docker-rails-example
docker-rails-example copied to clipboard
nickjj
Build on DigitalOcean Droplet fails
Great Work Nick!
All works fine in development, however, launching on a DigitalOcean Droplet does not work.
- Version latestOS Ubuntu 22.04
- Software Included -- Docker CE --- 25.0.3 --- Apache 2 -- Docker Compose --- 2.17.2 --- Apache 2 -- Docker BuildX --- 0.12.1 --- Apache 2
Here is the output
✔ Network unicorn_new_default Created 0.4s
✔ Volume "unicorn_new_redis" Created 0.0s
✔ Volume "unicorn_new_postgres" Created 0.0s
✔ Container unicorn_new-redis-1 Created 0.8s
✔ Container unicorn_new-js-1 Created 0.8s
✔ Container unicorn_new-css-1 Created 0.8s
✔ Container unicorn_new-postgres-1 Created 0.8s
✔ Container unicorn_new-cable-1 Created 0.2s
✔ Container unicorn_new-web-1 Created 0.2s
✔ Container unicorn_new-worker-1 Created 0.2s
Attaching to cable-1, css-1, js-1, postgres-1, redis-1, web-1, worker-1
redis-1 | 1:C 17 Jun 2024 14:00:11.612 # WARNING Memory overcommit must be enabled! Without it, a background save or replication may fail under low memory condition. Being disabled, it can also cause failures without low memory condition, see https://github.com/jemalloc/jemalloc/issues/1328. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
redis-1 | 1:C 17 Jun 2024 14:00:11.613 * oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
redis-1 | 1:C 17 Jun 2024 14:00:11.614 * Redis version=7.2.5, bits=64, commit=00000000, modified=0, pid=1, just started
redis-1 | 1:C 17 Jun 2024 14:00:11.614 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
redis-1 | 1:M 17 Jun 2024 14:00:11.614 * monotonic clock: POSIX clock_gettime
redis-1 | 1:M 17 Jun 2024 14:00:11.624 * Running mode=standalone, port=6379.
redis-1 | 1:M 17 Jun 2024 14:00:11.628 * Server initialized
redis-1 | 1:M 17 Jun 2024 14:00:11.637 * Ready to accept connections tcp
postgres-1 | The files belonging to this database system will be owned by user "postgres".
postgres-1 | This user must also own the server process.
postgres-1 |
postgres-1 | The database cluster will be initialized with locale "en_US.utf8".
postgres-1 | The default database encoding has accordingly been set to "UTF8".
postgres-1 | The default text search configuration will be set to "english".
postgres-1 |
postgres-1 | Data page checksums are disabled.
postgres-1 |
postgres-1 | fixing permissions on existing directory /var/lib/postgresql/data ... ok
postgres-1 | creating subdirectories ... ok
postgres-1 | selecting dynamic shared memory implementation ... posix
postgres-1 | selecting default max_connections ... 100
postgres-1 | selecting default shared_buffers ... 128MB
postgres-1 | selecting default time zone ... Etc/UTC
postgres-1 | creating configuration files ... ok
postgres-1 | running bootstrap script ... ok
yarn run v1.22.22
yarn run v1.22.22
$ ./run yarn:build
$ ./run yarn:build:css
js-1 | ✘ [ERROR] Failed to write to output file: open /app/app/assets/builds/application.js: permission denied
js-1 |
js-1 | 1 error
js-1 |
js-1 | app/assets/builds/application.js 143.4kb
js-1 |
web-1 | cp: cannot create regular file '/app/public/502.html': Permission denied
web-1 | cp: cannot create regular file '/app/public/android-chrome-192x192.png': Permission denied
web-1 | cp: cannot create regular file '/app/public/android-chrome-512x512.png': Permission denied
web-1 | cp: cannot create regular file '/app/public/apple-touch-icon.png': Permission denied
web-1 | cp: cannot create directory '/app/public/assets': Permission denied
web-1 | cp: cannot create regular file '/app/public/browserconfig.xml': Permission denied
web-1 | cp: cannot create regular file '/app/public/favicon-16x16.png': Permission denied
web-1 | cp: cannot create regular file '/app/public/favicon-32x32.png': Permission denied
web-1 | cp: cannot create regular file '/app/public/favicon.ico': Permission denied
web-1 | cp: cannot create regular file '/app/public/maintenance.html': Permission denied
web-1 | cp: cannot create regular file '/app/public/mstile-150x150.png': Permission denied
web-1 | cp: cannot create regular file '/app/public/robots.txt': Permission denied
web-1 | cp: cannot create regular file '/app/public/safari-pinned-tab.svg': Permission denied
web-1 | cp: cannot create regular file '/app/public/site.webmanifest': Permission denied
js-1 | node:child_process:929
js-1 | throw err;
js-1 | ^
js-1 |
js-1 | Error: Command failed: /node_modules/@esbuild/linux-x64/bin/esbuild app/javascript/application.js --outdir=app/assets/builds --bundle --minify
js-1 | at genericNodeError (node:internal/errors:984:15)
js-1 | at wrappedFn (node:internal/errors:538:14)
js-1 | at checkExecSyncError (node:child_process:890:11)
js-1 | at Object.execFileSync (node:child_process:926:15)
js-1 | at Object.silence_single_worker_warning option to silence this warning message.
cable-1 | [1] - Worker 0 (PID: 10) booted in 0.05s, phase: 0
redis-1 | 1:M 17 Jun 2024 14:05:12.005 * 100 changes in 300 seconds. Saving...
redis-1 | 1:M 17 Jun 2024 14:05:12.007 * Background saving started by pid 18
redis-1 | 18:C 17 Jun 2024 14:05:12.020 * DB saved on disk
redis-1 | 18:C 17 Jun 2024 14:05:12.021 * Fork CoW for RDB: current 0 MB, peak 0 MB, average 0 MB
redis-1 | 1:M 17 Jun 2024 14:05:12.109 * Background saving terminated with success
postgres-1 | 2024-06-17 14:05:23.406 UTC [61] LOG: checkpoint starting: time
postgres-1 | 2024-06-17 14:05:26.161 UTC [61] LOG: checkpoint complete: wrote 30 buffers (0.2%); 0 WAL file(s) added, 0 removed, 0 recycled; write=2.723 s, sync=0.007 s, total=2.755 s; sync files=11, longest=0.004 s, average=0.001 s; distance=132 kB, estimate=132 kB; lsn=0/19330F0, redo lsn=0/19330B8
redis-1 | 1:M 17 Jun 2024 14:10:13.011 * 100 changes in 300 seconds. Saving...
redis-1 | 1:M 17 Jun 2024 14:10:13.012 * Background saving started by pid 19
redis-1 | 19:C 17 Jun 2024 14:10:13.023 * DB saved on disk
redis-1 | 19:C 17 Jun 2024 14:10:13.024 * Fork CoW for RDB: current 0 MB, peak 0 MB, average 0 MB
redis-1 | 1:M 17 Jun 2024 14:10:13.112 * Background saving terminated with success
Hi, I am traveling internationally. I will check into this later next week.
On Mon, Jun 17, 2024, 3:19 PM Alexander Bahlk @.***> wrote:
Great Work Nick!
All works fine in development, however, launching on a DigitalOcean Droplet does not work. Here is the output
✔ Network unicorn_new_default Created 0.4s ✔ Volume "unicorn_new_redis" Created 0.0s ✔ Volume "unicorn_new_postgres" Created 0.0s ✔ Container unicorn_new-redis-1 Created 0.8s ✔ Container unicorn_new-js-1 Created 0.8s ✔ Container unicorn_new-css-1 Created 0.8s ✔ Container unicorn_new-postgres-1 Created 0.8s ✔ Container unicorn_new-cable-1 Created 0.2s ✔ Container unicorn_new-web-1 Created 0.2s ✔ Container unicorn_new-worker-1 Created 0.2s Attaching to cable-1, css-1, js-1, postgres-1, redis-1, web-1, worker-1 redis-1 | 1:C 17 Jun 2024 14:00:11.612 # WARNING Memory overcommit must be enabled! Without it, a background save or replication may fail under low memory condition. Being disabled, it can also cause failures without low memory condition, see jemalloc/jemalloc#1328 https://github.com/jemalloc/jemalloc/issues/1328. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect. redis-1 | 1:C 17 Jun 2024 14:00:11.613 * oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo redis-1 | 1:C 17 Jun 2024 14:00:11.614 * Redis version=7.2.5, bits=64, commit=00000000, modified=0, pid=1, just started redis-1 | 1:C 17 Jun 2024 14:00:11.614 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf redis-1 | 1:M 17 Jun 2024 14:00:11.614 * monotonic clock: POSIX clock_gettime redis-1 | 1:M 17 Jun 2024 14:00:11.624 * Running mode=standalone, port=6379. redis-1 | 1:M 17 Jun 2024 14:00:11.628 * Server initialized redis-1 | 1:M 17 Jun 2024 14:00:11.637 * Ready to accept connections tcp postgres-1 | The files belonging to this database system will be owned by user "postgres". postgres-1 | This user must also own the server process. postgres-1 | postgres-1 | The database cluster will be initialized with locale "en_US.utf8". postgres-1 | The default database encoding has accordingly been set to "UTF8". postgres-1 | The default text search configuration will be set to "english". postgres-1 | postgres-1 | Data page checksums are disabled. postgres-1 | postgres-1 | fixing permissions on existing directory /var/lib/postgresql/data ... ok postgres-1 | creating subdirectories ... ok postgres-1 | selecting dynamic shared memory implementation ... posix postgres-1 | selecting default max_connections ... 100 postgres-1 | selecting default shared_buffers ... 128MB postgres-1 | selecting default time zone ... Etc/UTC postgres-1 | creating configuration files ... ok postgres-1 | running bootstrap script ... ok yarn run v1.22.22 yarn run v1.22.22 $ ./run yarn:build $ ./run yarn:build:css
js-1 | ✘ [ERROR] Failed to write to output file: open /app/app/assets/builds/application.js: permission denied js-1 | js-1 | 1 error js-1 | js-1 | app/assets/builds/application.js 143.4kb js-1 | web-1 | cp: cannot create regular file '/app/public/502.html': Permission denied web-1 | cp: cannot create regular file '/app/public/android-chrome-192x192.png': Permission denied web-1 | cp: cannot create regular file '/app/public/android-chrome-512x512.png': Permission denied web-1 | cp: cannot create regular file '/app/public/apple-touch-icon.png': Permission denied web-1 | cp: cannot create directory '/app/public/assets': Permission denied web-1 | cp: cannot create regular file '/app/public/browserconfig.xml': Permission denied web-1 | cp: cannot create regular file '/app/public/favicon-16x16.png': Permission denied web-1 | cp: cannot create regular file '/app/public/favicon-32x32.png': Permission denied web-1 | cp: cannot create regular file '/app/public/favicon.ico': Permission denied web-1 | cp: cannot create regular file '/app/public/maintenance.html': Permission denied web-1 | cp: cannot create regular file '/app/public/mstile-150x150.png': Permission denied web-1 | cp: cannot create regular file '/app/public/robots.txt': Permission denied web-1 | cp: cannot create regular file '/app/public/safari-pinned-tab.svg': Permission denied web-1 | cp: cannot create regular file '/app/public/site.webmanifest': Permission denied js-1 | node:child_process:929 js-1 | throw err; js-1 | ^ js-1 | js-1 | Error: Command failed: @./linux-x64/bin/esbuild app/javascript/application.js --outdir=app/assets/builds --bundle --minify js-1 | at genericNodeError (node:internal/errors:984:15) js-1 | at wrappedFn (node:internal/errors:538:14) js-1 | at checkExecSyncError (node:child_process:890:11) js-1 | at Object.execFileSync (node:child_process:926:15) js-1 | at Object. (/node_modules/esbuild/bin/esbuild:219:28) js-1 | at Module._compile (node:internal/modules/cjs/loader:1358:14) js-1 | at Module._extensions..js (node:internal/modules/cjs/loader:1416:10) js-1 | at Module.load (node:internal/modules/cjs/loader:1208:32) js-1 | at Module._load (node:internal/modules/cjs/loader:1024:12) js-1 | at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:174:12) { js-1 | status: 1, js-1 | signal: null, js-1 | output: [ null, null, null ], js-1 | pid: 26, js-1 | stdout: null, js-1 | stderr: null js-1 | } js-1 | js-1 | Node.js v20.14.0 js-1 | js-1 | Task completed in 0m1.845s error Command failed with exit code 1. info Visit https://yarnpkg.com/en/docs/cli/run https://yarnpkg.com/en/docs/cli/run for documentation about this command. js-1 exited with code 1 web-1 exited with code 1 cable-1 | [1] Puma starting in cluster mode... cable-1 | [1] * Puma version: 6.4.2 (ruby 3.3.2-p78) ("The Eagle of Durango") cable-1 | [1] * Min threads: 1 cable-1 | [1] * Max threads: 1 cable-1 | [1] * Environment: production cable-1 | [1] * Master PID: 1 cable-1 | [1] * Workers: 1 cable-1 | [1] * Restarts: (✔) hot (✖) phased cable-1 | [1] * Preloading application postgres-1 | performing post-bootstrap initialization ... ok postgres-1 | syncing data to disk ... ok postgres-1 | postgres-1 | initdb: warning: enabling "trust" authentication for local connections postgres-1 | initdb: hint: You can change this by editing pg_hba.conf or using the option -A, or --auth-local and --auth-host, the next time you run initdb. postgres-1 | postgres-1 | Success. You can now start the database server using: postgres-1 | postgres-1 | pg_ctl -D /var/lib/postgresql/data -l logfile start postgres-1 | postgres-1 | waiting for server to start....2024-06-17 14:00:21.385 UTC [47] LOG: starting PostgreSQL 16.3 (Debian 16.3-1.pgdg120+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit postgres-1 | 2024-06-17 14:00:21.390 UTC [47] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432" postgres-1 | 2024-06-17 14:00:21.423 UTC [50] LOG: database system was shut down at 2024-06-17 14:00:20 UTC postgres-1 | 2024-06-17 14:00:21.460 UTC [47] LOG: database system is ready to accept connections postgres-1 | done postgres-1 | server started postgres-1 | CREATE DATABASE postgres-1 | postgres-1 | postgres-1 | /usr/local/bin/docker-entrypoint.sh: ignoring /docker-entrypoint-initdb.d/ postgres-1 | postgres-1 | 2024-06-17 14:00:22.713 UTC [47] LOG: received fast shutdown request postgres-1 | waiting for server to shut down....2024-06-17 14:00:22.728 UTC [47] LOG: aborting any active transactions postgres-1 | 2024-06-17 14:00:22.779 UTC [47] LOG: background worker "logical replication launcher" (PID 53) exited with exit code 1 postgres-1 | 2024-06-17 14:00:22.810 UTC [48] LOG: shutting down postgres-1 | 2024-06-17 14:00:22.817 UTC [48] LOG: checkpoint starting: shutdown immediate postgres-1 | 2024-06-17 14:00:23.003 UTC [48] LOG: checkpoint complete: wrote 922 buffers (5.6%); 0 WAL file(s) added, 0 removed, 0 recycled; write=0.097 s, sync=0.065 s, total=0.192 s; sync files=301, longest=0.014 s, average=0.001 s; distance=4255 kB, estimate=4255 kB; lsn=0/1912048, redo lsn=0/1912048 postgres-1 | 2024-06-17 14:00:23.060 UTC [47] LOG: database system is shut down postgres-1 | done postgres-1 | server stopped postgres-1 | postgres-1 | PostgreSQL init process complete; ready for start up. postgres-1 | postgres-1 | 2024-06-17 14:00:23.315 UTC [1] LOG: starting PostgreSQL 16.3 (Debian 16.3-1.pgdg120+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit postgres-1 | 2024-06-17 14:00:23.316 UTC [1] LOG: listening on IPv4 address "0.0.0.0", port 5432 postgres-1 | 2024-06-17 14:00:23.318 UTC [1] LOG: listening on IPv6 address "::", port 5432 postgres-1 | 2024-06-17 14:00:23.327 UTC [1] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432" postgres-1 | 2024-06-17 14:00:23.347 UTC [63] LOG: database system was shut down at 2024-06-17 14:00:22 UTC postgres-1 | 2024-06-17 14:00:23.403 UTC [1] LOG: database system is ready to accept connections
css-1 | css-1 | Rebuilding... css-1 | Error: EACCES: permission denied, open './app/assets/builds/application.css' css-1 | at async open (node:internal/fs/promises:636:25) css-1 | at async Object.writeFile (node:internal/fs/promises:1216:14) css-1 | at async outputFile (/node_modules/tailwindcss/lib/cli/build/utils.js:87:5) css-1 | at async Promise.all (index 0) css-1 | at async build (/node_modules/tailwindcss/lib/cli/build/index.js:49:9) { css-1 | errno: -13, css-1 | code: 'EACCES', css-1 | syscall: 'open', css-1 | path: './app/assets/builds/application.css' css-1 | } css-1 | css-1 | Task completed in 0m13.928s error Command failed with exit code 1. info Visit https://yarnpkg.com/en/docs/cli/run https://yarnpkg.com/en/docs/cli/run for documentation about this command. css-1 exited with code 1 worker-1 | 2024-06-17T14:00:38.916Z pid=1 tid=2u9 INFO: Booted Rails 7.1.3.4 application in production environment worker-1 | 2024-06-17T14:00:38.937Z pid=1 tid=2u9 INFO: Running in ruby 3.3.2 (2024-05-30 revision e5a195edf6) +YJIT [x86_64-linux] worker-1 | 2024-06-17T14:00:38.937Z pid=1 tid=2u9 INFO: See LICENSE and the LGPL-3.0 for licensing details. worker-1 | 2024-06-17T14:00:38.937Z pid=1 tid=2u9 INFO: Upgrade to Sidekiq Pro for more features and support: https://sidekiq.org worker-1 | 2024-06-17T14:00:38.938Z pid=1 tid=2u9 INFO: Sidekiq 7.2.4 connecting to Redis with options {:size=>10, :pool_name=>"internal", :url=>"redis://redis:6379/1"} cable-1 | [1] * Listening on http://0.0.0.0:28080 worker-1 | 2024-06-17T14:00:39.027Z pid=1 tid=2u9 INFO: Sidekiq 7.2.4 connecting to Redis with options {:size=>1, :pool_name=>"default", :url=>"redis://redis:6379/1"} cable-1 | [1] Use Ctrl-C to stop cable-1 | [1] ! WARNING: Detected running cluster mode with 1 worker. cable-1 | [1] ! Running Puma in cluster mode with a single worker is often a misconfiguration. cable-1 | [1] ! Consider running Puma in single-mode (workers = 0) in order to reduce memory overhead. cable-1 | [1] ! Set the silence_single_worker_warning option to silence this warning message. cable-1 | [1] - Worker 0 (PID: 10) booted in 0.05s, phase: 0 redis-1 | 1:M 17 Jun 2024 14:05:12.005 * 100 changes in 300 seconds. Saving... redis-1 | 1:M 17 Jun 2024 14:05:12.007 * Background saving started by pid 18 redis-1 | 18:C 17 Jun 2024 14:05:12.020 * DB saved on disk redis-1 | 18:C 17 Jun 2024 14:05:12.021 * Fork CoW for RDB: current 0 MB, peak 0 MB, average 0 MB redis-1 | 1:M 17 Jun 2024 14:05:12.109 * Background saving terminated with success postgres-1 | 2024-06-17 14:05:23.406 UTC [61] LOG: checkpoint starting: time postgres-1 | 2024-06-17 14:05:26.161 UTC [61] LOG: checkpoint complete: wrote 30 buffers (0.2%); 0 WAL file(s) added, 0 removed, 0 recycled; write=2.723 s, sync=0.007 s, total=2.755 s; sync files=11, longest=0.004 s, average=0.001 s; distance=132 kB, estimate=132 kB; lsn=0/19330F0, redo lsn=0/19330B8 redis-1 | 1:M 17 Jun 2024 14:10:13.011 * 100 changes in 300 seconds. Saving... redis-1 | 1:M 17 Jun 2024 14:10:13.012 * Background saving started by pid 19 redis-1 | 19:C 17 Jun 2024 14:10:13.023 * DB saved on disk redis-1 | 19:C 17 Jun 2024 14:10:13.024 * Fork CoW for RDB: current 0 MB, peak 0 MB, average 0 MB redis-1 | 1:M 17 Jun 2024 14:10:13.112 * Background saving terminated with success
— Reply to this email directly, view it on GitHub https://github.com/nickjj/docker-rails-example/issues/81, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAGGRI47AAD2CHI3GJMDJGDZH3WALAVCNFSM6AAAAABJODPL5CVHI2DSMVQWIX3LMV43ASLTON2WKOZSGM2TONBXG42TKMY . You are receiving this because you are subscribed to this thread.Message ID: @.***>
If you run the id command as the user you're running your Docker commands as, what's the output?
It looks like maybe your user's UID and GID aren't 1000:1000.
The output is uid=0(root) gid=0(root) groups=0(root)
I updated the .env by your example to
export UID=1000
export GID=1000
The error stays the same
It sounds like you're running things as the root user, but if you do that you'd need to change the UID and GID to 0 and rebuild.
I'd suggest not using root though. Typically the first non-root user created on a Linux system uses 1000:1000.
Got it. On a fresh DigitalOcean Droplet Ubuntu Ubuntu 22.04 this is the list of users
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
systemd-network:x:100:102:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
systemd-resolve:x:101:103:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
messagebus:x:102:105::/nonexistent:/usr/sbin/nologin
systemd-timesync:x:103:106:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin
syslog:x:104:111::/home/syslog:/usr/sbin/nologin
_apt:x:105:65534::/nonexistent:/usr/sbin/nologin
tss:x:106:112:TPM software stack,,,:/var/lib/tpm:/bin/false
uuidd:x:107:113::/run/uuidd:/usr/sbin/nologin
tcpdump:x:108:114::/nonexistent:/usr/sbin/nologin
sshd:x:109:65534::/run/sshd:/usr/sbin/nologin
pollinate:x:110:1::/var/cache/pollinate:/bin/false
landscape:x:111:116::/var/lib/landscape:/usr/sbin/nologin
fwupd-refresh:x:112:117:fwupd-refresh user,,,:/run/systemd:/usr/sbin/nologin
lxd:x:999:100::/var/snap/lxd/common/lxd:/bin/false
usbmux:x:113:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin
Yep, usually it's expected to create a non-root user to run things as. DO and most other providers won't create this for you because it's up to you. You may want to name it deploy, alex or whatever makes sense for your set up.
@nickjj Great, the approach is working.
I just have to go back and learn how to get this running on production with SSL.