adjust things

Signed-off-by: szaimen <szaimen@e.mail.de>

Containers/watchtower/Dockerfile

@@ -8,7 +8,6 @@ RUN set -ex; \
     apt-get update; \
     apt-get install -y --no-install-recommends \
         ca-certificates \
-        openssl \
     ; \
     rm -rf /var/lib/apt/lists/*
 
@@ -17,12 +16,5 @@ COPY --from=watchtower /watchtower /
 COPY start.sh /
 RUN chmod +x /start.sh
 
-# Give root a random password
-RUN echo "root:$(openssl rand -base64 12)" | chpasswd
-
-# add docker group
-RUN groupadd -g 998 docker && \
-    usermod -aG docker nobody
-
-USER nobody
+USER root
 ENTRYPOINT ["/start.sh"]

Containers/watchtower/start.sh

@@ -4,15 +4,22 @@
 if ! [ -a "/var/run/docker.sock" ]; then
     echo "Docker socket is not available. Cannot continue."
     exit 1
-elif ! [ -r "/var/run/docker.sock" ]; then
-    echo "Docker socket is not readable by the nobody user. Cannot continue."
-    exit 1
+elif ! test -r /var/run/docker.sock; then
+    echo "Trying to fix docker.sock permissions internally..."
+    GROUP="$(stat -c '%g' /var/run/docker.sock)"
+    groupadd -g "$GROUP" docker && \
+    usermod -aG docker root
+    if ! test -r /var/run/docker.sock; then
+        echo "Docker socket is not readable by the root user. Cannot continue."
+        exit 1
+    fi
 fi
 
 if [ -n "$CONTAINER_TO_UPDATE" ]; then
     exec /watchtower --cleanup --run-once "$CONTAINER_TO_UPDATE"
 else
     echo "'CONTAINER_TO_UPDATE' is not set. Cannot update anything."
+    exit 1
 fi