Merge pull request #33 from mplogas/master

Adding env for setting UID/GID

Dockerfile

@@ -70,7 +70,9 @@ ENV DEBIAN_FRONTEND="teletype" \
 	LC_ALL="de_DE.UTF-8" \
 	TZ="Europe/Berlin" \
 	PACKAGES="nano" \
-	AVAHI="false"
+	AVAHI="false"  \
+    HOSTUID=1000   \
+    HOSTGID=1000
 
 # Setting up EXPOSE for Admin
 EXPOSE 8081/tcp	

README.md

@@ -27,6 +27,8 @@ In v3.0.0 I added some new features. The following will give some short informat
 |LANG|de_DE.UTF-8|following locales are pre-generated: de_DE.UTF-8, en_US.UTF-8|
 |LC_ALL|de_DE|following locales are pre-generated: de_DE.UTF-8, en_US.UTF-8|
 |TZ|Europe/Berlin|all valid Linux-timezones|
+|SETUID|1000|for security reasons it might be useful to specify the uid of the containers iobroker user to match an existing user on the docker host|
+|SETGID|1000|for security reasons it might be useful to specify the gid of the containers iobroker user to match an existing group on the docker host|
 
 ### Mounting Folder/ Volume
 
@@ -42,6 +44,9 @@ I added some code for fixing permissions for new iobroker-user. Permission-fixin
 
 ## Changelog
 
+### v3.1.1beta (2019-09-02)
+* adding env for setting uid/ gid for iobroker-user
+
 ### v3.1.0 (2019-08-21)
 * v3.0.3beta (2019-08-21)
   * switching base image from "debian:latest" to "debian:stretch"

scripts/iobroker_startup.sh

@@ -3,6 +3,8 @@
 # Reading env-variables
 packages=$PACKAGES
 avahi=$AVAHI
+uid=$SETUID
+gid=$SETGID
 
 # Getting date and time for logging 
 dati=`date '+%Y-%m-%d %H:%M:%S'`
@@ -10,7 +12,7 @@ dati=`date '+%Y-%m-%d %H:%M:%S'`
 # Information
 echo ''
 echo '----------------------------------------'
-echo '-----     Image-Version: 3.1.0     -----'
+echo '-----   Image-Version: 3.1.1beta   -----'
 echo '-----      '$dati'     -----'
 echo '----------------------------------------'
 echo ''
@@ -24,7 +26,7 @@ then
   echo 'The following packages will be installed:' $packages
   echo $packages > /opt/scripts/.packages
   sh /opt/scripts/setup_packages.sh > /opt/scripts/setup_packages.log 2>&1
-  echo 'Installing additional packages done...'
+  echo 'Done.'
 fi
 
 cd /opt/iobroker
@@ -36,11 +38,28 @@ then
   echo 'Directory /opt/iobroker is empty!'
   echo 'Restoring data from image...'
 	tar -xf /opt/initial_iobroker.tar -C /
-	echo 'Restoring done...'
+	echo 'Done.'
+fi
+
+# Checking for first run and set uid/gid and permissions
+if [ -f /opt/.firstrun ]
+then 
+  echo ''
+  echo 'Changing uid/gid and permissions upon first run (This might take a while! Please be patient!)...'
+  echo 'Changing user and group ids'
+  usermod -u $uid iobroker
+  groupmod -g $gid iobroker
+  echo 'Done.'
+  echo 'Setting folder permissions'
+  chown -R $uid:$gid /opt/iobroker
+  chown -R $uid:$gid /opt/scripts
+  rm -f /opt/.firstrun
+  echo 'Done.'
 fi
 
 # Backing up original iobroker-file and changing sudo to gosu
 cp -a /opt/iobroker/iobroker /opt/iobroker/iobroker.bak
+chmod 755 /opt/iobroker/iobroker
 sed -i 's/sudo -H -u/gosu/g' /opt/iobroker/iobroker
 
 # Checking for first run of a new installation and renaming ioBroker
@@ -50,20 +69,9 @@ then
   echo 'This is the first run of an new installation...'
   echo 'Hostname given is' $(hostname)'...'
   echo 'Renaming ioBroker...'
-  iobroker host $(cat /opt/iobroker/.install_host)
+  sh /opt/iobroker/iobroker host $(cat /opt/iobroker/.install_host)
   rm -f /opt/iobroker/.install_host
-  echo 'Renaming ioBroker done...'
-fi
-
-# Checking for first run and change permissions
-if [ -f /opt/.firstrun ]
-then 
-  echo ''
-  echo 'Changing permissions upon first run (This might take a while! Please be patient!)...'
-  chown -R iobroker /opt/iobroker
-  chown -R iobroker /opt/scripts
-  rm -f /opt/.firstrun
-  echo 'Changing permissions done...'
+  echo 'Done.'
 fi
 
 # Checking for and setting up avahi-daemon
@@ -71,8 +79,9 @@ if [ "$avahi" = "true" ]
 then
   echo ''
   echo 'Initializing Avahi-Daemon...'
+  chmod 764 /opt/scripts/setup_avahi.sh
   sh /opt/scripts/setup_avahi.sh
-  echo 'Initializing Avahi-Daemon done...'
+  echo 'Done.'
 fi
 
 sleep 5
@@ -86,7 +95,8 @@ echo '-------     ioBroker Logging     -------'
 echo '----------------------------------------'
 echo ''
 
-# gosu iobroker node node_modules/iobroker.js-controller/controller.js > /opt/scripts/iobroker.log 2>&1 &
+#touch /opt/iobroker/iobroker.log
+#gosu iobroker node --trace-warnings node_modules/iobroker.js-controller/controller.js > /opt/iobroker/iobroker.log 2>&1 &
 gosu iobroker node node_modules/iobroker.js-controller/controller.js
 
 # Preventing container restart by keeping a process alive even if iobroker will be stopped