Add support for PGID and PUID

Dockerfile.alpine

@@ -1,5 +1,9 @@
 FROM python:3.11-alpine
 
+ENV PUID=1000
+ENV PGID=1000
+ENV GOSU_VERSION 1.17
+
 ENV DRYRUN 'True'
 ENV DEBUG 'True'
 ENV DEBUG_LEVEL 'INFO'
@@ -33,21 +37,45 @@ ENV BLACKLIST_USERS  ''
 ENV WHITELIST_USERS  ''
 
 
-RUN apk add --no-cache tini && \
-    addgroup --system jellyplex_user && \
-    adduser --system --no-create-home jellyplex_user --ingroup jellyplex_user && \
-    mkdir -p /app && \
-    chown -R jellyplex_user:jellyplex_user /app
+RUN apk add --no-cache tini
+
+# Install gosu
+RUN set -eux; \
+	\
+	apk add --no-cache --virtual .gosu-deps \
+		ca-certificates \
+		dpkg \
+		gnupg \
+	; \
+	\
+	dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+	wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+	wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+	\
+# verify the signature
+	export GNUPGHOME="$(mktemp -d)"; \
+	gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+	gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+	gpgconf --kill all; \
+	rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+	\
+# clean up fetch dependencies
+	apk del --no-network .gosu-deps; \
+	\
+	chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+	gosu --version; \
+	gosu nobody true
 
 WORKDIR /app
 
-COPY --chown=jellyplex_user:jellyplex_user ./requirements.txt ./
+COPY ./requirements.txt ./
 
 RUN pip install --no-cache-dir -r requirements.txt
 
-COPY --chown=jellyplex_user:jellyplex_user . .
+COPY . .
 
-USER jellyplex_user
+RUN chmod +x *.sh
 
-ENTRYPOINT ["/sbin/tini", "--"]
+ENTRYPOINT ["tini", "--", "/app/entrypoint.sh"]
 CMD ["python", "-u", "main.py"]

Dockerfile.slim

@@ -1,5 +1,8 @@
 FROM python:3.11-slim
 
+ENV PUID=1000
+ENV PGID=1000
+
 ENV DRYRUN 'True'
 ENV DEBUG 'True'
 ENV DEBUG_LEVEL 'INFO'
@@ -34,23 +37,19 @@ ENV WHITELIST_USERS  ''
 
 
 RUN apt-get update && \
-    apt-get install tini --yes --no-install-recommends && \
+    apt-get install tini gosu --yes --no-install-recommends && \
     apt-get clean && \
-    rm -rf /var/lib/apt/lists/* && \
-    addgroup --system jellyplex_user && \
-    adduser --system --no-create-home jellyplex_user --ingroup jellyplex_user && \
-    mkdir -p /app && \
-    chown -R jellyplex_user:jellyplex_user /app
+    rm -rf /var/lib/apt/lists/*
 
 WORKDIR /app
 
-COPY --chown=jellyplex_user:jellyplex_user ./requirements.txt ./
+COPY ./requirements.txt ./
 
 RUN pip install --no-cache-dir -r requirements.txt
 
-COPY --chown=jellyplex_user:jellyplex_user . .
+COPY . .
 
-USER jellyplex_user
+RUN chmod +x *.sh
 
-ENTRYPOINT ["/bin/tini", "--"]
+ENTRYPOINT ["/bin/tini", "--", "/app/entrypoint.sh"]
 CMD ["python", "-u", "main.py"]

entrypoint.sh

@@ -0,0 +1,28 @@
+#!/usr/bin/env sh
+
+set -e
+
+# Create group and user based on environment variables
+if [ ! "$(getent group "$PGID")" ]; then
+    # If groupadd exists, use it
+    if command -v groupadd > /dev/null; then
+        groupadd -g "$PGID" jellyplex_group
+    else
+        addgroup -g "$PGID" jellyplex_group
+    fi
+fi
+
+if [ ! "$(getent passwd "$PUID")" ]; then
+    # If useradd exists, use it
+    if command -v useradd > /dev/null; then
+        useradd --no-create-home -u "$PUID" -g "$PGID" jellyplex_user
+    else
+        adduser -D -H -u "$PUID" -G jellyplex_group jellyplex_user
+    fi
+fi
+
+# Adjust ownership of the application directory
+chown -R "$PUID:$PGID" /app
+
+# Run the application as the created user
+exec gosu "$PUID:$PGID" "$@"