112 lines
3.5 KiB
Bash
Executable file
112 lines
3.5 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
|
|
DOCKER_ARCH=${DOCKER_ARCH:-arch}
|
|
DOCKER_ENV=${DOCKER_ENV:-unknown}
|
|
DOCKER_TAG=${DOCKER_TAG:-unknown}
|
|
|
|
if [[ $(id -u) == "0" ]]; then
|
|
echo "started as root"
|
|
|
|
if [[ ! -e /opt/photoprism/.init ]] && [[ ${PHOTOPRISM_INIT} ]]; then
|
|
for target in $PHOTOPRISM_INIT; do
|
|
echo "init ${target}..."
|
|
make -f /opt/photoprism/scripts/Makefile "${target}"
|
|
done
|
|
echo 1 >/opt/photoprism/.init
|
|
fi
|
|
else
|
|
echo "started as uid $(id -u)"
|
|
fi
|
|
|
|
re='^[0-9]+$'
|
|
|
|
# check for alternate umask variable
|
|
if [[ -z ${PHOTOPRISM_UMASK} ]] && [[ ${UMASK} =~ $re ]] && [[ ${#UMASK} == 4 ]]; then
|
|
PHOTOPRISM_UMASK=${UMASK}
|
|
fi
|
|
|
|
# set file-creation mode (umask)
|
|
if [[ ${PHOTOPRISM_UMASK} =~ $re ]] && [[ ${#PHOTOPRISM_UMASK} == 4 ]]; then
|
|
umask "${PHOTOPRISM_UMASK}"
|
|
else
|
|
umask 0002
|
|
fi
|
|
|
|
# show info
|
|
echo "image: $DOCKER_ARCH-$DOCKER_ENV"
|
|
echo "build: $DOCKER_TAG"
|
|
echo "umask: \"$(umask)\" ($(umask -S))"
|
|
|
|
# script must run as root to perform changes
|
|
if [[ $(id -u) == "0" ]]; then
|
|
# check for alternate user ID env variables
|
|
if [[ -z ${PHOTOPRISM_UID} ]]; then
|
|
if [[ ${UID} =~ $re ]] && [[ ${UID} != "0" ]]; then
|
|
PHOTOPRISM_UID=${UID}
|
|
elif [[ ${PUID} =~ $re ]] && [[ ${PUID} != "0" ]]; then
|
|
PHOTOPRISM_UID=${PUID}
|
|
fi
|
|
fi
|
|
|
|
# check for alternate group ID env variables
|
|
if [[ -z ${PHOTOPRISM_GID} ]]; then
|
|
if [[ ${GID} =~ $re ]] && [[ ${GID} != "0" ]]; then
|
|
PHOTOPRISM_GID=${GID}
|
|
elif [[ ${PGID} =~ $re ]] && [[ ${PGID} != "0" ]]; then
|
|
PHOTOPRISM_GID=${PGID}
|
|
fi
|
|
fi
|
|
|
|
# check uid and gid env variables
|
|
if [[ ${PHOTOPRISM_UID} =~ $re ]] && [[ ${PHOTOPRISM_UID} != "0" ]] && [[ ${PHOTOPRISM_GID} =~ $re ]] && [[ ${PHOTOPRISM_GID} != "0" ]]; then
|
|
# RUN AS SPECIFIED USER + GROUP ID
|
|
groupadd -g "${PHOTOPRISM_GID}" "group_${PHOTOPRISM_GID}" 2>/dev/null
|
|
useradd -o -u "${PHOTOPRISM_UID}" -g "${PHOTOPRISM_GID}" -d /photoprism "user_${PHOTOPRISM_UID}" 2>/dev/null
|
|
usermod -g "${PHOTOPRISM_GID}" "user_${PHOTOPRISM_UID}" 2>/dev/null
|
|
|
|
if [[ -z ${PHOTOPRISM_DISABLE_CHOWN} ]]; then
|
|
echo "updating filesystem permissions..."
|
|
echo "PHOTOPRISM_DISABLE_CHOWN: \"true\" disables filesystem permission updates"
|
|
chown --preserve-root -Rcf "${PHOTOPRISM_UID}:${PHOTOPRISM_GID}" /photoprism /opt/photoprism
|
|
chmod --preserve-root -Rcf u+rwX /photoprism /opt/photoprism
|
|
fi
|
|
|
|
echo "switching to uid ${PHOTOPRISM_UID}:${PHOTOPRISM_GID}"
|
|
echo "${@}"
|
|
|
|
gosu "${PHOTOPRISM_UID}:${PHOTOPRISM_GID}" audit.sh && gosu "${PHOTOPRISM_UID}:${PHOTOPRISM_GID}" "$@" &
|
|
elif [[ ${PHOTOPRISM_UID} =~ $re ]] && [[ ${PHOTOPRISM_UID} != "0" ]]; then
|
|
# RUN AS SPECIFIED USER ID
|
|
useradd -o -u "${PHOTOPRISM_UID}" -g 1000 -d /photoprism "user_${PHOTOPRISM_UID}" 2>/dev/null
|
|
usermod -g 1000 "user_${PHOTOPRISM_UID}" 2>/dev/null
|
|
|
|
if [[ -z ${PHOTOPRISM_DISABLE_CHOWN} ]]; then
|
|
echo "updating filesystem permissions..."
|
|
echo "PHOTOPRISM_DISABLE_CHOWN: \"true\" disables filesystem permission updates"
|
|
chown --preserve-root -Rcf "${PHOTOPRISM_UID}" /photoprism /opt/photoprism
|
|
chmod --preserve-root -Rcf u+rwX /photoprism /opt/photoprism
|
|
fi
|
|
|
|
echo "switching to uid ${PHOTOPRISM_UID}"
|
|
echo "${@}"
|
|
|
|
gosu "${PHOTOPRISM_UID}" audit.sh && gosu "${PHOTOPRISM_UID}" "$@" &
|
|
else
|
|
# RUN AS ROOT
|
|
echo "running as root"
|
|
echo "${@}"
|
|
|
|
audit.sh && "$@" &
|
|
fi
|
|
else
|
|
# RUN AS NON-ROOT USER
|
|
echo "running as uid $(id -u)"
|
|
echo "${@}"
|
|
|
|
audit.sh && "$@" &
|
|
fi
|
|
|
|
PID=$!
|
|
|
|
trap "kill $PID" INT TERM
|
|
wait
|