do + chown -R "$PUID:$PGID" "$SITE_PACKAGES_DIR" + done + + # Create a flag file to skip this step on subsequent runs + touch "$CERT_INIT_FLAG" + chown "$PUID:$PGID" "$CERT_INIT_FLAG" +fi \ No newline at end of file