Add PUID/PGID

Dockerfile

@@ -48,12 +48,13 @@ FROM alpine:3
 
 WORKDIR /app
 
-# Install runtime dependencies
+# Install runtime dependencies including su-exec for user switching
 RUN apk add --no-cache \
     ca-certificates \
     wget \
     ffmpeg \
-    libheif
+    libheif \
+    su-exec
 
 # Copy backend binary
 COPY --from=backend-builder /app/sbv .
@@ -61,15 +62,24 @@ COPY --from=backend-builder /app/sbv .
 # Copy frontend build
 COPY --from=frontend-builder /app/frontend/dist ./frontend/dist
 
+# Copy entrypoint script
+COPY docker-entrypoint.sh /usr/local/bin/
+RUN chmod +x /usr/local/bin/docker-entrypoint.sh
+
 # Create data directory for database
 RUN mkdir -p /data
 
 # Set environment variables
-ENV PORT=8081
-ENV DB_PATH_PREFIX=/data
+ENV PORT=8081 \
+    DB_PATH_PREFIX=/data \
+    PUID=1000 \
+    PGID=1000
 
 # Expose port
 EXPOSE 8081
 
+# Use entrypoint to handle user switching
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
+
 # Run the application
 CMD ["./sbv"]

README.md

@@ -13,6 +13,8 @@ Run the latest stable version:
 docker run -d \
   -p 8081:8081 \
   -v $(pwd)/data:/data \
+  -e PUID=1000 \
+  -e PGID=1000 \
   ghcr.io/lowcarbdev/sbv:stable
 ```
 
@@ -26,6 +28,9 @@ services:
       - "8081:8081"
     volumes:
       - ./data:/data
+    environment:
+      - PUID=1000
+      - PGID=1000
     restart: unless-stopped
 ```
 
@@ -47,6 +52,13 @@ services:
 - **Frontend**: React with Vite and Bootstrap CSS
 - **Database**: SQLite (stores messages, including media as BLOBs)
 
+## Environment Variables
+
+- `PUID` - User ID to run the application as (default: `1000`)
+- `PGID` - Group ID to run the application as (default: `1000`)
+
+**Note on PUID/PGID**: Setting these to match your host user ensures that files created in the mounted volume have the desired permissions. Find your UID/GID with `id -u` and `id -g`.
+
 ## Data Persistence
 
 The Docker setup uses a bind mount to persist the database:

compose.yaml

@@ -13,6 +13,8 @@ services:
     environment:
       - PORT=8081
       - DB_PATH_PREFIX=/data
+      - PUID=1000
+      - PGID=1000
     restart: unless-stopped
     healthcheck:
       test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:8081/api/health"]

docker-entrypoint.sh

@@ -0,0 +1,34 @@
+#!/bin/sh
+set -e
+
+# Default UID and GID if not specified
+PUID="${PUID:-1000}"
+PGID="${PGID:-1000}"
+
+# Create group if it doesn't exist
+if ! getent group sbv >/dev/null 2>&1; then
+    addgroup -g "${PGID}" sbv
+fi
+
+# Create user if it doesn't exist
+if ! getent passwd sbv >/dev/null 2>&1; then
+    adduser -D -u "${PUID}" -G sbv sbv
+fi
+
+# Ensure the user has the correct UID/GID
+if [ "$(id -u sbv)" != "${PUID}" ] || [ "$(id -g sbv)" != "${PGID}" ]; then
+    deluser sbv >/dev/null 2>&1 || true
+    delgroup sbv >/dev/null 2>&1 || true
+    addgroup -g "${PGID}" sbv
+    adduser -D -u "${PUID}" -G sbv sbv
+fi
+
+# Ensure data directory exists and has correct permissions
+mkdir -p "${DB_PATH_PREFIX:-/data}"
+chown -R sbv:sbv "${DB_PATH_PREFIX:-/data}"
+
+# Log the user we're running as
+echo "Running as UID=${PUID} GID=${PGID}"
+
+# Switch to the sbv user and execute the application
+exec su-exec sbv "$@"