bel
/
JellyPlex-Watched
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add support for PGID and PUID

pull/187/head
Luis Garcia 2024-07-24 01:48:19 -06:00
parent b1639eab0f
commit 99f32c10ef
3 changed files with 74 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
Dockerfile.alpine
View File

@ -1,5 +1,9 @@
FROM python:3.11-alpine
ENV PUID=1000
ENV PGID=1000
ENV GOSU_VERSION 1.17
ENV DRYRUN 'True'
ENV DEBUG 'True'
ENV DEBUG_LEVEL 'INFO'
@ -33,21 +37,45 @@ ENV BLACKLIST_USERS ''
ENV WHITELIST_USERS ''
RUN apk add --no-cache tini && \
addgroup --system jellyplex_user && \
adduser --system --no-create-home jellyplex_user --ingroup jellyplex_user && \
mkdir -p /app && \
chown -R jellyplex_user:jellyplex_user /app
RUN apk add --no-cache tini
# Install gosu
RUN set -eux; \
\
apk add --no-cache --virtual .gosu-deps \
ca-certificates \
dpkg \
gnupg \
; \
\
dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
\
# verify the signature
export GNUPGHOME="$(mktemp -d)"; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
gpgconf --kill all; \
rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
\
# clean up fetch dependencies
apk del --no-network .gosu-deps; \
\
chmod +x /usr/local/bin/gosu; \
# verify that the binary works
gosu --version; \
gosu nobody true
WORKDIR /app
COPY --chown=jellyplex_user:jellyplex_user ./requirements.txt ./
COPY ./requirements.txt ./
RUN pip install --no-cache-dir -r requirements.txt
COPY --chown=jellyplex_user:jellyplex_user . .
COPY . .
USER jellyplex_user
RUN chmod +x *.sh
ENTRYPOINT ["/sbin/tini", "--"]
ENTRYPOINT ["tini", "--", "/app/entrypoint.sh"]
CMD ["python", "-u", "main.py"]

19
Dockerfile.slim
View File

@ -1,5 +1,8 @@
FROM python:3.11-slim
ENV PUID=1000
ENV PGID=1000
ENV DRYRUN 'True'
ENV DEBUG 'True'
ENV DEBUG_LEVEL 'INFO'
@ -34,23 +37,19 @@ ENV WHITELIST_USERS ''
RUN apt-get update && \
apt-get install tini --yes --no-install-recommends && \
apt-get install tini gosu --yes --no-install-recommends && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* && \
addgroup --system jellyplex_user && \
adduser --system --no-create-home jellyplex_user --ingroup jellyplex_user && \
mkdir -p /app && \
chown -R jellyplex_user:jellyplex_user /app
rm -rf /var/lib/apt/lists/*
WORKDIR /app
COPY --chown=jellyplex_user:jellyplex_user ./requirements.txt ./
COPY ./requirements.txt ./
RUN pip install --no-cache-dir -r requirements.txt
COPY --chown=jellyplex_user:jellyplex_user . .
COPY . .
USER jellyplex_user
RUN chmod +x *.sh
ENTRYPOINT ["/bin/tini", "--"]
ENTRYPOINT ["/bin/tini", "--", "/app/entrypoint.sh"]
CMD ["python", "-u", "main.py"]

28
entrypoint.sh Normal file
View File

@ -0,0 +1,28 @@
#!/usr/bin/env sh
set -e
# Create group and user based on environment variables
if [ ! "$(getent group "$PGID")" ]; then
# If groupadd exists, use it
if command -v groupadd > /dev/null; then
groupadd -g "$PGID" jellyplex_group
else
addgroup -g "$PGID" jellyplex_group
fi
fi
if [ ! "$(getent passwd "$PUID")" ]; then
# If useradd exists, use it
if command -v useradd > /dev/null; then
useradd --no-create-home -u "$PUID" -g "$PGID" jellyplex_user
else
adduser -D -H -u "$PUID" -G jellyplex_group jellyplex_user
fi
fi
# Adjust ownership of the application directory
chown -R "$PUID:$PGID" /app
# Run the application as the created user
exec gosu "$PUID:$PGID" "$@"