From a24ecbd1b4460fdbab4a3d39b1f086f281837dd9 Mon Sep 17 00:00:00 2001 From: Robin Date: Wed, 24 Nov 2021 15:04:18 +0100 Subject: [PATCH] Allow setting www-data UID and GID id at runtime --- nginx_web/Dockerfile | 6 +++--- nginx_web/entrypoint.sh | 19 +++++++++++++++++++ php_fpm/Dockerfile | 9 +++------ php_fpm/entrypoint.sh | 18 ++++++++++++++++++ 4 files changed, 43 insertions(+), 9 deletions(-) diff --git a/nginx_web/Dockerfile b/nginx_web/Dockerfile index fca72df..fdfc488 100644 --- a/nginx_web/Dockerfile +++ b/nginx_web/Dockerfile @@ -2,9 +2,9 @@ FROM nginx:alpine ENV PHP_FPM="php:9000" -RUN deluser xfs && \ - delgroup www-data && \ - adduser -DH -h /home/www-data -s /sbin/nologin -u 33 www-data +ENV WWW_DATA_UID=33 WWW_DATA_GID=33 + +RUN apk add --no-cache shadow RUN find /etc/nginx -type f -not -name 'mime.types' -not -name 'fastcgi_params' -delete && \ rm -rf conf.d modules diff --git a/nginx_web/entrypoint.sh b/nginx_web/entrypoint.sh index 26fd98f..3326ec3 100644 --- a/nginx_web/entrypoint.sh +++ b/nginx_web/entrypoint.sh @@ -1,5 +1,24 @@ #!/bin/sh +if [ -n "$(getent passwd "$WWW_DATA_UID")" ] +then + USERNAME=$(getent passwd "$WWW_DATA_UID" | cut -d: -f1) + echo "Deleting user $USERNAME which already uses UID $WWW_DATA_UID" + deluser "$USERNAME" +fi + +if [ -n "$(getent group "$WWW_DATA_GID")" ] +then + GROUPNAME=$(getent passwd "$WWW_DATA_GID" | cut -d: -f1) + echo "Deleting group $GROUPNAME which already uses GID $WWW_DATA_GID" + delgroup "$GROUPNAME" +fi + +# for some reason, a www-data group exists by default but a www-data user doesn't +echo "Adding www-data user with UID $WWW_DATA_UID and setting www-data GID to $WWW_DATA_GID" +groupmod -g "$WWW_DATA_GID" www-data +adduser -D -G www-data -u "$WWW_DATA_UID" www-data + cat > /etc/nginx/php.conf << EOL upstream php-handler { server ${PHP_FPM}; diff --git a/php_fpm/Dockerfile b/php_fpm/Dockerfile index 1fdf8cf..317a593 100644 --- a/php_fpm/Dockerfile +++ b/php_fpm/Dockerfile @@ -5,12 +5,9 @@ ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/do RUN chmod +x /usr/local/bin/install-php-extensions && \ install-php-extensions gd pdo_mysql mysqli zip exif -# Set www-data user and group to id 33 which is standard in Debian -RUN deluser xfs && \ - apk add --no-cache shadow && \ - usermod -u 33 www-data && \ - groupmod -g 33 www-data && \ - apk del shadow +ENV WWW_DATA_UID=33 WWW_DATA_GID=33 + +RUN apk add --no-cache shadow RUN { \ echo "upload_max_filesize = 512M"; \ diff --git a/php_fpm/entrypoint.sh b/php_fpm/entrypoint.sh index 71900a7..137fc0c 100644 --- a/php_fpm/entrypoint.sh +++ b/php_fpm/entrypoint.sh @@ -1,6 +1,24 @@ #!/bin/sh set -e +if [ -n "$(getent passwd "$WWW_DATA_UID")" ] +then + USERNAME=$(getent passwd "$WWW_DATA_UID" | cut -d: -f1) + echo "Deleting user $USERNAME which already uses UID $WWW_DATA_UID" + deluser "$USERNAME" +fi + +if [ -n "$(getent group "$WWW_DATA_GID")" ] +then + GROUPNAME=$(getent passwd "$WWW_DATA_GID" | cut -d: -f1) + echo "Deleting group $GROUPNAME which already uses GID $WWW_DATA_GID" + delgroup "$GROUPNAME" +fi + +echo "Setting www-data uid:gid to $WWW_DATA_UID:$WWW_DATA_GID" +usermod -u "$WWW_DATA_UID" www-data +groupmod -g "$WWW_DATA_GID" www-data + if [ -n "$(ls -A /data 2>/dev/null)" ] then echo "Data directory contains files, not downloading NamelessMC"