You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
feat: implement non-root Docker container to fix file ownership issues
- Add configurable UID/GID build arguments (defaults to 1000)
- Create non-root user (appuser) with proper directory ownership
- Switch container execution to non-root user for improved security
- Update all documentation references from /root/.basic-memory to /app/.basic-memory
- Add comprehensive examples for custom UID/GID usage
- Remove outdated chmod permission workarounds
- Improve security documentation to reflect non-root benefits
Fixes file ownership issues when using basic-memory with Docker and Obsidian,
where files were previously created as root and couldn't be modified by users.
Co-authored-by: Paul Hernandez <phernandez@users.noreply.github.com>
Ensure your knowledge directories have proper permissions:
187
+
The Docker container now runs as a non-root user to avoid file ownership issues. By default, the container uses UID/GID 1000, but you can customize this to match your user:
The container runs as root for simplicity. For production, consider additional security measures.
277
+
The container runs as a non-root user (UID/GID 1000 by default) for improved security. You can customize the user ID using build arguments to match your local user.
247
278
248
279
2. **Volume Permissions:**
249
-
Ensure mounted directories have appropriate permissions and don't expose sensitive data.
280
+
Ensure mounted directories have appropriate permissions and don't expose sensitive data. With the non-root container, files will be created with the specified user ownership.
250
281
251
282
3. **Network Security:**
252
283
If using HTTP transport, consider using reverse proxy with SSL/TLS and authentication if the endpoint is available on
@@ -288,7 +319,7 @@ For Docker-specific issues:
288
319
1. Check the [troubleshooting section](#troubleshooting) above
0 commit comments