non root user and fix book/html calibre (#856)

* non root user and fix book/html calibre * version bump * Update docker-compose-latest.yml * remove customApp --------- Co-authored-by: systo <systo@host.docker.internal>
2024-03-04 20:51:49 +00:00
parent 20f532c872
commit ece1d071c0
42 changed files with 664 additions and 181 deletions
--- a/scripts/download-security-jar.sh
+++ b/scripts/download-security-jar.sh
@@ -14,6 +14,8 @@ if [ "$DOCKER_ENABLE_SECURITY" = "true" ] && [ "$VERSION_TAG" != "alpha" ]; then
        if [ $? -eq 0 ]; then  # checks if curl was successful
            rm -f app.jar
            ln -s app-security.jar app.jar
+            chown stirlingpdfuser:stirlingpdfgroup app.jar
+            chmod 755 app.jar
        fi
    fi
 fi
--- a/scripts/init-without-ocr.sh
+++ b/scripts/init-without-ocr.sh
@@ -1,6 +1,14 @@
 #!/bin/sh

+echo "Setting permissions and ownership for necessary directories..."
+chown -R stirlingpdfuser:stirlingpdfgroup /logs /scripts /usr/share/fonts/opentype/noto /usr/share/tessdata /configs /customFiles
+chmod -R 755 /logs /scripts /usr/share/fonts/opentype/noto /usr/share/tessdata /configs /customFiles
+if [[ "$INSTALL_BOOK_AND_ADVANCED_HTML_OPS" == "true" ]]; then
+  apk add --no-cache calibre@testing
+fi
+
+
 /scripts/download-security-jar.sh

 # Run the main command
-exec "$@"
+exec su-exec stirlingpdfuser "$@"
--- a/scripts/init.sh
+++ b/scripts/init.sh
@@ -13,18 +13,35 @@ if [ -d /usr/share/tesseract-ocr/5/tessdata ]; then
        cp -r /usr/share/tesseract-ocr/5/tessdata/* /usr/share/tessdata || true;
 fi

+echo "Setting permissions and ownership for necessary directories..."
+chown -R stirlingpdfuser:stirlingpdfgroup /logs /scripts /usr/share/fonts/opentype/noto /usr/share/tessdata /configs /customFiles
+chmod -R 755 /logs /scripts /usr/share/fonts/opentype/noto /usr/share/tessdata /configs /customFiles
+
+
+
+
 # Check if TESSERACT_LANGS environment variable is set and is not empty
 if [[ -n "$TESSERACT_LANGS" ]]; then
  # Convert comma-separated values to a space-separated list
  LANGS=$(echo $TESSERACT_LANGS | tr ',' ' ')
-
+  pattern='^[a-zA-Z]{2,4}(_[a-zA-Z]{2,4})?$'
  # Install each language pack
  for LANG in $LANGS; do
-    apt-get install -y "tesseract-ocr-$LANG"
+     if [[ $LANG =~ $pattern ]]; then
+      apk add --no-cache "tesseract-ocr-data-$LANG"
+     else
+      echo "Skipping invalid language code"
+     fi
  done
 fi

+if [[ "$INSTALL_BOOK_AND_ADVANCED_HTML_OPS" == "true" ]]; then
+  apk add --no-cache calibre@testing
+fi
+
+
+
 /scripts/download-security-jar.sh

-# Run the main command
-exec "$@"
+# Run the main command and switch to stirling user for rest of run
+exec su-exec stirlingpdfuser "$@"