|
1 | 1 | #!/bin/bash |
2 | 2 | set -e |
3 | 3 |
|
4 | | -# If running as root, check if we need to change UID/GID |
5 | | -if [ "$(id -u)" = "0" ]; then |
6 | | - # Check if USER_UID or USER_GID environment variables are set |
7 | | - if [ -n "${USER_UID}" ] || [ -n "${USER_GID}" ]; then |
8 | | - USER_UID=${USER_UID:-1000} |
9 | | - USER_GID=${USER_GID:-1000} |
10 | | - |
11 | | - # Modify user if UID/GID different from default |
12 | | - if [ "${USER_UID}" != "1000" ] || [ "${USER_GID}" != "1000" ]; then |
13 | | - echo "Adjusting user to UID=${USER_UID}, GID=${USER_GID}" |
14 | | - |
15 | | - # Modify group if needed |
16 | | - if [ "${USER_GID}" != "1000" ]; then |
17 | | - groupmod -g ${USER_GID} appuser |
18 | | - fi |
19 | | - |
20 | | - # Modify user if needed |
21 | | - if [ "${USER_UID}" != "1000" ]; then |
22 | | - usermod -u ${USER_UID} appuser |
23 | | - fi |
24 | | - fi |
25 | | - |
26 | | - # Fix ownership of app directory and data |
27 | | - chown -R appuser:appuser /app |
28 | | - |
29 | | - # Execute command as appuser |
30 | | - exec gosu appuser "$@" |
| 4 | +# Default UID/GID |
| 5 | +USER_UID=${USER_UID:-1000} |
| 6 | +USER_GID=${USER_GID:-1000} |
| 7 | + |
| 8 | +echo "Starting with UID: $USER_UID, GID: $USER_GID" |
| 9 | + |
| 10 | +# Handle special case for existing users (like nobody with UID 99) |
| 11 | +if id -u appuser >/dev/null 2>&1; then |
| 12 | + # User exists, modify it |
| 13 | + echo "Modifying existing appuser..." |
| 14 | + usermod -o -u "$USER_UID" appuser || true |
| 15 | + groupmod -o -g "$USER_GID" appuser || true |
| 16 | +else |
| 17 | + # Create new user and group |
| 18 | + echo "Creating new appuser..." |
| 19 | + # Check if group with GID exists |
| 20 | + if ! getent group "$USER_GID" >/dev/null; then |
| 21 | + groupadd -g "$USER_GID" appuser |
| 22 | + else |
| 23 | + # Group exists, use it |
| 24 | + GROUP_NAME=$(getent group "$USER_GID" | cut -d: -f1) |
| 25 | + groupmod -n appuser "$GROUP_NAME" || true |
| 26 | + fi |
| 27 | + |
| 28 | + # Check if user with UID exists |
| 29 | + if ! id -u "$USER_UID" >/dev/null 2>&1; then |
| 30 | + useradd -o -m -u "$USER_UID" -g "$USER_GID" appuser |
| 31 | + else |
| 32 | + # User exists, rename it |
| 33 | + USER_NAME=$(getent passwd "$USER_UID" | cut -d: -f1) |
| 34 | + usermod -l appuser "$USER_NAME" || true |
| 35 | + usermod -g "$USER_GID" appuser || true |
31 | 36 | fi |
32 | 37 | fi |
33 | 38 |
|
34 | | -# Execute command directly if not running as root or no UID/GID specified |
35 | | -exec "$@" |
| 39 | +# Fix permissions for all necessary directories and files |
| 40 | +echo "Fixing permissions..." |
| 41 | +chown -R "$USER_UID:$USER_GID" /app/data 2>/dev/null || true |
| 42 | +chown -R "$USER_UID:$USER_GID" /app/app 2>/dev/null || true |
| 43 | +chown -R "$USER_UID:$USER_GID" /app/static 2>/dev/null || true |
| 44 | + |
| 45 | +# Ensure data directory exists with correct permissions |
| 46 | +mkdir -p /app/data |
| 47 | +chown "$USER_UID:$USER_GID" /app/data |
| 48 | + |
| 49 | +# Create instance directory if using Flask instance folder |
| 50 | +mkdir -p /app/instance |
| 51 | +chown "$USER_UID:$USER_GID" /app/instance |
| 52 | + |
| 53 | +# Export the user for gosu |
| 54 | +export USER=appuser |
| 55 | + |
| 56 | +echo "Running as UID: $(id -u appuser), GID: $(id -g appuser)" |
| 57 | + |
| 58 | +# Execute the main command as the specified user |
| 59 | +exec gosu "$USER_UID:$USER_GID" "$@" |
0 commit comments