Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Fixes #4] Enhance Dockerfile with Runtime UID/GID Flexibility #10

Open
wants to merge 1 commit into
base: next
Choose a base branch
from
Open

[Fixes #4] Enhance Dockerfile with Runtime UID/GID Flexibility #10

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@ ENV SERVICE_TYPE=llm_gateway \
TEMP=/tmp \
PYTHONPATH=/usr/src

RUN apt-get update && apt-get install -y --no-install-recommends gosu \
&& rm -rf /var/lib/apt/lists/*

# Set the working directory in the container
WORKDIR /usr/src/

Expand All @@ -32,4 +35,4 @@ RUN VERSION=$(grep '^#' RELEASE.md | head -1 | cut -d '#' -f 2 | xargs) \
HEALTHCHECK CMD ./scripts/healthcheck.sh

# Define the entry point
ENTRYPOINT ["scripts/docker-entrypoint.sh"]
ENTRYPOINT ["scripts/docker-entrypoint.sh"]
60 changes: 57 additions & 3 deletions scripts/docker-entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,60 @@
#!/bin/bash

# Set default UID and GID (defaults to www-data: 33:33 if not specified)
USER_ID=${USER_ID:-33}
GROUP_ID=${GROUP_ID:-33}

# Default values for user and group names
USER_NAME="appuser"
GROUP_NAME="appgroup"

# Function to create a user/group if needed and adjust permissions
function setup_user() {
echo "Configuring runtime user with UID=$USER_ID and GID=$GROUP_ID"

# Check if a group with the specified GID already exists
if getent group "$GROUP_ID" >/dev/null 2>&1; then
GROUP_NAME=$(getent group "$GROUP_ID" | cut -d: -f1)
echo "A group with GID=$GROUP_ID already exists: $GROUP_NAME"
else
# Create the group if it does not exist
echo "Creating group with GID=$GROUP_ID"
groupadd -g "$GROUP_ID" "$GROUP_NAME"
fi

# Check if a user with the specified UID already exists
if id -u "$USER_ID" >/dev/null 2>&1; then
USER_NAME=$(getent passwd "$USER_ID" | cut -d: -f1)
echo "A user with UID=$USER_ID already exists: $USER_NAME"
else
# Create the user if it does not exist
echo "Creating user with UID=$USER_ID and GID=$GROUP_ID"
useradd -m -u "$USER_ID" -g "$GROUP_NAME" "$USER_NAME"
fi

# Adjust ownership of the application directories
echo "Adjusting ownership of application directories"
chown -R "$USER_NAME:$GROUP_NAME" /usr/src

# Get the user's home directory from the system
USER_HOME=$(getent passwd "$USER_NAME" | cut -d: -f6)

# Ensure the home directory exists
if [ ! -d "$USER_HOME" ]; then
echo "Ensure home directory exists: $USER_HOME"
mkdir -p "$USER_HOME"
chown "$USER_NAME:$GROUP_NAME" "$USER_HOME"
fi

# Grant full permissions to the user on their home directory
echo "Granting full permissions to $USER_NAME on $USER_HOME"
chmod -R u+rwx "$USER_HOME"
}

setup_user

# Start FastAPI
python -m app &
gosu "$USER_NAME" python -m app &
# Start Celery
celery -A app.http_server.celery_app.celery_app worker --loglevel=info -c ${CONCURRENCY:-1}
wait
gosu "$USER_NAME" celery -A app.http_server.celery_app.celery_app worker --loglevel=info -c ${CONCURRENCY:-1}
wait