diff options
author | Jakob Borg <jakob@kastelo.net> | 2018-09-11 20:46:20 +0200 |
---|---|---|
committer | Audrius Butkevicius <audrius.butkevicius@gmail.com> | 2018-09-11 19:46:20 +0100 |
commit | 60a6a4017509b3849e438b5b8846b16266104add (patch) | |
tree | 2df4b0abb4c42c617368ffa00fd1b4a4355d1f4f /Dockerfile | |
parent | 323195be0e3fd16597b5cecf17745b4d67364340 (diff) | |
download | syncthing-60a6a4017509b3849e438b5b8846b16266104add.tar.gz syncthing-60a6a4017509b3849e438b5b8846b16266104add.zip |
dockerfile: Improve UID/GID handling (fixes #5180) (#5181)
This removes the user and group juggling, which would fail when given
for example a PGID that already existed as the "syncthing" group could
then not be created with that PGID. It's not reasonable to expect the
user to know which group/user names/IDs are already present in the
Docker image.
Instead we now just launch under the specified IDs, while manually
setting the HOME env var to give us a home directory - the only thing we
needed the user entry for anyway.
Also updates to Go 1.11 and building without upgrades instead of
disabling by env var.
Diffstat (limited to 'Dockerfile')
-rw-r--r-- | Dockerfile | 28 |
1 files changed, 8 insertions, 20 deletions
diff --git a/Dockerfile b/Dockerfile index f407b86ce..9dd896da1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.10 AS builder +FROM golang:1.11 AS builder WORKDIR /go/src/github.com/syncthing/syncthing COPY . . @@ -6,7 +6,7 @@ COPY . . ENV CGO_ENABLED=0 ENV BUILD_HOST=syncthing.net ENV BUILD_USER=docker -RUN rm -f syncthing && go run build.go build syncthing +RUN rm -f syncthing && go run build.go -no-upgrade build syncthing FROM alpine @@ -18,27 +18,15 @@ RUN apk add --no-cache ca-certificates su-exec COPY --from=builder /go/src/github.com/syncthing/syncthing/syncthing /bin/syncthing -ENV STNOUPGRADE=1 PUSR=syncthing PUID=1000 PGRP=syncthing PGID=1000 +ENV PUID=1000 PGID=1000 HEALTHCHECK --interval=1m --timeout=10s \ CMD nc -z localhost 8384 || exit 1 -ENTRYPOINT true \ - && ( getent group "${PGRP}" >/dev/null \ - || addgroup \ - -g "${PGID}" \ - "${PGRP}" \ - ) \ - && ( getent passwd "${PUSR}" >/dev/null \ - || adduser \ - -h /var/syncthing \ - -G "${PGRP}" \ - -u "${PUID}" \ - "${PUSR}" \ - ) \ - && chown "${PUSR}:${PGRP}" /var/syncthing \ - && su-exec "${PUSR}:${PGRP}" \ +ENTRYPOINT \ + chown "${PUID}:${PGID}" /var/syncthing \ + && su-exec "${PUID}:${PGID}" \ + env HOME=/var/syncthing \ /bin/syncthing \ -home /var/syncthing/config \ - -gui-address 0.0.0.0:8384 \ - && true + -gui-address 0.0.0.0:8384 |