Allow setting www-data UID and GID id at runtime

2021-11-24 15:04:18 +01:00 · 2021-11-24 15:04:18 +01:00 · a24ecbd1b4
commit a24ecbd1b4
parent 7151ceadc3
4 changed files with 43 additions and 9 deletions
--- a/nginx_web/Dockerfile
+++ b/nginx_web/Dockerfile
@ -2,9 +2,9 @@ FROM nginx:alpine

 ENV PHP_FPM="php:9000"

-RUN deluser xfs && \
-    delgroup www-data && \
-    adduser -DH -h /home/www-data -s /sbin/nologin -u 33 www-data
+ENV WWW_DATA_UID=33 WWW_DATA_GID=33
+
+RUN apk add --no-cache shadow

 RUN find /etc/nginx -type f -not -name 'mime.types' -not -name 'fastcgi_params' -delete && \
    rm -rf conf.d modules
--- a/nginx_web/entrypoint.sh
+++ b/nginx_web/entrypoint.sh
@ -1,5 +1,24 @@
 #!/bin/sh

+if [ -n "$(getent passwd "$WWW_DATA_UID")" ]
+then
+    USERNAME=$(getent passwd "$WWW_DATA_UID" | cut -d: -f1)
+    echo "Deleting user $USERNAME which already uses UID $WWW_DATA_UID"
+    deluser "$USERNAME"
+fi
+
+if [ -n "$(getent group "$WWW_DATA_GID")" ]
+then
+    GROUPNAME=$(getent passwd "$WWW_DATA_GID" | cut -d: -f1)
+    echo "Deleting group $GROUPNAME which already uses GID $WWW_DATA_GID"
+    delgroup "$GROUPNAME"
+fi
+
+# for some reason, a www-data group exists by default but a www-data user doesn't
+echo "Adding www-data user with UID $WWW_DATA_UID and setting www-data GID to $WWW_DATA_GID"
+groupmod -g "$WWW_DATA_GID" www-data
+adduser -D -G www-data -u "$WWW_DATA_UID" www-data
+
 cat > /etc/nginx/php.conf << EOL
 upstream php-handler {
    server ${PHP_FPM};
--- a/php_fpm/Dockerfile
+++ b/php_fpm/Dockerfile
@ -5,12 +5,9 @@ ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/do
 RUN chmod +x /usr/local/bin/install-php-extensions && \
    install-php-extensions gd pdo_mysql mysqli zip exif

-# Set www-data user and group to id 33 which is standard in Debian
-RUN deluser xfs && \
-    apk add --no-cache shadow && \
-    usermod -u 33 www-data && \
-    groupmod -g 33 www-data && \
-    apk del shadow
+ENV WWW_DATA_UID=33 WWW_DATA_GID=33
+
+RUN apk add --no-cache shadow

 RUN { \
        echo "upload_max_filesize = 512M"; \
--- a/php_fpm/entrypoint.sh
+++ b/php_fpm/entrypoint.sh
@ -1,6 +1,24 @@
 #!/bin/sh
 set -e

+if [ -n "$(getent passwd "$WWW_DATA_UID")" ]
+then
+    USERNAME=$(getent passwd "$WWW_DATA_UID" | cut -d: -f1)
+    echo "Deleting user $USERNAME which already uses UID $WWW_DATA_UID"
+    deluser "$USERNAME"
+fi
+
+if [ -n "$(getent group "$WWW_DATA_GID")" ]
+then
+    GROUPNAME=$(getent passwd "$WWW_DATA_GID" | cut -d: -f1)
+    echo "Deleting group $GROUPNAME which already uses GID $WWW_DATA_GID"
+    delgroup "$GROUPNAME"
+fi
+
+echo "Setting www-data uid:gid to $WWW_DATA_UID:$WWW_DATA_GID"
+usermod -u "$WWW_DATA_UID" www-data
+groupmod -g "$WWW_DATA_GID" www-data
+
 if [ -n "$(ls -A /data 2>/dev/null)" ]
 then
    echo "Data directory contains files, not downloading NamelessMC"