refactor: bind /proc and mount volumes with nsenter

2025-12-10 12:10:51 +01:00 · 2025-10-25 22:30:33 +02:00
parent 43e31596f1
commit a7bc1c2e7e
3 changed files with 10 additions and 13 deletions
--- a/apps/client/app/modules/repositories/tabs/snapshots.tsx
+++ b/apps/client/app/modules/repositories/tabs/snapshots.tsx
@@ -72,7 +72,7 @@ export const RepositorySnapshotsTabContent = ({ repository }: Props) => {
 		);
 	}
-	if (isLoading && !data) {
+	if (isLoading && !data && !error) {
 		return (
 			<Card>
 				<CardContent className="flex items-center justify-center py-12">
--- a/apps/server/src/modules/backends/utils/backend-utils.ts
+++ b/apps/server/src/modules/backends/utils/backend-utils.ts
@@ -9,7 +9,7 @@ import { logger } from "../../../utils/logger";
 const execFile = promisify(execFileCb);
 export const executeMount = async (args: string[]): Promise<void> => {
-	const { stderr } = await execFile("mount", args, {
+	const { stderr } = await execFile("nsenter", ["--mount=/host/proc/1/ns/mnt", "mount", ...args], {
 		timeout: OPERATION_TIMEOUT,
 		maxBuffer: 1024 * 1024,
 	});
@@ -20,7 +20,7 @@ export const executeMount = async (args: string[]): Promise<void> => {
 };
 export const executeUnmount = async (path: string): Promise<void> => {
-	const { stderr } = await execFile("umount", ["-l", "-f", path], {
+	const { stderr } = await execFile("nsenter", ["--mount=/host/proc/1/ns/mnt", "umount", "-l", "-f", path], {
 		timeout: OPERATION_TIMEOUT,
 		maxBuffer: 1024 * 1024,
 	});
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -6,19 +6,17 @@ services:
      target: development
    container_name: ironmount
    restart: unless-stopped
-    cap_add:
+    privileged: true
      - SYS_ADMIN
    environment:
      - NODE_ENV=development
    ports:
      - "4096:4097"
    devices:
      - /dev/fuse:/dev/fuse
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /run/docker/plugins:/run/docker/plugins
-      - /var/lib/ironmount/volumes/:/var/lib/ironmount/volumes:rshared
+      - /var/lib/ironmount/volumes/:/var/lib/ironmount/volumes:rslave
      - /var/lib/repositories/:/var/lib/repositories
      - /proc:/host/proc:ro
      - ironmount_data:/data
      - ./apps/client/app:/app/apps/client/app
@@ -31,16 +29,15 @@ services:
      target: production
    container_name: ironmount
    restart: unless-stopped
-    cap_add:
+    privileged: true
      - SYS_ADMIN
    ports:
      - "4096:4096"
    devices:
      - /dev/fuse:/dev/fuse
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /run/docker/plugins:/run/docker/plugins
-      - /var/lib/ironmount/volumes/:/var/lib/ironmount/volumes:rshared
+      - /var/lib/ironmount/volumes/:/var/lib/ironmount/volumes:rslave
      - /var/lib/repositories/:/var/lib/repositories
      - /proc:/host/proc:ro
      - ironmount_data:/data
 volumes: