From 3e8dd1a9960c39a7c69df247e3047847e5f45a08 Mon Sep 17 00:00:00 2001
From: Jeffrey Phillips Freeman <the@jeffreyfreeman.me>
Date: Mon, 31 Jul 2023 00:32:50 -0400
Subject: [PATCH] Got it working in unprivilaged mode

---
 Dockerfile          | 36 ++++++++++++------------------------
 aprsc               |  1 +
 docker-compose.yaml |  2 +-
 3 files changed, 14 insertions(+), 25 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 9d9b0ec..dd26c33 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,30 +1,19 @@
-# debian 11 is the most recent debian version that aprsc supports
-FROM debian:bullseye-slim
+FROM ubuntu:20.04
 
 LABEL maintainer="Jeffrey Phillips Freeman <the@JeffreyFreeman.me>"
 LABEL description="This dockerfile is only for running an APRS-IS gateway at digipex.io"
 MAINTAINER Jeffrey Phillips Freeman <the@JeffreyFreeman.me>
 
-
-
-# Install requirements
-RUN apt-get update && apt-get install -y gnupg
-
-# add signing key and deb source, install aprsc
-RUN gpg --keyserver keyserver.ubuntu.com --recv-keys C51AA22389B5B74C3896EF3CA72A581E657A2B8D && \
-    gpg --export C51AA22389B5B74C3896EF3CA72A581E657A2B8D > /etc/apt/trusted.gpg.d/aprsc.gpg && \
-    chown root:root /etc/apt/trusted.gpg.d/aprsc.gpg && chmod 644 /etc/apt/trusted.gpg.d/aprsc.gpg && \
-    echo "deb [signed-by=/etc/apt/trusted.gpg.d/aprsc.gpg] http://aprsc-dist.he.fi/aprsc/apt $(cat /etc/os-release | grep VERSION_CODENAME | awk '{gsub("VERSION_CODENAME=", "");print}') main" > /etc/apt/sources.list.d/aprsc.list && \
-    apt-get update && \
-    apt-get install -y aprsc
+RUN apt-get update && apt-get install -y gnupg && \
+    printf "deb http://aprsc-dist.he.fi/aprsc/apt focal main" >> /etc/apt/sources.list   && \
+    gpg --keyserver keyserver.ubuntu.com --recv C51AA22389B5B74C3896EF3CA72A581E657A2B8D && \
+    gpg --export C51AA22389B5B74C3896EF3CA72A581E657A2B8D | apt-key add -                && \
+    apt-get update && apt-get install -y aprsc                                           && \
+    rm -rf /var/lib/apt/lists/*
 
 COPY ./aprsc /etc/default/aprsc
 COPY ./aprsc.conf /opt/aprsc/etc/aprsc.conf
 
-# change the aprsc user's uid to 1000 so that volume permissions translate
-# between the first non-root user on the host
-RUN usermod -u 1000 aprsc
-
 # Expose the ports
 EXPOSE 14501/tcp
 EXPOSE 10152/tcp
@@ -36,11 +25,10 @@ EXPOSE 8080/udp
 EXPOSE 10155/tcp
 EXPOSE 10155/udp
 
-RUN chmod 777 /opt/aprsc/logs && \
-    chmod 777 /opt/aprsc/data
-
-VOLUME /opt/aprsc/logs
+#VOLUME /opt/aprsc/logs
 VOLUME /opt/aprsc/data
 
-# start the service and follow the logs so that container doesn't exit
-CMD service aprsc start && tail -F /opt/aprsc/logs/aprsc.log
+WORKDIR /opt/aprsc
+USER aprsc
+
+CMD /opt/aprsc/sbin/aprsc -c /opt/aprsc/etc/aprsc.conf
diff --git a/aprsc b/aprsc
index fecf767..f6de34d 100644
--- a/aprsc
+++ b/aprsc
@@ -25,3 +25,4 @@ STARTAPRSC="yes"
 #
 
 DAEMON_OPTS="-u aprsc -t /opt/aprsc -f -e info -o file -r logs -c etc/aprsc.conf"
+#DAEMON_OPTS="-u root -t /opt/aprsc -f -e info -o file -r logs -c etc/aprsc.conf"
diff --git a/docker-compose.yaml b/docker-compose.yaml
index a71d735..fe85e2e 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -3,4 +3,4 @@ services:
   aprsc:
     image: 'registry.qoto.org/digipex/aprsc-docker:latest'
     build: .
-    privileged: true
+    #privileged: true
-- 
GitLab