From 8ddced3e3b300ed408ceb51213b616694e63b7e8 Mon Sep 17 00:00:00 2001 From: Francesco Steccanella Date: Fri, 20 Sep 2024 12:00:29 +0200 Subject: [PATCH 1/2] feat: add support for arbitrary user --- 2.9/alpine/Dockerfile | 6 ++++++ Dockerfile.tmpl | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/2.9/alpine/Dockerfile b/2.9/alpine/Dockerfile index 31c9ec2..abd1965 100644 --- a/2.9/alpine/Dockerfile +++ b/2.9/alpine/Dockerfile @@ -36,6 +36,12 @@ RUN set -eux; \ rm -f /tmp/caddy.tar.gz; \ setcap cap_net_bind_service=+ep /usr/bin/caddy; \ chmod +x /usr/bin/caddy; \ + chgrp -R 0 /config && chmod -R g=u /config; \ + chgrp -R 0 /data && chmod -R g=u /data; \ + chgrp -R 0 /config && chmod -R g=u /config; \ + chgrp -R 0 /etc/caddy && chmod -R g=u /etc/caddy; \ + chgrp -R 0 /usr/share/caddy && chmod -R g=u /usr/share/caddy; \ + chgrp -R 0 /usr/bin/caddy && chmod -R g=u /usr/bin/caddy; \ caddy version # See https://caddyserver.com/docs/conventions#file-locations for details diff --git a/Dockerfile.tmpl b/Dockerfile.tmpl index 9d9dce8..c5412b1 100644 --- a/Dockerfile.tmpl +++ b/Dockerfile.tmpl @@ -36,6 +36,12 @@ RUN set -eux; \ rm -f /tmp/caddy.tar.gz; \ setcap cap_net_bind_service=+ep /usr/bin/caddy; \ chmod +x /usr/bin/caddy; \ + chgrp -R 0 /config && chmod -R g=u /config; \ + chgrp -R 0 /data && chmod -R g=u /data; \ + chgrp -R 0 /config && chmod -R g=u /config; \ + chgrp -R 0 /etc/caddy && chmod -R g=u /etc/caddy; \ + chgrp -R 0 /usr/share/caddy && chmod -R g=u /usr/share/caddy; \ + chgrp -R 0 /usr/bin/caddy && chmod -R g=u /usr/bin/caddy; \ caddy version # See https://caddyserver.com/docs/conventions#file-locations for details From f3c0917735a38b75dceff71e022cdbde7db9c8ce Mon Sep 17 00:00:00 2001 From: Francesco Steccanella Date: Tue, 28 Jan 2025 10:03:59 +0100 Subject: [PATCH 2/2] fix: simplify permissions change --- 2.9/alpine/Dockerfile | 9 ++------- Dockerfile.tmpl | 9 ++------- 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/2.9/alpine/Dockerfile b/2.9/alpine/Dockerfile index abd1965..3e3c451 100644 --- a/2.9/alpine/Dockerfile +++ b/2.9/alpine/Dockerfile @@ -32,16 +32,11 @@ RUN set -eux; \ esac; \ wget -O /tmp/caddy.tar.gz "https://github.com/caddyserver/caddy/releases/download/v2.9.1/caddy_2.9.1_linux_${binArch}.tar.gz"; \ echo "$checksum /tmp/caddy.tar.gz" | sha512sum -c; \ - tar x -z -f /tmp/caddy.tar.gz -C /usr/bin caddy; \ + tar x -z -f /tmp/caddy.tar.gz -C /usr/bin caddy && chown 0:0 /usr/bin/caddy;\ rm -f /tmp/caddy.tar.gz; \ setcap cap_net_bind_service=+ep /usr/bin/caddy; \ chmod +x /usr/bin/caddy; \ - chgrp -R 0 /config && chmod -R g=u /config; \ - chgrp -R 0 /data && chmod -R g=u /data; \ - chgrp -R 0 /config && chmod -R g=u /config; \ - chgrp -R 0 /etc/caddy && chmod -R g=u /etc/caddy; \ - chgrp -R 0 /usr/share/caddy && chmod -R g=u /usr/share/caddy; \ - chgrp -R 0 /usr/bin/caddy && chmod -R g=u /usr/bin/caddy; \ + chmod -R g=u /config /data /etc/caddy /usr/share/caddy /usr/bin/caddy; \ caddy version # See https://caddyserver.com/docs/conventions#file-locations for details diff --git a/Dockerfile.tmpl b/Dockerfile.tmpl index c5412b1..ddf0886 100644 --- a/Dockerfile.tmpl +++ b/Dockerfile.tmpl @@ -32,16 +32,11 @@ RUN set -eux; \ esac; \ wget -O /tmp/caddy.tar.gz "https://github.com/caddyserver/caddy/releases/download/v{{ .config.caddy_version }}/caddy_{{ .config.caddy_version }}_linux_${binArch}.tar.gz"; \ echo "$checksum /tmp/caddy.tar.gz" | sha512sum -c; \ - tar x -z -f /tmp/caddy.tar.gz -C /usr/bin caddy; \ + tar x -z -f /tmp/caddy.tar.gz -C /usr/bin caddy && chown 0:0 /usr/bin/caddy;\ rm -f /tmp/caddy.tar.gz; \ setcap cap_net_bind_service=+ep /usr/bin/caddy; \ chmod +x /usr/bin/caddy; \ - chgrp -R 0 /config && chmod -R g=u /config; \ - chgrp -R 0 /data && chmod -R g=u /data; \ - chgrp -R 0 /config && chmod -R g=u /config; \ - chgrp -R 0 /etc/caddy && chmod -R g=u /etc/caddy; \ - chgrp -R 0 /usr/share/caddy && chmod -R g=u /usr/share/caddy; \ - chgrp -R 0 /usr/bin/caddy && chmod -R g=u /usr/bin/caddy; \ + chmod -R g=u /config /data /etc/caddy /usr/share/caddy /usr/bin/caddy; \ caddy version # See https://caddyserver.com/docs/conventions#file-locations for details