From 64af9d2890704e9bf856533eef1dbf1aa9b6f275 Mon Sep 17 00:00:00 2001
From: James Lu <james@overdrivenetworks.com>
Date: Sun, 1 Mar 2020 13:19:05 -0800
Subject: [PATCH] Add a custom entrypoint: verify that data files are writable

---
 Dockerfile    |  7 ++++++-
 entrypoint.sh | 21 +++++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100755 entrypoint.sh

diff --git a/Dockerfile b/Dockerfile
index 391e7dd..fffe265 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -36,6 +36,11 @@ ARG BUILD_CONTRIB_MODULES
 RUN apk add --no-cache openssl && (test -z "$BUILD_CONTRIB_MODULES" || apk add --no-cache libexecinfo)
 
 COPY --from=builder /atheme/ /atheme
+
+# Add custom entrypoint to check that data dir is writable - Atheme does not check this by itself
+RUN echo "$ATHEME_UID" > /.atheme_uid
+COPY entrypoint.sh /
+
 RUN adduser -D -h /atheme -u $ATHEME_UID atheme
 RUN chown -R atheme /atheme
 USER atheme
@@ -43,4 +48,4 @@ USER atheme
 # Services config & DB
 VOLUME /atheme/etc
 
-ENTRYPOINT ["/atheme/bin/atheme-services", "-n"]
+ENTRYPOINT ["/entrypoint.sh"]
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100755
index 0000000..8db2c1d
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+DATADIR=/atheme/etc
+if ! test -w "$DATADIR/"; then
+    echo "ERROR: $DATADIR must be mounted to a directory writable by UID $(cat /.atheme_uid)"
+    exit 1
+fi
+
+DBPATH="$DATADIR/services.db"
+if test -f "$DBPATH" && ! test -r "$DBPATH"; then
+    echo "ERROR: $DBPATH must be readable by UID $(cat /.atheme_uid)"
+    exit 1
+fi
+
+TMPPATH="$DATADIR/services.db.new"
+if test -f "$TMPPATH" && ! test -w "$TMPPATH"; then
+    echo "ERROR: $TMPPATH must either not exist or be writable by UID $(cat /.atheme_uid)"
+    exit 1
+fi
+
+/atheme/bin/atheme-services -n "$@"