Merge pull request #980 from vladaurosh/main

Adding option to set user ID and GID

Dockerfile

@@ -5,7 +5,7 @@ ARG INSTALL_DIR=/app
 ENV PYTHONUNBUFFERED=1
 
 # Install build dependencies
-RUN apk add --no-cache bash python3 python3-dev gcc musl-dev libffi-dev openssl-dev git \
+RUN apk add --no-cache bash shadow python3 python3-dev gcc musl-dev libffi-dev openssl-dev git \
     && python -m venv /opt/venv
 
 # Enable venv
@@ -13,7 +13,6 @@ ENV PATH="/opt/venv/bin:$PATH"
 
 COPY . ${INSTALL_DIR}/
 
-
 RUN pip install openwrt-luci-rpc asusrouter asyncio aiohttp graphene flask tplink-omada-client wakeonlan pycryptodome requests paho-mqtt scapy cron-converter pytz json2table dhcp-leases pyunifi speedtest-cli chardet python-nmap dnspython librouteros git+https://github.com/foreign-sub/aiofreepybox.git \
     && bash -c "find ${INSTALL_DIR} -type d -exec chmod 750 {} \;" \
     && bash -c "find ${INSTALL_DIR} -type f -exec chmod 640 {} \;" \
@@ -28,6 +27,7 @@ FROM alpine:3.21 AS runner
 ARG INSTALL_DIR=/app
 
 COPY --from=builder /opt/venv /opt/venv
+COPY --from=builder /usr/sbin/usermod /usr/sbin/groupmod /usr/sbin/
 
 # Enable venv
 ENV PATH="/opt/venv/bin:$PATH" 
@@ -41,7 +41,7 @@ ENV S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0
 # ❗ IMPORTANT - if you modify this file modify the /install/install_dependecies.sh file as well ❗ 
 
 RUN apk update --no-cache \
-    && apk add --no-cache bash zip lsblk gettext-envsubst sudo mtr tzdata s6-overlay \
+    && apk add --no-cache bash libbsd zip lsblk gettext-envsubst sudo mtr tzdata s6-overlay \
     && apk add --no-cache curl arp-scan iproute2 iproute2-ss nmap nmap-scripts traceroute nbtscan avahi avahi-tools openrc dbus net-tools net-snmp-tools bind-tools awake ca-certificates \
     && apk add --no-cache sqlite php83 php83-fpm php83-cgi php83-curl php83-sqlite3 php83-session \
     && apk add --no-cache python3 nginx \

dockerfiles/init.sh

@@ -1,8 +1,36 @@
 #!/usr/bin/with-contenv bash
 
-echo "---------------------------------------------------------"
-echo "[INSTALL]                                    Run init.sh"
-echo "---------------------------------------------------------"
+echo "---------------------------------------------------------
+[INSTALL]                                    Run init.sh
+---------------------------------------------------------"
+
+DEFAULT_PUID=200
+DEFAULT_GID=200
+
+PUID=${PUID:-${DEFAULT_PUID}}
+PGID=${PGID:-${DEFAULT_GID}}
+
+echo "[INSTALL] Setting up user UID and GID"
+
+if ! groupmod -o -g "$PGID" www-data && [ "$PGID" != "$DEFAULT_GID" ] ; then
+   echo "Failed to set user GID to ${PGID}, trying with default GID ${DEFAULT_GID}"
+   groupmod -o -g "$DEFAULT_GID" www-data
+fi
+if ! usermod -o -u "$PUID" nginx && [ "$PUID" != "$DEFAULT_PUID" ] ; then
+   echo "Failed to set user UID to ${PUID}, trying with default PUID ${DEFAULT_PUID}"
+   usermod -o -u "$DEFAULT_PUID" nginx
+fi
+
+echo "
+---------------------------------------------------------
+GID/UID
+---------------------------------------------------------
+User UID:    $(id -u nginx)
+User GID:    $(getent group www-data | cut -d: -f3)
+---------------------------------------------------------"
+
+chown nginx:nginx /run/nginx/ /var/log/nginx/ /var/lib/nginx/ /var/lib/nginx/tmp/
+chgrp www-data /var/www/localhost/htdocs/
 
 export INSTALL_DIR=/app  # Specify the installation directory here
 
@@ -119,8 +147,7 @@ touch "${INSTALL_DIR}"/api/user_notifications.json
 mkdir -p "${INSTALL_DIR}"/log/plugins
 
 echo "[INSTALL] Fixing permissions after copied starter config & DB"
-chown -R nginx:www-data "${INSTALL_DIR}"/{config,log,db,api}
-chown -R nginx:www-data "${INSTALL_DIR}"/api/user_notifications.json
+chown -R nginx:www-data "${INSTALL_DIR}"
 
 chmod 750 "${INSTALL_DIR}"/{config,log,db}
 find "${INSTALL_DIR}"/{config,log,db} -type f -exec chmod 640 {} \;