From 347028ed3a3c1dfca8fe0df264cd7d0a788b609e Mon Sep 17 00:00:00 2001
From: Robert Dailey <rcdailey@gmail.com>
Date: Fri, 3 Jun 2022 19:39:13 -0500
Subject: [PATCH] chore(docker): Fix PUID:PGID usage in entrypoint.sh

The non-root user and group were still being created in the Dockerfile,
which means that if the PUID or PGID were modified, those changes would
not be processed.

This change completely removes the `adduser` / `addgroup` commands and
instead the user spec is passed directly to `su-exec`.
---
 docker/Dockerfile                 | 12 ++++--------
 docker/docker-compose.yml         |  1 -
 docker/scripts/prod/entrypoint.sh | 12 ++++++++----
 3 files changed, 12 insertions(+), 13 deletions(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 902564ca..1ec2d19d 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -29,13 +29,9 @@ ENV RECYCLARR_APP_DATA=/config \
 
 VOLUME /config
 
-RUN set -ex; \
-    cat /etc/passwd; \
-    apk add --no-cache busybox-suid su-exec libstdc++ tzdata; \
-    addgroup --gid $PGID recyclarr; \
-    adduser --uid $PUID --ingroup recyclarr --disabled-password --no-create-home recyclarr;
-
-COPY --chown=recyclarr:recyclarr --chmod=544 --from=build /build/recyclarr /usr/local/bin
-COPY --chown=recyclarr:recyclarr --chmod=544 ./scripts/prod/*.sh /
+RUN apk add --no-cache busybox-suid su-exec libstdc++ tzdata;
+
+COPY --chmod=755 --from=build /build/recyclarr /usr/local/bin
+COPY --chmod=755 ./scripts/prod/*.sh /
 
 ENTRYPOINT ["/entrypoint.sh"]
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index b17e1dfa..70d01bd8 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -8,7 +8,6 @@ networks:
 services:
   recyclarr:
     image: ghcr.io/recyclarr/recyclarr
-    container_name: recyclarr
     build:
       context: .
       args:
diff --git a/docker/scripts/prod/entrypoint.sh b/docker/scripts/prod/entrypoint.sh
index f14c19c1..88f38a1b 100644
--- a/docker/scripts/prod/entrypoint.sh
+++ b/docker/scripts/prod/entrypoint.sh
@@ -1,8 +1,12 @@
 #!/bin/sh
 set -e
 
+userspec="$PUID:$PGID"
+
+chown "$userspec" "$RECYCLARR_APP_DATA"
+
 if [ ! -f "$RECYCLARR_APP_DATA/recyclarr.yml" ]; then
-    su-exec recyclarr recyclarr create-config
+    su-exec "$userspec" recyclarr create-config
 fi
 
 # If the script has any arguments, invoke the CLI instead. This allows the image to be used as a CLI
@@ -13,12 +17,12 @@ fi
 # ```
 #
 if [ "$#" -gt 0 ]; then
-    su-exec recyclarr recyclarr "$@"
+    su-exec "$userspec" recyclarr "$@"
 else
     echo "Creating crontab file..."
-    echo "$CRON_SCHEDULE /cron.sh" | crontab -u recyclarr -
+    echo "$CRON_SCHEDULE su-exec \"$userspec\" /cron.sh" | crontab -
 
-    crontab -l -u recyclarr
+    crontab -l
 
     echo "Starting cron daemon..."
     exec crond -f