From e7be75a4b7e68498bb92bfc28d15e34e5e499565 Mon Sep 17 00:00:00 2001 From: Alf Eaton Date: Wed, 10 Mar 2021 22:36:33 +0000 Subject: [PATCH 01/11] Update README.md --- services/clsi/README.md | 69 ++++++++++++++++++++++++++--------------- 1 file changed, 44 insertions(+), 25 deletions(-) diff --git a/services/clsi/README.md b/services/clsi/README.md index 02cd0a470f..2cc946cb50 100644 --- a/services/clsi/README.md +++ b/services/clsi/README.md @@ -5,7 +5,7 @@ A web api for compiling LaTeX documents in the cloud The Common LaTeX Service Interface (CLSI) provides a RESTful interface to traditional LaTeX tools (or, more generally, any command line tool for composing marked-up documents into a display format such as PDF or HTML). The CLSI listens on the following ports by default: -* TCP/3009 - the RESTful interface +* TCP/3013 - the RESTful interface * TCP/3048 - reports load information * TCP/3049 - HTTP interface to control the CLSI service @@ -33,25 +33,41 @@ Installation The CLSI can be installed and set up as part of the entire [Overleaf stack](https://github.com/overleaf/overleaf) (complete with front end editor and document storage), or it can be run as a standalone service. To run is as a standalone service, first checkout this repository: $ git clone git@github.com:overleaf/clsi.git - + Then install the require npm modules: $ npm install - -Then compile the coffee script source files: - $ grunt install - -Finally, (after configuring your local database - see the Config section), run the CLSI service: +Then build the Docker image: + + $ docker build . -t overleaf/clsi + +Then pull the TeXLive image: + + $ docker pull texlive/texlive + +Then start the Docker container: + + $ docker run --rm \ + -p 127.0.0.1:3013:3013 \ + -e LISTEN_ADDRESS=0.0.0.0 \ + -e DOCKER_RUNNER=true \ + -e TEXLIVE_IMAGE=texlive/texlive \ + -e TEXLIVE_IMAGE_USER=root \ + -e COMPILES_HOST_DIR="$PWD/compiles" \ + -v "$PWD/compiles:/app/compiles" \ + -v "$PWD/cache:/app/cache" \ + -v /var/run/docker.sock:/var/run/docker.sock \ + overleaf/clsi + +Note: if you're running the CLSI in macOS you may need to use `-v /var/run/docker.sock.raw:/var/run/docker.sock` instead. + +The CLSI should then be running at - $ grunt run - -The CLSI should then be running at http://localhost:3013. - Config ------ -You will need to set up a database in mysql to use with the CLSI, and then fill in the database name, username and password in the config file at `config/settings.development.coffee`. +The CLSI will use a SQLite database by default, but you can optionally set up a MySQL database and then fill in the database name, username and password in the config file at `config/settings.development.coffee`. API --- @@ -64,35 +80,38 @@ The CLSI is based on a JSON API. POST /project//compile -```javascript +```json5 { "compile": { "options": { // Which compiler to use. Can be latex, pdflatex, xelatex or lualatex "compiler": "lualatex", // How many seconds to wait before killing the process. Default is 60. - "timeout": 40 + "timeout": 40 }, // The main file to run LaTeX on - "rootResourcePath": "main.tex", + "rootResourcePath": "main.tex", // An array of files to include in the compilation. May have either the content // passed directly, or a URL where it can be downloaded. - "resources": [{ + "resources": [ + { "path": "main.tex", "content": "\\documentclass{article}\n\\begin{document}\nHello World\n\\end{document}" - }, { - "path": "image.png", - "url": "www.example.com/image.png", - "modified": 123456789 // Unix time since epoch - }] + } + // ,{ + // "path": "image.png", + // "url": "www.example.com/image.png", + // "modified": 123456789 // Unix time since epoch + // } + ] } } ``` -With `curl`, if you place the above json in a file called `data.json`, the request would look like this: +With `curl`, if you place the above JSON in a file called `data.json`, the request would look like this: ``` shell -$ curl -X POST -d @data.json localhost:3013/project//compile +$ curl -X POST -H 'Content-Type: application/json' -d @data.json http://localhost:3013/project//compile ``` You can specify any project-id in the URL, and the files and LaTeX environment will be persisted between requests. @@ -100,7 +119,7 @@ URLs will be downloaded and cached until provided with a more recent modified da #### Example Response -```javascript +```json { "compile": { "status": "success", @@ -120,4 +139,4 @@ License The code in this repository is released under the GNU AFFERO GENERAL PUBLIC LICENSE, version 3. A copy can be found in the `LICENSE` file. -Copyright (c) Overleaf, 2014-2019. +Copyright (c) Overleaf, 2014-2021. From 9c596fb17dd17916948d45fb390ad4df9817be6c Mon Sep 17 00:00:00 2001 From: Alf Eaton Date: Wed, 10 Mar 2021 22:38:34 +0000 Subject: [PATCH 02/11] Update README.md --- services/clsi/README.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/services/clsi/README.md b/services/clsi/README.md index 2cc946cb50..f8f4ef3abf 100644 --- a/services/clsi/README.md +++ b/services/clsi/README.md @@ -34,10 +34,6 @@ The CLSI can be installed and set up as part of the entire [Overleaf stack](http $ git clone git@github.com:overleaf/clsi.git -Then install the require npm modules: - - $ npm install - Then build the Docker image: $ docker build . -t overleaf/clsi From f38cef6e569f38a15fccedcb832cf5bcf56877ea Mon Sep 17 00:00:00 2001 From: Alf Eaton <75253002+aeaton-overleaf@users.noreply.github.com> Date: Thu, 11 Mar 2021 11:50:47 +0000 Subject: [PATCH 03/11] Change settings file .coffee to .js --- services/clsi/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/clsi/README.md b/services/clsi/README.md index f8f4ef3abf..c4c1eabf0e 100644 --- a/services/clsi/README.md +++ b/services/clsi/README.md @@ -9,7 +9,7 @@ The Common LaTeX Service Interface (CLSI) provides a RESTful interface to tradit * TCP/3048 - reports load information * TCP/3049 - HTTP interface to control the CLSI service -These defaults can be modified in `config/settings.defaults.coffee`. +These defaults can be modified in `config/settings.defaults.js`. The provided `Dockerfile` builds a docker image which has the docker command line tools installed. The configuration in `docker-compose-config.yml` mounts the docker socket, in order that the CLSI container can talk to the docker host it is running in. This allows it to spin up `sibling containers` running an image with a TeX distribution installed to perform the actual compiles. @@ -63,7 +63,7 @@ The CLSI should then be running at Config ------ -The CLSI will use a SQLite database by default, but you can optionally set up a MySQL database and then fill in the database name, username and password in the config file at `config/settings.development.coffee`. +The CLSI will use a SQLite database by default, but you can optionally set up a MySQL database and then fill in the database name, username and password in the config file at `config/settings.development.js`. API --- From 17a83bc1698f5dc58d48a3fa3aa67094337e2868 Mon Sep 17 00:00:00 2001 From: Christopher Hoskin Date: Tue, 16 Mar 2021 12:00:48 +0000 Subject: [PATCH 04/11] Expand list of environment variables --- services/clsi/README.md | 34 +++++++++++++++++++++++----------- 1 file changed, 23 insertions(+), 11 deletions(-) diff --git a/services/clsi/README.md b/services/clsi/README.md index c4c1eabf0e..6f67355ba0 100644 --- a/services/clsi/README.md +++ b/services/clsi/README.md @@ -15,17 +15,29 @@ The provided `Dockerfile` builds a docker image which has the docker command lin The CLSI can be configured through the following environment variables: - * `DOCKER_RUNNER` - Set to true to use sibling containers - * `SYNCTEX_BIN_HOST_PATH` - Path to SyncTeX binary - * `COMPILES_HOST_DIR` - Working directory for LaTeX compiles - * `SQLITE_PATH` - Path to SQLite database - * `TEXLIVE_IMAGE` - The TEXLIVE docker image to use for sibling containers, e.g. `gcr.io/overleaf-ops/texlive-full:2017.1` - * `TEXLIVE_IMAGE_USER` - When using sibling containers, the user to run as in the TEXLIVE image. Defaults to `tex` - * `TEX_LIVE_IMAGE_NAME_OVERRIDE` - The name of the registry for the docker image e.g. `gcr.io/overleaf-ops` - * `FILESTORE_DOMAIN_OVERRIDE` - The url for the filestore service e.g.`http://$FILESTORE_HOST:3009` - * `STATSD_HOST` - The address of the Statsd service (used by the metrics module) - * `LISTEN_ADDRESS` - The address for the RESTful service to listen on. Set to `0.0.0.0` to listen on all network interfaces - * `SMOKE_TEST` - Whether to run smoke tests +* `ALLOWED_COMPILE_GROUPS` +* `ALLOWED_IMAGES` +* `CATCH_ERRORS` +* `COMPILE_GROUP_DOCKER_CONFIGS` +* `COMPILES_HOST_DIR` - Working directory for LaTeX compiles +* `COMPILE_SIZE_LIMIT` +* `DOCKER_RUNNER` - Set to true to use sibling containers +* `DOCKER_RUNTIME` +* `FILESTORE_DOMAIN_OVERRIDE` - The url for the filestore service e.g.`http://$FILESTORE_HOST:3009` +* `FILESTORE_PARALLEL_FILE_DOWNLOADS` +* `FILESTORE_PARALLEL_SQL_QUERY_LIMIT` +* `LISTEN_ADDRESS` - The address for the RESTful service to listen on. Set to `0.0.0.0` to listen on all network interfaces +* `PROCESS_LIFE_SPAN_LIMIT_MS` +* `SENTRY_DSN` +* `SMOKE_TEST` - Whether to run smoke tests +* `SQLITE_PATH` - Path to SQLite database +* `SYNCTEX_BIN_HOST_PATH` - Path to SyncTeX binary +* `TEXLIVE_IMAGE` - The TEXLIVE docker image to use for sibling containers, e.g. `gcr.io/overleaf-ops/texlive-full:2017.1` +* `TEX_LIVE_IMAGE_NAME_OVERRIDE` - The name of the registry for the docker image e.g. `gcr.io/overleaf-ops` +* `TEXLIVE_IMAGE_USER` - When using sibling containers, the user to run as in the TEXLIVE image. Defaults to `tex` +* `TEXLIVE_OPENOUT_ANY` + +Further environment variables configure the [metrics module](https://github.com/overleaf/metrics-module) Installation ------------ From 0a89b6537c17161333b903f8d343bf26218488ad Mon Sep 17 00:00:00 2001 From: Christopher Hoskin Date: Tue, 16 Mar 2021 12:30:06 +0000 Subject: [PATCH 05/11] Fill in missing text for environment variables --- services/clsi/README.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/services/clsi/README.md b/services/clsi/README.md index 6f67355ba0..b82efa2be4 100644 --- a/services/clsi/README.md +++ b/services/clsi/README.md @@ -15,27 +15,27 @@ The provided `Dockerfile` builds a docker image which has the docker command lin The CLSI can be configured through the following environment variables: -* `ALLOWED_COMPILE_GROUPS` -* `ALLOWED_IMAGES` -* `CATCH_ERRORS` -* `COMPILE_GROUP_DOCKER_CONFIGS` +* `ALLOWED_COMPILE_GROUPS` - Space separated list of allowed compile groups +* `ALLOWED_IMAGES` - Space separated list of allowed Docker TeX Live images +* `CATCH_ERRORS` - Set to `true` to log uncaught exceptions +* `COMPILE_GROUP_DOCKER_CONFIGS` - JSON string of Docker configs for compile groups * `COMPILES_HOST_DIR` - Working directory for LaTeX compiles -* `COMPILE_SIZE_LIMIT` +* `COMPILE_SIZE_LIMIT` - Sets the body-parser [limit](https://github.com/expressjs/body-parser#limit) * `DOCKER_RUNNER` - Set to true to use sibling containers -* `DOCKER_RUNTIME` +* `DOCKER_RUNTIME` - * `FILESTORE_DOMAIN_OVERRIDE` - The url for the filestore service e.g.`http://$FILESTORE_HOST:3009` -* `FILESTORE_PARALLEL_FILE_DOWNLOADS` -* `FILESTORE_PARALLEL_SQL_QUERY_LIMIT` +* `FILESTORE_PARALLEL_FILE_DOWNLOADS` - Number of parallel file downloads +* `FILESTORE_PARALLEL_SQL_QUERY_LIMIT` - Number of parallel SQL queries * `LISTEN_ADDRESS` - The address for the RESTful service to listen on. Set to `0.0.0.0` to listen on all network interfaces -* `PROCESS_LIFE_SPAN_LIMIT_MS` -* `SENTRY_DSN` +* `PROCESS_LIFE_SPAN_LIMIT_MS` - Process life span limit in milliseconds +* `SENTRY_DSN` - Sentry [Data Source Name](https://docs.sentry.io/product/sentry-basics/dsn-explainer/) * `SMOKE_TEST` - Whether to run smoke tests * `SQLITE_PATH` - Path to SQLite database * `SYNCTEX_BIN_HOST_PATH` - Path to SyncTeX binary * `TEXLIVE_IMAGE` - The TEXLIVE docker image to use for sibling containers, e.g. `gcr.io/overleaf-ops/texlive-full:2017.1` * `TEX_LIVE_IMAGE_NAME_OVERRIDE` - The name of the registry for the docker image e.g. `gcr.io/overleaf-ops` * `TEXLIVE_IMAGE_USER` - When using sibling containers, the user to run as in the TEXLIVE image. Defaults to `tex` -* `TEXLIVE_OPENOUT_ANY` +* `TEXLIVE_OPENOUT_ANY` - Sets the `openout_any` environment variable for Tex Live Further environment variables configure the [metrics module](https://github.com/overleaf/metrics-module) From b8d0389a53d30c9ed20d8c18f726b5315a2f9ce0 Mon Sep 17 00:00:00 2001 From: Christopher Hoskin Date: Tue, 16 Mar 2021 15:29:53 +0000 Subject: [PATCH 06/11] README typos --- services/clsi/README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/services/clsi/README.md b/services/clsi/README.md index b82efa2be4..54f6e0a820 100644 --- a/services/clsi/README.md +++ b/services/clsi/README.md @@ -11,7 +11,7 @@ The Common LaTeX Service Interface (CLSI) provides a RESTful interface to tradit These defaults can be modified in `config/settings.defaults.js`. -The provided `Dockerfile` builds a docker image which has the docker command line tools installed. The configuration in `docker-compose-config.yml` mounts the docker socket, in order that the CLSI container can talk to the docker host it is running in. This allows it to spin up `sibling containers` running an image with a TeX distribution installed to perform the actual compiles. +The provided `Dockerfile` builds a Docker image which has the Docker command line tools installed. The configuration in `docker-compose-config.yml` mounts the Docker socket, in order that the CLSI container can talk to the Docker host it is running in. This allows it to spin up `sibling containers` running an image with a TeX distribution installed to perform the actual compiles. The CLSI can be configured through the following environment variables: @@ -32,10 +32,10 @@ The CLSI can be configured through the following environment variables: * `SMOKE_TEST` - Whether to run smoke tests * `SQLITE_PATH` - Path to SQLite database * `SYNCTEX_BIN_HOST_PATH` - Path to SyncTeX binary -* `TEXLIVE_IMAGE` - The TEXLIVE docker image to use for sibling containers, e.g. `gcr.io/overleaf-ops/texlive-full:2017.1` -* `TEX_LIVE_IMAGE_NAME_OVERRIDE` - The name of the registry for the docker image e.g. `gcr.io/overleaf-ops` -* `TEXLIVE_IMAGE_USER` - When using sibling containers, the user to run as in the TEXLIVE image. Defaults to `tex` -* `TEXLIVE_OPENOUT_ANY` - Sets the `openout_any` environment variable for Tex Live +* `TEXLIVE_IMAGE` - The TeX Live Docker image to use for sibling containers, e.g. `gcr.io/overleaf-ops/texlive-full:2017.1` +* `TEX_LIVE_IMAGE_NAME_OVERRIDE` - The name of the registry for the Docker image e.g. `gcr.io/overleaf-ops` +* `TEXLIVE_IMAGE_USER` - When using sibling containers, the user to run as in the TeX Live image. Defaults to `tex` +* `TEXLIVE_OPENOUT_ANY` - Sets the `openout_any` environment variable for TeX Live Further environment variables configure the [metrics module](https://github.com/overleaf/metrics-module) @@ -50,7 +50,7 @@ Then build the Docker image: $ docker build . -t overleaf/clsi -Then pull the TeXLive image: +Then pull the TeX Live image: $ docker pull texlive/texlive From 984766a9fb1e679e9ef2881bbae5ac7cb530c96a Mon Sep 17 00:00:00 2001 From: Alf Eaton Date: Thu, 18 Mar 2021 09:55:31 +0000 Subject: [PATCH 07/11] Make TEXLIVE_IMAGE_USER instruction macOS only --- services/clsi/README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/services/clsi/README.md b/services/clsi/README.md index 54f6e0a820..90dee749a9 100644 --- a/services/clsi/README.md +++ b/services/clsi/README.md @@ -61,14 +61,13 @@ Then start the Docker container: -e LISTEN_ADDRESS=0.0.0.0 \ -e DOCKER_RUNNER=true \ -e TEXLIVE_IMAGE=texlive/texlive \ - -e TEXLIVE_IMAGE_USER=root \ -e COMPILES_HOST_DIR="$PWD/compiles" \ -v "$PWD/compiles:/app/compiles" \ -v "$PWD/cache:/app/cache" \ -v /var/run/docker.sock:/var/run/docker.sock \ overleaf/clsi -Note: if you're running the CLSI in macOS you may need to use `-v /var/run/docker.sock.raw:/var/run/docker.sock` instead. +Note: if you're running the CLSI in macOS you may need to add `-e TEXLIVE_IMAGE_USER=root` and use `-v /var/run/docker.sock.raw:/var/run/docker.sock` instead. The CLSI should then be running at From 638e72295be476de7cbc44e1e916bbe30bbe0cb4 Mon Sep 17 00:00:00 2001 From: Christopher Hoskin Date: Fri, 19 Mar 2021 10:34:52 +0000 Subject: [PATCH 08/11] Add link to \openout primitive docs --- services/clsi/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/clsi/README.md b/services/clsi/README.md index 54f6e0a820..e822d92e2c 100644 --- a/services/clsi/README.md +++ b/services/clsi/README.md @@ -35,7 +35,7 @@ The CLSI can be configured through the following environment variables: * `TEXLIVE_IMAGE` - The TeX Live Docker image to use for sibling containers, e.g. `gcr.io/overleaf-ops/texlive-full:2017.1` * `TEX_LIVE_IMAGE_NAME_OVERRIDE` - The name of the registry for the Docker image e.g. `gcr.io/overleaf-ops` * `TEXLIVE_IMAGE_USER` - When using sibling containers, the user to run as in the TeX Live image. Defaults to `tex` -* `TEXLIVE_OPENOUT_ANY` - Sets the `openout_any` environment variable for TeX Live +* `TEXLIVE_OPENOUT_ANY` - Sets the `openout_any` environment variable for TeX Live (see the `\openout` primitive [documentation](http://tug.org/texinfohtml/web2c.html#tex-invocation)) Further environment variables configure the [metrics module](https://github.com/overleaf/metrics-module) From d4b4cb399a4681440ed7eee076d5a2d57161259f Mon Sep 17 00:00:00 2001 From: Alf Eaton Date: Fri, 19 Mar 2021 12:00:47 +0000 Subject: [PATCH 09/11] Revert "Make TEXLIVE_IMAGE_USER instruction macOS only" This reverts commit ab6fe228cadd3329885fdc60aea867d601579759. --- services/clsi/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/services/clsi/README.md b/services/clsi/README.md index 416d773f0a..e822d92e2c 100644 --- a/services/clsi/README.md +++ b/services/clsi/README.md @@ -61,13 +61,14 @@ Then start the Docker container: -e LISTEN_ADDRESS=0.0.0.0 \ -e DOCKER_RUNNER=true \ -e TEXLIVE_IMAGE=texlive/texlive \ + -e TEXLIVE_IMAGE_USER=root \ -e COMPILES_HOST_DIR="$PWD/compiles" \ -v "$PWD/compiles:/app/compiles" \ -v "$PWD/cache:/app/cache" \ -v /var/run/docker.sock:/var/run/docker.sock \ overleaf/clsi -Note: if you're running the CLSI in macOS you may need to add `-e TEXLIVE_IMAGE_USER=root` and use `-v /var/run/docker.sock.raw:/var/run/docker.sock` instead. +Note: if you're running the CLSI in macOS you may need to use `-v /var/run/docker.sock.raw:/var/run/docker.sock` instead. The CLSI should then be running at From 7e3edcee2c19012d9d25a85cca79c02abbf498b4 Mon Sep 17 00:00:00 2001 From: Alf Eaton Date: Fri, 19 Mar 2021 12:05:22 +0000 Subject: [PATCH 10/11] Add instructions for Linux --- services/clsi/README.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/services/clsi/README.md b/services/clsi/README.md index e822d92e2c..d8e189dc58 100644 --- a/services/clsi/README.md +++ b/services/clsi/README.md @@ -16,13 +16,13 @@ The provided `Dockerfile` builds a Docker image which has the Docker command lin The CLSI can be configured through the following environment variables: * `ALLOWED_COMPILE_GROUPS` - Space separated list of allowed compile groups -* `ALLOWED_IMAGES` - Space separated list of allowed Docker TeX Live images +* `ALLOWED_IMAGES` - Space separated list of allowed Docker TeX Live images * `CATCH_ERRORS` - Set to `true` to log uncaught exceptions * `COMPILE_GROUP_DOCKER_CONFIGS` - JSON string of Docker configs for compile groups * `COMPILES_HOST_DIR` - Working directory for LaTeX compiles * `COMPILE_SIZE_LIMIT` - Sets the body-parser [limit](https://github.com/expressjs/body-parser#limit) * `DOCKER_RUNNER` - Set to true to use sibling containers -* `DOCKER_RUNTIME` - +* `DOCKER_RUNTIME` - * `FILESTORE_DOMAIN_OVERRIDE` - The url for the filestore service e.g.`http://$FILESTORE_HOST:3009` * `FILESTORE_PARALLEL_FILE_DOWNLOADS` - Number of parallel file downloads * `FILESTORE_PARALLEL_SQL_QUERY_LIMIT` - Number of parallel SQL queries @@ -70,6 +70,13 @@ Then start the Docker container: Note: if you're running the CLSI in macOS you may need to use `-v /var/run/docker.sock.raw:/var/run/docker.sock` instead. +Note: if you're running the CLSI in Linux you may need to adjust the permissions of the `compiles` folder to match your local user: + +```shell +sudo chown -R $(whoami):root compiles/ +sudo chmod g+w -R compiles/ +``` + The CLSI should then be running at Config From 6ca016bb050d909162eff6e74461185587888531 Mon Sep 17 00:00:00 2001 From: Christopher Hoskin Date: Fri, 19 Mar 2021 14:32:54 +0000 Subject: [PATCH 11/11] Explain the situation with permissions on Linux --- services/clsi/README.md | 37 ++++++++++++++++++++++++++++++++----- 1 file changed, 32 insertions(+), 5 deletions(-) diff --git a/services/clsi/README.md b/services/clsi/README.md index d8e189dc58..302cb34932 100644 --- a/services/clsi/README.md +++ b/services/clsi/README.md @@ -66,18 +66,45 @@ Then start the Docker container: -v "$PWD/compiles:/app/compiles" \ -v "$PWD/cache:/app/cache" \ -v /var/run/docker.sock:/var/run/docker.sock \ + --name clsi \ overleaf/clsi Note: if you're running the CLSI in macOS you may need to use `-v /var/run/docker.sock.raw:/var/run/docker.sock` instead. -Note: if you're running the CLSI in Linux you may need to adjust the permissions of the `compiles` folder to match your local user: +The CLSI should then be running at -```shell -sudo chown -R $(whoami):root compiles/ -sudo chmod g+w -R compiles/ +Important note for Linux users +============================== + +The Node application runs as user `node` in the CLSI, which has uid `1000`. As a consequence of this, the `compiles` folder gets created on your host with `uid` and `gid` set to `1000`. +``` +ls -lnd compiles +drwxr-xr-x 2 1000 1000 4096 Mar 19 12:41 compiles ``` -The CLSI should then be running at +If there is a user/group on your host which also happens to have `uid` / `gid` `1000` then that user/group will have ownership of the compiles folder on your host. + +LaTeX runs in the sibling containers as the user specified in the `TEXLIVE_IMAGE_USER` environment variable. In the example above this is set to `root`, which has uid `0`. This creates a problem with the above permissions, as the root user does not have permission to write to subfolders of `compiles`. + +A quick fix is to give the `root` group ownership and read write permissions to `compiles`, with `setgid` set so that new subfolders also inherit this ownership: +``` +sudo chown -R 1000:root compiles +sudo chmod -R g+w compiles +sudo chmod g+s compiles +``` +Another solution is to create a `sharelatex` group and add both `root` and the user with `uid` `1000` to it. If the host does not have a user with that `uid`, you will need to create one first. +``` +sudo useradd --uid 1000 host-node-user # If required +sudo groupadd sharelatex +sudo usermod -a -G sharelatex root +sudo usermod -a -G sharelatex $(id -nu 1000) +sudo chown -R 1000:sharelatex compiles +sudo chmod -R g+w compiles +sudo chmod g+s compiles +``` + +This is a facet of the way docker works on Linux. See this [upstream issue](https://github.com/moby/moby/issues/7198) + Config ------