fix docker permission issues

Signed-off-by: Adrian Gebhart <adrian@pestotoast.de>

Containers/mastercontainer/Dockerfile

@@ -75,14 +75,8 @@ RUN chmod +x /usr/bin/start.sh; \
     chmod +r /Caddyfile; \
     chmod +x /cron.sh
 
-# add docker group
-RUN groupadd -g 998 docker && \
-    usermod -aG docker www-data
-
 # Give root a random password
 RUN echo "root:$(openssl rand -base64 12)" | chpasswd
 
-USER www-data
-
 ENTRYPOINT ["start.sh"]
 CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]

Containers/mastercontainer/start.sh

@@ -10,9 +10,15 @@ print_green() {
 if ! [ -a "/var/run/docker.sock" ]; then
     echo "Docker socket is not available. Cannot continue."
     exit 1
-elif ! test -r /var/run/docker.sock; then
-    echo "Docker socket is not readable by the www-data user. Cannot continue."
-    exit 1
+elif ! su www-data -s /bin/bash -c "test -r /var/run/docker.sock"; then
+    echo "Trying to fix docker.sock permissions..."
+    GROUP=$(stat -c '%g' /var/run/docker.sock)
+    groupadd -g "$GROUP" docker && \
+    usermod -aG docker www-data
+    if ! su www-data -s /bin/bash -c "test -r /var/run/docker.sock"; then
+        echo "Docker socket is not readable by the www-data user. Cannot continue."
+        exit 1
+    fi
 fi
 
 # Check if volume is writeable
@@ -58,7 +64,7 @@ if [ -f ./ssl.crt ] && [ -f ./ssl.key ]; then
     cp "$GENERATED_CERTS/ssl.crt" ./
     cp "$GENERATED_CERTS/ssl.key" ./
 fi
-
+chown -R www-data /mnt/docker-aio-config /etc/apache2/certs/ssl.*
 print_green "Initial startup of Nextcloud All In One complete!
 You should be able to open the Nextcloud AIO Interface now on port 8080 of this server!
 E.g. https://internal.ip.of.this.server:8080

Containers/mastercontainer/supervisord.conf

@@ -5,26 +5,22 @@ logfile=/var/log/supervisord/supervisord.log
 pidfile=/var/run/supervisord/supervisord.pid
 childlogdir=/var/log/supervisord/
 logfile_maxbytes=50MB                           
-logfile_backups=10                              
+logfile_backups=10                 
 loglevel=error
+user=www-data
+environment=HOME="/var/www/docker-aio",USER="www-data"
 
 [program:apache]
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
 command=apache2-foreground
+user=www-data
+environment=HOME="/var/www/docker-aio",USER="www-data"
 
 [program:caddy]
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
 command=/usr/bin/caddy run -config /Caddyfile
+user=www-data
+environment=HOME="/var/www/docker-aio",USER="www-data"
 
 [program:cron]
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
 command=/cron.sh
+user=www-data
+environment=HOME="/var/www/docker-aio",USER="www-data"