From fa0134551f4422ade6d4f3d5c33fbbd3dcf7b725 Mon Sep 17 00:00:00 2001 From: Luis Garcia Date: Fri, 13 Sep 2024 09:56:34 -0600 Subject: [PATCH 1/3] Entrypoint: Check root user, check addgroup/adduser command exists --- entrypoint.sh | 58 ++++++++++++++++++++++++++++++--------------------- 1 file changed, 34 insertions(+), 24 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 1755fe4..abeed13 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -2,29 +2,33 @@ set -e -# Create group and user based on environment variables -if [ ! "$(getent group "$PGID")" ]; then - # If groupadd exists, use it - if command -v groupadd > /dev/null; then - groupadd -g "$PGID" jellyplex_group - else - addgroup -g "$PGID" jellyplex_group +# Check if user is root +if [ "$(id -u)" = '0' ]; then + # Create group and user based on environment variables + if [ ! "$(getent group "$PGID")" ]; then + # If groupadd exists, use it + if command -v groupadd > /dev/null; then + groupadd -g "$PGID" jellyplex_group + elif command -v addgroup > /dev/null; then + addgroup -g "$PGID" jellyplex_group + fi fi + + if [ ! "$(getent passwd "$PUID")" ]; then + # If useradd exists, use it + if command -v useradd > /dev/null; then + useradd --no-create-home -u "$PUID" -g "$PGID" jellyplex_user + elif command -v adduser > /dev/null; then + adduser -D -H -u "$PUID" -G jellyplex_group jellyplex_user + fi + fi +else + # If user is not root, set the PUID and PGID to the current user + PUID=$(id -u) + PGID=$(id -g) fi -if [ ! "$(getent passwd "$PUID")" ]; then - # If useradd exists, use it - if command -v useradd > /dev/null; then - useradd --no-create-home -u "$PUID" -g "$PGID" jellyplex_user - else - adduser -D -H -u "$PUID" -G jellyplex_group jellyplex_user - fi -fi - -# Adjust ownership of the application directory -chown -R "$PUID:$PGID" /app - -# Get directory of log and mark file to create base folder if it doesnt exist and change permissions +# Get directory of log and mark file to create base folder if it doesnt exist LOG_DIR=$(dirname "$LOG_FILE") # If LOG_DIR is set, create the directory if [ -n "$LOG_DIR" ]; then @@ -36,8 +40,14 @@ if [ -n "$MARK_DIR" ]; then mkdir -p "$MARK_DIR" fi -chown -R "$PUID:$PGID" "$LOG_DIR" -chown -R "$PUID:$PGID" "$MARK_DIR" +# If root run as the created user +if [ "$(id -u)" = '0' ]; then + chown -R "$PUID:$PGID" "$LOG_DIR" + chown -R "$PUID:$PGID" "$MARK_DIR" -# Run the application as the created user -exec gosu "$PUID:$PGID" "$@" + # Run the application as the created user + exec gosu "$PUID:$PGID" "$@" +fi + +# Run the application as the current user +exec "$@" From b3b0ccac732908c60711d78b25dab2143358e6ae Mon Sep 17 00:00:00 2001 From: Luis Garcia Date: Fri, 13 Sep 2024 10:12:18 -0600 Subject: [PATCH 2/3] Docker: Fix alpine --- Dockerfile.alpine | 2 +- entrypoint.sh | 14 +++++++++----- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/Dockerfile.alpine b/Dockerfile.alpine index 4966bfb..c7a8893 100644 --- a/Dockerfile.alpine +++ b/Dockerfile.alpine @@ -2,7 +2,7 @@ FROM python:3.11-alpine ENV PUID=1000 ENV PGID=1000 -ENV GOSU_VERSION 1.17 +ENV GOSU_VERSION=1.17 RUN apk add --no-cache tini dos2unix diff --git a/entrypoint.sh b/entrypoint.sh index abeed13..e1297b5 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -4,22 +4,24 @@ set -e # Check if user is root if [ "$(id -u)" = '0' ]; then + echo "User is root, checking if we need to create a user and group based on environment variables" # Create group and user based on environment variables if [ ! "$(getent group "$PGID")" ]; then # If groupadd exists, use it if command -v groupadd > /dev/null; then - groupadd -g "$PGID" jellyplex_group + groupadd -g "$PGID" jellyplex_watched elif command -v addgroup > /dev/null; then - addgroup -g "$PGID" jellyplex_group + addgroup -g "$PGID" jellyplex_watched fi fi + # If user id does not exist, create the user if [ ! "$(getent passwd "$PUID")" ]; then - # If useradd exists, use it if command -v useradd > /dev/null; then - useradd --no-create-home -u "$PUID" -g "$PGID" jellyplex_user + useradd --no-create-home -u "$PUID" -g "$PGID" jellyplex_watched elif command -v adduser > /dev/null; then - adduser -D -H -u "$PUID" -G jellyplex_group jellyplex_user + # Use alpine busybox adduser syntax + adduser -D -H -u "$PUID" -G jellyplex_watched jellyplex_watched fi fi else @@ -40,6 +42,8 @@ if [ -n "$MARK_DIR" ]; then mkdir -p "$MARK_DIR" fi +echo "Starting JellyPlex-Watched with UID: $PUID and GID: $PGID" + # If root run as the created user if [ "$(id -u)" = '0' ]; then chown -R "$PUID:$PGID" "$LOG_DIR" From 0c218fa9dd2f4bd3a328590c24c6da06ddf90e20 Mon Sep 17 00:00:00 2001 From: Luis Garcia Date: Fri, 13 Sep 2024 16:24:58 -0600 Subject: [PATCH 3/3] Entrypoint: Alpine fix overlapping PGID issue --- entrypoint.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index e1297b5..7e0bde0 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -20,8 +20,12 @@ if [ "$(id -u)" = '0' ]; then if command -v useradd > /dev/null; then useradd --no-create-home -u "$PUID" -g "$PGID" jellyplex_watched elif command -v adduser > /dev/null; then + # Get the group name based on the PGID since adduser does not have a flag to specify the group id + # and if the group id already exists the group name will be sommething unexpected + GROUPNAME=$(getent group "$PGID" | cut -d: -f1) + # Use alpine busybox adduser syntax - adduser -D -H -u "$PUID" -G jellyplex_watched jellyplex_watched + adduser -D -H -u "$PUID" -G "$GROUPNAME" jellyplex_watched fi fi else