login

Author: GitTimeraider

Dockerfile

@@ -38,4 +38,5 @@ VOLUME ["/app/data"]
 EXPOSE 5000
 
 ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
-CMD ["gunicorn", "--bind", "0.0.0.0:5000", "--workers", "2", "--threads", "4", "--access-logfile", "-", "--error-logfile", "-", "app.main:create_app()"]
+# Use --preload so that db.create_all runs once before forking workers (avoids SQLite lock/race)
+CMD ["gunicorn", "--preload", "--bind", "0.0.0.0:5000", "--workers", "2", "--threads", "4", "--access-logfile", "-", "--error-logfile", "-", "app.main:create_app()"]

README.md

@@ -63,7 +63,10 @@ Access the application at `http://localhost:5000`
 | `SECRET_KEY` | Flask secret key for session encryption | ✅ | \- | `your-secret-key-here` |
 | `USER_UID` | User ID for container process | ❌ | `1000` | `1001` |
 | `USER_GID` | Group ID for container process | ❌ | `1000` | `1001` |
-| `DATABASE_URL` | SQLAlchemy database URL | ❌ | `sqlite:///users.db` | `postgresql://...` |
+| `DATABASE_URL` | SQLAlchemy database URL | ❌ | `sqlite:////app/data/users.db` | `postgresql://...` |
+| `DATA_DIR` | Override data directory (SQLite, uploads) | ❌ | `/app/data` | `/data` |
+| `SESSION_COOKIE_SECURE` | Force secure cookies (set true in HTTPS) | ❌ | `false` | `true` |
+| `SESSION_LIFETIME_DAYS` | Session lifetime in days | ❌ | `1` | `7` |
 
 ## 📖 Usage
 

app/config.py

@@ -1,23 +1,45 @@
 import os
 from datetime import timedelta
 
+# Resolve project paths
+BASE_APP_DIR = os.path.abspath(os.path.dirname(__file__))          # /app/app
+PROJECT_ROOT = os.path.abspath(os.path.join(BASE_APP_DIR, '..'))   # /app
+
+# Data directory (where the sqlite db will live by default)
+DEFAULT_DATA_DIR = os.path.join(PROJECT_ROOT, 'data')
+DATA_DIR = os.environ.get('DATA_DIR', DEFAULT_DATA_DIR)
+os.makedirs(DATA_DIR, exist_ok=True)
+
+def _bool(env_name: str, default: bool) -> bool:
+    val = os.environ.get(env_name)
+    if val is None:
+        return default
+    return val.strip().lower() in ('1', 'true', 'yes', 'on')
+
 class Config:
     # Core settings
     SECRET_KEY = os.environ.get('SECRET_KEY') or 'dev-secret-key-change-this'
-    SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL') or 'sqlite:///users.db'
+
+    # Default SQLite DB under /app/data (volume mount) unless DATABASE_URL provided
+    _default_sqlite_path = os.path.join(DATA_DIR, 'users.db')
+    SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL') or f'sqlite:///{_default_sqlite_path}'
     SQLALCHEMY_TRACK_MODIFICATIONS = False
 
     # Session configuration
     SESSION_COOKIE_HTTPONLY = True
-    SESSION_COOKIE_SAMESITE = 'Lax'
-    SESSION_COOKIE_SECURE = True  # Set to True if using HTTPS
-    PERMANENT_SESSION_LIFETIME = timedelta(days=1)  # 1 day session time
+    SESSION_COOKIE_SAMESITE = os.environ.get('SESSION_COOKIE_SAMESITE', 'Lax')
+    # Allow overriding secure flag for local HTTP testing (set SESSION_COOKIE_SECURE=false)
+    SESSION_COOKIE_SECURE = _bool('SESSION_COOKIE_SECURE', default=False)
+    PERMANENT_SESSION_LIFETIME = timedelta(days=int(os.environ.get('SESSION_LIFETIME_DAYS', '1')))
 
     # JSON configuration
     JSON_AS_ASCII = False
     JSONIFY_PRETTYPRINT_REGULAR = True
 
-    # Optional settings
+    # Optional settings / environment
     LOG_LEVEL = os.environ.get('LOG_LEVEL', 'INFO')
     FLASK_ENV = os.environ.get('FLASK_ENV', 'production')
 
+    # Expose data dir path for other modules if needed
+    DATA_DIR = DATA_DIR
+

app/main.py

@@ -271,30 +271,34 @@ def handle_exception(error):
 
     # ===== Database Initialization =====
 
-    with app.app_context():
-        # Create all tables
-        db.create_all()
+    # Ensure DB initialization only once (important with multi-worker if --preload not used)
+    if not app.config.get('_DB_INITIALIZED', False):
+        with app.app_context():
+            print(f"Initializing database at URI: {app.config['SQLALCHEMY_DATABASE_URI']}")
+            db.create_all()
+
+            # Create default admin user only if no administrators exist
+            admin_count = User.query.filter_by(is_admin=True).count()
+            if admin_count == 0:
+                # No administrators exist, create default admin user
+                admin_user = User(username='admin', is_admin=True)
+                admin_user.set_password('changeme')  # Default password
+                db.session.add(admin_user)
+                try:
+                    db.session.commit()
+                    print("=" * 50)
+                    print("Default admin user created!")
+                    print("Username: admin")
+                    print("Password: changeme")
+                    print("PLEASE CHANGE THIS PASSWORD IMMEDIATELY!")
+                    print("=" * 50)
+                except Exception as e:
+                    print(f"Error creating admin user: {e}")
+                    db.session.rollback()
+            else:
+                print(f"Found {admin_count} administrator(s) - skipping default admin creation")
 
-        # Create default admin user only if no administrators exist
-        admin_count = User.query.filter_by(is_admin=True).count()
-        if admin_count == 0:
-            # No administrators exist, create default admin user
-            admin_user = User(username='admin', is_admin=True)
-            admin_user.set_password('changeme')  # Default password
-            db.session.add(admin_user)
-            try:
-                db.session.commit()
-                print("=" * 50)
-                print("Default admin user created!")
-                print("Username: admin")
-                print("Password: changeme")
-                print("PLEASE CHANGE THIS PASSWORD IMMEDIATELY!")
-                print("=" * 50)
-            except Exception as e:
-                print(f"Error creating admin user: {e}")
-                db.session.rollback()
-        else:
-            print(f"Found {admin_count} administrator(s) - skipping default admin creation")
+            app.config['_DB_INITIALIZED'] = True
 
     # ===== Additional App Configuration =====