diff --git a/backend/prisma/schema.prisma b/backend/prisma/schema.prisma index 6e01920..7c6582f 100644 --- a/backend/prisma/schema.prisma +++ b/backend/prisma/schema.prisma @@ -1,6 +1,6 @@ generator client { provider = "prisma-client-js" - binaryTargets = ["native", "linux-musl-openssl-3.0.x"] + binaryTargets = ["native", "linux-musl-openssl-3.0.x", "linux-musl-arm64-openssl-3.0.x"] } datasource db { diff --git a/backend/src/routes/autoEnrollmentRoutes.js b/backend/src/routes/autoEnrollmentRoutes.js index 48a3e1d..093aa2c 100644 --- a/backend/src/routes/autoEnrollmentRoutes.js +++ b/backend/src/routes/autoEnrollmentRoutes.js @@ -588,8 +588,11 @@ router.get("/script", async (req, res) => { // Check for --force parameter const force_install = req.query.force === "true" || req.query.force === "1"; + // Use bash for proxmox-lxc, sh for others + const shebang = script_type === "proxmox-lxc" ? "#!/bin/bash" : "#!/bin/sh"; + // Inject the token credentials, server URL, curl flags, and force flag into the script - const env_vars = `#!/bin/sh + const env_vars = `${shebang} # PatchMon Auto-Enrollment Configuration (Auto-generated) export PATCHMON_URL="${server_url}" export AUTO_ENROLLMENT_KEY="${token.token_key}" diff --git a/docker/backend.Dockerfile b/docker/backend.Dockerfile index 4d64190..cd8ec5c 100644 --- a/docker/backend.Dockerfile +++ b/docker/backend.Dockerfile @@ -10,8 +10,6 @@ ENV NODE_ENV=development \ RUN apk add --no-cache openssl tini curl libc6-compat -USER node - WORKDIR /app COPY --chown=node:node package*.json ./ @@ -20,7 +18,10 @@ COPY --chown=node:node agents ./agents_backup COPY --chown=node:node agents ./agents COPY --chmod=755 docker/backend.docker-entrypoint.sh ./entrypoint.sh -RUN npm install --workspace=backend --ignore-scripts && cd backend && npx prisma generate +USER node + +RUN npm install --workspace=backend --ignore-scripts && cd backend && npx prisma generate && \ + chmod -R u+w /app/node_modules/@prisma/engines 2>/dev/null || true EXPOSE 3001 @@ -66,8 +67,6 @@ ENV NODE_ENV=production \ RUN apk add --no-cache openssl tini curl libc6-compat -USER node - WORKDIR /app COPY --from=builder --chown=node:node /app/backend ./backend @@ -76,6 +75,14 @@ COPY --chown=node:node agents ./agents_backup COPY --chown=node:node agents ./agents COPY --chmod=755 docker/backend.docker-entrypoint.sh ./entrypoint.sh +# Ensure Prisma engines directory is writable for rootless Docker (Prisma 6.1.0+ requirement) +# This must be done as root before switching to node user +# Order: chown first (sets ownership), then chmod (sets permissions) +RUN chown -R node:node /app/node_modules/@prisma/engines && \ + chmod -R u+w /app/node_modules/@prisma/engines + +USER node + WORKDIR /app/backend EXPOSE 3001