From be0792dab7d62640894281f1d8403200b4e7e10a Mon Sep 17 00:00:00 2001
From: Nystik <236107-Nystik@users.noreply.gitlab.com>
Date: Sat, 21 Mar 2026 00:34:52 +0100
Subject: [PATCH] improve docker setup

---
 Dockerfile            |  6 ++++--
 scripts/entrypoint.sh | 28 +++++++++++++++++++++++++++-
 2 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 7a4cea0..75df542 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -16,7 +16,7 @@ RUN npm run build
 FROM node:20-slim
 
 RUN apt-get update && apt-get install -y --no-install-recommends \
-  ca-certificates curl binutils xz-utils \
+  ca-certificates curl binutils xz-utils gosu \
   && rm -rf /var/lib/apt/lists/*
 
 WORKDIR /app
@@ -36,10 +36,12 @@ ENV PORT=8080
 ENV VAULT_ROOT=/vaults
 ENV OBSIDIAN_VERSION=1.12.4
 ENV OBSIDIAN_ASSETS_PATH=/app/obsidian-app
+ENV PUID=1000
+ENV PGID=1000
 
 EXPOSE 8080
 
 VOLUME /vaults
 VOLUME /app/obsidian-app
 
-ENTRYPOINT ["/app/scripts/entrypoint.sh"]
+ENTRYPOINT ["/app/scripts/entrypoint.sh"]
\ No newline at end of file
diff --git a/scripts/entrypoint.sh b/scripts/entrypoint.sh
index d96bb28..acef5de 100644
--- a/scripts/entrypoint.sh
+++ b/scripts/entrypoint.sh
@@ -1,6 +1,31 @@
 #!/bin/bash
 set -e
 
+# Create user with specified UID/GID
+PUID=${PUID:-1000}
+PGID=${PGID:-1000}
+
+# Create group if GID doesn't exist, otherwise use existing
+if ! getent group "$PGID" >/dev/null 2>&1; then
+  groupadd -g "$PGID" ignis
+else
+  EXISTING_GROUP=$(getent group "$PGID" | cut -d: -f1)
+  echo "[ignis] Using existing group $EXISTING_GROUP (GID $PGID)"
+fi
+
+# Create user if UID doesn't exist, otherwise use existing
+if ! id -u "$PUID" >/dev/null 2>&1; then
+  GROUP_NAME=$(getent group "$PGID" | cut -d: -f1)
+  useradd -u "$PUID" -g "$PGID" -m -s /bin/bash ignis 2>/dev/null || useradd -u "$PUID" -g "$GROUP_NAME" -M -N ignis
+  RUN_USER="ignis"
+else
+  RUN_USER=$(id -un "$PUID")
+  echo "[ignis] Using existing user $RUN_USER (UID $PUID)"
+fi
+
+# Fix ownership of volumes
+chown -R "$PUID:$PGID" /vaults /app/obsidian-app
+
 OBSIDIAN_DIR="/app/obsidian-app"
 OBSIDIAN_VERSION="${OBSIDIAN_VERSION:-1.12.4}"
 
@@ -33,4 +58,5 @@ cp /app/dist/ignis-ui.js "$OBSIDIAN_DIR/ignis-ui.js"
 cp /app/dist/shim-loader.js "$OBSIDIAN_DIR/shim-loader.js"
 cp /app/images/favicon.png "$OBSIDIAN_DIR/favicon.png"
 
-exec node /app/server/index.js
+# Run as the determined user
+exec gosu "$RUN_USER" node /app/server/index.js
\ No newline at end of file