docker-uid
Zef Hemel 2023-11-27 14:44:39 +00:00
parent bbe36da3ce
commit 14f0cd5435
2 changed files with 25 additions and 19 deletions

View File

@ -1,9 +1,12 @@
FROM lukechannings/deno:v1.38.2 FROM lukechannings/deno:v1.38.3
# The volume that will keep the space data # The volume that will keep the space data
# Create a volume first:
# Either create a volume:
# docker volume create myspace # docker volume create myspace
# Then bind-mount it when running the container with the -v flag, e.g.: # Then bind-mount it when running the container with the -v flag, e.g.:
# docker run -v myspace:/space -p3000:3000 -it zefhemel/silverbullet # docker run -v myspace:/space -p3000:3000 -it zefhemel/silverbullet
# Or simply mount an existing folder into the container:
# docker run -v /path/to/my/folder:/space -p3000:3000 -it zefhemel/silverbullet
VOLUME /space VOLUME /space
# Accept TARGETARCH as argument # Accept TARGETARCH as argument
@ -13,7 +16,6 @@ ARG TARGETARCH
ENV TINI_VERSION v0.19.0 ENV TINI_VERSION v0.19.0
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${TARGETARCH} /tini ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${TARGETARCH} /tini
# Make sure the deno user has access to the space volume # Make sure the deno user has access to the space volume
RUN mkdir -p /space \ RUN mkdir -p /space \
&& chmod +x /tini \ && chmod +x /tini \
@ -34,11 +36,13 @@ RUN mkdir -p /space \
# Port map this when running, e.g. with -p 3002:3000 (where 3002 is the host port) # Port map this when running, e.g. with -p 3002:3000 (where 3002 is the host port)
EXPOSE 3000 EXPOSE 3000
# Always binding to this IP, otherwise the server wouldn't be available
ENV SB_HOSTNAME 0.0.0.0 ENV SB_HOSTNAME 0.0.0.0
ENV SB_FOLDER /space ENV SB_FOLDER /space
# Copy the bundled version of silverbullet into the container # Copy the bundled version of silverbullet into the container
ADD ./dist/silverbullet.js /silverbullet.js ADD ./dist/silverbullet.js /silverbullet.js
# As well as the docker-entrypoint.sh script
ADD ./docker-entrypoint.sh /docker-entrypoint.sh ADD ./docker-entrypoint.sh /docker-entrypoint.sh
# Run the server, allowing to pass in additional argument at run time, e.g. # Run the server, allowing to pass in additional argument at run time, e.g.

View File

@ -1,25 +1,27 @@
#!/bin/bash #!/bin/bash -e
# Check if UID and GID are passed as environment variables # Check if UID and GID are passed as environment variables, if not, extract from the space folder owner
if [ -z "$UID" ]; then if [ -z "$PUID" ]; then
# Get the UID of the folder owner # Get the UID of the folder owner
UID=$(stat -c "%u" "$SB_FOLDER") PUID=$(stat -c "%u" "$SB_FOLDER")
echo "Will run SilverBullet with UID $PUID, inferred from the owner of $SB_FOLDER (set PUID environment variable to override)"
fi fi
if [ -z "$PGID" ]; then
if [ -z "$GID" ]; then
# Get the GID of the folder owner # Get the GID of the folder owner
GID=$(stat -c "%g" "$SB_FOLDER") PGID=$(stat -c "%g" "$SB_FOLDER")
fi fi
echo "Doing this as $UID, $GID" if [ "$PUID" -eq "0" ]; then
echo "Will run SilverBullet as root"
ls -l /space
if [ "$UID" -eq 0 ]; then
# If the UID is 0, the user is root
deno run -A --unstable /silverbullet.js $@ deno run -A --unstable /silverbullet.js $@
exit
else else
useradd -M -u $UID -g $GID silverbullet # Create silverbullet user and group ad-hoc mapped to PUID and PGID
su silverbullet -s /bin/bash -c "deno run -A --unstable /silverbullet.js $@" groupadd -g $PGID silverbullet
useradd -M -u $PUID -g $PGID silverbullet
# And make sure /deno-dir (Deno cache) is accessible
chown -R $PUID:$PGID /deno-dir
# And run via su as the newly mapped 'silverbullet' user
args="$@"
su silverbullet -s /bin/bash -c "deno run -A --unstable /silverbullet.js $args"
fi fi