From da7c5efd1a4fbdf6fab4743a07d88d1d94fb27e5 Mon Sep 17 00:00:00 2001 From: Sai Charan Date: Tue, 31 Dec 2024 00:53:14 +0530 Subject: [PATCH 1/2] get rid of the default user 'app' with pre-defined uid and gid, take the uid and gid values from the user for persistant storage creation --- Dockerfile | 4 ++-- docker/entrypoint.sh | 12 ++++++++++++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index d41a651c..f0ca68d7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -50,7 +50,7 @@ WORKDIR /app EXPOSE 80 -RUN addgroup -g 1000 -S app && adduser -u 1000 -S app -G app +# RUN addgroup -g 1000 -S app && adduser -u 1000 -S app -G app COPY --from=builder --chown=app:app /usr/local/bundle/ /usr/local/bundle/ COPY --from=builder --chown=app:app /app/ /app/ @@ -58,7 +58,7 @@ COPY --from=builder --chown=app:app /app/ /app/ # Forwards media listener logs to stdout so they can be captured in docker logs. RUN ln -sf /dev/stdout /app/log/media_listener_production.log -USER app +# USER app ENTRYPOINT ["docker/entrypoint.sh"] diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index cceba0b0..d59bf71c 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -1,5 +1,17 @@ #!/bin/sh +# Default to UID and GID 1000 if not provided +USER_ID=${UID:-1000} +GROUP_ID=${GID:-1000} + +# Create group and user with the specified IDs +addgroup -g "$GROUP_ID" usergroup +adduser -u "$USER_ID" -G usergroup username + +# Change ownership of the working directory +chown -R "$USER_ID":"$GROUP_ID" /media_data + + if [ -z ${SECRET_KEY_BASE+x} ]; then echo "Generating SECRET_KEY_BASE environment variable." echo "Please attention, all old sessions will become invalid." From ec0edce14dc1b862a79fdabf2937851bf9398dea Mon Sep 17 00:00:00 2001 From: Sai Charan Date: Tue, 31 Dec 2024 01:03:44 +0530 Subject: [PATCH 2/2] use the env var MEDIA_PATH from the docker run command to set user/group permissions inside the entrypoint --- README.md | 8 ++++++++ docker/entrypoint.sh | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 158d0aac..02cf1a8b 100644 --- a/README.md +++ b/README.md @@ -79,6 +79,14 @@ docker run -p 3000:3000 ghcr.io/blackcandy-org/blackcandy:latest ### Media Files Mounts +You can mount media files from host to container and use `MEDIA_PATH` environment variable to set the media path for black candy. You can now provide the uid and gid as env arguments so that the permissions of "" is properly aligned with media path set for black candy above. + +```shell +docker run -e UID=$(id -u) -e GID=$(id -g) -v :/media_data -e MEDIA_PATH=/media_data ghcr.io/blackcandy-org/blackcandy:latest +``` + +### Media Files Mounts + You can mount media files from host to container and use `MEDIA_PATH` environment variable to set the media path for black candy. ```shell diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index d59bf71c..f7ea34c0 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -9,7 +9,7 @@ addgroup -g "$GROUP_ID" usergroup adduser -u "$USER_ID" -G usergroup username # Change ownership of the working directory -chown -R "$USER_ID":"$GROUP_ID" /media_data +chown -R "$USER_ID":"$GROUP_ID" "$MEDIA_PATH" if [ -z ${SECRET_KEY_BASE+x} ]; then