gossa: wrap in shell script to set uid / gid

2021-02-04 22:51:53 +00:00 · 2021-02-04 22:51:53 +00:00 · 3dcf8305bb
commit 3dcf8305bb
parent 01e40935c9
2 changed files with 21 additions and 1 deletions
--- a/images/gossa/Dockerfile
+++ b/images/gossa/Dockerfile
@ -5,6 +5,8 @@ FROM ${REPO_LOCATION}minideb

 RUN install_packages gossa

+COPY "run.sh" "/srv/run.sh" 
+
 VOLUME /mnt

-ENTRYPOINT [ "gossa" "-p" "5700" "/mnt" ]
+ENTRYPOINT [ "/srv/run.sh" ]
--- a/images/gossa/run.sh
+++ b/images/gossa/run.sh
@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+if [[ -z "${GOSSA_UID}" ]]; then
+	echo "Error: No target uid specified in the GOSSA_UID environment variable.";
+	exit 1;
+fi
+if [[ -z "${GOSSA_GID}" ]]; then
+	echo "Error: No target gid specified in the GOSSA_GID environment variable.";
+	exit 1;
+fi
+if [[ -z "${NOMAD_PORT_GOSSA}" ]]; then
+	echo "Error: No port number specified in the NOMAD_PORT_gossa environment variable.";
+	exit 1;
+fi
+
+cd "/mnt" || { echo "Failed to cd into /mnt"; exit 1; };
+
+setpriv --inh-caps=-all --reuid "${GOSSA_UID}" --init-groups --regid "${GOSSA_GID}" /usr/local/bin/gossa -p "${NOMAD_PORT_GOSSA}" /mnt;