I am very new to Docker and a not-so-fast learner, so please be gentle with me.
I searched this forum and other places before posting this question but couldn’t find an answer; although I suspect that it is out there somewhere, since this is rather a fundamental issue.
I created two containers with docker file and docker compose, and one of them is the php7-apache container (the other one is postgresql). My yaml file contains a volume on the host machine, specifically /home/user/http directory that targets the /var/www/html directory in the container. Now the host machine runs Arch linux and the container is debian-based. I have a file that contains the postgresql database user and password information. I don’t like having this file in the web root directory but I am not sure where else to put it for my php scripts to be able to read it. One option I could think of was to limit its read permissions, and that is the root of my problem.
Since arch linux (host) doesn’t have a www-data user, I created this system user and converted ownership all files in the /home/user/http directory (web root) to this user, thinking that this was the user that runs apache in the container. However, this did not allow the web server be able to read these files, unless there is read permission set for other users. In other words, chmod 600 doesn’t work and only chmod 644 works, although the owner of the file is www-data. It makes me think that the web server in the container has a different user name, or it is somehow modified in the host machine and that is creating this discrepancy but I cannot put my finger on it. Who should be the appropriate owner of these files? Any pointers will be greatly appreciated to find a solution to this problem.