From b294065674f08ffc4b746395c4f9b8cb503ae9b3 Mon Sep 17 00:00:00 2001
From: John Potts <john.m.e.potts@gmail.com>
Date: Fri, 14 Nov 2025 00:08:05 -0500
Subject: [PATCH 1/6] user and volume additions address permissions, depends_on
 should address a race condition

---
 docker-compose.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index 3617d8f..b6d88f5 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,6 +1,9 @@
 services:
   # Kos application container
   app:
+    depends_on: 
+      - db
+    user: app
     build: .
     ports:
       - 8000:8000
@@ -8,6 +11,7 @@ services:
       - "./:/app/"
       - /app/vendor # Use dependencies installed by composer during image building.
                     # Remove the above line to use the local `vendor` directory.
+      - /app
     networks:
       - data-network
 

From 68ecaad15425a74dfda73df1cd1f50add6e3bf28 Mon Sep 17 00:00:00 2001
From: John Potts <john.m.e.potts@gmail.com>
Date: Fri, 14 Nov 2025 01:11:11 -0500
Subject: [PATCH 2/6] changed the anonymous volume to just cover the logs
 directory

---
 docker-compose.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index b6d88f5..96f8064 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -11,7 +11,7 @@ services:
       - "./:/app/"
       - /app/vendor # Use dependencies installed by composer during image building.
                     # Remove the above line to use the local `vendor` directory.
-      - /app
+      - /app/storage/logs
     networks:
       - data-network
 

From ea3a0b8fc1a31e8a478d5492a415ac5ca485c13e Mon Sep 17 00:00:00 2001
From: John Potts <john.m.e.potts@gmail.com>
Date: Fri, 14 Nov 2025 01:20:28 -0500
Subject: [PATCH 3/6] fix for permissions on .env file

---
 README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/README.md b/README.md
index 99999f0..b3046a9 100644
--- a/README.md
+++ b/README.md
@@ -33,6 +33,12 @@ Create a copy of this file with the example extension removed.
 cp .env.example .env
 ```
 
+On linux, we need to adjust the permissions on the .env file. It seems that the proper way to do this would be to find the UID/GID of the user running the PHP process inside the container, then change the ownership of the .env file on the host machine. For now, chmod 777 works.
+
+```shell
+sudo chmod 777 .env
+```
+
 #### 2. Build Docker image
 Files provided in the repository are pre-configured to build Kos from the application source code previously cloned in the last step. The Kos Docker image is built in steps. Once each step completes, it's stored in a cache for later to speed up following builds.
 

From cfe69f98d89b16bb132d12b25b8c8a54dbdd2aeb Mon Sep 17 00:00:00 2001
From: John Potts <john.m.e.potts@gmail.com>
Date: Fri, 14 Nov 2025 01:23:48 -0500
Subject: [PATCH 4/6] trailing whitespace

---
 docker-compose.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index 96f8064..f686485 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,7 +1,7 @@
 services:
   # Kos application container
   app:
-    depends_on: 
+    depends_on:
       - db
     user: app
     build: .

From ffdd6145370defe76bde8083edca9e2c38f6b36b Mon Sep 17 00:00:00 2001
From: John Potts <john.m.e.potts@gmail.com>
Date: Thu, 26 Mar 2026 17:12:58 -0400
Subject: [PATCH 5/6] mounted required directories to fix permissions issue

---
 docker-compose.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index f686485..c2e7a9f 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -12,6 +12,8 @@ services:
       - /app/vendor # Use dependencies installed by composer during image building.
                     # Remove the above line to use the local `vendor` directory.
       - /app/storage/logs
+      - /app/storage/images
+      - /app/storage/framework
     networks:
       - data-network
 

From 1e495f1c53289c56c45d5b7c373a459c0369551d Mon Sep 17 00:00:00 2001
From: John Potts <john.m.e.potts@gmail.com>
Date: Thu, 26 Mar 2026 21:47:51 -0400
Subject: [PATCH 6/6] added caddy reverse proxy to access over https

---
 Caddyfile           |  4 ++++
 docker-compose.yaml | 18 ++++++++++++++++++
 2 files changed, 22 insertions(+)
 create mode 100644 Caddyfile

diff --git a/Caddyfile b/Caddyfile
new file mode 100644
index 0000000..b43ffd8
--- /dev/null
+++ b/Caddyfile
@@ -0,0 +1,4 @@
+https://172.16.18.19:443 {
+    tls internal 
+    reverse_proxy app:8000
+}
\ No newline at end of file
diff --git a/docker-compose.yaml b/docker-compose.yaml
index c2e7a9f..f25eac7 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -44,5 +44,23 @@ services:
     networks:
       - data-network
 
+  # Caddy for reverse proxy so that gatekeeper can connect over https
+  caddy:
+      image: caddy:latest
+      ports:
+        - "443:443"
+      volumes:
+        - ./Caddyfile:/etc/caddy/Caddyfile
+        - caddy_data:/data
+        - caddy_config:/config
+      networks:
+        - data-network
+      depends_on:
+        - app
+
 networks:
   data-network: {}
+
+volumes:
+  caddy_data: {}
+  caddy_config: {}