From e676503f65ca26b51210c3f1fca585d9f6255e10 Mon Sep 17 00:00:00 2001 From: Michael Serajnik Date: Sun, 5 Jan 2020 20:49:12 +0100 Subject: [PATCH] feat: add ability to define custom UID/GID at container creation --- CHANGELOG.md | 5 +++++ Dockerfile | 25 ++++++------------------- README.md | 39 +++++++++++++++++++++------------------ docker-entrypoint.sh | 15 ++++++--------- docker-start.sh | 13 +++++++++++++ 5 files changed, 51 insertions(+), 46 deletions(-) create mode 100644 docker-start.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index b44be30..de160a9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] +### Added + ++ Added the ability to define custom UID and GID for the Docker container at + container creation + ## [3.21.0] - 2020-01-02 ### Changed diff --git a/Dockerfile b/Dockerfile index 44893d5..2b97d9e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,35 +1,20 @@ FROM python:3.8-slim-buster -ARG HOST_USER_ID=1000 -ARG HOST_GROUP_ID=1000 - -ENV HOST_USER_ID=$HOST_USER_ID -ENV HOST_GROUP_ID=$HOST_GROUP_ID - -RUN \ - if [ $(getent group ${HOST_GROUP_ID}) ]; then \ - useradd -r -u ${HOST_USER_ID} hydrus; \ - else \ - groupadd -g ${HOST_GROUP_ID} hydrus && \ - useradd -r -u ${HOST_USER_ID} -g hydrus hydrus; \ - fi - WORKDIR /usr/src/app COPY ./hydrus . COPY ./deb . RUN \ - chown -R hydrus:hydrus /usr/src/app && \ chmod +x \ server.py \ bin/swfrender_linux \ bin/upnpc_linux && \ mkdir /data && \ - chown -R hydrus:hydrus /data && \ apt-get update && apt-get install --no-install-recommends -y \ build-essential \ ffmpeg \ + gosu \ multiarch-support \ wget && \ dpkg -i libjpeg8_8d-2_amd64.deb && \ @@ -59,7 +44,10 @@ RUN \ rm -rf /var/lib/apt/lists/* COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint -RUN chmod +x /usr/local/bin/docker-entrypoint +COPY docker-start.sh /usr/local/bin/docker-start +RUN \ + chmod +x /usr/local/bin/docker-entrypoint && \ + chmod +x /usr/local/bin/docker-start EXPOSE 45870/tcp 45871/tcp 45872/tcp @@ -69,6 +57,5 @@ HEALTHCHECK --interval=1m --timeout=10s --retries=3 \ VOLUME /data -USER hydrus - ENTRYPOINT ["docker-entrypoint"] +CMD ["docker-start"] diff --git a/README.md b/README.md index d2b5fa4..e234484 100644 --- a/README.md +++ b/README.md @@ -15,8 +15,9 @@ The latest build runs [hydrus server version 379][hydrus-server-version]. + [Upgrading from 2.x to 3.x](#upgrading-from-2x-to-3x) + [Upgrading from 1.x to 2.x](#upgrading-from-1x-to-2x) + [Usage](#usage) - + [Additional configuration when building](#additional-configuration-when-building) - + [UID/GID](#uidgid) + + [Ports](#ports) + + [Storage](#storage) + + [UID/GID](#uidgid) + [Donate](#donate) + [Maintainer](#maintainer) + [Contribute](#contribute) @@ -87,6 +88,8 @@ making it easier to adapt for future changes/dependencies. ## Usage +### Ports + First, you need to bind the exposed ports. This can be done automatically using `-P` but it is recommended to bind them manually instead since having changing ports every time you run a new container might be annoying when used @@ -103,6 +106,8 @@ for the server administration service while `45871` and `45872` are used for repositories. You will generally have two (one for tags and one for files), but if you add more, you will also need to expose additional ports. +### Storage + Per default, hydrus-server-docker stores its databases and media inside the `/data` directory which is a mount point that is persisted as a volume. A new volume will be created every time a container is created, making it less ideal @@ -113,11 +118,22 @@ mount that over it: user@local:~$ docker volume create hydrus-server-data ``` -After creating your named volume, you can run the container. Here is a full -example with all the options mentioned above: +### UID/GID + +The user that owns the data and runs the server inside the container has the +UID `1000` and the GID `1000` by default. You can change these by providing the +environment variables `CUSTOM_UID` and `CUSTOM_GID` when creating a container. + +This is useful if you want to access the data outside the container with a user +with different IDs without hassle. In such a case, `CUSTOM_UID` and +`CUSTOM_GID` should match the user that is going to access the data on the +host. + +Here is a full example for running the container with all the options mentioned +above: ```zsh -user@local:~$ docker run -p 45870:45870 -p 45871:45871 -p 45872:45872 -v hydrus-server-data:/data -d mserajnik/hydrus-server-docker +user@local:~$ docker run -p 45870:45870 -p 45871:45871 -p 45872:45872 -v hydrus-server-data:/data -e CUSTOM_UID=1000 -e CUSTOM_GID=1000 -d mserajnik/hydrus-server-docker ``` Specifying the same named volume every time a container is created gives each @@ -127,19 +143,6 @@ Of course, using a bind mount instead of a named volume is also possible but for performance reasons only recommended if you need easy access to the data on the host machine. -### Additional configuration when building - -#### UID/GID - -By default, the user that owns the data and runs the server inside the -container has the UID `1000` and the GID `1000`. You can make a build providing -the arguments `HOST_USER_ID` and `HOST_GROUP_ID` to change these defaults. - -This is useful if you want to access the data outside the container with a user -with different ID's without hassle. In such a case, `HOST_USER_ID` and -`HOST_GROUP_ID` should match the user that is going to access the data on the -host. - ## Donate If you like hydrus-server-docker and want to buy me a coffee, feel free to diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 2369c66..62937a4 100644 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -1,13 +1,10 @@ #!/bin/bash -. venv/bin/activate +USER_ID=${CUSTOM_UID:-1000} +GROUP_ID=${CUSTOM_GID:-1000} -stop() { - ./server.py stop -d="/data" -} +echo "Setting permissions to UID/GID ${USER_ID}/${GROUP_ID}." +chown ${USER_ID}:${GROUP_ID} -R /usr/src/app +chown ${USER_ID}:${GROUP_ID} -R /data -trap "stop" SIGTERM - -./server.py -d="/data" & - -wait $! +exec gosu ${USER_ID}:${GROUP_ID} "$@" diff --git a/docker-start.sh b/docker-start.sh new file mode 100644 index 0000000..2369c66 --- /dev/null +++ b/docker-start.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +. venv/bin/activate + +stop() { + ./server.py stop -d="/data" +} + +trap "stop" SIGTERM + +./server.py -d="/data" & + +wait $!