From 9ae3bcbf41667a56d2b0b2fb106e6fc8ee5fc9a5 Mon Sep 17 00:00:00 2001
From: brchri <126272303+brchri@users.noreply.github.com>
Date: Sat, 7 Oct 2023 21:43:57 -0600
Subject: [PATCH] add puid and pgid container env vars

---
 Dockerfile    |  9 ++++++---
 entrypoint.sh | 17 +++++++++++++++++
 2 files changed, 23 insertions(+), 3 deletions(-)
 create mode 100644 entrypoint.sh

diff --git a/Dockerfile b/Dockerfile
index 19236c3..20cb97c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,19 +14,22 @@ FROM alpine:3.18
 
 ARG USER_UID=10000
 ARG USER_GID=$USER_UID
+# store original userid and groupid as env vars to pass to entrypoint for replacement if puid and pgid are specified at runtime
+ENV OUID $USER_UID
+ENV OGID $USER_GID
 
 VOLUME [ "/app/config" ]
 WORKDIR /app
 
-RUN apk add --no-cache bash tzdata && \
+RUN apk add --no-cache bash tzdata su-exec && \
     addgroup --gid $USER_GID nonroot && \
     adduser --uid $USER_UID --ingroup nonroot --system --shell bin/bash nonroot && \
     chown -R nonroot:nonroot /app
 
 COPY --from=builder --chown=nonroot:nonroot --chmod=755 /app/tesla-youq /app/config.example.yml /app/
+COPY ./entrypoint.sh /app/
 
 ENV PATH="/app:${PATH}"
 
-USER nonroot
-
+ENTRYPOINT [ "/app/entrypoint.sh" ]
 CMD [ "/app/tesla-youq", "-c", "/app/config/config.yml" ]
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100644
index 0000000..79f20e8
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+# OUID and OGID are the original user and group ids set during the image
+# build and are replaced here at runtime if PGID and PUID are set
+if [ -n "$PGID" ] && [ "$PGID" -ne 0 ]; then
+  sed -i "s/nonroot:x:$OUID:$OGID:/nonroot:x:$OUID:$PGID:/" /etc/passwd
+  sed -i "s/nonroot:x:$OGID:/nonroot:x:$PGID:/" /etc/group
+fi
+
+if [ -n "$PUID" ] && [ "$PUID" -ne 0 ]; then
+  sed -i "s/nonroot:x:$OUID:/nonroot:x:$PUID:/" /etc/passwd
+fi
+
+chown nonroot: /app /app/*
+
+# Use su-exec to execute the command as nonroot user
+exec su-exec nonroot "$@"