From fe32f53d6b45da21879ed5475a4a7c3e80a649a4 Mon Sep 17 00:00:00 2001
From: thespad <spad@linuxserver.io>
Date: Tue, 24 Dec 2024 16:02:45 +0000
Subject: [PATCH] Rebase to 3.21

---
 Dockerfile                                          |  4 ++--
 Dockerfile.aarch64                                  |  4 ++--
 README.md                                           |  2 ++
 readme-vars.yml                                     |  2 ++
 root/etc/s6-overlay/s6-rc.d/init-apprise-config/run |  7 ++++---
 root/etc/s6-overlay/s6-rc.d/svc-apprise/run         | 12 +++++++++---
 6 files changed, 21 insertions(+), 10 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index c36854f..91947e3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1
 
-FROM ghcr.io/linuxserver/baseimage-alpine:3.20
+FROM ghcr.io/linuxserver/baseimage-alpine:3.21
 
 # set version label
 ARG BUILD_DATE
@@ -43,7 +43,7 @@ RUN \
   pip install -U --no-cache-dir \
     pip \
     wheel && \
-  pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.20/ -r requirements.txt && \
+  pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.21/ -r requirements.txt && \
   printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
   echo "**** cleanup ****" && \
   apk del --purge \
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index 8966122..c5b8fd0 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1
 
-FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.20
+FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.21
 
 # set version label
 ARG BUILD_DATE
@@ -43,7 +43,7 @@ RUN \
   pip install -U --no-cache-dir \
     pip \
     wheel && \
-  pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.20/ -r requirements.txt && \
+  pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.21/ -r requirements.txt && \
   printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
   echo "**** cleanup ****" && \
   apk del --purge \
diff --git a/README.md b/README.md
index a8371b4..3893953 100644
--- a/README.md
+++ b/README.md
@@ -122,6 +122,7 @@ Containers are configured using parameters passed at runtime (such as those abov
 | `-v /config` | Persistent config files |
 | `-v /attachments` | Temporary storage for attachments when sent with notifications. |
 | `--read-only=true` | Run container with a read-only filesystem. Please [read the docs](https://docs.linuxserver.io/misc/read-only/). |
+| `--user=1000:1000` | Run container with a non-root user. Please [read the docs](https://docs.linuxserver.io/misc/non-root/). |
 
 ## Environment variables from files (Docker secrets)
 
@@ -285,6 +286,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **24.12.24:** - Rebase to Alpine 3.21.
 * **24.06.24:** - Rebase to Alpine 3.20.
 * **23.12.23:** - Rebase to Alpine 3.19.
 * **10.07.23:** - Rebase to Alpine 3.18.
diff --git a/readme-vars.yml b/readme-vars.yml
index 13bc78e..78256ab 100644
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -33,6 +33,7 @@ opt_param_usage_include_env: true
 opt_param_env_vars:
   - {env_var: "APPRISE_ATTACH_SIZE", env_value: "0", desc: "Max attachment size in Mb. `0` disables attachments. Must have `/attachments` mounted to set to a positive value."}
 readonly_supported: true
+nonroot_supported: true
 # init diagram
 init_diagram: |
   "apprise-api:latest": {
@@ -78,6 +79,7 @@ init_diagram: |
   "apprise-api:latest" <- Base Images
 # changelog
 changelogs:
+  - {date: "24.12.24:", desc: "Rebase to Alpine 3.21."}
   - {date: "24.06.24:", desc: "Rebase to Alpine 3.20."}
   - {date: "23.12.23:", desc: "Rebase to Alpine 3.19."}
   - {date: "10.07.23:", desc: "Rebase to Alpine 3.18."}
diff --git a/root/etc/s6-overlay/s6-rc.d/init-apprise-config/run b/root/etc/s6-overlay/s6-rc.d/init-apprise-config/run
index efea851..e0c7233 100755
--- a/root/etc/s6-overlay/s6-rc.d/init-apprise-config/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-apprise-config/run
@@ -1,6 +1,7 @@
 #!/usr/bin/with-contenv bash
 # shellcheck shell=bash
 
-# permissions
-lsiown -R abc:abc \
-    /config
+if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
+    lsiown -R abc:abc \
+        /config
+fi
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-apprise/run b/root/etc/s6-overlay/s6-rc.d/svc-apprise/run
index 8d9d0eb..acb6c90 100755
--- a/root/etc/s6-overlay/s6-rc.d/svc-apprise/run
+++ b/root/etc/s6-overlay/s6-rc.d/svc-apprise/run
@@ -1,6 +1,12 @@
 #!/usr/bin/with-contenv bash
 # shellcheck shell=bash
 
-exec \
-    s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost 8000" \
-    cd /app/apprise-api/apprise_api s6-setuidgid abc /usr/sbin/uwsgi --http-socket=:8000 --enable-threads --plugin=python3 --module=core.wsgi:application --static-map=/s=static --buffer-size=32768 -H /lsiopy
+if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
+    exec \
+        s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost 8000" \
+        cd /app/apprise-api/apprise_api s6-setuidgid abc /usr/sbin/uwsgi --http-socket=:8000 --enable-threads --plugin=python3 --module=core.wsgi:application --static-map=/s=static --buffer-size=32768 -H /lsiopy
+else
+    exec \
+        s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost 8000" \
+        cd /app/apprise-api/apprise_api /usr/sbin/uwsgi --http-socket=:8000 --enable-threads --plugin=python3 --module=core.wsgi:application --static-map=/s=static --buffer-size=32768 -H /lsiopy
+fi