Allow to set custom PUID/PGID

This commit is contained in:
CrazyMax 2019-11-17 07:15:23 +01:00
parent fdb28342f3
commit 171e0c32f1
No known key found for this signature in database
GPG Key ID: 3248E46B6BB8C7F7
3 changed files with 67 additions and 36 deletions

View File

@ -1,5 +1,5 @@
# syntax=docker/dockerfile:experimental
FROM --platform=${TARGETPLATFORM:-linux/amd64} adoptopenjdk:12-jre-hotspot
FROM --platform=${TARGETPLATFORM:-linux/amd64} adoptopenjdk:12-jre-hotspot as suexec
ARG BUILD_DATE
ARG VCS_REF
@ -9,6 +9,21 @@ ARG TARGETPLATFORM
ARG BUILDPLATFORM
RUN printf "I am running on ${BUILDPLATFORM:-linux/amd64}, building for ${TARGETPLATFORM:-linux/amd64}\n$(uname -a)\n"
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
gcc \
libc-dev \
&& curl -o /usr/local/bin/su-exec.c https://raw.githubusercontent.com/ncopa/su-exec/master/su-exec.c \
&& gcc -Wall /usr/local/bin/su-exec.c -o/usr/local/bin/su-exec \
&& chown root:root /usr/local/bin/su-exec \
&& chmod 0755 /usr/local/bin/su-exec
FROM --platform=${TARGETPLATFORM:-linux/amd64} adoptopenjdk:12-jre-hotspot
ARG BUILD_DATE
ARG VCS_REF
ARG VERSION
LABEL maintainer="CrazyMax" \
org.label-schema.build-date=$BUILD_DATE \
org.label-schema.name="jetbrains-license-server" \
@ -23,7 +38,9 @@ LABEL maintainer="CrazyMax" \
ENV JLS_PATH="/opt/jetbrains-license-server" \
JLS_VERSION="21137" \
JLS_SHA256="05241f0d41644ecc7679a879c829e57d423e151b997b45c5e986d498d6fe2f21" \
TZ="UTC"
TZ="UTC" \
PUID="1000" \
PGID="1000"
RUN apt-get update \
&& apt-get install -y \
@ -38,17 +55,16 @@ RUN apt-get update \
&& rm -f "/tmp/jls.zip" \
&& chmod a+x "$JLS_PATH/bin/license-server.sh" \
&& ln -sf "$JLS_PATH/bin/license-server.sh" "/usr/local/bin/license-server" \
&& groupadd -f -g 1000 jls \
&& useradd -o -s /bin/bash -d /data -u 1000 -g 1000 -m jls \
&& groupadd -f -g ${PGID} jls \
&& useradd -o -s /bin/bash -d /data -u ${PUID} -g jls -m jls \
&& chown -R jls. /data "$JLS_PATH" \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
COPY --from=suexec /usr/local/bin/su-exec /usr/local/bin/su-exec
COPY entrypoint.sh /entrypoint.sh
RUN chmod a+x /entrypoint.sh
USER jls
EXPOSE 8000
WORKDIR /data
VOLUME [ "/data" ]

View File

@ -45,6 +45,8 @@ Image: crazymax/jetbrains-license-server:latest
### Environment variables
* `TZ`: The timezone assigned to the container (default `UTC`)
* `PUID`: Process UID (default `1000`)
* `PGID`: Process GID (default `1000`)
* `JLS_VIRTUAL_HOSTS`: [Virtual hosts](https://www.jetbrains.com/help/license_server/setting_host_and_port.html#d1010e63) where license server will be available (comma delimited for several hosts)
* `JLS_CONTEXT`: [Context path](https://www.jetbrains.com/help/license_server/setting_host_and_port.html#d1010e63) used by the license server (default `/`)
* `JLS_ACCESS_CONFIG`: JSON file to configure [user restrictions](https://www.jetbrains.com/help/license_server/configuring_user_restrictions.html) (default `/data/access-config.json`)
@ -61,7 +63,7 @@ Image: crazymax/jetbrains-license-server:latest
* `/data`: Contains [registration data](https://www.jetbrains.com/help/license_server/migrate.html) and configuration
> :warning: Note that the volume should be owned by uid `1000` and gid `1000`. If you don't give the volume correct permissions, the container may not start.
> :warning: Note that the volumes should be owned by the user/group with the specified `PUID` and `PGID`. If you don't give the volume correct permissions, the container may not start.
### Ports
@ -94,7 +96,7 @@ $ docker run -d -p 8000:8000 --name jetbrains_license_server \
## Update
Recreate the container whenever i push an update :
Recreate the container whenever I push an update:
```bash
docker-compose pull

View File

@ -6,13 +6,23 @@ JLS_PORT=8000
JLS_CONTEXT=${JLS_CONTEXT:-/}
JLS_ACCESS_CONFIG=${JLS_ACCESS_CONFIG:-/data/access-config.json}
if [ -n "${PGID}" ] && [ "${PGID}" != "$(id -g jls)" ]; then
echo "Switching to PGID ${PGID}..."
sed -i -e "s/^jls:\([^:]*\):[0-9]*/jls:\1:${PGID}/" /etc/group
sed -i -e "s/^jls:\([^:]*\):\([0-9]*\):[0-9]*/jls:\1:\2:${PGID}/" /etc/passwd
fi
if [ -n "${PUID}" ] && [ "${PUID}" != "$(id -u jls)" ]; then
echo "Switching to PUID ${PUID}..."
sed -i -e "s/^jls:\([^:]*\):[0-9]*:\([0-9]*\)/jls:\1:${PUID}:\2/" /etc/passwd
fi
# Init
echo "Initializing files and folders..."
touch "/data/access-config.json"
su-exec jls:jls touch "/data/access-config.json"
# https://www.jetbrains.com/help/license_server/setting_host_and_port.html
echo "Configuring Jetbrains License Server..."
license-server configure --listen ${JLS_LISTEN_ADDRESS} --port ${JLS_PORT} --context ${JLS_CONTEXT}
su-exec jls:jls license-server configure --listen ${JLS_LISTEN_ADDRESS} --port ${JLS_PORT} --context ${JLS_CONTEXT}
# https://www.jetbrains.com/help/license_server/setting_host_and_port.html
if [ ! -z "$JLS_VIRTUAL_HOSTS" ] ; then
@ -20,45 +30,48 @@ if [ ! -z "$JLS_VIRTUAL_HOSTS" ] ; then
for JLS_VIRTUAL_HOST in $(echo ${JLS_VIRTUAL_HOSTS} | tr "," "\n"); do
echo "-> ${JLS_VIRTUAL_HOST}"
done
license-server configure --jetty.virtualHosts.names=${JLS_VIRTUAL_HOSTS}
su-exec jls:jls license-server configure --jetty.virtualHosts.names=${JLS_VIRTUAL_HOSTS}
fi
# https://www.jetbrains.com/help/license_server/configuring_user_restrictions.html
if [ -s "$JLS_ACCESS_CONFIG" ]; then
echo "Enabling user restrictions access from $JLS_ACCESS_CONFIG..."
license-server configure --access.config=file:${JLS_ACCESS_CONFIG}
su-exec jls:jls license-server configure --access.config=file:${JLS_ACCESS_CONFIG}
fi
# https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html
if [ ! -z "$JLS_SMTP_SERVER" -a ! -z "$JLS_STATS_RECIPIENTS" ] ; then
JLS_SMTP_PORT=${JLS_SMTP_PORT:-25}
echo "Enabling User Reporting via SMTP at $JLS_SMTP_SERVER:$JLS_SMTP_PORT..."
license-server configure --smtp.server ${JLS_SMTP_SERVER} --smtp.server.port ${JLS_SMTP_PORT}
su-exec jls:jls license-server configure --smtp.server ${JLS_SMTP_SERVER} --smtp.server.port ${JLS_SMTP_PORT}
if [ ! -z "$JLS_SMTP_USERNAME" -a ! -z "$JLS_SMTP_PASSWORD" ] ; then
echo "Using SMTP username $JLS_SMTP_USERNAME with password..."
license-server configure --smtp.server.username ${JLS_SMTP_USERNAME}
license-server configure --smtp.server.password ${JLS_SMTP_PASSWORD}
su-exec jls:jls license-server configure --smtp.server.username ${JLS_SMTP_USERNAME}
su-exec jls:jls license-server configure --smtp.server.password ${JLS_SMTP_PASSWORD}
fi
if [ ! -z "$JLS_STATS_FROM" ] ; then
echo "Setting stats sender to $JLS_STATS_FROM..."
license-server configure --stats.from ${JLS_STATS_FROM}
su-exec jls:jls license-server configure --stats.from ${JLS_STATS_FROM}
fi
if [ "$JLS_REPORT_OUT_OF_LICENSE" -gt 0 ]; then
echo "Setting report out of licence to $JLS_REPORT_OUT_OF_LICENSE%..."
license-server configure --reporting.out.of.license.threshold ${JLS_REPORT_OUT_OF_LICENSE}
su-exec jls:jls license-server configure --reporting.out.of.license.threshold ${JLS_REPORT_OUT_OF_LICENSE}
fi
echo "Stats recipients: $JLS_STATS_RECIPIENTS..."
license-server configure --stats.recipients ${JLS_STATS_RECIPIENTS}
su-exec jls:jls license-server configure --stats.recipients ${JLS_STATS_RECIPIENTS}
fi
# https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html
if [ ! -z "$JLS_STATS_TOKEN" ] ; then
echo "Enabling stats via API at /$JLS_STATS_TOKEN..."
license-server configure --reporting.token ${JLS_STATS_TOKEN}
su-exec jls:jls license-server configure --reporting.token ${JLS_STATS_TOKEN}
fi
exec "$@"
echo "Fixing perms..."
chown -R jls:jls /data "$JLS_PATH"
exec su-exec jls:jls "$@"