Different approach, always create npmuser

jc21 · jc21 · commit 4a86bb42cc9a · 2023-03-30T11:19:16.000+10:00
even if the user id is zero, and then we'll always use it
diff --git a/docker/rootfs/etc/nginx/nginx.conf b/docker/rootfs/etc/nginx/nginx.conf
@@ -1,6 +1,7 @@
 # run nginx in foreground
 daemon off;
 pid /run/nginx/nginx.pid;
+user npmuser;
 
 # Set number of worker processes automatically based on number of CPU cores.
 worker_processes auto;
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run
@@ -7,26 +7,15 @@ set -e
 
 cd /app || exit 1
 
-if [ "${DEVELOPMENT:-}" = "true" ]; then
-	if [ "$PUID" = '0' ]; then
-		log_info 'Starting backend development ...'
-		yarn install
-		node --max_old_space_size=250 --abort_on_uncaught_exception node_modules/nodemon/bin/nodemon.js
-	else
-		log_info "Starting backend development as npmuser ($PUID) ..."
-		s6-setuidgid npmuser yarn install
-		exec s6-setuidgid npmuser bash -c 'export HOME=/tmp/npmuserhome;node --max_old_space_size=250 --abort_on_uncaught_exception node_modules/nodemon/bin/nodemon.js'
-	fi
+log_info 'Starting backend ...'
+
+if [ "${DEVELOPMENT:-}" = 'true' ]; then
+	s6-setuidgid npmuser yarn install
+	exec s6-setuidgid npmuser bash -c 'export HOME=/tmp/npmuserhome;node --max_old_space_size=250 --abort_on_uncaught_exception node_modules/nodemon/bin/nodemon.js'
 else
 	while :
 	do
-		if [ "$PUID" = '0' ]; then
-			log_info 'Starting backend ...'
-			node --abort_on_uncaught_exception --max_old_space_size=250 index.js
-		else
-			log_info "Starting backend as npmuser ($PUID) ..."
-			s6-setuidgid npmuser bash -c 'export HOME=/tmp/npmuserhome;node --abort_on_uncaught_exception --max_old_space_size=250 index.js'
-		fi
+		s6-setuidgid npmuser bash -c 'export HOME=/tmp/npmuserhome;node --abort_on_uncaught_exception --max_old_space_size=250 index.js'
 		sleep 1
 	done
 fi
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/run
@@ -5,23 +5,17 @@ set -e
 
 # This service is DEVELOPMENT only.
 
-if [ "$DEVELOPMENT" == "true" ]; then
+if [ "$DEVELOPMENT" = 'true' ]; then
 	. /bin/common.sh
 	cd /app/frontend || exit 1
 	HOME=/tmp/npmuserhome
 	export HOME
 	mkdir -p /app/frontend/dist
 	chown -R "$PUID:$PGID" /app/frontend/dist
 
-	if [ "$PUID" = '0' ]; then
-		log_info 'Starting frontend ...'
-		yarn install
-		exec yarn watch
-	else
-		log_info "Starting frontend as npmuser ($PUID) ..."
-		s6-setuidgid npmuser yarn install
-		exec s6-setuidgid npmuser yarn watch
-	fi
+	log_info 'Starting frontend ...'
+	s6-setuidgid npmuser yarn install
+	exec s6-setuidgid npmuser yarn watch
 else
 	exit 0
 fi
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run
@@ -5,10 +5,5 @@ set -e
 
 . /bin/common.sh
 
-if [ "$PUID" = '0' ]; then
-	log_info 'Starting nginx ...'
-	exec nginx
-else
-	log_info "Starting nginx as npmuser ($PUID) ..."
-	exec s6-setuidgid npmuser nginx
-fi
+log_info 'Starting nginx ...'
+exec s6-setuidgid npmuser nginx
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh
@@ -3,23 +3,18 @@
 
 set -e
 
-if [ "$PUID" = '0' ]; then
-	log_info 'Skipping npmuser configuration'
-else
-	log_info 'Configuring npmuser ...'
-	groupmod -g 1000 users || exit 1
-
-	if id -u npmuser; then
-		# user already exists
-		usermod -u "$PUID" npmuser || exit 1
-	else
-		# Add npmuser user
-		useradd -u "$PUID" -U -d /tmp/npmuserhome -s /bin/false npmuser || exit 1
-	fi
+log_info 'Configuring npmuser ...'
 
-	usermod -G users npmuser || exit 1
-	groupmod -o -g "$PGID" npmuser || exit 1
-	# Home for npmuser
-	mkdir -p /tmp/npmuserhome
-	chown -R "$PUID:$PGID" /tmp/npmuserhome
+if id -u npmuser; then
+	# user already exists
+	usermod -u "$PUID" npmuser || exit 1
+else
+	# Add npmuser user
+	useradd -o -u "$PUID" -U -d /tmp/npmuserhome -s /bin/false npmuser || exit 1
 fi
+
+usermod -G "$PGID" npmuser || exit 1
+groupmod -o -g "$PGID" npmuser || exit 1
+# Home for npmuser
+mkdir -p /tmp/npmuserhome
+chown -R "$PUID:$PGID" /tmp/npmuserhome
diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/90-banner.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/90-banner.sh
@@ -3,17 +3,15 @@
 
 set -e
 
-echo
-echo "-------------------------------------
+echo "
+-------------------------------------
  _   _ ____  __  __
 | \ | |  _ \|  \/  |
 |  \| | |_) | |\/| |
 | |\  |  __/| |  | |
 |_| \_|_|   |_|  |_|
--------------------------------------"
-if [[ "$PUID" -ne '0' ]]; then
-	echo "User UID: $(id -u npmuser)"
-	echo "User GID: $(id -g npmuser)"
-	echo "-------------------------------------"
-fi
-echo
+-------------------------------------
+User ID:  $PUID
+Group ID: $PGID
+-------------------------------------
+"
