From aeb681a85839e31284e8f1566adc4191a68ea385 Mon Sep 17 00:00:00 2001 From: Meier Lukas Date: Tue, 31 Dec 2024 11:36:28 +0100 Subject: [PATCH] feat(docker): add support for pgid and puid env variables (#1759) --- Dockerfile | 42 ++++++++++++++++++------------------------ scripts/entrypoint.sh | 25 ++++++++++++++++++++----- scripts/run.sh | 4 ++++ 3 files changed, 42 insertions(+), 29 deletions(-) diff --git a/Dockerfile b/Dockerfile index 65e174659..a799e8152 100644 --- a/Dockerfile +++ b/Dockerfile @@ -30,42 +30,36 @@ RUN apk add --no-cache redis nginx bash gettext su-exec openssl RUN mkdir /appdata VOLUME /appdata - - -RUN addgroup --system --gid 1001 nodejs -RUN adduser --system --uid 1001 nextjs - # Enable homarr cli -COPY --from=builder --chown=nextjs:nodejs /app/packages/cli/cli.cjs /app/apps/cli/cli.cjs +COPY --from=builder /app/packages/cli/cli.cjs /app/apps/cli/cli.cjs RUN echo $'#!/bin/bash\ncd /app/apps/cli && node ./cli.cjs "$@"' > /usr/bin/homarr RUN chmod +x /usr/bin/homarr # Don't run production as root -RUN mkdir -p /var/cache/nginx && chown -R nextjs:nodejs /var/cache/nginx && \ - mkdir -p /var/log/nginx && chown -R nextjs:nodejs /var/log/nginx && \ - mkdir -p /var/lib/nginx && chown -R nextjs:nodejs /var/lib/nginx && \ - touch /run/nginx/nginx.pid && chown -R nextjs:nodejs /run/nginx/nginx.pid && \ - mkdir -p /etc/nginx/templates /etc/nginx/ssl/certs && chown -R nextjs:nodejs /etc/nginx +RUN mkdir -p /var/cache/nginx && \ + mkdir -p /var/log/nginx && \ + mkdir -p /var/lib/nginx && \ + touch /run/nginx/nginx.pid && \ + mkdir -p /etc/nginx/templates /etc/nginx/ssl/certs COPY --from=builder /app/apps/nextjs/next.config.mjs . COPY --from=builder /app/apps/nextjs/package.json . -COPY --from=builder --chown=nextjs:nodejs /app/apps/tasks/tasks.cjs ./apps/tasks/tasks.cjs -COPY --from=builder --chown=nextjs:nodejs /app/apps/websocket/wssServer.cjs ./apps/websocket/wssServer.cjs -COPY --from=builder --chown=nextjs:nodejs /app/node_modules/better-sqlite3/build/Release/better_sqlite3.node /app/build/better_sqlite3.node +COPY --from=builder /app/apps/tasks/tasks.cjs ./apps/tasks/tasks.cjs +COPY --from=builder /app/apps/websocket/wssServer.cjs ./apps/websocket/wssServer.cjs +COPY --from=builder /app/node_modules/better-sqlite3/build/Release/better_sqlite3.node /app/build/better_sqlite3.node -COPY --from=builder --chown=nextjs:nodejs /app/packages/db/migrations ./db/migrations +COPY --from=builder /app/packages/db/migrations ./db/migrations # Automatically leverage output traces to reduce image size # https://nextjs.org/docs/advanced-features/output-file-tracing -COPY --from=builder --chown=nextjs:nodejs /app/apps/nextjs/.next/standalone ./ -COPY --from=builder --chown=nextjs:nodejs /app/apps/nextjs/.next/static ./apps/nextjs/.next/static -COPY --from=builder --chown=nextjs:nodejs /app/apps/nextjs/public ./apps/nextjs/public -COPY --chown=nextjs:nodejs scripts/run.sh ./run.sh -COPY scripts/entrypoint.sh ./entrypoint.sh -RUN chmod +x ./entrypoint.sh -COPY --chown=nextjs:nodejs packages/redis/redis.conf /app/redis.conf -COPY --chown=nextjs:nodejs nginx.conf /etc/nginx/templates/nginx.conf +COPY --from=builder /app/apps/nextjs/.next/standalone ./ +COPY --from=builder /app/apps/nextjs/.next/static ./apps/nextjs/.next/static +COPY --from=builder /app/apps/nextjs/public ./apps/nextjs/public +COPY scripts/run.sh ./run.sh +COPY --chmod=777 scripts/entrypoint.sh ./entrypoint.sh +COPY packages/redis/redis.conf /app/redis.conf +COPY nginx.conf /etc/nginx/templates/nginx.conf ENV DB_URL='/appdata/db/db.sqlite' @@ -74,4 +68,4 @@ ENV DB_DRIVER='better-sqlite3' ENV AUTH_PROVIDERS='credentials' ENTRYPOINT [ "/app/entrypoint.sh" ] -CMD ["sh", "run.sh"] +CMD ["sh", "run.sh"] \ No newline at end of file diff --git a/scripts/entrypoint.sh b/scripts/entrypoint.sh index 59a5589df..54131a632 100644 --- a/scripts/entrypoint.sh +++ b/scripts/entrypoint.sh @@ -1,10 +1,25 @@ #!/bin/sh set -e -# Creating folders in volume -mkdir -p /appdata/db -mkdir -p /appdata/redis +export PUID=${PUID:-0} +export PGID=${PGID:-0} -chown -R nextjs:nodejs /appdata +echo "Starting with UID='$PUID', GID='$PGID'" -su-exec 1001:1001 "$@" \ No newline at end of file +if [ "${PUID}" != "0" ] || [ "${PGID}" != "0" ]; then + # The below command will change the owner of all files in the /app directory (except node_modules) to the new UID and GID + echo "Changing owner to $PUID:$PGID, this will take about 10 seconds..." + find . -name 'node_modules' -prune -o -mindepth 1 -maxdepth 1 -exec chown -R $PUID:$PGID {} + + chown -R $PUID:$PGID /var/cache/nginx + chown -R $PUID:$PGID /var/log/nginx + chown -R $PUID:$PGID /var/lib/nginx + chown -R $PUID:$PGID /run/nginx/nginx.pid + chown -R $PUID:$PGID /etc/nginx + echo "Changing owner to $PUID:$PGID, done." +fi + +if [ "${PUID}" != "0" ]; then + su-exec $PUID:$PGID "$@" +else + exec "$@" +fi diff --git a/scripts/run.sh b/scripts/run.sh index ccceda47b..f3f92820c 100644 --- a/scripts/run.sh +++ b/scripts/run.sh @@ -1,3 +1,7 @@ +# Create sub directories in volume +mkdir -p /appdata/db +mkdir -p /appdata/redis + # Run migrations if [ $DB_MIGRATIONS_DISABLED = "true" ]; then echo "DB migrations are disabled, skipping"