WIP docker configurable UID
This commit is contained in:
parent
d834646686
commit
bbe36da3ce
11
Dockerfile
11
Dockerfile
@ -13,15 +13,9 @@ ARG TARGETARCH
|
|||||||
ENV TINI_VERSION v0.19.0
|
ENV TINI_VERSION v0.19.0
|
||||||
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${TARGETARCH} /tini
|
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${TARGETARCH} /tini
|
||||||
|
|
||||||
ENV SILVERBULLET_UID_GID 1000
|
|
||||||
ENV SILVERBULLET_USERNAME silverbullet
|
|
||||||
|
|
||||||
# Make sure the deno user has access to the space volume
|
# Make sure the deno user has access to the space volume
|
||||||
RUN mkdir -p /space \
|
RUN mkdir -p /space \
|
||||||
&& addgroup --gid ${SILVERBULLET_UID_GID} silverbullet \
|
|
||||||
&& adduser --uid ${SILVERBULLET_UID_GID} --gid ${SILVERBULLET_UID_GID} ${SILVERBULLET_USERNAME} \
|
|
||||||
&& chown -R ${SILVERBULLET_USERNAME}:${SILVERBULLET_USERNAME} /space \
|
|
||||||
&& chown -R ${SILVERBULLET_USERNAME}:${SILVERBULLET_USERNAME} /deno-dir \
|
|
||||||
&& chmod +x /tini \
|
&& chmod +x /tini \
|
||||||
&& apt update \
|
&& apt update \
|
||||||
&& apt install -y git ssh-client \
|
&& apt install -y git ssh-client \
|
||||||
@ -35,8 +29,6 @@ RUN mkdir -p /space \
|
|||||||
/var/log/* \
|
/var/log/* \
|
||||||
/usr/share/man
|
/usr/share/man
|
||||||
|
|
||||||
# deno user id is 1000 in alpine image
|
|
||||||
USER ${SILVERBULLET_USERNAME}
|
|
||||||
|
|
||||||
# Expose port 3000
|
# Expose port 3000
|
||||||
# Port map this when running, e.g. with -p 3002:3000 (where 3002 is the host port)
|
# Port map this when running, e.g. with -p 3002:3000 (where 3002 is the host port)
|
||||||
@ -47,7 +39,8 @@ ENV SB_FOLDER /space
|
|||||||
|
|
||||||
# Copy the bundled version of silverbullet into the container
|
# Copy the bundled version of silverbullet into the container
|
||||||
ADD ./dist/silverbullet.js /silverbullet.js
|
ADD ./dist/silverbullet.js /silverbullet.js
|
||||||
|
ADD ./docker-entrypoint.sh /docker-entrypoint.sh
|
||||||
|
|
||||||
# Run the server, allowing to pass in additional argument at run time, e.g.
|
# Run the server, allowing to pass in additional argument at run time, e.g.
|
||||||
# docker run -p 3002:3000 -v myspace:/space -it zefhemel/silverbullet --user me:letmein
|
# docker run -p 3002:3000 -v myspace:/space -it zefhemel/silverbullet --user me:letmein
|
||||||
ENTRYPOINT ["/tini", "--", "deno", "run", "-A", "--unstable", "/silverbullet.js"]
|
ENTRYPOINT ["/tini", "--", "/docker-entrypoint.sh"]
|
||||||
|
25
docker-entrypoint.sh
Executable file
25
docker-entrypoint.sh
Executable file
@ -0,0 +1,25 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Check if UID and GID are passed as environment variables
|
||||||
|
if [ -z "$UID" ]; then
|
||||||
|
# Get the UID of the folder owner
|
||||||
|
UID=$(stat -c "%u" "$SB_FOLDER")
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "$GID" ]; then
|
||||||
|
# Get the GID of the folder owner
|
||||||
|
GID=$(stat -c "%g" "$SB_FOLDER")
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Doing this as $UID, $GID"
|
||||||
|
|
||||||
|
ls -l /space
|
||||||
|
|
||||||
|
if [ "$UID" -eq 0 ]; then
|
||||||
|
# If the UID is 0, the user is root
|
||||||
|
deno run -A --unstable /silverbullet.js $@
|
||||||
|
exit
|
||||||
|
else
|
||||||
|
useradd -M -u $UID -g $GID silverbullet
|
||||||
|
su silverbullet -s /bin/bash -c "deno run -A --unstable /silverbullet.js $@"
|
||||||
|
fi
|
Loading…
Reference in New Issue
Block a user