NOTREADY readme update & permission mapping

dockerfiles/README.md

@@ -1,4 +1,8 @@
-[![Docker](https://github.com/jokob-skPi.Alert/actions/workflows/docker.yml/badge.svg)](https://github.com/jokob-sk/Pi.Alert/actions/workflows/docker.yml) [![Docker Image Size](https://img.shields.io/docker/image-size/jokobsk/pi.alert?logo=Docker)](https://hub.docker.com/r/jokobsk/pi.alert)
+[![Docker](https://github.com/jokob-sk/Pi.Alert/actions/workflows/docker.yml/badge.svg)](https://github.com/jokob-sk/Pi.Alert/actions/workflows/docker.yml)
+[![Docker Image Size](https://img.shields.io/docker/image-size/jokobsk/pi.alert?logo=Docker)](https://hub.docker.com/r/jokobsk/pi.alert)
+  <a href="https://hub.docker.com/r/jokobsk/pi.alert">
+    <img src="https://img.shields.io/docker/pulls/jokobsk/pi.alert?logo=docker&color=0aa8d2&logoColor=fff" alt="Docker Pulls">
+  </a>
 
 # :whale: A docker image for Pi.Alert 
 
@@ -8,52 +12,70 @@ The source :page_facing_up: Dockerfile is available [here](https://github.com/jo
 
 ## :white_check_mark: Usage
 
--  Network
+Network
    - You will have to probably run the container on the host network, e.g: `sudo docker run --rm --net=host jokobsk/pi.alert`
--  Port 
+
+Port 
    - The container runs on the port `:20211`.
--  UI URL
-   - The UI is located on `<host IP>:20211/pialert/`
 
 > Please note - the cronjob is executed every 1, 5 and 15 minutes so wait that long for all of the scans to run.
 
 ## :floppy_disk: Setup and Backups
 
-1. Download `pialert.conf` and `version.conf` from [here](https://github.com/jokob-sk/Pi.Alert/tree/main/config).
-2. Backup your configuration by: 
-   * Mapping the container folder `/home/pi/pialert/config` to your own folder containing `pialert.conf` and `version.conf`. 
-    
-    OR
-    
-   * Mapping the files individually `pialert.conf:/home/pi/pialert/config/pialert.conf` and `version.conf:/home/pi/pialert/config/version.conf`      
-3. In `pialert.config` specify your network adapter (will probably be eth0 or eth1) and the network filter, e.g. if your DHCP server assigns IPs in the 192.168.1.0 to 192.168.1.255 range specify it the following way: 
+1. (**required**) Download `pialert.conf` and `version.conf` from [here](https://github.com/jokob-sk/Pi.Alert/tree/main/config).     
+2. (**required**) In `pialert.config` specify your network adapter (will probably be `eth0` or `eth1`) and the network filter (which significantly speeds up the scan process), e.g. if your DHCP server assigns IPs in the 192.168.1.0 to 192.168.1.255 range specify it the following way: 
    * `SCAN_SUBNETS    = '192.168.1.0/24 --interface=eth0'`
+3. (**required**) Use your configuration by: 
+   * Mapping the container folder `/home/pi/pialert/config` to a persistent folder containing `pialert.conf` and `version.conf`,     
+   * ... or by mapping the files individually `pialert.conf:/home/pi/pialert/config/pialert.conf` and `version.conf:/home/pi/pialert/config/version.conf` 
 4. Set the `TZ` environment variable to your current time zone (e.g.`Europe/Paris`). Find your time zone [here](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones).
 5. Database backup
+   * The DB is stored under `/home/pi/pialert/db/pialert.db`. Map this file to a persistent location (see [Examples](https://github.com/jokob-sk/Pi.Alert/tree/main/dockerfiles#page_facing_up-examples) for details). If facing issues (AJAX errors, can't write to DB, etc, make sure permissions are set correctly, alternatively check the logs under `/home/pi/pialert/log`)
    * Automated copy
-     The docker image creates a DB copy once every 30 min by copying the DB to `/home/pi/pialert/config/pialert.db_bak`. 
-      > If you have a backup already available, make sure you rename this file if you want to keep older backups before starting a new container.
+     The docker image copies the DB once every 30 min to `/home/pi/pialert/config/pialert.db_bak`. If you have a backup already available, make sure you rename this file if you want to keep older backups before starting a new container. To restore the DB run: `cp /home/pi/pialert/config/pialert.db_bak /home/pi/pialert/db/pialert.db`   
+6. The container supports mapping to local User nad Group IDs. Specify the enviroment variables `HOST_USER_ID` and `HOST_USER_GID` if needed.
 
-     - You can backup the DB by also ad-hoc by running the follow command in the container:
+Config examples can be found below.
 
-       - `cp /home/pi/pialert/db/pialert.db /home/pi/pialert/config/pialert.db_bak`
+## :page_facing_up: Examples
 
-     - Restoring the DB:
+### Example 1
 
-       - `cp /home/pi/pialert/config/pialert.db_bak /home/pi/pialert/db/pialert.db`
+`docker-compose.yml` 
 
-   * Alternative approach: Storing the DB on your own volume
+```yaml
+version: "3"
+services:
+  pialert:
+    container_name: pialert
+    image: "jokobsk/pi.alert:latest"      
+    network_mode: "host"        
+    restart: always
+    volumes:
+      - ${APP_DATA_LOCATION}/pialert/config:/home/pi/pialert/config
+      - ${APP_DATA_LOCATION}/pialert/db/pialert.db:/home/pi/pialert/db/pialert.db
+      - ${LOGS_LOCATION}/:/home/pi/pialert/log
+    environment:
+      - TZ=Australia/Sydney
+      - HOST_USER_ID=1036 
+      - HOST_USER_GID=1000
+```
 
-       ```yaml
-           volumes:
-             - pialert_db:/home/pi/pialert/db
-       ```       
+`.env` file
 
-A full config example can be found below.
+```yaml
 
-## :page_facing_up: Example Config
+APP_DATA_LOCATION=/path/to/docker_appdata
+APP_CONFIG_LOCATION=/path/to/docker_config
+LOGS_LOCATION=/path/to/docker_logs
 
-Courtesy of [pbek](https://github.com/pbek). The volume `pialert_db` is used the db directory. The two config files are mounted directly from a local folder to their places in the config folder. You can backup the `docker-compose.yaml` folder and the docker volumes folder.
+```
+
+To run the container execute: `sudo docker-compose --env-file /path/to/.env up`
+
+### Example 2
+
+Courtesy of [pbek](https://github.com/pbek). The volume `pialert_db` is used by the db directory. The two config files are mounted directly from a local folder to their places in the config folder. You can backup the `docker-compose.yaml` folder and the docker volumes folder.
 
 ```yaml
   pialert:

dockerfiles/start.sh

@@ -1,5 +1,8 @@
 #!/bin/sh
-
+/home/pi/pialert/dockerfiles/user-mapping.sh
+# probably too broad permissions
+chmod -R 755 /home/pi/pialert  
+chmod -R 755 /var/www/html/pialert
 chmod -R o+w /home/pi/pialert/db
 /etc/init.d/lighttpd start
 service cron start && tail -f /dev/null

dockerfiles/user-mapping.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+if [ -z "${USER}" ]; then
+  echo "We need USER to be set!"; exit 100
+fi
+
+# if both not set we do not need to do anything
+if [ -z "${HOST_USER_ID}" -a -z "${HOST_USER_GID}" ]; then
+    echo "Nothing to do here." ; exit 0
+fi
+
+# reset user_?id to either new id or if empty old (still one of above
+# might not be set)
+USER_ID=${HOST_USER_ID:=$USER_ID}
+USER_GID=${HOST_USER_GID:=$USER_GID}
+
+LINE=$(grep -F "${USER}" /etc/passwd)
+# replace all ':' with a space and create array
+array=( ${LINE//:/ } )
+
+# home is 5th element
+USER_HOME=${array[4]}
+
+sed -i -e "s/^${USER}:\([^:]*\):[0-9]*:[0-9]*/${USER}:\1:${USER_ID}:${USER_GID}/"  /etc/passwd
+sed -i -e "s/^${USER}:\([^:]*\):[0-9]*/${USER}:\1:${USER_GID}/"  /etc/group
+
+chown -R ${USER_ID}:${USER_GID} ${USER_HOME}
+
+exec su - "${USER}"