From f0f04b85692fb6bba785999c2646564dee91f369 Mon Sep 17 00:00:00 2001
From: me|kor <melkor@dystopianfuture.de>
Date: Thu, 11 May 2023 09:40:29 +0200
Subject: [PATCH] Added silverbullet user with 1000:1000 IDs, runnign deno as
 this user (#401)

- Fixing permissions for /deno-dir as well
---
 Dockerfile | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 5059da4f..521f19b9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,13 +12,18 @@ ARG TARGETARCH
 # Adding tini manually, as it's not included anymore in the new baseimage
 ENV TINI_VERSION v0.19.0
 ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${TARGETARCH} /tini
-
 # Copy the bundled version of silverbullet into the container
 ADD ./dist/silverbullet.js /silverbullet.js
 
+ENV SILVERBULLET_UID_GID 1000
+ENV SILVERBULLET_USERNAME silverbullet
+
 # Make sure the deno user has access to the space volume
 RUN mkdir -p /space \
- && chown -R deno:deno /space \
+ && addgroup --gid ${SILVERBULLET_UID_GID} silverbullet \
+ && adduser --uid ${SILVERBULLET_UID_GID} --gid ${SILVERBULLET_UID_GID} ${SILVERBULLET_USERNAME} \
+ && chown -R ${SILVERBULLET_USERNAME}:${SILVERBULLET_USERNAME} /space \
+ && chown -R ${SILVERBULLET_USERNAME}:${SILVERBULLET_USERNAME} /deno-dir \
  && chmod +x /tini \
  && echo "**** cleanup ****" \
  && apt-get -y autoremove \
@@ -31,7 +36,7 @@ RUN mkdir -p /space \
     /usr/share/man
 
 # deno user id is 1000 in alpine image
-USER deno
+USER ${SILVERBULLET_USERNAME}
 
 # Expose port 3000
 # Port map this when running, e.g. with -p 3002:3000 (where 3002 is the host port)