diff --git a/Dockerfile b/Dockerfile index de5860a5..c6286ce8 100755 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ ARG INSTALL_DIR=/app ENV PYTHONUNBUFFERED=1 # Install build dependencies -RUN apk add --no-cache bash python3 python3-dev gcc musl-dev libffi-dev openssl-dev git \ +RUN apk add --no-cache bash shadow python3 python3-dev gcc musl-dev libffi-dev openssl-dev git \ && python -m venv /opt/venv # Enable venv @@ -13,7 +13,6 @@ ENV PATH="/opt/venv/bin:$PATH" COPY . ${INSTALL_DIR}/ - RUN pip install openwrt-luci-rpc asusrouter asyncio aiohttp graphene flask tplink-omada-client wakeonlan pycryptodome requests paho-mqtt scapy cron-converter pytz json2table dhcp-leases pyunifi speedtest-cli chardet python-nmap dnspython librouteros git+https://github.com/foreign-sub/aiofreepybox.git \ && bash -c "find ${INSTALL_DIR} -type d -exec chmod 750 {} \;" \ && bash -c "find ${INSTALL_DIR} -type f -exec chmod 640 {} \;" \ @@ -28,6 +27,7 @@ FROM alpine:3.21 AS runner ARG INSTALL_DIR=/app COPY --from=builder /opt/venv /opt/venv +COPY --from=builder /usr/sbin/usermod /usr/sbin/groupmod /usr/sbin/ # Enable venv ENV PATH="/opt/venv/bin:$PATH" @@ -41,7 +41,7 @@ ENV S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 # ❗ IMPORTANT - if you modify this file modify the /install/install_dependecies.sh file as well ❗ RUN apk update --no-cache \ - && apk add --no-cache bash zip lsblk gettext-envsubst sudo mtr tzdata s6-overlay \ + && apk add --no-cache bash libbsd zip lsblk gettext-envsubst sudo mtr tzdata s6-overlay \ && apk add --no-cache curl arp-scan iproute2 iproute2-ss nmap nmap-scripts traceroute nbtscan avahi avahi-tools openrc dbus net-tools net-snmp-tools bind-tools awake ca-certificates \ && apk add --no-cache sqlite php83 php83-fpm php83-cgi php83-curl php83-sqlite3 php83-session \ && apk add --no-cache python3 nginx \ diff --git a/dockerfiles/init.sh b/dockerfiles/init.sh index e2a41244..a2247085 100755 --- a/dockerfiles/init.sh +++ b/dockerfiles/init.sh @@ -1,8 +1,36 @@ #!/usr/bin/with-contenv bash -echo "---------------------------------------------------------" -echo "[INSTALL] Run init.sh" -echo "---------------------------------------------------------" +echo "--------------------------------------------------------- +[INSTALL] Run init.sh +---------------------------------------------------------" + +DEFAULT_PUID=200 +DEFAULT_GID=200 + +PUID=${PUID:-${DEFAULT_PUID}} +PGID=${PGID:-${DEFAULT_GID}} + +echo "[INSTALL] Setting up user UID and GID" + +if ! groupmod -o -g "$PGID" www-data && [ "$PGID" != "$DEFAULT_GID" ] ; then + echo "Failed to set user GID to ${PGID}, trying with default GID ${DEFAULT_GID}" + groupmod -o -g "$DEFAULT_GID" www-data +fi +if ! usermod -o -u "$PUID" nginx && [ "$PUID" != "$DEFAULT_PUID" ] ; then + echo "Failed to set user UID to ${PUID}, trying with default PUID ${DEFAULT_PUID}" + usermod -o -u "$DEFAULT_PUID" nginx +fi + +echo " +--------------------------------------------------------- +GID/UID +--------------------------------------------------------- +User UID: $(id -u nginx) +User GID: $(getent group www-data | cut -d: -f3) +---------------------------------------------------------" + +chown nginx:nginx /run/nginx/ /var/log/nginx/ /var/lib/nginx/ /var/lib/nginx/tmp/ +chgrp www-data /var/www/localhost/htdocs/ export INSTALL_DIR=/app # Specify the installation directory here @@ -119,8 +147,7 @@ touch "${INSTALL_DIR}"/api/user_notifications.json mkdir -p "${INSTALL_DIR}"/log/plugins echo "[INSTALL] Fixing permissions after copied starter config & DB" -chown -R nginx:www-data "${INSTALL_DIR}"/{config,log,db,api} -chown -R nginx:www-data "${INSTALL_DIR}"/api/user_notifications.json +chown -R nginx:www-data "${INSTALL_DIR}" chmod 750 "${INSTALL_DIR}"/{config,log,db} find "${INSTALL_DIR}"/{config,log,db} -type f -exec chmod 640 {} \;