docker: remove entrypoint

remove the VOLUME instruction from the Dockerfile so you can change
user using your own image like this:

FROM drakkan/sftpgo:tag
USER root
RUN chown -R 1100:1100 /etc/sftpgo && chown 1100:1100 /var/lib/sftpgo /srv/sftpgo
USER 1100:1100

Dockerfile

@@ -23,43 +23,6 @@ RUN set -xe && \
     export COMMIT_SHA=${COMMIT_SHA:-$(git describe --always --dirty)} && \
     go build $(if [ -n "${FEATURES}" ]; then echo "-tags ${FEATURES}"; fi) -ldflags "-s -w -X github.com/drakkan/sftpgo/version.commit=${COMMIT_SHA} -X github.com/drakkan/sftpgo/version.date=`date -u +%FT%TZ`" -v -o sftpgo
 
-# install gosu
-ENV GOSU_VERSION 1.12
-
-RUN set -eux; \
-# save list of currently installed packages for later so we can clean up
-	savedAptMark="$(apt-mark showmanual)"; \
-	apt-get update; \
-	apt-get install -y --no-install-recommends ca-certificates wget; \
-	if ! command -v gpg; then \
-		apt-get install -y --no-install-recommends gnupg2 dirmngr; \
-	elif gpg --version | grep -q '^gpg (GnuPG) 1\.'; then \
-# "This package provides support for HKPS keyservers." (GnuPG 1.x only)
-		apt-get install -y --no-install-recommends gnupg-curl; \
-	fi; \
-	rm -rf /var/lib/apt/lists/*; \
-	\
-	dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
-	wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
-	wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
-	\
-# verify the signature
-	export GNUPGHOME="$(mktemp -d)"; \
-	gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
-	gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
-	command -v gpgconf && gpgconf --kill all || :; \
-	rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
-	\
-# clean up fetch dependencies
-	apt-mark auto '.*' > /dev/null; \
-	[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
-	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
-	\
-	chmod +x /usr/local/bin/gosu; \
-# verify that the binary works
-	gosu --version; \
-	gosu nobody true
-
 FROM debian:buster-slim
 
 RUN apt-get update && apt-get install --no-install-recommends -y ca-certificates mime-support && rm -rf /var/lib/apt/lists/*
@@ -72,13 +35,12 @@ RUN groupadd --system -g 1000 sftpgo && \
     --comment "SFTPGo user" --uid 1000 sftpgo
 
 # Install some optional packages used by SFTPGo features
-RUN apt-get update && apt-get install --no-install-recommends -y git rsync && apt-get clean && rm -rf /var/lib/apt/lists/*
+RUN apt-get update && apt-get install --no-install-recommends -y git rsync && rm -rf /var/lib/apt/lists/*
 
 COPY --from=builder /workspace/sftpgo.json /etc/sftpgo/sftpgo.json
 COPY --from=builder /workspace/templates /usr/share/sftpgo/templates
 COPY --from=builder /workspace/static /usr/share/sftpgo/static
 COPY --from=builder /workspace/sftpgo /usr/local/bin/
-COPY --from=builder /usr/local/bin/gosu /usr/local/bin/
 
 # Log to the stdout so the logs will be available using docker logs
 ENV SFTPGO_LOG_FILE_PATH=""
@@ -93,12 +55,9 @@ RUN sed -i "s|\"users_base_dir\": \"\",|\"users_base_dir\": \"/srv/sftpgo/data\"
 
 COPY ./docker/scripts/entrypoint.sh /docker-entrypoint.sh
 
-RUN chown -R sftpgo:sftpgo /etc/sftpgo && chown sftpgo:sftpgo /var/lib/sftpgo /srv/sftpgo && \
-    chmod 755 /docker-entrypoint.sh
+RUN chown -R sftpgo:sftpgo /etc/sftpgo && chown sftpgo:sftpgo /var/lib/sftpgo /srv/sftpgo
 
 WORKDIR /var/lib/sftpgo
+USER 1000:1000
 
-VOLUME [ "/var/lib/sftpgo", "/srv/sftpgo" ]
-
-ENTRYPOINT ["/docker-entrypoint.sh"]
 CMD ["sftpgo", "serve"]

Dockerfile.alpine

@@ -28,7 +28,7 @@ RUN set -xe && \
 
 FROM alpine:3.12
 
-RUN apk add --update --no-cache ca-certificates tzdata bash mailcap su-exec
+RUN apk add --update --no-cache ca-certificates tzdata mailcap
 
 # set up nsswitch.conf for Go's "netgo" implementation
 # https://github.com/gliderlabs/docker-alpine/issues/367#issuecomment-424546457
@@ -58,14 +58,9 @@ RUN sed -i "s|\"users_base_dir\": \"\",|\"users_base_dir\": \"/srv/sftpgo/data\"
     sed -i "s|\"backups\"|\"/srv/sftpgo/backups\"|" /etc/sftpgo/sftpgo.json && \
     sed -i "s|\"bind_address\": \"127.0.0.1\",|\"bind_address\": \"\",|" /etc/sftpgo/sftpgo.json
 
-COPY ./docker/scripts/entrypoint-alpine.sh /docker-entrypoint.sh
-
-RUN chown -R sftpgo:sftpgo /etc/sftpgo && chown sftpgo:sftpgo /var/lib/sftpgo /srv/sftpgo && \
-    chmod 755 /docker-entrypoint.sh
+RUN chown -R sftpgo:sftpgo /etc/sftpgo && chown sftpgo:sftpgo /var/lib/sftpgo /srv/sftpgo
 
 WORKDIR /var/lib/sftpgo
+USER 1000:1000
 
-VOLUME [ "/var/lib/sftpgo", "/srv/sftpgo" ]
-
-ENTRYPOINT ["/docker-entrypoint.sh"]
 CMD ["sftpgo", "serve"]

docker/README.md

@@ -27,10 +27,10 @@ If you prefer GitHub Container Registry to Docker Hub replace `drakkan/sftpgo:ta
 
 ### Container shell access and viewing SFTPGo logs
 
-The docker exec command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your `sftpgo` container:
+The docker exec command allows you to run commands inside a Docker container. The following command line will give you a shell inside your `sftpgo` container:
 
 ```shell
-docker exec -it some-sftpgo bash
+docker exec -it some-sftpgo sh
 ```
 
 The logs are available through Docker's container log:
@@ -98,10 +98,14 @@ docker run --name some-sftpgo \
     -d "drakkan/sftpgo:tag"
 ```
 
-Alternately you can set the following environment variables:
+Alternately build your own image using the official one as a base, here is a sample Dockerfile:
 
-- `SFTPGO_PUID`, sets the numeric user ID to use
-- `SFTPGO_PGID`, sets the numeric group ID to use
+```shell
+FROM drakkan/sftpgo:tag
+USER root
+RUN chown -R 1100:1100 /etc/sftpgo && chown 1100:1100 /var/lib/sftpgo /srv/sftpgo
+USER 1100:1100
+```
 
 ## Image Variants