allowing UID/GID mapping as per issue #73

Ric Harvey · Ric Harvey · commit 4cfc4cb998f4 · 2017-02-13T10:15:39.000Z
diff --git a/Dockerfile b/Dockerfile
@@ -232,5 +232,4 @@ VOLUME /var/www/html
 
 EXPOSE 443 80
 
-#CMD ["/usr/bin/supervisord", "-n", "-c",  "/etc/supervisord.conf"]
 CMD ["/start.sh"]
diff --git a/README.md b/README.md
@@ -62,6 +62,8 @@ The following flags are a list of all the currently supported options that can b
  - **REAL_IP_HEADER** : set to 1 to enable real ip support in the logs
  - **REAL_IP_FROM** : set to your CIDR block for real ip in logs
  - **RUN_SCRIPTS** : Set to 1 to execute scripts
+ - **PGID** : Set to GroupId you want to use for nginx (helps permissions when using local volume)
+ - **PUID** : Set to UserID you want to use for nginx (helps permissions when using local volume)
 
 ### Dynamically Pulling code from git
 One of the nice features of this container is its ability to pull code from a git repository with a couple of environmental variables passed at run time. Please take a look at our recommended [repo layout guidelines](https://github.com/ngineered/nginx-php-fpm/blob/master/docs/repo_layout.md).
@@ -105,6 +107,18 @@ To pull a repository and specify a branch add the GIT_BRANCH environment variabl
 sudo docker run -d -e 'GIT_NAME=full_name' -e 'GIT_USERNAME=git_username' -e 'GIT_REPO=github.com/project' -e 'SSH_KEY=BIG_LONG_BASE64_STRING_GOES_IN_HERE' -e 'GIT_BRANCH=stage' richarvey/nginx-php-fpm:latest
 ```
 
+### User / Group Identifiers
+
+Sometimes when using data volumes (`-v` flags) permissions issues can arise between the host OS and the container. We avoid this issue by allowing you to specify the user `PUID` and optionally the group `PGID`. Ensure the data volume directory on the host is owned by the same user you specify and it will "just work" ™.
+
+An example of mapping the UID and GID to the container is as follows:
+
+```
+docker run -d -e "PUID=`id -u $USER`" -e "PGID=`id -g $USER`" -v local_dir:/var/www/html richarvey/nginx-php-fpm:latest
+```
+
+This will pull your local UID/GID and map it into the container so you can edit on your host machine and the code will still run in the container.
+
 ### Custom Nginx Config files
 Sometimes you need a custom config file for nginx to achieve this read the [Nginx config guide](https://github.com/ngineered/nginx-php-fpm/blob/master/docs/nginx_configs.md) 
 
diff --git a/scripts/start.sh b/scripts/start.sh
@@ -119,8 +119,17 @@ if [ ! -z "$PHP_UPLOAD_MAX_FILESIZE" ]; then
  sed -i "s/upload_max_filesize = 100M/upload_max_filesize= ${PHP_UPLOAD_MAX_FILESIZE}M/g" /usr/local/etc/php/conf.d/docker-vars.ini
 fi
 
-# Always chown webroot for better mounting
-chown -Rf nginx.nginx /var/www/html
+if [ ! -z "$PUID" ]; then
+  if [ -z "$PGID" ]; then
+    PGID=${PUID}
+  fi
+  deluser nginx
+  addgroup -g ${PGID} nginx
+  adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx -u ${PUID} nginx
+else
+  # Always chown webroot for better mounting
+  chown -Rf nginx.nginx /var/www/html
+fi
 
 # Run custom scripts
 if [[ "$RUN_SCRIPTS" == "1" ]] ; then

Original file line number	Diff line number	Diff line change
`@@ -232,5 +232,4 @@ VOLUME /var/www/html`
`232`	`232`
`233`	`233`	`EXPOSE 443 80`
`234`	`234`
`235`		`-#CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisord.conf"]`
`236`	`235`	`CMD ["/start.sh"]`