chore: make Docker image run without root user (#67)

scripts/docker/create-user.sh

@@ -0,0 +1,28 @@
+
+echo "Creating user and group..."
+
+PUID=${PUID:-1000}
+PGID=${PGID:-1000}
+
+# Check if the group with PGID exists; if not, create it
+if ! getent group pocket-id-group > /dev/null 2>&1; then
+    addgroup -g "$PGID" pocket-id-group
+fi
+
+# Check if a user with PUID exists; if not, create it
+if ! id -u pocket-id > /dev/null 2>&1; then
+    if ! getent passwd "$PUID" > /dev/null 2>&1; then
+        adduser -u "$PUID" -G pocket-id-group pocket-id
+    else
+        # If a user with the PUID already exists, use that user
+        existing_user=$(getent passwd "$PUID" | cut -d: -f1)
+        echo "Using existing user: $existing_user"
+    fi
+fi
+
+# Change ownership of the /app directory
+mkdir -p /app/backend/data
+find /app/backend/data \( ! -group "${PGID}" -o ! -user "${PUID}" \) -exec chown "${PUID}:${PGID}" {} +
+
+# Switch to the non-root user
+exec su-exec "$PUID:$PGID" "$@"

scripts/docker/entrypoint.sh

@@ -0,0 +1,16 @@
+echo "Starting frontend..."
+node frontend/build &
+
+echo "Starting backend..."
+cd backend && ./pocket-id-backend &
+
+echo "Starting Caddy..."
+
+# Check if TRUST_PROXY is set to true and use the appropriate Caddyfile
+if [ "$TRUST_PROXY" = "true" ]; then
+  caddy start --config /etc/caddy/Caddyfile.trust-proxy &
+else
+  caddy start --config /etc/caddy/Caddyfile &
+fi
+
+wait