From 9ee5cc6895112ff5f4405be9d876ad828b67b643 Mon Sep 17 00:00:00 2001
From: Maximilian Dorninger <97409287+maxdorninger@users.noreply.github.com>
Date: Wed, 4 Feb 2026 19:01:18 +0100
Subject: [PATCH] make the container user configurable (#399)

This PR makes the user the container runs as configurable. Before, the
container always tried stepping down (from root) to the mediamanager
user. Now it detects if it's already running as a non-root user and
starts the server directly. Fixes #397
---
 mediamanager-startup.sh | 40 ++++++++++++++++++++++++++++------------
 1 file changed, 28 insertions(+), 12 deletions(-)

diff --git a/mediamanager-startup.sh b/mediamanager-startup.sh
index 1880930..8a69c36 100644
--- a/mediamanager-startup.sh
+++ b/mediamanager-startup.sh
@@ -145,21 +145,30 @@ else
     echo "Config file found at: $CONFIG_FILE"
 fi
 
-# permission fix
-echo "Ensuring file permissions for mediamanager user..."
+# check if running as root, if yes, fix permissions
+if [ "$(id -u)" = '0' ]; then
+    echo "Running as root. Ensuring file permissions for mediamanager user..."
+    chown -R mediamanager:mediamanager "$CONFIG_DIR"
 
-chown -R mediamanager:mediamanager "$CONFIG_DIR"
-
-if [ -d "/data" ]; then
-    if [ "$(stat -c '%U' /data)" != "mediamanager" ]; then
-        echo "Fixing ownership of /data (this may take a while for large libraries)..."
-        chown -R mediamanager:mediamanager /data
+    if [ -d "/data" ]; then
+        if [ "$(stat -c '%U' /data)" != "mediamanager" ]; then
+            echo "Fixing ownership of /data (this may take a while for large media libraries)..."
+            chown -R mediamanager:mediamanager /data
+        else
+            echo "/data ownership is already correct."
+        fi
     fi
+else
+    echo "Running as non-root user ($(id -u)). Skipping permission fixes."
+    echo "Note: Ensure your host volumes are manually set to the correct permissions."
 fi
 
-
 echo "Running DB migrations..."
-gosu mediamanager uv run alembic upgrade head
+if [ "$(id -u)" = '0' ]; then
+   gosu mediamanager uv run alembic upgrade head
+else
+   uv run alembic upgrade head
+fi
 
 echo "Starting MediaManager backend service..."
 echo ""
@@ -172,9 +181,16 @@ echo ""
 
 DEVELOPMENT_MODE=${MEDIAMANAGER_MISC__DEVELOPMENT:-FALSE}
 PORT=${PORT:-8000}
+
 if [ "$DEVELOPMENT_MODE" == "TRUE" ]; then
     echo "Development mode is enabled, enabling auto-reload..."
-    exec gosu mediamanager uv run fastapi run /app/media_manager/main.py --port "$PORT" --proxy-headers --reload
+    DEV_OPTIONS="--reload"
 else
-    exec gosu mediamanager uv run fastapi run /app/media_manager/main.py --port "$PORT" --proxy-headers
+    DEV_OPTIONS=""
 fi
+
+if [ "$(id -u)" = '0' ]; then
+    exec gosu mediamanager uv run fastapi run /app/media_manager/main.py --port "$PORT" --proxy-headers $DEV_OPTIONS
+else
+    exec uv run fastapi run /app/media_manager/main.py --port "$PORT" --proxy-headers $DEV_OPTIONS
+fi
\ No newline at end of file