diff --git a/Dockerfile b/Dockerfile index e3cac2f..f12bdd3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -164,6 +164,8 @@ RUN arch="$(uname -m)"; \ EXPOSE ${PORT} ENV SIGNAL_CLI_CONFIG_DIR=/home/.local/share/signal-cli +ENV SIGNAL_CLI_UID=1000 +ENV SIGNAL_CLI_GID=1000 ENTRYPOINT ["/entrypoint.sh"] diff --git a/entrypoint.sh b/entrypoint.sh index 3037044..8d9714e 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -5,8 +5,11 @@ set -e [ -z "${SIGNAL_CLI_CONFIG_DIR}" ] && echo "SIGNAL_CLI_CONFIG_DIR environmental variable needs to be set! Aborting!" && exit 1; +usermod -u ${SIGNAL_CLI_UID} signal-api +groupmod -g ${SIGNAL_CLI_GID} signal-api + # Fix permissions to ensure backward compatibility -chown 1000:1000 -R ${SIGNAL_CLI_CONFIG_DIR} +chown ${SIGNAL_CLI_UID}:${SIGNAL_CLI_GID} -R ${SIGNAL_CLI_CONFIG_DIR} # Show warning on docker exec cat <> /root/.bashrc @@ -27,4 +30,4 @@ supervisorctl start all fi # Start API as signal-api user -exec setpriv --reuid=1000 --regid=1000 --init-groups --inh-caps=$caps signal-cli-rest-api -signal-cli-config=${SIGNAL_CLI_CONFIG_DIR} +exec setpriv --reuid=${SIGNAL_CLI_UID} --regid=${SIGNAL_CLI_GID} --init-groups --inh-caps=$caps signal-cli-rest-api -signal-cli-config=${SIGNAL_CLI_CONFIG_DIR} diff --git a/src/scripts/jsonrpc2-helper.go b/src/scripts/jsonrpc2-helper.go index 065f190..0d8996e 100644 --- a/src/scripts/jsonrpc2-helper.go +++ b/src/scripts/jsonrpc2-helper.go @@ -73,7 +73,7 @@ func main() { log.Fatal("Couldn't create fifo with name ", fifoPathname, ": ", err.Error()) } - _, err = exec.Command("chown", "1000:1000", fifoPathname).Output() + _, err = exec.Command("chown", "${SIGNAL_CLI_UID}:${SIGNAL_CLI_GID}", fifoPathname).Output() if err != nil { log.Fatal("Couldn't change permissions of fifo with name ", fifoPathname, ": ", err.Error()) }