From c7e2d1dd12e5bf16a1656866eb715714856c0e89 Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Sun, 20 Nov 2022 10:57:49 +0100
Subject: [PATCH 1/4] manage custom UID and GUID

---
 docker-entrypoint.sh | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 467d0bb..1cf16e6 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -10,6 +10,18 @@ chmod go-rwx /root/.ssh/authorized_keys
 sed -i "s/.*PasswordAuthentication .*/PasswordAuthentication no/g" /etc/ssh/sshd_config
 sed -i 's/root:!/root:*/' /etc/shadow
 
+if [ "$RSYNC_UID" != "" ] && [ "$RSYNC_GID" != "" ]; then
+    # UID and GID provided, create user
+    echo "UID and GID provided: $RSYNC_UID and $RSYNC_GID. Creating the user"
+    echo "rsyncuser:x:$RSYNC_UID:$RSYNC_GID::/home/rsyncuser:/bin/sh" >> /etc/passwd
+    echo "users:x:$RSYNC_GID:rsyncuser" >> /etc/group
+    RSYNC_USER=rsyncuser
+else
+    # UID and GID not provided
+    echo "UID and GID are NOT provided. Proceeding as the root user."
+    RSYNC_USER=root
+fi
+
 # Provide SSH_AUTH_KEY_* via environment variable
 for item in `env`; do
    case "$item" in

From 59e54f752a26860b99bd1edcd0ee56b2aa0e2b8c Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Sun, 20 Nov 2022 11:43:05 +0100
Subject: [PATCH 2/4] add su-exec

---
 Dockerfile           | 2 +-
 docker-entrypoint.sh | 8 +++++---
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 199842d..a7c5609 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,7 @@
 FROM alpine:3.12
 MAINTAINER "EEA: IDM2 A-Team" <eea-edw-a-team-alerts@googlegroups.com>
 
-RUN apk add --no-cache --virtual .run-deps rsync openssh tzdata curl ca-certificates && rm -rf /var/cache/apk/*
+RUN apk add --no-cache --virtual .run-deps su-exec rsync openssh tzdata curl ca-certificates && rm -rf /var/cache/apk/*
 COPY docker-entrypoint.sh /
 
 ENTRYPOINT ["/docker-entrypoint.sh"]
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 1cf16e6..20034b5 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -16,10 +16,12 @@ if [ "$RSYNC_UID" != "" ] && [ "$RSYNC_GID" != "" ]; then
     echo "rsyncuser:x:$RSYNC_UID:$RSYNC_GID::/home/rsyncuser:/bin/sh" >> /etc/passwd
     echo "users:x:$RSYNC_GID:rsyncuser" >> /etc/group
     RSYNC_USER=rsyncuser
+    RSYNC_GROUP=users
 else
     # UID and GID not provided
     echo "UID and GID are NOT provided. Proceeding as the root user."
     RSYNC_USER=root
+    RSYNC_GROUP=root
 fi
 
 # Provide SSH_AUTH_KEY_* via environment variable
@@ -72,7 +74,7 @@ if [ "$1" == "server" ]; then
   echo "Running: /usr/sbin/sshd $SSH_PARAMS                                             "
   echo "================================================================================"
 
-  exec /usr/sbin/sshd -D $SSH_PARAMS
+  su-exec $RSYNC_USER:$RSYNC_GROUP  /usr/sbin/sshd -D $SSH_PARAMS
 fi
 
 echo "Please add this ssh key to your server /home/user/.ssh/authorized_keys        "
@@ -85,10 +87,10 @@ echo "==========================================================================
 ################################################################################
 
 if [ "$1" == "client" ]; then
-  exec /usr/sbin/crond -f
+  su-exec $RSYNC_USER:$RSYNC_GROUP  /usr/sbin/crond -f
 fi
 
 ################################################################################
 # Anything else
 ################################################################################
-exec "$@"
+su-exec $RSYNC_USER:$RSYNC_GROUP "$@"

From 1e37e2ca29674a1b9e9345ebab591e8f11e38398 Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Sun, 20 Nov 2022 11:55:05 +0100
Subject: [PATCH 3/4] update readme

---
 Readme.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/Readme.md b/Readme.md
index 197bb06..36e9b2e 100644
--- a/Readme.md
+++ b/Readme.md
@@ -17,6 +17,15 @@ Get files from `remote server` to a `data container`:
 
 ## Advanced Usage
 
+### Change UID/GID
+
+if you want to execute rsync with another UID/GUID than root tou can use following environment variable
+
+- RSYNC_UID
+- RSYNC_GID
+
+docker run -it -e RSYNC_UID=1000001 -e RSYNC_GID=1000007 rsync /media/toto /media/tata
+
 ### Client setup
 
 Start client to pack and sync every night:

From 58bdc3674aeb49710be93646fd58f63e38ad079a Mon Sep 17 00:00:00 2001
From: Vincent Ducamps <vincent@ducamps.eu>
Date: Sun, 10 Nov 2024 15:54:07 +0100
Subject: [PATCH 4/4] Update Readme.md

Co-authored-by: Maximilian Leith <44269066+maxileith@users.noreply.github.com>
---
 Readme.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Readme.md b/Readme.md
index 36e9b2e..4c5bb85 100644
--- a/Readme.md
+++ b/Readme.md
@@ -19,7 +19,7 @@ Get files from `remote server` to a `data container`:
 
 ### Change UID/GID
 
-if you want to execute rsync with another UID/GUID than root tou can use following environment variable
+if you want to execute rsync with another UID/GUID than root you can use the following environment variables
 
 - RSYNC_UID
 - RSYNC_GID