Docker: Fix entrypoint-init.sh script for non-root users #1337 #2076

docker/develop/armv7/Dockerfile

@@ -110,7 +110,7 @@ RUN /usr/local/go/bin/go install github.com/tianon/gosu@latest; \
     cp /go/bin/gosu /bin/gosu && \
     echo "alias ll='ls -alh'" > /photoprism/.bash_aliases && \
     echo "alias ll='ls -alh'" > /root/.bash_aliases && \
-    echo "ALL ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/all && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: ALL" >> /etc/sudoers.d/all && \
     cp /root/.local/bin/heif-convert.sh /usr/local/bin/heif-convert && \
     cp /root/.local/bin/entrypoint.sh /entrypoint.sh && \
     chmod -R a+rwX /go

docker/develop/bullseye-slim/Dockerfile

@@ -64,7 +64,7 @@ RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf.d/80retry && \
       /photoprism/storage/config \
       /photoprism/storage/cache \
     && \
-    echo "ALL ALL=(ALL) NOPASSWD: /opt/photoprism/scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /opt/photoprism/scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
     cleanup.sh
 
 # define default directory and user

docker/develop/bullseye/Dockerfile

@@ -121,7 +121,7 @@ RUN /usr/local/go/bin/go install github.com/tianon/gosu@latest && \
     cp /go/bin/gosu /bin/gosu && \
     echo "alias go=richgo ll='ls -alh'" > /photoprism/.bash_aliases && \
     echo "alias go=richgo ll='ls -alh'" > /root/.bash_aliases && \
-    echo "ALL ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/all && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: ALL" >> /etc/sudoers.d/all && \
     cp /root/.local/bin/heif-convert.sh /usr/local/bin/heif-convert && \
     cp /root/.local/bin/entrypoint.sh /entrypoint.sh && \
     chmod -R a+rwX /go

docker/develop/buster/Dockerfile

@@ -120,7 +120,7 @@ RUN /usr/local/go/bin/go install github.com/tianon/gosu@latest && \
     cp /go/bin/gosu /bin/gosu && \
     echo "alias go=richgo ll='ls -alh'" > /photoprism/.bash_aliases && \
     echo "alias go=richgo ll='ls -alh'" > /root/.bash_aliases && \
-    echo "ALL ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/all && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: ALL" >> /etc/sudoers.d/all && \
     cp /root/.local/bin/heif-convert.sh /usr/local/bin/heif-convert && \
     cp /root/.local/bin/entrypoint.sh /entrypoint.sh && \
     chmod -R a+rwX /go

docker/develop/impish/Dockerfile

@@ -121,7 +121,7 @@ RUN /usr/local/go/bin/go install github.com/tianon/gosu@latest && \
     cp /go/bin/gosu /bin/gosu && \
     echo "alias go=richgo ll='ls -alh'" > /photoprism/.bash_aliases && \
     echo "alias go=richgo ll='ls -alh'" > /root/.bash_aliases && \
-    echo "ALL ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/all && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: ALL" >> /etc/sudoers.d/all && \
     cp /root/.local/bin/heif-convert.sh /usr/local/bin/heif-convert && \
     cp /root/.local/bin/entrypoint.sh /entrypoint.sh && \
     chmod -R a+rwX /go

docker/photoprism/armv7/Dockerfile

@@ -123,7 +123,7 @@ RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf.d/80retry && \
       /photoprism/storage/config \
       /photoprism/storage/cache \
     && \
-    echo "ALL ALL=(ALL) NOPASSWD: /opt/photoprism/scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /opt/photoprism/scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
     cp /opt/photoprism/scripts/entrypoint.sh /entrypoint.sh && \
     cleanup.sh
 

docker/photoprism/buster/Dockerfile

@@ -124,7 +124,7 @@ RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf.d/80retry && \
       /photoprism/storage/config \
       /photoprism/storage/cache \
     && \
-    echo "ALL ALL=(ALL) NOPASSWD: /opt/photoprism/scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /opt/photoprism/scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
     cp /opt/photoprism/scripts/entrypoint.sh /entrypoint.sh && \
     cleanup.sh
 

docker/photoprism/impish/Dockerfile

@@ -123,7 +123,7 @@ RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf.d/80retry && \
       /photoprism/storage/config \
       /photoprism/storage/cache \
     && \
-    echo "ALL ALL=(ALL) NOPASSWD: /opt/photoprism/scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /opt/photoprism/scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
     cp /opt/photoprism/scripts/entrypoint.sh /entrypoint.sh && \
     cleanup.sh
 

scripts/dist/Makefile

@@ -16,13 +16,16 @@ clean:
 	apt-get -y autoremove
 	apt-get -y autoclean
 	rm -rf /var/lib/apt/lists/*
+nano:
+	apt-get update
+	apt-get -qq install nano
 gpu:
-	install-gpu.sh
+	./install-gpu.sh
 tensorflow:
-	install-tensorflow.sh auto
+	./install-tensorflow.sh auto
 davfs:
-	install-davfs.sh
+	./install-davfs.sh
 
-.PHONY: update apt-upgrade clean apt-cleanup gpu tensorflow davfs install-davfs \
+.PHONY: update apt-upgrade clean apt-cleanup nano gpu tensorflow davfs \
-    tensorflow-amd64-cpu tensorflow-amd64-avx tensorflow-amd64-avx2 install-davfs \
+    tensorflow-amd64-cpu tensorflow-amd64-avx tensorflow-amd64-avx2 \
-    intel-graphics install-intel-graphics;
+    intel-graphics install-intel-graphics install-davfs;

scripts/dist/entrypoint-init.sh

@@ -14,13 +14,13 @@ re='^[0-9]+$'
 # detect environment
 case $DOCKER_ENV in
   prod)
-    INIT_MAKEFILE="/opt/photoprism/scripts/Makefile"
+    INIT_SCRIPTS="/opt/photoprism/scripts"
     CHOWN_DIRS=("${PHOTOPRISM_HOME}" "${PHOTOPRISM_DIST}")
     CHMOD_DIRS=("${PHOTOPRISM_DIST}")
     ;;
 
   develop)
-    INIT_MAKEFILE="/go/src/github.com/photoprism/photoprism/scripts/dist/Makefile"
+    INIT_SCRIPTS="/go/src/github.com/photoprism/photoprism/scripts/dist"
     CHOWN_DIRS=("/go /photoprism" "/opt/photoprism" "/tmp/photoprism")
     CHMOD_DIRS=("/photoprism" "/opt/photoprism" "/tmp/photoprism")
     ;;
@@ -65,11 +65,9 @@ INIT_LOCK="/root/.init-lock"
 
 # execute targets via make
 if [[ ! -e ${INIT_LOCK} ]]; then
-
-
   for INIT_TARGET in $PHOTOPRISM_INIT; do
     echo "init $INIT_TARGET..."
-    make -f "$INIT_MAKEFILE" "$INIT_TARGET}"
+    make -C "$INIT_SCRIPTS" "$INIT_TARGET"
   done
 
   echo 1 >${INIT_LOCK}