From c31084ce5bc31a5ab0d1bfb014afe509e9d9e7a1 Mon Sep 17 00:00:00 2001 From: Zack Birkenbuel Date: Sat, 4 Jan 2025 08:19:34 -0800 Subject: [PATCH] Add the ability to specify peertube UID and GID via environment variables This adds support for specifying the peertube user and group IDs using the standard environment variable pattern similar to linuxserver.io images. This allows for better external permission management, specifically this makes it easier to support mapping volumes to NFS shares using nfs4 id mapping. This changes elects *not* to use the linuxserver.io variable names of PUID and PGID since the peertube container ends up having both a "node" and "peertube" user created and it would not be obvious which of those PUID/PGID should apply to. --- support/docker/production/Dockerfile.bookworm | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/support/docker/production/Dockerfile.bookworm b/support/docker/production/Dockerfile.bookworm index 157a919c7..757205add 100644 --- a/support/docker/production/Dockerfile.bookworm +++ b/support/docker/production/Dockerfile.bookworm @@ -8,9 +8,18 @@ RUN apt update \ && gosu nobody true \ && rm /var/lib/apt/lists/* -fR +# Node images hardcode the node uid to 1000 so that number is not available. +# The "peertube" user is created as a system account which selects a UID from +# the range of SYS_UID_MIN to SYS_UID_MAX (-1 to 1000] and consistently +# selects 999 given the current image build steps. The same is true for the +# system group range SYS_GID_MIN and SYS_GID_MAX. It is fine to manually assign +# them an ID outside of that range. +DEFAULT_PEERTUBE_UID=999 +DEFAULT_PEERTUBE_GID=999 + # Add peertube user -RUN groupadd -r peertube \ - && useradd -r -g peertube -m peertube +RUN groupadd -r -g ${PEERTUBE_GID:-${DEFAULT_PEERTUBE_GID}} peertube \ + && useradd -r -u ${PEERTUBE_UID:-${DEFAULT_PEERTUBE_UID}} -g peertube -m peertube # Install PeerTube COPY --chown=peertube:peertube . /app