Merge 599ddd1a3937393d7b2a91dfec9f708d75d93a8c into 498109addb6f2541082b88cb6ae115939321873c

Update 50-ipv6.sh
Clean up log_info messages. Otherwise this appears to work...
2025-06-14 16:34:27 +00:00 · 2025-01-28 17:03:47 +00:00 · 2024-06-05 22:30:29 -04:00 · 2024-06-05 12:36:38 -04:00 · 2024-06-05 12:31:49 -04:00 · 2024-06-05 12:15:06 -04:00
2 changed files with 62 additions and 25 deletions
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh
@ -3,26 +3,54 @@

 set -e

-log_info 'Setting ownership ...'
+# Lowercase
+SKIP_FILE_OWNERSHIP=$(echo "${SKIP_FILE_OWNERSHIP:-}" | tr '[:upper:]' '[:lower:]')

-# root
-chown root /tmp/nginx
-
-# npm user and group
-chown -R "$PUID:$PGID" /data
-chown -R "$PUID:$PGID" /etc/letsencrypt
-chown -R "$PUID:$PGID" /run/nginx
-chown -R "$PUID:$PGID" /tmp/nginx
-chown -R "$PUID:$PGID" /var/cache/nginx
-chown -R "$PUID:$PGID" /var/lib/logrotate
-chown -R "$PUID:$PGID" /var/lib/nginx
-chown -R "$PUID:$PGID" /var/log/nginx
-
-# Don't chown entire /etc/nginx folder as this causes crashes on some systems
-chown -R "$PUID:$PGID" /etc/nginx/nginx
-chown -R "$PUID:$PGID" /etc/nginx/nginx.conf
-chown -R "$PUID:$PGID" /etc/nginx/conf.d
-
-# Prevents errors when installing python certbot plugins when non-root
-chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin
-find /opt/certbot/lib/python*/site-packages -not -user "$PUID" -execdir chown "$PUID:$PGID" {} \+
+if [ "$SKIP_FILE_OWNERSHIP" == "true" ] || [ "$SKIP_FILE_OWNERSHIP" == "on" ] || [ "$SKIP_FILE_OWNERSHIP" == "1" ] || [ "$SKIP_FILE_OWNERSHIP" == "yes" ]; then
+    log_info 'Skipping data and letsencrypt ownership, use only with caution ...'
+    # root
+    chown -R "$PUID:$PGID" /run/nginx
+    chown -R "$PUID:$PGID" /tmp/nginx
+    chown -R "$PUID:$PGID" /var/cache/nginx
+    chown -R "$PUID:$PGID" /var/lib/logrotate
+    chown -R "$PUID:$PGID" /var/lib/nginx
+    chown -R "$PUID:$PGID" /var/log/nginx
+    
+    # Don't chown entire /etc/nginx folder as this causes crashes on some systems
+    chown -R "$PUID:$PGID" /etc/nginx/nginx
+    chown -R "$PUID:$PGID" /etc/nginx/nginx.conf
+    chown -R "$PUID:$PGID" /etc/nginx/conf.d
+    
+    # Don't chown entire /etc/nginx folder as this causes crashes on some systems
+    chown -R "$PUID:$PGID" /etc/nginx/nginx
+    chown -R "$PUID:$PGID" /etc/nginx/nginx.conf
+    chown -R "$PUID:$PGID" /etc/nginx/conf.d
+    
+    # Prevents errors when installing python certbot plugins when non-root
+    chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin
+    find /opt/certbot/lib/python*/site-packages -not -user "$PUID" -execdir chown "$PUID:$PGID" {} \+
+    
+else
+    log_info 'Setting ownership ...'
+      # root
+    chown root /tmp/nginx
+    
+    # npm user and group
+    chown -R "$PUID:$PGID" /data
+    chown -R "$PUID:$PGID" /etc/letsencrypt
+    chown -R "$PUID:$PGID" /run/nginx
+    chown -R "$PUID:$PGID" /tmp/nginx
+    chown -R "$PUID:$PGID" /var/cache/nginx
+    chown -R "$PUID:$PGID" /var/lib/logrotate
+    chown -R "$PUID:$PGID" /var/lib/nginx
+    chown -R "$PUID:$PGID" /var/log/nginx
+    
+    # Don't chown entire /etc/nginx folder as this causes crashes on some systems
+    chown -R "$PUID:$PGID" /etc/nginx/nginx
+    chown -R "$PUID:$PGID" /etc/nginx/nginx.conf
+    chown -R "$PUID:$PGID" /etc/nginx/conf.d
+    
+    # Prevents errors when installing python certbot plugins when non-root
+    chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin
+    find /opt/certbot/lib/python*/site-packages -not -user "$PUID" -execdir chown "$PUID:$PGID" {} \+
+fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh
@ -10,6 +10,7 @@ log_info 'IPv6 ...'

 # Lowercase
 DISABLE_IPV6=$(echo "${DISABLE_IPV6:-}" | tr '[:upper:]' '[:lower:]')
+SKIP_FILE_OWNERSHIP=$(echo "${SKIP_FILE_OWNERSHIP:-}" | tr '[:upper:]' '[:lower:]')

 process_folder () {
 	FILES=$(find "$1" -type f -name "*.conf")
@ -31,9 +32,17 @@ process_folder () {
 		echo "$(sed -E "$SED_REGEX" "$FILE")" > $FILE
 	done

-	# ensure the files are still owned by the npm user
-	chown -R "$PUID:$PGID" "$1"
+
+		# ensure the files are still owned by the npm user
+		chown -R "$PUID:$PGID" "$1"
+ 	fi
 }

+# process files on base image
 process_folder /etc/nginx/conf.d
-process_folder /data/nginx
+# conditionally process files that are probably in a volume or bind
+if [ "$SKIP_FILE_OWNERSHIP" == "true" ] || [ "$SKIP_FILE_OWNERSHIP" == "on" ] || [ "$SKIP_FILE_OWNERSHIP" == "1" ] || [ "$SKIP_FILE_OWNERSHIP" == "yes" ]; then
+    log_info 'Skipping data and letsencrypt ownership, use only with caution ...'
+else
+    process_folder /data/nginx
+fi
Author	SHA1	Message	Date
ian351c	f6b1f9f481	Merge 599ddd1a3937393d7b2a91dfec9f708d75d93a8c into 498109addb6f2541082b88cb6ae115939321873c	2025-01-28 17:03:47 +00:00
ian351c	599ddd1a39	Update 50-ipv6.sh Clean up log_info messages. Otherwise this appears to work...	2024-06-05 22:30:29 -04:00
ian351c	8fbe585470	Chown is ok for files on base image...	2024-06-05 12:36:38 -04:00
ian351c	78b3822c74	Tuning what needs to be chowned	2024-06-05 12:31:49 -04:00
ian351c	6da6d87ffd	Update 50-ipv6.sh Fix boolean logic for IPv6	2024-06-05 12:15:06 -04:00
ian351c	0232ebf3ba	Update 50-ipv6.sh	2024-06-05 11:56:55 -04:00
ian351c	c1e3701944	Update 30-ownership.sh Fix bad boolean logic	2024-06-05 11:45:27 -04:00
ian351c	f4c05cf9cc	Update 30-ownership.sh Make setting file permissions optional with SKIP_FILE_OWNERSHIP environment variable.	2024-06-05 10:50:14 -04:00