start.sh script folder permissions

[docker] adjusted start.sh script for folder permissions
[docker] adjusted healthcheck
[docs] add non-root user info to volumes

docker/Dockerfile

@@ -67,9 +67,6 @@ COPY --from=frontend-build /tmp/frontend/dist ./dist
 # Set the working directory to /app/backend
 WORKDIR /app/backend
 
-# Add a non-root user
-#RUN useradd -m endurain
-
 # Copy requirements.txt from requirements-stage to /app/backend
 COPY --from=requirements-stage /tmp/backend/requirements.txt ./requirements.txt
 
@@ -86,7 +83,6 @@ COPY docker/start.sh /docker-entrypoint.d/start.sh
 RUN chmod +x /docker-entrypoint.d/start.sh
 
 # Change ownership to non-root user
-#RUN chown -R endurain:endurain ./
 RUN chown -R endurain /app
 
 # Switch to non-root user
@@ -96,7 +92,7 @@ USER endurain
 EXPOSE 80
 
 # Add a healthcheck
-HEALTHCHECK --interval=30s --timeout=5s --start-period=10s CMD curl -f http://localhost/api/v1/about || exit 1
+HEALTHCHECK --interval=30s --timeout=10s --start-period=30s CMD curl -f http://localhost/api/v1/about || exit 1
 
 # Run the FastAPI app
 ENTRYPOINT ["/docker-entrypoint.d/start.sh"]

docker/start.sh

@@ -1,21 +1,61 @@
 #!/bin/bash
+
+# Exit immediately if a command exits with a non-zero status
 set -e
 
+# Check if the mounted directory exists and has proper permissions
+echo "Checking ownership of necessary directories..."
+
+# Dynamically adjust UID and GID based on host-mounted directory
+if [ -d "/app/backend/logs" ]; then
+    HOST_UID=$(stat -c '%u' /app/backend/logs)  # Get UID if directory exists
+    HOST_GID=$(stat -c '%g' /app/backend/logs)  # Get GID if directory exists
+else
+    echo "/app/backend/logs directory does not exist. Using default UID 1000."
+    HOST_UID=1000  # Default to 1000 if directory does not exist
+    HOST_GID=1000  # Default to 1000 if directory does not exist
+fi
+
+# Get the current UID and GID of the 'endurain' user
+USER_UID=$(id -u endurain)
+USER_GID=$(id -g endurain)
+
+# Only adjust if the user UID/GID doesn't match the host directory UID/GID
+if [ "$USER_UID" -ne "$HOST_UID" ] || [ "$USER_GID" -ne "$HOST_GID" ]; then
+    echo "Adjusting ownership to match host UID ($HOST_UID) and GID ($HOST_GID)..."
+
+    # Avoid setting the UID/GID to 0 (root user UID/GID)
+    if [ "$HOST_UID" -ne 0 ]; then
+        usermod -u "$HOST_UID" endurain
+    else
+        echo "Skipping UID change to 0 (root UID)."
+    fi
+
+    if [ "$HOST_GID" -ne 0 ]; then
+        groupmod -g "$HOST_GID" endurain
+    else
+        echo "Skipping GID change to 0 (root GID)."
+    fi
+
+    # Update the ownership of the mounted directories
+    chown -R endurain:endurain /app/backend/logs /app/backend/user_images /app/backend/files
+fi
+
 # Substitute MY_APP_ENDURAIN_HOST with the value of ENDURAIN_HOST
-if [ ! -z "$ENDURAIN_HOST" ]; then
+if [ -n "$ENDURAIN_HOST" ]; then
     echo "Substituting MY_APP_ENDURAIN_HOST with $ENDURAIN_HOST"
     find /app/frontend/dist -type f \( -name '*.js' -o -name '*.css' \) -exec sed -i "s|MY_APP_ENDURAIN_HOST|${ENDURAIN_HOST}|g" '{}' +
 fi
 
 # Substitute MY_APP_STRAVA_CLIENT_ID with the value of STRAVA_CLIENT_ID
-if [ ! -z "$STRAVA_CLIENT_ID" ]; then
+if [ -n "$STRAVA_CLIENT_ID" ]; then
     echo "Substituting MY_APP_STRAVA_CLIENT_ID with $STRAVA_CLIENT_ID"
     find /app/frontend/dist -type f \( -name '*.js' -o -name '*.css' \) -exec sed -i "s|MY_APP_STRAVA_CLIENT_ID|${STRAVA_CLIENT_ID}|g" '{}' +
 fi
 
 echo "Starting FastAPI with BEHIND_PROXY=$BEHIND_PROXY"
 
-# Base command as an array
+# Define the base command for starting the FastAPI server as an array
 CMD=("uvicorn" "main:app" "--host" "0.0.0.0" "--port" "80")
 
 # Add --proxy-headers if BEHIND_PROXY is true
@@ -25,4 +65,4 @@ if [ "$BEHIND_PROXY" = "true" ]; then
 fi
 
 # Execute the command
-exec "${CMD[@]}"
+exec "${CMD[@]}"