🗃️ Fixed the entrypoint scripts 🗃️

rootfs/usr/local/bin/entrypoint.sh rootfs/usr/local/etc/docker/functions/entrypoint.sh
2025-12-14 08:07:07 -05:00 · 2025-11-29 12:36:45 -05:00
parent 9c35d61ac0
commit 141582499f
2 changed files with 58 additions and 117 deletions
--- a/rootfs/usr/local/bin/entrypoint.sh
+++ b/rootfs/usr/local/bin/entrypoint.sh
@@ -1,13 +1,13 @@
 #!/usr/bin/env bash
 # shellcheck shell=bash
 # - - - - - - - - - - - - - - - - - - - - - - - - -
-##@Version           :  202511291204-git
+##@Version           :  202511290736-git
 # @@Author           :  Jason Hempstead
 # @@Contact          :  jason@casjaysdev.pro
 # @@License          :  WTFPL
 # @@ReadME           :  entrypoint.sh --help
 # @@Copyright        :  Copyright: (c) 2025 Jason Hempstead, Casjays Developments
-# @@Created          :  Saturday, Nov 29, 2025 12:04 EST
+# @@Created          :  Saturday, Nov 29, 2025 07:36 EST
 # @@File             :  entrypoint.sh
 # @@Description      :  Entrypoint file for gitea
 # @@Changelog        :  New script
@@ -84,8 +84,8 @@ SERVICE_UID="${SERVICE_UID:-0}" # set the user id
 SERVICE_GID="${SERVICE_GID:-0}" # set the group id
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # User and group in which the service switches to - IE: nginx,apache,mysql,postgres
-#SERVICE_USER="${SERVICE_USER:-gitea}"   # execute command as another user
+SERVICE_USER="${SERVICE_USER:-gitea}"   # execute command as another user
-#SERVICE_GROUP="${SERVICE_GROUP:-gitea}" # Set the service group
+SERVICE_GROUP="${SERVICE_GROUP:-gitea}" # Set the service group
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Secondary ports
 SERVER_PORTS="" # specifiy other ports
@@ -371,6 +371,11 @@ else
  rm -f /run/__start_init_scripts.pid /run/init.d/*.pid /run/*.pid 2>/dev/null || true
 fi
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 if [ ! -f "/run/__start_init_scripts.pid" ]; then
  START_SERVICES="yes"
  touch /run/__start_init_scripts.pid
 fi
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 [ "$ENTRYPOINT_MESSAGE" = "yes" ] && __printf_space "40" "The containers ip address is:" "$CONTAINER_IP4_ADDRESS"
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Show configured listing processes
@@ -396,23 +401,26 @@ __run_message
 # Just start services
 START_SERVICES="${START_SERVICES:-SYSTEM_INIT}"
 # - - - - - - - - - - - - - - - - - - - - - - - - -
-# Determine if we should start services based on command
+# Never start services for these options
-# Only skip service start for the 'init' command
+[ "$1" = "cron" ] && START_SERVICES="no"
-SKIP_SERVICE_START="no"
+[ "$1" = "tail" ] && START_SERVICES="no"
-[ "$1" = "init" ] && SKIP_SERVICE_START="yes" && CONTAINER_INIT="yes"
+[ "$1" = "logs" ] && START_SERVICES="no"
-[ "$2" = "init" ] && SKIP_SERVICE_START="yes" && CONTAINER_INIT="yes"
+[ "$1" = "cron" ] && START_SERVICES="no"
 [ "$1" = "backup" ] && START_SERVICES="no"
 [ "$1" = "healthcheck" ] && START_SERVICES="no"
 [ "$1" = "init" ] && START_SERVICES="no" && CONTAINER_INIT="yes"
 [ "$2" = "init" ] && START_SERVICES="no" && CONTAINER_INIT="yes"
 echo "$1" | grep -qE '^(sh|bash)$|/*/(sh|bash)$' && START_SERVICES="no"
 # - - - - - - - - - - - - - - - - - - - - - - - - -
-# Start all services if no pidfile and not skipping
+# Start all services if no pidfile
 if [ "$START_SERVICES" = "yes" ] || [ -z "$1" ]; then
-  if [ "$SKIP_SERVICE_START" = "no" ]; then
+  [ "$1" = "start" ] && shift 1
-    [ "$1" = "start" ] && shift 1
+  [ "$1" = "all" ] && shift 1
-    [ "$1" = "all" ] && shift 1
+  rm -Rf "/run"/*/*pid 2>/dev/null || true
-    rm -Rf "/run"/*/*pid 2>/dev/null || true
+  echo "$$" >"$ENTRYPOINT_PID_FILE"
-    echo "$$" >"$ENTRYPOINT_PID_FILE"
+  __start_init_scripts "/usr/local/etc/docker/init.d"
    __start_init_scripts "/usr/local/etc/docker/init.d"
    CONTAINER_INIT="${CONTAINER_INIT:-no}"
  fi
  START_SERVICES="no"
  CONTAINER_INIT="${CONTAINER_INIT:-no}"
 fi
 export START_SERVICES CONTAINER_INIT ENTRYPOINT_PID_FILE
 # - - - - - - - - - - - - - - - - - - - - - - - - -
--- a/rootfs/usr/local/etc/docker/functions/entrypoint.sh
+++ b/rootfs/usr/local/etc/docker/functions/entrypoint.sh
@@ -628,8 +628,6 @@ __set_user_group_id() {
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 __create_service_user() {
  local exitStatus=0
  local max_attempts=100
  local attempt=0
  local create_user="${1:-$SERVICE_USER}"
  local create_group="${2:-${SERVICE_GROUP:-$create_user}}"
  local create_home_dir="${3:-$WORK_DIR}"
@@ -637,118 +635,55 @@ __create_service_user() {
  local create_gid="${5:-${SERVICE_GID:-$USER_GID}}"
  local random_id="$(__generate_random_uids)"
  local create_home_dir="${create_home_dir:-/home/$create_user}"
-  local log_file="/data/logs/init.txt"
+  grep -shq "^$create_user:" "/etc/passwd" && grep -shq "^$create_group:" "/etc/group" && return
  # Ensure log directory exists
  [ -d "$(dirname "$log_file")" ] || mkdir -p "$(dirname "$log_file")" 2>/dev/null
  # Validate that we have at least a user or group to create
  if [ -z "$create_user" ] && [ -z "$create_group" ]; then
    echo "Error: No user or group specified to create" >&2
    return 1
  fi
  # Validate user/group name format (alphanumeric, underscore, hyphen; must start with letter or underscore)
  if [ -n "$create_user" ] && ! echo "$create_user" | grep -qE '^[a-z_][a-z0-9_-]*$'; then
    echo "Error: Invalid username format '$create_user' - must start with letter/underscore, contain only lowercase alphanumeric, underscore, or hyphen" >&2
    return 1
  fi
  if [ -n "$create_group" ] && ! echo "$create_group" | grep -qE '^[a-z_][a-z0-9_-]*$'; then
    echo "Error: Invalid group name format '$create_group' - must start with letter/underscore, contain only lowercase alphanumeric, underscore, or hyphen" >&2
    return 1
  fi
  # Check if user and group already exist
  if grep -shq "^$create_user:" "/etc/passwd" && grep -shq "^$create_group:" "/etc/group"; then
    return 0
  fi
  # Root user/group - nothing to create
  if [ "$create_user" = "root" ] && [ "$create_group" = "root" ]; then
    return 0
  fi
-  # Override with RUNAS_USER if specified and not root
+  if [ "$RUNAS_USER" != "root" ] && [ "$RUNAS_USER" != "" ]; then
  if [ -n "$RUNAS_USER" ] && [ "$RUNAS_USER" != "root" ]; then
    create_user="$RUNAS_USER"
    create_group="$RUNAS_USER"
    create_uid="${create_uid:-1000}"
    create_gid="${create_gid:-1000}"
  fi
-  # Get existing UID/GID or use provided values
+  create_uid="$(__get_uid "$create_user" || echo "$create_uid")"
-  create_uid="$(__get_uid "$create_user" 2>/dev/null || echo "$create_uid")"
+  create_gid="$(__get_gid "$create_user" || echo "$create_gid")"
-  create_gid="$(__get_gid "$create_user" 2>/dev/null || echo "$create_gid")"
+  [ -n "$create_uid" ] && [ "$create_uid" != "0" ] || create_uid="$random_id"
-  # Ensure we have valid non-root UID/GID
+  [ -n "$create_gid" ] && [ "$create_gid" != "0" ] || create_gid="$random_id"
-  if [ -z "$create_uid" ] || [ "$create_uid" = "0" ]; then
+  while :; do
-    create_uid="$random_id"
+    if __check_for_uid "$create_uid" && __check_for_guid "$create_gid"; then
-  fi
+      create_uid=$(($random_id + 1))
-  if [ -z "$create_gid" ] || [ "$create_gid" = "0" ]; then
+      create_gid="$create_uid"
-    create_gid="$random_id"
+    else
-  fi
+      break
  # Validate UID/GID are numeric and within valid range
  if ! echo "$create_uid" | grep -qE '^[0-9]+$' || [ "$create_uid" -lt 1 ] || [ "$create_uid" -gt 65534 ]; then
    echo "Error: Invalid UID '$create_uid' - must be a number between 1 and 65534" >&2
    return 1
  fi
  if ! echo "$create_gid" | grep -qE '^[0-9]+$' || [ "$create_gid" -lt 1 ] || [ "$create_gid" -gt 65534 ]; then
    echo "Error: Invalid GID '$create_gid' - must be a number between 1 and 65534" >&2
    return 1
  fi
  # Find available UID/GID if current ones are taken (with loop protection)
  while __check_for_uid "$create_uid" || __check_for_guid "$create_gid"; do
    attempt=$((attempt + 1))
    if [ $attempt -ge $max_attempts ]; then
      echo "Error: Could not find available UID/GID after $max_attempts attempts" >&2
      return 1
    fi
    random_id=$((random_id + 1))
    create_uid="$random_id"
    create_gid="$random_id"
  done
  # Create group if needed
  if [ -n "$create_group" ] && ! __check_for_group "$create_group"; then
-    echo "Creating system group '$create_group' with GID $create_gid"
+    echo "creating system group $create_group"
-    if ! groupadd --force --system -g "$create_gid" "$create_group" 2>&1 | tee -a "$log_file"; then
+    groupadd --force --system -g $create_gid $create_group 2>/dev/stderr | tee -a "/data/logs/init.txt" >/dev/null
-      echo "Error: Failed to create group '$create_group'" >&2
+    grep -shq "$create_group" "/etc/group" || exitStatus=$((exitStatus + 1))
      exitStatus=$((exitStatus + 1))
    elif ! grep -shq "^$create_group:" "/etc/group"; then
      echo "Error: Group '$create_group' not found in /etc/group after creation" >&2
      exitStatus=$((exitStatus + 1))
    fi
  fi
-  # Create user if needed (only if group creation succeeded)
+  if [ -n "$create_user" ] && ! __check_for_user "$create_user"; then
-  if [ $exitStatus -eq 0 ] && [ -n "$create_user" ] && ! __check_for_user "$create_user"; then
+    echo "creating system user $create_user"
-    echo "Creating system user '$create_user' with UID $create_uid"
+    useradd --system --uid $create_uid --gid $create_group --comment "Account for $create_user" --home-dir "$create_home_dir" --shell /bin/false $create_user 2>/dev/stderr | tee -a "/data/logs/init.txt" >/dev/null
-    if ! useradd --system --uid "$create_uid" --gid "$create_group" --comment "Account for $create_user" --home-dir "$create_home_dir" --shell /bin/false "$create_user" 2>&1 | tee -a "$log_file"; then
+    grep -shq "$create_user" "/etc/passwd" || exitStatus=$((exitStatus + 1))
      echo "Error: Failed to create user '$create_user'" >&2
      exitStatus=$((exitStatus + 1))
    elif ! grep -shq "^$create_user:" "/etc/passwd"; then
      echo "Error: User '$create_user' not found in /etc/passwd after creation" >&2
      exitStatus=$((exitStatus + 1))
    fi
  fi
  # Setup user environment if creation succeeded
  if [ $exitStatus -eq 0 ] && [ -n "$create_group" ] && [ -n "$create_user" ]; then
    export WORK_DIR="${create_home_dir:-}"
    if [ -n "$WORK_DIR" ]; then
-      if [ ! -d "$WORK_DIR" ]; then
+      [ -d "$WORK_DIR" ] || mkdir -p "$WORK_DIR"
-        if ! mkdir -p "$WORK_DIR" 2>/dev/null; then
+      [ -d "/etc/.skel" ] && cp -Rf /etc/.skel/. "$WORK_DIR/"
          echo "Warning: Failed to create home directory '$WORK_DIR'" >&2
        fi
      fi
      if [ -d "/etc/.skel" ] && [ -d "$WORK_DIR" ]; then
        cp -Rf /etc/.skel/. "$WORK_DIR/" 2>/dev/null || echo "Warning: Failed to copy skeleton files to '$WORK_DIR'" >&2
      fi
    fi
-    # Setup sudo access
+    if [ -d "/etc/sudoers.d" ] && [ ! -f "/etc/sudoers.d/$create_user" ]; then
-    if [ -d "/etc/sudoers.d" ]; then
+      echo "$create_user ALL=(ALL)   NOPASSWD: ALL" >"/etc/sudoers.d/$create_user"
-      if [ ! -f "/etc/sudoers.d/$create_user" ]; then
+    elif [ -f "/etc/sudoers" ] && ! grep -qs "$create_user" "/etc/sudoers"; then
-        echo "$create_user ALL=(ALL)   NOPASSWD: ALL" >"/etc/sudoers.d/$create_user" 2>/dev/null || echo "Warning: Failed to create sudoers file for '$create_user'" >&2
+      echo "$create_user ALL=(ALL)   NOPASSWD: ALL" >"/etc/sudoers"
        chmod 0440 "/etc/sudoers.d/$create_user" 2>/dev/null
      fi
    elif [ -f "/etc/sudoers" ] && ! grep -qs "^$create_user " "/etc/sudoers"; then
      echo "$create_user ALL=(ALL)   NOPASSWD: ALL" >>"/etc/sudoers" 2>/dev/null || echo "Warning: Failed to add '$create_user' to sudoers" >&2
    fi
    exitStatus=0
    SERVICE_UID="$create_uid"
    SERVICE_GID="$create_gid"
    SERVICE_USER="$create_user"
    SERVICE_GROUP="$create_group"
  else
    echo "Warning: Falling back to root user due to creation errors" >&2
    SERVICE_UID=0
    SERVICE_GID=0
    SERVICE_USER=root
@@ -1332,26 +1267,24 @@ __check_service() {
 }
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 __switch_to_user() {
-  # Use SERVICE_USER if set, otherwise fall back to RUNAS_USER
+  if [ "$RUNAS_USER" = "root" ]; then
  local switch_user="${SERVICE_USER:-$RUNAS_USER}"
  if [ "$switch_user" = "root" ]; then
    su_exec=""
    su_cmd() { eval "$@" || return 1; }
  elif [ "$(builtin type -P gosu)" ]; then
-    su_exec="gosu $switch_user"
+    su_exec="gosu $RUNAS_USER"
    su_cmd() { $su_exec "$@" || return 1; }
  elif [ "$(builtin type -P runuser)" ]; then
-    su_exec="runuser -u $switch_user"
+    su_exec="runuser -u $RUNAS_USER"
    su_cmd() { $su_exec "$@" || return 1; }
  elif [ "$(builtin type -P sudo)" ]; then
-    su_exec="sudo -u $switch_user"
+    su_exec="sudo -u $RUNAS_USER"
    su_cmd() { $su_exec "$@" || return 1; }
  elif [ "$(builtin type -P su)" ]; then
-    su_exec="su -s /bin/sh - $switch_user"
+    su_exec="su -s /bin/sh - $RUNAS_USER"
    su_cmd() { $su_exec -c "$@" || return 1; }
  else
    su_exec=""
-    su_cmd() { echo "Can not switch to $switch_user: attempting to run as root" && eval "$@" || return 1; }
+    su_cmd() { echo "Can not switch to $RUNAS_USER: attempting to run as root" && eval "$@" || return 1; }
  fi
  export su_exec
 }