diff --git a/Dockerfile b/Dockerfile index f531ee39c2..3e4d7854be 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,8 +10,6 @@ WORKDIR /app EXPOSE 5000 COPY ./dist . COPY entrypoint.sh / - -RUN groupadd -g 999 bitwarden \ - && chmod +x /entrypoint.sh +RUN chmod +x /entrypoint.sh ENTRYPOINT ["/entrypoint.sh"] diff --git a/entrypoint.sh b/entrypoint.sh index 1986050e7a..e3a88d5591 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,33 +1,65 @@ #!/bin/bash +# Setup + +GROUPNAME="bitwarden" USERNAME="bitwarden" -NOUSER=`id -u $USERNAME > /dev/null 2>&1; echo $?` + +CURRENTGID=`getent group $GROUPNAME | cut -d: -f3` +LGID=${LOCAL_GID:-999} + +CURRENTUID=`id -u $USERNAME` +NOUSER=`$CURRENTUID > /dev/null 2>&1; echo $?` LUID=${LOCAL_UID:-999} # Step down from host root + +if [ $LGID == 0 ] +then + LGID=999 +fi + if [ $LUID == 0 ] then LUID=999 fi -if [ $NOUSER == 0 ] && [ `id -u $USERNAME` != $LUID ] +# Create group + +if [ $CURRENTGID ] +then + if [ $CURRENTGID != $LGID ] + then + groupmod -g $LGID $GROUPNAME + fi +else + groupadd -g $LGID $GROUPNAME +fi + +# Create user and assign group + +if [ $NOUSER == 0 ] && [ $CURRENTUID != $LUID ] then usermod -u $LUID $USERNAME elif [ $NOUSER == 1 ] then - useradd -r -u $LUID -g $USERNAME $USERNAME + useradd -r -u $LUID -g $GROUPNAME $USERNAME fi +# Make home directory for user + if [ ! -d "/home/$USERNAME" ] then mkhomedir_helper $USERNAME fi -chown -R $USERNAME:$USERNAME /etc/bitwarden +# The rest... + +chown -R $USERNAME:$GROUPNAME /etc/bitwarden cp /etc/bitwarden/web/settings.js /app/js/settings.js cp /etc/bitwarden/web/app-id.json /app/app-id.json -chown -R $USERNAME:$USERNAME /app -chown -R $USERNAME:$USERNAME /bitwarden_server +chown -R $USERNAME:$GROUPNAME /app +chown -R $USERNAME:$GROUPNAME /bitwarden_server -gosu $USERNAME:$USERNAME dotnet /bitwarden_server/Server.dll \ +gosu $USERNAME:$GROUPNAME dotnet /bitwarden_server/Server.dll \ /contentRoot=/app /webRoot=. /serveUnknown=false