fix(docker): configurable pgid and puid, tiny init

2025-06-29 16:23:03 +03:00
parent d621c90d61
commit 68b553382a
2 changed files with 27 additions and 11 deletions
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@ -3,9 +3,31 @@
 set -e

 # --- Environment Variable Defaults ---
+PUID=${PUID:-1000}
+PGID=${PGID:-1000}
+
 DOMAIN=${DOMAIN:-}
 RULE_PATH=${RULE_PATH:-}

+
+# --- Create user and group at runtime ---
+echo "Creating user and group with PUID=${PUID} and PGID=${PGID}"
+
+# Remove existing user/group if they exist
+if getent group app > /dev/null 2>&1; then
+    delgroup app 2>/dev/null || true
+fi
+if getent passwd app > /dev/null 2>&1; then
+    deluser app 2>/dev/null || true
+fi
+
+# Create new group and user with runtime PUID/PGID
+addgroup -S -g ${PGID} app
+adduser -S -u ${PUID} -G app -h /app app
+
+# Set ownership of directories
+chown -R app:app /config /rules
+
 # --- Build the Command ---
 # This command is now used for both the initial run and the cron job.
 APP_CMD="/usr/local/bin/sbrs \
@ -31,9 +53,8 @@ echo "--- Running initial synchronization on container start ---"
 # We run it as the non-root 'app' user to ensure correct file permissions.
 su-exec app:app sh -c "${APP_CMD}"
 echo "--- Initial synchronization finished ---"
+
 # ===================================================================
-
-
 # --- Cron Setup ---
 # This section runs after the initial sync is complete.
 echo "Setting up cron job with schedule: ${CRON_SCHEDULE}"