bublik-docker/entrypoint-common.sh at main · interpretica-io/bublik-docker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
#!/bin/bash

# Common utility functions for entrypoint scripts

setup_umask() {
    if [ -n "${UMASK}" ]; then
        echo "Setting umask to ${UMASK}"
        umask ${UMASK}
    fi
}

ensure_directory() {
    local dir="$1"
    if [ -n "$dir" ]; then
        mkdir -p "$dir"
    fi
}

setup_permissions() {
    for dir in "$@"; do
        if [ -d "$dir" ]; then
            echo "Setting up permissions for $dir"
            chown -R www-data:www-data "$dir"
            chmod -R 2775 "$dir"
            find "$dir" -type f -exec chmod 664 {} \; 2>/dev/null || true
        fi
    done
}

exec_as_user() {
    if [ "$(id -u)" -eq 0 ]; then
        CONTAINER_UID=${HOST_UID:-1000}
        CONTAINER_GID=${HOST_GID:-1000}
        echo "Executing as user ${CONTAINER_UID}:${CONTAINER_GID}"
        exec gosu ${CONTAINER_UID}:${CONTAINER_GID} "$@"
    else
        # Already running as non-root
        echo "Already running as $(id -u):$(id -g)"
        exec "$@"
    fi
}

setup_service_user() {
    local username="$1"
    local config_file="$2"

    if [ "$(id -u)" -ne 0 ]; then
        return
    fi

    CONTAINER_UID=${HOST_UID:-1000}
    CONTAINER_GID=${HOST_GID:-1000}

    if id -u ${CONTAINER_UID} >/dev/null 2>&1; then
        echo "User with UID ${CONTAINER_UID} already exists, using that user"
        CUSTOM_USER=$(id -nu ${CONTAINER_UID} 2>/dev/null || echo "custom_user")
    else
        echo "Creating custom user with UID ${CONTAINER_UID}"
        CUSTOM_USER="custom_user"
        useradd -u ${CONTAINER_UID} -o -m ${CUSTOM_USER} 2>/dev/null || true
    fi

    if getent group ${CONTAINER_GID} >/dev/null 2>&1; then
        echo "Group with GID ${CONTAINER_GID} already exists, using that group"
        CUSTOM_GROUP=$(getent group ${CONTAINER_GID} | cut -d: -f1)
    else
        echo "Creating custom group with GID ${CONTAINER_GID}"
        CUSTOM_GROUP="custom_group"
        groupadd -g ${CONTAINER_GID} -o ${CUSTOM_GROUP} 2>/dev/null || true
    fi

    if [ -n "$config_file" ] && [ -f "$config_file" ]; then
        if [ ! -f "${config_file}.orig" ]; then
            cp "$config_file" "${config_file}.orig"
        fi

        sed -i "s/export ${username}_USER=.*/export ${username}_USER=${CUSTOM_USER}/" "$config_file"
        sed -i "s/export ${username}_GROUP=.*/export ${username}_GROUP=${CUSTOM_GROUP}/" "$config_file"
    fi

    echo "Service user setup complete: ${CUSTOM_USER}:${CUSTOM_GROUP}"
}