From 3534b039f7ccc3176aa5b922897a3c563d1171c4 Mon Sep 17 00:00:00 2001
From: Knut Ahlers <knut@ahlers.me>
Date: Thu, 23 Apr 2015 22:40:25 +0200
Subject: [PATCH] Improve Dockerfile

* Added VOLUME to enable users to keep a state of the repo outside the container
* Added ipfs user to let ipfs run as a normal user and not as root
* Set IPFS_PATH to push IPFS to use the exposed dir
* Improved start script to be more verbose about errors
---
 Dockerfile           | 13 +++++++++++--
 bin/container_daemon | 22 +++++++++++++++++++---
 2 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 3543cd32a..5efe3c452 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,14 +1,23 @@
 FROM golang:1.4
 MAINTAINER Brian Tiger Chow <btc@perfmode.com>
 
+ENV IPFS_PATH /data/ipfs
+
+RUN useradd -m -d /data -u 1000 ipfs && \
+    mkdir -p /data/ipfs && chown ipfs:ipfs /data/ipfs
+
+EXPOSE 4001 5001 8080
+# 4001 = Swarm, 5001 = API, 8080 = HTTP transport
+
+VOLUME /data/ipfs
+
 ADD . /go/src/github.com/ipfs/go-ipfs
 RUN cd /go/src/github.com/ipfs/go-ipfs/cmd/ipfs && go install
 
 RUN cp /go/src/github.com/ipfs/go-ipfs/bin/container_daemon /usr/local/bin/start_ipfs && \
     chmod 755 /usr/local/bin/start_ipfs
 
-EXPOSE 4001 5001 8080
-# 4001 = Swarm, 5001 = API, 8080 = HTTP transport
+USER ipfs
 
 ENTRYPOINT ["/usr/local/bin/start_ipfs"]
 
diff --git a/bin/container_daemon b/bin/container_daemon
index 2e146035b..19a1f24e0 100644
--- a/bin/container_daemon
+++ b/bin/container_daemon
@@ -1,5 +1,21 @@
 #!/bin/bash
-ipfs init
-ipfs config Addresses.API /ip4/0.0.0.0/tcp/5001
-ipfs config Addresses.Gateway /ip4/0.0.0.0/tcp/8080
+
+# Test whether the mounted directory is writable for us
+if ( touch /data/ipfs/write_test 2>/dev/null ); then
+  rm /data/ipfs/write_test
+else
+  echo "ERR: /data/ipfs is not writable for user 'ipfs' (UID 1000)"
+  exit 1
+fi
+
+echo "Running $(ipfs version)..."
+
+if [ -e /data/ipfs/config ]; then
+  echo "Found ipfs repository. Not initializing."
+else
+  ipfs init
+  ipfs config Addresses.API /ip4/0.0.0.0/tcp/5001
+  ipfs config Addresses.Gateway /ip4/0.0.0.0/tcp/8080
+fi
+
 ipfs daemon