From 07105dbb65d7e01becaa3d9f10fe5fe4df58337a Mon Sep 17 00:00:00 2001
From: Wyatt <wdaviau@cs.stanford.edu>
Date: Thu, 27 Apr 2017 17:12:53 -0700
Subject: [PATCH] Update docker build, closes #94

Updates dockerfile and entrypoint script to have the same behavior the ipfs-go docker build
moved to in 3477.  This fixes a bug where the cluster entrypoint script does not have
sufficient permissions to access /data/ipfs. The entrypoint also now launches a process with
tini
---
 Dockerfile           | 10 ++--------
 docker/entrypoint.sh | 19 ++++++++-----------
 2 files changed, 10 insertions(+), 19 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index e6e12e7c..5ef4273d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -10,14 +10,12 @@ ENV PATH       /go/bin:$PATH
 ENV SRC_PATH   /go/src/github.com/ipfs/ipfs-cluster
 ENV IPFS_CLUSTER_PATH /data/ipfs-cluster
 
-USER root
+VOLUME $IPFS_CLUSTER_PATH
 
 COPY . $SRC_PATH
 
 RUN apk add --no-cache --virtual cluster-deps make musl-dev go git \
     && apk add --no-cache jq \
-    && mkdir -p $IPFS_CLUSTER_PATH \
-    && chown ipfs:ipfs $IPFS_CLUSTER_PATH && chmod 0755 $IPFS_CLUSTER_PATH \
     && go get -u github.com/whyrusleeping/gx \
     && go get -u github.com/whyrusleeping/gx-go \
     && cd $SRC_PATH \
@@ -31,10 +29,6 @@ RUN apk add --no-cache --virtual cluster-deps make musl-dev go git \
     && apk del --purge cluster-deps \
     && cd / && rm -rf /go/src /go/bin/gx /go/bin/gx-go
 
-USER ipfs
-
-VOLUME $IPFS_CLUSTER_PATH
-
-ENTRYPOINT ["/usr/local/bin/start-daemons.sh"]
+ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/start-daemons.sh"]
 
 CMD ["$IPFS_CLUSTER_OPTS"]
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
index e65c7a17..c7f2bb33 100644
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -1,14 +1,17 @@
 #!/bin/sh
 
-user=$(whoami)
+set -e
+user=ipfs
 repo="$IPFS_PATH"
 
-# Test whether the mounted directory is writable for us
-if [ ! -w "$repo" 2>/dev/null ]; then
-  echo "error: $repo is not writable for user $user (uid=$(id -u $user))"
-  exit 1
+if [ `id -u` -eq 0 ]; then
+    # ensure directories are writable
+    su-exec "$user" test -w "$repo" || chown -R -- "$user" "$repo"
+    su-exec "$user" test -w "$IPFS_CLUSTER_PATH" || chown -R -- "$user" "$IPFS_CLUSTER_PATH"
+    exec su-exec "$user" "$0" "$@"
 fi
 
+# Second invocation with regular user
 ipfs version
 
 if [ -e "$repo/config" ]; then
@@ -22,12 +25,6 @@ fi
 ipfs daemon --migrate=true &
 sleep 3
 
-# Test whether the mounted directory is writable for us
-if [ ! -w "$IPFS_CLUSTER_PATH" 2>/dev/null ]; then
-  echo "error: $IPFS_CLUSTER_PATH is not writable for user $user (uid=$(id -u $user))"
-  exit 1
-fi
-
 ipfs-cluster-service --version
 
 if [ -e "$IPFS_CLUSTER_PATH/service.json" ]; then