docker: allow setting UID and GID when running a container (#4776)

* Allow setting the UID and GID when running a docker container via shadow

* Disable password login via usermod (fix leaving user in insecure state)

3 files changed, 11 insertions, 5 deletions

diff --git a/docker/build.sh b/docker/build.sh
index e970531a..bfe180b7 100755
--- a/docker/build.sh
+++ b/docker/build.sh
@@ -25,5 +25,6 @@ rm -r $GOPATH
 apk --no-progress del build-deps
 
 # Create git user for Gogs
-adduser -H -D -g 'Gogs Git User' git -h /data/git -s /bin/bash && passwd -u git
+addgroup -S git
+adduser -G git -H -D -g 'Gogs Git User' git -h /data/git -s /bin/bash && usermod -p '*' git && passwd -u git
 echo "export GOGS_CUSTOM=${GOGS_CUSTOM}" >> /etc/profile
diff --git a/docker/finalize.sh b/docker/finalize.sh
index afd18e73..9adc506a 100755
--- a/docker/finalize.sh
+++ b/docker/finalize.sh
@@ -6,9 +6,6 @@ set -e
 
 # Move to final place
 mv /app/gogs/build/gogs /app/gogs/
-mv /app/gogs/build/templates /app/gogs/
-mv /app/gogs/build/public /app/gogs/
-mv /app/gogs/build/docker /app/gogs/
 
 # Final cleaning
 rm -rf /app/gogs/build
@@ -19,4 +16,4 @@ rm /app/gogs/docker/nsswitch.conf
 rm /app/gogs/docker/README.md
 
 rm -rf /tmp/go
-rm -rf /usr/local/go
\ No newline at end of file
+rm -rf /usr/local/go
diff --git a/docker/start.sh b/docker/start.sh
index a54c2a9b..9f9d40e9 100755
--- a/docker/start.sh
+++ b/docker/start.sh
@@ -38,6 +38,14 @@ create_volume_subfolder() {
     done
 }
 
+setids() {
+    PUID=${PUID:-1000}
+    PGID=${PGID:-1000}
+    groupmod -o -g "$PGID" git
+    usermod -o -u "$PUID" git
+}
+
+setids
 cleanup
 create_volume_subfolder