Use legacy mode when user runs with --user parameter, otherwise, use su-exec

2025-04-03 20:27:36 +03:00 · 2022-06-05 09:55:22 +08:00 · 2022-06-05 09:55:22 +08:00 · efb0001708
commit efb0001708
parent 7a5ea73de2
2 changed files with 23 additions and 36 deletions
--- a/28
+++ b/28
@ -5,43 +5,31 @@ COPY ui ./
 RUN npm ci && \
    node_modules/.bin/ng build --prod

-FROM golang:alpine3.15 as gosu-builder
-
-RUN apk --update --no-cache add \
-    git
-
-RUN git clone -b 1.14 --depth 1 --single-branch https://github.com/tianon/gosu /src
-
-RUN cd /src && go build -o bin/gosu
-
 FROM python:3.8-alpine

 WORKDIR /app

 COPY Pipfile* ./

-ADD docker-entrypoint.sh /opt/scripts/docker-entrypoint.sh
-
 RUN apk add --update ffmpeg && \
    apk add --update --virtual .build-deps gcc g++ musl-dev && \
    pip install --no-cache-dir pipenv && \
    pipenv install --system --deploy --clear && \
    pip uninstall pipenv -y && \
-    apk add --update coreutils  shadow && \
+    apk add --update coreutils shadow su-exec && \
    apk del .build-deps && \
-    rm -rf /var/cache/apk/* && \
-    chmod +x /opt/scripts/docker-entrypoint.sh && \
-    useradd metube
+    rm -rf /var/cache/apk/*
+
+ADD docker-entrypoint.sh /opt/scripts/docker-entrypoint.sh
+RUN chmod +x /opt/scripts/docker-entrypoint.sh

 COPY favicon ./favicon
 COPY app ./app
 COPY --from=builder /metube/dist/metube ./ui/dist/metube
-COPY --from=gosu-builder /src/bin/ /bin

-ENV UID=99
-ENV GID=100
-ENV UMASK=002
-ENV TZ=Etc/UTC
+ENV UID=0
+ENV GID=0
+ENV UMASK=000

 ENV DOWNLOAD_DIR /downloads
 ENV STATE_DIR /downloads/.metube
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@ -1,19 +1,18 @@
 #!/bin/sh

-USER=metube
+echo "You are running with user `id -u`:`id -g`"

-echo "---Setup Timezone to ${TZ}---"
-echo "${TZ}" > /etc/timezone
-echo "---Checking if UID: ${UID} matches user---"
-usermod -o -u ${UID} ${USER}
-echo "---Checking if GID: ${GID} matches user---"
-groupmod -o -g ${GID} ${USER} > /dev/null 2>&1 ||:
-usermod -g ${GID} ${USER}
-echo "---Setting umask to ${UMASK}---"
-umask ${UMASK}
-
-mkdir -p ${DOWNLOAD_DIR} ${STATE_DIR}
-
-chown -R ${UID}:${GID} /app ${DOWNLOAD_DIR} ${STATE_DIR}
-
-gosu ${USER} python3 app/main.py
+if [ `id -u` -eq 0 ] && [ `id -g` -eq 0 ]; then
+    echo "Running in New Mode"
+    if [ "${UID}" -eq 0 ]; then
+        echo "Waring, it is not recommended to run as root user, please check if you have set the UID environment variable"
+    fi
+    echo "Setting umask to ${UMASK}"
+    umask ${UMASK}
+    mkdir -p "${DOWNLOAD_DIR}" "${STATE_DIR}"
+    chown -R "${UID}":"${GID}" /app "${DOWNLOAD_DIR}" "${STATE_DIR}"
+    su-exec "${UID}":"${GID}" python3 app/main.py
+else
+    echo "Running in Legacy Mode"
+    python3 app/main.py
+fi