diff --git a/.github/workflows/Dockerfile.ci b/.github/workflows/Dockerfile.ci index 8bd3613..6bbb8c6 100644 --- a/.github/workflows/Dockerfile.ci +++ b/.github/workflows/Dockerfile.ci @@ -56,13 +56,12 @@ ENV UID=1000 ENV GID=1000 ENV USER=lldap RUN apt update && \ - apt install -y --no-install-recommends tini ca-certificates && \ + apt install -y --no-install-recommends tini ca-certificates gosu && \ apt clean && \ rm -rf /var/lib/apt/lists/* && \ groupadd -g $GID $USER && useradd --system -m -g $USER --uid $UID $USER COPY --from=lldap --chown=$CONTAINERUSER:$CONTAINERUSER /lldap /app COPY --from=lldap --chown=$CONTAINERUSER:$CONTAINERUSER /docker-entrypoint.sh /docker-entrypoint.sh WORKDIR /app -USER $USER ENTRYPOINT ["tini", "--", "/docker-entrypoint.sh"] CMD ["run", "--config-file", "/data/lldap_config.toml"] diff --git a/.github/workflows/Dockerfile.ci.alpine b/.github/workflows/Dockerfile.ci.alpine index 53fa26e..046cd5b 100644 --- a/.github/workflows/Dockerfile.ci.alpine +++ b/.github/workflows/Dockerfile.ci.alpine @@ -56,7 +56,8 @@ WORKDIR /app ENV UID=1000 ENV GID=1000 ENV USER=lldap -RUN apk add --no-cache tini ca-certificates bash && \ +RUN echo http://mirror.math.princeton.edu/pub/alpinelinux/edge/testing/ >> /etc/apk/repositories && \ + apk add --no-cache tini ca-certificates bash gosu && \ addgroup -g $GID $USER && \ adduser \ --disabled-password \ @@ -69,6 +70,5 @@ RUN apk add --no-cache tini ca-certificates bash && \ COPY --from=lldap --chown=$CONTAINERUSER:$CONTAINERUSER /lldap /app COPY --from=lldap --chown=$CONTAINERUSER:$CONTAINERUSER /docker-entrypoint.sh /docker-entrypoint.sh WORKDIR /app -USER $USER ENTRYPOINT ["tini", "--", "/docker-entrypoint.sh"] CMD ["run", "--config-file", "/data/lldap_config.toml"] diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index e746dbf..ff7d30b 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -35,4 +35,13 @@ if [[ ! -r "$CONFIG_FILE" ]]; then exit 1; fi -exec /app/lldap "$@" +echo "> Setup permissions.." +find /app \! -user "$UID" -exec chown "$UID:$GID" '{}' + +find /data \! -user "$UID" -exec chown "$UID:$GID" '{}' + + + +echo "> Starting lldap.." +echo "" +exec gosu "$UID:$GID" /app/lldap "$@" + +exec "$@"