From 3bdbef51ac7e9509dd8bb3896c808ae00013c36d Mon Sep 17 00:00:00 2001
From: thespad <spad@linuxserver.io>
Date: Mon, 27 Jan 2025 17:24:16 +0000
Subject: [PATCH] Rebase to 3.21

---
 .editorconfig                                     |  0
 .github/CONTRIBUTING.md                           |  0
 .github/FUNDING.yml                               |  0
 .github/ISSUE_TEMPLATE/config.yml                 |  0
 .github/ISSUE_TEMPLATE/issue.bug.yml              |  0
 .github/ISSUE_TEMPLATE/issue.feature.yml          |  0
 .github/workflows/call_issue_pr_tracker.yml       |  0
 .github/workflows/call_issues_cron.yml            |  0
 .github/workflows/external_trigger.yml            |  0
 .github/workflows/external_trigger_scheduler.yml  |  0
 .github/workflows/greetings.yml                   |  0
 .github/workflows/package_trigger_scheduler.yml   |  0
 Dockerfile                                        |  2 +-
 Dockerfile.aarch64                                |  2 +-
 LICENSE                                           |  0
 README.md                                         |  6 ++++++
 readme-vars.yml                                   |  2 ++
 root/etc/s6-overlay/s6-rc.d/init-davos-config/run | 14 ++++++++------
 root/etc/s6-overlay/s6-rc.d/svc-davos/run         | 12 +++++++++---
 19 files changed, 27 insertions(+), 11 deletions(-)
 mode change 100755 => 100644 .editorconfig
 mode change 100755 => 100644 .github/CONTRIBUTING.md
 mode change 100755 => 100644 .github/FUNDING.yml
 mode change 100755 => 100644 .github/ISSUE_TEMPLATE/config.yml
 mode change 100755 => 100644 .github/ISSUE_TEMPLATE/issue.bug.yml
 mode change 100755 => 100644 .github/ISSUE_TEMPLATE/issue.feature.yml
 mode change 100755 => 100644 .github/workflows/call_issue_pr_tracker.yml
 mode change 100755 => 100644 .github/workflows/call_issues_cron.yml
 mode change 100755 => 100644 .github/workflows/external_trigger.yml
 mode change 100755 => 100644 .github/workflows/external_trigger_scheduler.yml
 mode change 100755 => 100644 .github/workflows/greetings.yml
 mode change 100755 => 100644 .github/workflows/package_trigger_scheduler.yml
 mode change 100755 => 100644 LICENSE

diff --git a/.editorconfig b/.editorconfig
old mode 100755
new mode 100644
diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
old mode 100755
new mode 100644
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
old mode 100755
new mode 100644
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
old mode 100755
new mode 100644
diff --git a/.github/ISSUE_TEMPLATE/issue.bug.yml b/.github/ISSUE_TEMPLATE/issue.bug.yml
old mode 100755
new mode 100644
diff --git a/.github/ISSUE_TEMPLATE/issue.feature.yml b/.github/ISSUE_TEMPLATE/issue.feature.yml
old mode 100755
new mode 100644
diff --git a/.github/workflows/call_issue_pr_tracker.yml b/.github/workflows/call_issue_pr_tracker.yml
old mode 100755
new mode 100644
diff --git a/.github/workflows/call_issues_cron.yml b/.github/workflows/call_issues_cron.yml
old mode 100755
new mode 100644
diff --git a/.github/workflows/external_trigger.yml b/.github/workflows/external_trigger.yml
old mode 100755
new mode 100644
diff --git a/.github/workflows/external_trigger_scheduler.yml b/.github/workflows/external_trigger_scheduler.yml
old mode 100755
new mode 100644
diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml
old mode 100755
new mode 100644
diff --git a/.github/workflows/package_trigger_scheduler.yml b/.github/workflows/package_trigger_scheduler.yml
old mode 100755
new mode 100644
diff --git a/Dockerfile b/Dockerfile
index 374ef7d..b3a6243 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -29,7 +29,7 @@ RUN \
   cp build/libs/*.jar /davos.jar && \
   chmod 755 /davos.jar
 
-FROM ghcr.io/linuxserver/baseimage-alpine:3.20
+FROM ghcr.io/linuxserver/baseimage-alpine:3.21
 
 # set version label
 ARG BUILD_DATE
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index be95caf..bfc4a12 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -29,7 +29,7 @@ RUN \
   cp build/libs/*.jar /davos.jar && \
   chmod 755 /davos.jar
 
-FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.20
+FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.21
 
 # set version label
 ARG BUILD_DATE
diff --git a/LICENSE b/LICENSE
old mode 100755
new mode 100644
diff --git a/README.md b/README.md
index 8b033ad..20279de 100644
--- a/README.md
+++ b/README.md
@@ -65,6 +65,10 @@ The application does not require any set up other than starting the docker conta
 
 This image can be run with a read-only container filesystem. For details please [read the docs](https://docs.linuxserver.io/misc/read-only/).
 
+## Non-Root Operation
+
+This image can be run with a non-root user. For details please [read the docs](https://docs.linuxserver.io/misc/non-root/).
+
 ## Usage
 
 To help you get started creating a container from this image you can either use docker-compose or the docker cli.
@@ -120,6 +124,7 @@ Containers are configured using parameters passed at runtime (such as those abov
 | `-v /config` | davos's config location. This is where it stores its database file and logs. |
 | `-v /download` | davos's file download location |
 | `--read-only=true` | Run container with a read-only filesystem. Please [read the docs](https://docs.linuxserver.io/misc/read-only/). |
+| `--user=1000:1000` | Run container with a non-root user. Please [read the docs](https://docs.linuxserver.io/misc/non-root/). |
 
 ## Environment variables from files (Docker secrets)
 
@@ -283,6 +288,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **27.01.25:** - Rebase to Alpine 3.21.
 * **24.06.24:** - Rebase to Alpine 3.20.
 * **20.03.24:** - Rebase to Alpine 3.19.
 * **12.07.23:** - Rebase to Alpine 3.18.
diff --git a/readme-vars.yml b/readme-vars.yml
index d71ddf2..8447897 100644
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -22,6 +22,7 @@ param_usage_include_ports: true
 param_ports:
   - {external_port: "8080", internal_port: "8080", port_desc: "This is the default port that davos runs under"}
 readonly_supported: true
+nonroot_supported: true
 # application setup block
 app_setup_block_enabled: true
 app_setup_block: |
@@ -71,6 +72,7 @@ init_diagram: |
   "davos:latest" <- Base Images
 # changelog
 changelogs:
+  - {date: "27.01.25:", desc: "Rebase to Alpine 3.21."}
   - {date: "24.06.24:", desc: "Rebase to Alpine 3.20."}
   - {date: "20.03.24:", desc: "Rebase to Alpine 3.19."}
   - {date: "12.07.23:", desc: "Rebase to Alpine 3.18."}
diff --git a/root/etc/s6-overlay/s6-rc.d/init-davos-config/run b/root/etc/s6-overlay/s6-rc.d/init-davos-config/run
index 843dbc1..74b369a 100755
--- a/root/etc/s6-overlay/s6-rc.d/init-davos-config/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-davos-config/run
@@ -4,10 +4,12 @@
 mkdir -p /download
 mkdir -p "/run/tomcat.8080"
 
-# permissions
-lsiown -R abc:abc \
-    /config \
-    /run/tomcat.8080
+if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
+    # permissions
+    lsiown -R abc:abc \
+        /config \
+        /run/tomcat.8080
 
-lsiown abc:abc \
-    /download
+    lsiown abc:abc \
+        /download
+fi
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-davos/run b/root/etc/s6-overlay/s6-rc.d/svc-davos/run
index 3c5e117..0c8aeaf 100755
--- a/root/etc/s6-overlay/s6-rc.d/svc-davos/run
+++ b/root/etc/s6-overlay/s6-rc.d/svc-davos/run
@@ -1,6 +1,12 @@
 #!/usr/bin/with-contenv bash
 # shellcheck shell=bash
 
-exec \
-    s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost 8080" \
-        s6-setuidgid abc /usr/bin/java -Djava.io.tmpdir="/run/tomcat.8080" -jar /app/davos/davos.jar
+if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
+    exec \
+        s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost 8080" \
+            s6-setuidgid abc /usr/bin/java -Djava.io.tmpdir="/run/tomcat.8080" -jar /app/davos/davos.jar
+else
+    exec \
+        s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost 8080" \
+            /usr/bin/java -Djava.io.tmpdir="/run/tomcat.8080" -jar /app/davos/davos.jar
+fi