From 8fe5dcfafb28f8d113f7f0bad5332d1a75707558 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Wed, 24 Jan 2024 09:11:12 +1100
Subject: [PATCH] fix(docker): SELinux volume labels (#6330) (#6331)

When mounting volumes into containers with SELinux
enabled on the host the z option must be specified

(cherry picked from commit 0a94758d636297832f7374be16dfa6c1a2d7f23b)

Co-authored-by: Philipp Fruck <dev@p-fruck.de>
---
 docker/production/docker-compose.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/docker/production/docker-compose.yml b/docker/production/docker-compose.yml
index 8adee6302c..60650a8673 100644
--- a/docker/production/docker-compose.yml
+++ b/docker/production/docker-compose.yml
@@ -48,7 +48,7 @@ services:
             - POSTGRES_DB=${INVENTREE_DB_NAME:?You must provide the 'INVENTREE_DB_NAME' variable in the .env file}
         volumes:
             # Map 'data' volume such that postgres database is stored externally
-            - inventree_data:/var/lib/postgresql/data/
+            - inventree_data:/var/lib/postgresql/data/:z
         restart: unless-stopped
 
     # redis acts as database cache manager
@@ -82,7 +82,7 @@ services:
             - .env
         volumes:
             # Data volume must map to /home/inventree/data
-            - inventree_data:/home/inventree/data
+            - inventree_data:/home/inventree/data:z
         restart: unless-stopped
 
     # Background worker process handles long-running or periodic tasks
@@ -96,7 +96,7 @@ services:
             - .env
         volumes:
             # Data volume must map to /home/inventree/data
-            - inventree_data:/home/inventree/data
+            - inventree_data:/home/inventree/data:z
         restart: unless-stopped
 
     # nginx acts as a reverse proxy
@@ -116,9 +116,9 @@ services:
         volumes:
             # Provide nginx configuration file to the container
             # Refer to the provided example file as a starting point
-            - ./nginx.prod.conf:/etc/nginx/conf.d/default.conf:ro
+            - ./nginx.prod.conf:/etc/nginx/conf.d/default.conf:ro,z
             # nginx proxy needs access to static and media files
-            - inventree_data:/var/www
+            - inventree_data:/var/www:z
         restart: unless-stopped
 
 volumes: