Change in-container Tor UID and GID to 803

gbenson · Jan 1, 2024 · 46f44ca · 46f44ca
1 parent 50684a1
commit 46f44ca
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 2 deletions.
diff --git a/ansible/main.yml b/ansible/main.yml
@@ -9,6 +9,7 @@
         uid: 802
 
       p2pool-tor:
+        uid: 803
         volume:
           name: p2pool-tor-service
           mode: "02700"
@@ -159,14 +160,15 @@
       ansible.builtin.copy:
         dest: "{{ (dirname, filename) | path_join }}"
         content: "{{ p2pool_tor_service[filename] }}"
-        owner: 101
-        group: 103
+        owner: "{{ service.uid }}"
+        group: "{{ service.gid | default(service.uid) }}"
         mode: "0600"
       loop: "{{ p2pool_tor_service | list }}"
       loop_control:
         loop_var: filename
       vars:
         dirname: /var/lib/docker/volumes/p2pool-tor-service/_data/hidden_service
+        service: "{{ services['p2pool-tor'] }}"
       become: yes
       tags:
         - services

diff --git a/tor-node/Dockerfile b/tor-node/Dockerfile
@@ -11,8 +11,15 @@ RUN set -eux \
 
 FROM base as builder
 COPY entrypoint.sh /
+
+ARG m_USER=debian-tor
+ARG m_UID=803
+ARG m_GID=$m_UID
+
 RUN set -eux \
   \
+  && groupmod --gid $m_GID $m_USER \
+  && usermod --uid $m_UID $m_USER \
   && grep '^ExecStartPre' /lib/systemd/system/[email protected] \
     | sed 's/^[^=]*=//' >> /entrypoint.sh \
   && grep '^ExecStart=' /lib/systemd/system/[email protected] \