From e7ff0e2615b30277c72d700f4bfebc6b853887dd Mon Sep 17 00:00:00 2001
From: szaimen <szaimen@e.mail.de>
Date: Fri, 3 Dec 2021 13:13:51 +0100
Subject: [PATCH] fix the mastercontainer

Signed-off-by: szaimen <szaimen@e.mail.de>
---
 Containers/mastercontainer/Dockerfile |  3 ++-
 Containers/mastercontainer/cron.sh    |  2 +-
 Containers/mastercontainer/start.sh   | 26 ++++++++++++--------------
 3 files changed, 15 insertions(+), 16 deletions(-)

diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile
index 5920c5b6..a07aa688 100644
--- a/Containers/mastercontainer/Dockerfile
+++ b/Containers/mastercontainer/Dockerfile
@@ -28,7 +28,8 @@ RUN curl "https://caddyserver.com/api/download?os=linux&arch=amd64" -o "/usr/bin
 
 RUN cd /var/www/docker-aio; \
     git clone https://github.com/nextcloud/all-in-one.git .; \
-    chmod 770 -R ./
+    chmod 770 -R ./; \
+    chown www-data:www-data -R ./
 
 RUN mkdir -p /etc/apache2/certs && \
     cd /etc/apache2/certs && \
diff --git a/Containers/mastercontainer/cron.sh b/Containers/mastercontainer/cron.sh
index 4b2b0838..31e1d619 100644
--- a/Containers/mastercontainer/cron.sh
+++ b/Containers/mastercontainer/cron.sh
@@ -2,6 +2,6 @@
 set -eu
 
 while true; do
-    php /var/www/docker-aio/php/src/Cron/cron.php
+    sudo -u www-data php /var/www/docker-aio/php/src/Cron/cron.php
     sleep 1d
 done
diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh
index 0d064693..64135ae8 100644
--- a/Containers/mastercontainer/start.sh
+++ b/Containers/mastercontainer/start.sh
@@ -10,27 +10,17 @@ print_green() {
 if ! [ -a "/var/run/docker.sock" ]; then
     echo "Docker socket is not available. Cannot continue."
     exit 1
-elif ! test -r /var/run/docker.sock; then
+elif ! sudo -u www-data test -r /var/run/docker.sock; then
     echo "Trying to fix docker.sock permissions internally..."
     GROUP="$(stat -c '%g' /var/run/docker.sock)"
     groupadd -g "$GROUP" docker && \
-    usermod -aG docker root
-    if ! test -r /var/run/docker.sock; then
-        echo "Docker socket is not readable by the root user. Cannot continue."
+    usermod -aG docker www-data
+    if ! sudo -u www-data test -r /var/run/docker.sock; then
+        echo "Docker socket is not readable by the www-data user. Cannot continue."
         exit 1
     fi
 fi
 
-# Adjust permissions for all instances
-chown root:root -R /mnt/docker-aio-config
-chmod 770 -R /mnt/docker-aio-config
-
-# Check if volume is writeable
-if ! [ -w /mnt/docker-aio-config ]; then
-    echo "/mnt/docker-aio-config is not writeable."
-    exit 1
-fi
-
 # Check if api version is supported
 API_VERSION_FILE="$(find ./ -name DockerActionManager.php | head -1)"
 API_VERSION="$(grep -oP 'const API_VERSION.*\;' "$API_VERSION_FILE" | grep -oP [0-9]+.[0-9]+ | head -1)"
@@ -50,6 +40,14 @@ fi
 mkdir -p /mnt/docker-aio-config/data/
 mkdir -p /mnt/docker-aio-config/session/
 mkdir -p /mnt/docker-aio-config/caddy/
+mkdir -p /mnt/docker-aio-config/certs/ 
+
+# Adjust permissions for all instances
+chmod 770 -R /mnt/docker-aio-config
+chown www-data:www-data -R /mnt/docker-aio-config/data/
+chown www-data:www-data -R /mnt/docker-aio-config/session/
+chown root:root -R /mnt/docker-aio-config/caddy/
+chown root:root -R /mnt/docker-aio-config/certs/
 
 # Adjust certs
 GENERATED_CERTS="/mnt/docker-aio-config/certs"