Container doesnt function in a config Read-Only environment (#6)

Dockerfile

@@ -8,8 +8,9 @@ RUN apk --no-cache add \
   shadow && \
   addgroup -S smb && \
   rm -rf /tmp/* /var/cache/apk/*
-
-COPY smb.conf /etc/samba/smb.conf
+
+RUN rm -f /etc/samba/smb.conf
+COPY smb.conf /etc/samba/smb.default
 
 COPY samba.sh /usr/bin/
 RUN chmod +x /usr/bin/samba.sh

readme.md

@@ -10,7 +10,7 @@
 
 </div></h1>
 
-Docker container of Samba, a re-implementation of the Windows SMB networking protocol.
+Docker container of Samba, an implementation of the Windows SMB networking protocol.
 
 ## How to use
 
@@ -25,9 +25,6 @@ services:
     environment:
       USER: "samba"
       PASS: "secret"
-      RW: true      # Optional, default true
-      UID: 1000    # Optional, default 1000
-      GID: 1000    # Optional, default 1000
     ports:
       - 445:445
     volumes:
@@ -38,7 +35,7 @@ services:
 Via Docker CLI:
 
 ```bash
-docker run -it --rm -p 445:445 -v "/home/example:/storage" -e "USER=samba" -e "PASS=secret" dockurr/samba
+docker run -it --rm -p 445:445 -e "USER=samba" -e "PASS=secret" -v "/home/example:/storage" dockurr/samba
 ```
 
 ## FAQ
@@ -47,9 +44,9 @@ docker run -it --rm -p 445:445 -v "/home/example:/storage" -e "USER=samba" -e "P
 
     You can set the `USER` and `PASS` environment variables to modify the credentials for the share from their defaults (user `samba` with password `secret`).
 
-    To change the storage location, you can bind  `/storage` to the location you want to use for the share.
+    You can set `UID` and `GID` environment variables to change the user/group id's, and set `RW: false` to make the share read-only.
 
-    If you need more advanced features, like multiple shares, you can modify the `smb.conf` file in this repo, and bind mount it to the container like this:
+    If you need more advanced features, you can modify the `smb.conf` file in this repo, and bind mount it to the container like this:
 
     ```yaml
     volumes:

samba.sh

@@ -8,18 +8,14 @@ share="/storage"
 # Create shared directory
 mkdir -p "$share" || { echo "Failed to create directory $share"; exit 1; }
 
-# Copy config file template
-rm -f /etc/samba/smb.custom
-cp /etc/samba/smb.conf /etc/samba/smb.custom
-
 # Check if the smb group exists, if not, create it
 if ! getent group "$group" &>/dev/null; then
-    groupadd "$group" || { echo "Failed to create group $group"; exit 1; }
+    groupadd "$group" > /dev/null || { echo "Failed to create group $group"; exit 1; }
 fi
 
 # Check if the user already exists, if not, create it
 if ! id "$USER" &>/dev/null; then
-    adduser -S -D -H -h /tmp -s /sbin/nologin -G "$group" -g 'Samba User' "$USER" || { echo "Failed to create user $USER"; exit 1; }
+    adduser -S -D -H -h /tmp -s /sbin/nologin -G "$group" -g 'Samba User' "$USER" > /dev/null || { echo "Failed to create user $USER"; exit 1; }
 fi
 
 # Get the current user and group IDs
@@ -35,33 +31,51 @@ if [[ "$OldGID" != "$GID" ]]; then
     groupmod -o -g "$GID" "$group" || { echo "Failed to change GID for group $group"; exit 1; }
 fi
 
-# Change Samba password
-echo -e "$PASS\n$PASS" | smbpasswd -a -s "$USER" || { echo "Failed to change Samba password for $USER"; exit 1; }
-
-# Update force user and force group in smb.conf
-sed -i "s/^\(\s*\)force user =.*/\1force user = $USER/" "/etc/samba/smb.custom"
-sed -i "s/^\(\s*\)force group =.*/\1force group = $group/" "/etc/samba/smb.custom"
+# Check if an external config file was supplied
+config="/etc/samba/smb.conf"
 
-# Verify if the RW variable is equal to false (indicating read-only mode) 
-if [[ "$RW" == [Ff0]* ]]; then
+if [ -f "$config" ]; then
 
-    # Adjust settings in smb.conf to set share to read-only
-    sed -i "s/^\(\s*\)writable =.*/\1writable = no/" "/etc/samba/smb.custom"
-    sed -i "s/^\(\s*\)read only =.*/\1read only = yes/" "/etc/samba/smb.custom"
+    # Inform the user we are using a custom configuration file.
+    echo "Using provided configuration file: $config."
 
 else
 
-    # Set permissions for share directory if new (empty), leave untouched if otherwise
-    if [ -z "$(ls -A "$share")" ]; then
-      chmod 0770 "$share" || { echo "Failed to set permissions for directory $share"; exit 1; }
-      chown "$USER:$group" "$share" || { echo "Failed to set ownership for directory $share"; exit 1; }
-    fi
+    config="/etc/samba/smb.tmp"
+    template="/etc/samba/smb.default"
+
+    # Generate a config file from template
+    rm -f "$config"
+    cp "$template" "$config"
+
+    # Update force user and force group in smb.conf
+    sed -i "s/^\(\s*\)force user =.*/\1force user = $USER/" "$config"
+    sed -i "s/^\(\s*\)force group =.*/\1force group = $group/" "$config"
+
+    # Verify if the RW variable is equal to false (indicating read-only mode) 
+    if [[ "$RW" == [Ff0]* ]]; then
 
+        # Adjust settings in smb.conf to set share to read-only
+        sed -i "s/^\(\s*\)writable =.*/\1writable = no/" "$config"
+        sed -i "s/^\(\s*\)read only =.*/\1read only = yes/" "$config"
+
+    else
+
+        # Set permissions for share directory if new (empty), leave untouched if otherwise
+        if [ -z "$(ls -A "$share")" ]; then
+          chmod 0770 "$share" || { echo "Failed to set permissions for directory $share"; exit 1; }
+          chown "$USER:$group" "$share" || { echo "Failed to set ownership for directory $share"; exit 1; }
+        fi
+
+    fi
 fi
 
+# Change Samba password
+echo -e "$PASS\n$PASS" | smbpasswd -a -c "$config" -s "$USER" || { echo "Failed to change Samba password for $USER"; exit 1; }
+
 # Start the Samba daemon with the following options:
 #  --foreground: Run in the foreground instead of daemonizing.
 #  --debug-stdout: Send debug output to stdout.
 #  --debuglevel=1: Set debug verbosity level to 1.
 #  --no-process-group: Don't create a new process group for the daemon.
-exec smbd --configfile=/etc/samba/smb.custom --foreground --debug-stdout --debuglevel=1 --no-process-group
+exec smbd --configfile="$config" --foreground --debug-stdout --debuglevel=1 --no-process-group