From d2eb6a16fb23ffbe1a6b0072785dd1749101dd28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20Mass=C3=A9?= Date: Sun, 21 Dec 2025 18:18:25 +0000 Subject: [PATCH] simplify uid/gid mapping --- nextcloud/nextcloud-app.container | 10 ++++------ nextcloud/nextcloud-collabora.container | 10 ++++------ nextcloud/nextcloud-cron.container | 10 ++++------ nextcloud/nextcloud-init.container | 10 ++++------ nextcloud/nextcloud-nginx.container | 10 ++++------ nextcloud/nextcloud-redis.container | 10 ++++------ nextcloud/nextcloud-upgrade.container | 10 ++++------ postgresql/postgresql-backup.container | 10 ++++------ postgresql/postgresql-init.container | 10 ++++------ postgresql/postgresql-server.container | 10 ++++------ postgresql/postgresql-upgrade.container | 10 ++++------ 11 files changed, 44 insertions(+), 66 deletions(-) diff --git a/nextcloud/nextcloud-app.container b/nextcloud/nextcloud-app.container index 97ef6c2..26d2b49 100644 --- a/nextcloud/nextcloud-app.container +++ b/nextcloud/nextcloud-app.container @@ -21,12 +21,10 @@ User=www-data Group=www-data # UID/GID mapping to map the www-data (82) user inside the container to arbitrary user 10008 / group 10000 on the host -UIDMap=0:1000000:82 -UIDMap=82:10008:1 -UIDMap=83:1000083:65453 -GIDMap=0:1000000:82 -GIDMap=82:10000:1 -GIDMap=83:1000083:65453 +UIDMap=0:1000000:65535 +UIDMap=+82:10008:1 +GIDMap=0:1000000:65535 +GIDMap=+82:10000:1 # Network configuration Network=host diff --git a/nextcloud/nextcloud-collabora.container b/nextcloud/nextcloud-collabora.container index 63bffd8..edafb48 100644 --- a/nextcloud/nextcloud-collabora.container +++ b/nextcloud/nextcloud-collabora.container @@ -18,12 +18,10 @@ User=1001 Group=1001 # UID/GID mapping to map the 1001 user inside the container to arbitrary user 10016 / group 10000 on the host -UIDMap=0:1000000:1001 -UIDMap=1001:10016:1 -UIDMap=1002:1001002:64534 -GIDMap=0:1000000:1001 -GIDMap=1001:10000:1 -GIDMap=1002:1001002:64534 +UIDMap=0:1000000:65535 +UIDMap=+1001:10016:1 +GIDMap=0:1000000:65535 +GIDMap=+1001:10000:1 # Security SeccompProfile=/etc/quadlets/nextcloud/collabora-seccomp-profile.json diff --git a/nextcloud/nextcloud-cron.container b/nextcloud/nextcloud-cron.container index fc79503..bf8fc6a 100644 --- a/nextcloud/nextcloud-cron.container +++ b/nextcloud/nextcloud-cron.container @@ -18,12 +18,10 @@ User=www-data Group=www-data # UID/GID mapping to map the www-data (82) user inside the container to arbitrary user 10008 / group 10000 on the host -UIDMap=0:1000000:82 -UIDMap=82:10008:1 -UIDMap=83:1000083:65453 -GIDMap=0:1000000:82 -GIDMap=82:10000:1 -GIDMap=83:1000083:65453 +UIDMap=0:1000000:65535 +UIDMap=+82:10008:1 +GIDMap=0:1000000:65535 +GIDMap=+82:10000:1 # Network configuration Network=host diff --git a/nextcloud/nextcloud-init.container b/nextcloud/nextcloud-init.container index 94e40d8..022a398 100644 --- a/nextcloud/nextcloud-init.container +++ b/nextcloud/nextcloud-init.container @@ -22,12 +22,10 @@ User=www-data Group=www-data # UID/GID mapping to map the www-data (82) user inside the container to arbitrary user 10008 / group 10000 on the host -UIDMap=0:1000000:82 -UIDMap=82:10008:1 -UIDMap=83:1000083:65453 -GIDMap=0:1000000:82 -GIDMap=82:10000:1 -GIDMap=83:1000083:65453 +UIDMap=0:1000000:65535 +UIDMap=+82:10008:1 +GIDMap=0:1000000:65535 +GIDMap=+82:10000:1 # Network configuration Network=host diff --git a/nextcloud/nextcloud-nginx.container b/nextcloud/nextcloud-nginx.container index ca5e936..b01dc6d 100644 --- a/nextcloud/nextcloud-nginx.container +++ b/nextcloud/nextcloud-nginx.container @@ -23,12 +23,10 @@ User=nginx Group=nginx # UID/GID mapping to map the nginx (101) user inside the container to arbitrary user 10008 / group 10000 on the host -UIDMap=0:1000000:101 -UIDMap=101:10008:1 -UIDMap=102:1000102:65434 -GIDMap=0:1000000:101 -GIDMap=101:10000:1 -GIDMap=102:1000102:65434 +UIDMap=0:1000000:65535 +UIDMap=+101:10008:1 +GIDMap=0:1000000:65535 +GIDMap=+101:10000:1 # Volume mounts Volume=/var/lib/virtiofs/data/nextcloud:/var/www/html:z diff --git a/nextcloud/nextcloud-redis.container b/nextcloud/nextcloud-redis.container index 5555166..bc750d6 100644 --- a/nextcloud/nextcloud-redis.container +++ b/nextcloud/nextcloud-redis.container @@ -24,12 +24,10 @@ User=redis Group=redis # UID/GID mapping to map the redis (999) user / redis (1000) group inside the container to arbitrary user 10008 / group 10000 on the host -UIDMap=0:1000000:999 -UIDMap=999:10008:1 -UIDMap=1000:1001000:64536 -GIDMap=0:1000000:1000 -GIDMap=1000:10000:1 -GIDMap=1001:1001001:64535 +UIDMap=0:1000000:65535 +UIDMap=+999:10008:1 +GIDMap=0:1000000:65535 +GIDMap=+1000:10000:1 # Environment variables Environment=REDISCLI_AUTH=${REDIS_HOST_PASSWORD} diff --git a/nextcloud/nextcloud-upgrade.container b/nextcloud/nextcloud-upgrade.container index b12d35b..3e672c3 100644 --- a/nextcloud/nextcloud-upgrade.container +++ b/nextcloud/nextcloud-upgrade.container @@ -22,12 +22,10 @@ User=www-data Group=www-data # UID/GID mapping to map the www-data (82) user inside the container to arbitrary user 10008 / group 10000 on the host -UIDMap=0:1000000:82 -UIDMap=82:10008:1 -UIDMap=83:1000083:65453 -GIDMap=0:1000000:82 -GIDMap=82:10000:1 -GIDMap=83:1000083:65453 +UIDMap=0:1000000:65535 +UIDMap=+82:10008:1 +GIDMap=0:1000000:65535 +GIDMap=+82:10000:1 # Network configuration Network=host diff --git a/postgresql/postgresql-backup.container b/postgresql/postgresql-backup.container index 7e183ad..7edba09 100644 --- a/postgresql/postgresql-backup.container +++ b/postgresql/postgresql-backup.container @@ -25,12 +25,10 @@ User=postgres Group=postgres # UID/GID mapping to map the postgres (70) user inside the container to arbitrary user 10004 / group 10000 on the host -UIDMap=0:1000000:70 -UIDMap=70:10004:1 -UIDMap=71:1000071:65465 -GIDMap=0:1000000:70 -GIDMap=70:10000:1 -GIDMap=71:1000071:65465 +UIDMap=0:1000000:65535 +UIDMap=+70:10004:1 +GIDMap=0:1000000:65535 +GIDMap=+70:10000:1 # Avoid issues with built-in volumes being created by root PodmanArgs=--image-volume=ignore diff --git a/postgresql/postgresql-init.container b/postgresql/postgresql-init.container index 4ff4c76..396a3fc 100644 --- a/postgresql/postgresql-init.container +++ b/postgresql/postgresql-init.container @@ -37,12 +37,10 @@ User=postgres Group=postgres # UID/GID mapping to map the postgres (70) user inside the container to arbitrary user 10004 / group 10000 on the host -UIDMap=0:1000000:70 -UIDMap=70:10004:1 -UIDMap=71:1000071:65465 -GIDMap=0:1000000:70 -GIDMap=70:10000:1 -GIDMap=71:1000071:65465 +UIDMap=0:1000000:65535 +UIDMap=+70:10004:1 +GIDMap=0:1000000:65535 +GIDMap=+70:10000:1 # Avoid issues with built-in volumes being created by root PodmanArgs=--image-volume=ignore diff --git a/postgresql/postgresql-server.container b/postgresql/postgresql-server.container index d8f5408..7018bde 100644 --- a/postgresql/postgresql-server.container +++ b/postgresql/postgresql-server.container @@ -42,12 +42,10 @@ User=postgres Group=postgres # UID/GID mapping to map the postgres (70) user inside the container to arbitrary user 10004 / group 10000 on the host -UIDMap=0:1000000:70 -UIDMap=70:10004:1 -UIDMap=71:1000071:65465 -GIDMap=0:1000000:70 -GIDMap=70:10000:1 -GIDMap=71:1000071:65465 +UIDMap=0:1000000:65535 +UIDMap=+70:10004:1 +GIDMap=0:1000000:65535 +GIDMap=+70:10000:1 # Avoid issues with built-in volumes being created by root PodmanArgs=--image-volume=ignore diff --git a/postgresql/postgresql-upgrade.container b/postgresql/postgresql-upgrade.container index 753c784..7719a11 100644 --- a/postgresql/postgresql-upgrade.container +++ b/postgresql/postgresql-upgrade.container @@ -33,12 +33,10 @@ User=postgres Group=postgres # UID/GID mapping to map the postgres (70) user inside the container to arbitrary user 10004 / group 10000 on the host -UIDMap=0:1000000:70 -UIDMap=70:10004:1 -UIDMap=71:1000071:65465 -GIDMap=0:1000000:70 -GIDMap=70:10000:1 -GIDMap=71:1000071:65465 +UIDMap=0:1000000:65535 +UIDMap=+70:10004:1 +GIDMap=0:1000000:65535 +GIDMap=+70:10000:1 # Avoid issues with built-in volumes being created by root PodmanArgs=--image-volume=ignore