From 17ba8f8051e0b7136df09200aa19c390c8efb2ef Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Fri, 18 Sep 2020 15:51:02 +0200
Subject: [PATCH 01/12] Always specify config file in command and always run as
 gemstash user.

---
 entrypoint.sh | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 1444907..6916005 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -2,13 +2,14 @@
 
 set -e
 
-# Drop root privileges if we are running gemstash as root.
-if [ "$1" = "bundle" ] && [ "$2" = "exec" ] && [ "$3" = "gemstash" ] && [ "$(id -u)" = "0" ]; then
+# Always run this as gemstash user.
+if [ "$1" = "bundle" ] && [ "$2" = "exec" ] && [ "$3" = "gemstash" ]; then
     # Change the ownership of user-mutable directories to gemstash
     chown -R "${GEMSTASH_USER}:${GEMSTASH_USER}" "${GEMSTASH_HOME}/data"
 
-    # Run gemstash as gemstash user
+    # Specify config to be used by gemstash.
     command="tini -- ${*} --config-file=${GEMSTASH_HOME}/app/config.yml.erb"
+    # Run gemstash as gemstash user
     set -- su-exec "${GEMSTASH_USER}" ${command}
 fi
 

From 8fd658c3a3e4c2f9221032516fbdbfe51b4245a9 Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Tue, 22 Sep 2020 11:18:13 +0200
Subject: [PATCH 02/12] Stop using entrypoint file in build and install
 Bundler.

---
 Dockerfile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 745156e..13deee2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,7 +9,7 @@ RUN apk --update add \
       su-exec \
       tini && \
     gem update --system && \
-    gem update bundler && \
+    gem install bundler:1.17.2 && \
     rm -rf /var/cache/apk/*
 
 # Create gemstash user
@@ -27,6 +27,6 @@ RUN bundle install --jobs 4 --retry 3
 VOLUME "${GEMSTASH_HOME}/data"
 
 EXPOSE 9292
-COPY entrypoint.sh /
-ENTRYPOINT ["/entrypoint.sh"]
-CMD ["bundle", "exec", "gemstash", "start", "--no-daemonize"]
+USER ${GEMSTASH_USER}:${GEMSTASH_USER}
+ENTRYPOINT ["tini", "--"]
+CMD ["bundle", "exec", "gemstash", "start", "--no-daemonize", "--config-file=config.yml.erb"]

From ef265b9e977af303010209deee87e91aabc16417 Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Tue, 22 Sep 2020 11:18:40 +0200
Subject: [PATCH 03/12] Remove entrypoint file.

---
 entrypoint.sh | 18 ------------------
 1 file changed, 18 deletions(-)
 delete mode 100755 entrypoint.sh

diff --git a/entrypoint.sh b/entrypoint.sh
deleted file mode 100755
index 6916005..0000000
--- a/entrypoint.sh
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-set -e
-
-# Always run this as gemstash user.
-if [ "$1" = "bundle" ] && [ "$2" = "exec" ] && [ "$3" = "gemstash" ]; then
-    # Change the ownership of user-mutable directories to gemstash
-    chown -R "${GEMSTASH_USER}:${GEMSTASH_USER}" "${GEMSTASH_HOME}/data"
-
-    # Specify config to be used by gemstash.
-    command="tini -- ${*} --config-file=${GEMSTASH_HOME}/app/config.yml.erb"
-    # Run gemstash as gemstash user
-    set -- su-exec "${GEMSTASH_USER}" ${command}
-fi
-
-# As argument is not related to gemstash, then assume that user wants to run his
-# own process.
-exec "$@"

From 5912c049cc0bba2a98fa285d0b79672c9f30c4eb Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Tue, 22 Sep 2020 12:30:12 +0200
Subject: [PATCH 04/12] Remove config file.

---
 app/config.yml.erb | 33 ---------------------------------
 1 file changed, 33 deletions(-)
 delete mode 100644 app/config.yml.erb

diff --git a/app/config.yml.erb b/app/config.yml.erb
deleted file mode 100644
index a8479d4..0000000
--- a/app/config.yml.erb
+++ /dev/null
@@ -1,33 +0,0 @@
-:base_path: <%= "#{ENV['GEMSTASH_HOME']}/data" %>
-:cache_type: memory
-:rubygems_url: https://rubygems.org
-:puma_threads: <%= (ENV['GEMSTASH_PUMA_THREADS'] || 16).to_i %>
-:bind: tcp://0.0.0.0:9292
-:protected_fetch: <%= ENV['GEMSTASH_PROTECTED_FETCH'] == 'true' ? 'true' : 'false' %>
-:fetch_timeout: 20
-:log_file: :stdout
-
-<% if ENV['GEMSTASH_DB_ADAPTER'] == 'mysql2' %>
-# mysql2 adapter
-:db_adapter: mysql2
-:db_url: <%= "mysql2://#{ENV['GEMSTASH_DB_HOST']}:#{ENV['GEMSTASH_DB_PORT']}/#{ENV['GEMSTASH_DB_DATABASE']}" %>
-:db_connection_options:
-  :adapter: 'mysql2'
-  :user: <%= ENV['GEMSTASH_DB_USERNAME'] %>
-  :password: <%= ENV['GEMSTASH_DB_PASSWORD'] %>
-<% elsif ENV['GEMSTASH_DB_ADAPTER'] == 'postgres' %>
-# postgres adapter
-:db_adapter: postgres
-:db_url: <%= "postgres://#{ENV['GEMSTASH_DB_HOST']}:#{ENV['GEMSTASH_DB_PORT']}/#{ENV['GEMSTASH_DB_DATABASE']}" %>
-:db_connection_options:
-  :adapter: 'postgres'
-  :user: <%= ENV['GEMSTASH_DB_USERNAME'] %>
-  :password: <%= ENV['GEMSTASH_DB_PASSWORD'] %>
-  :connect_timeout: 10
-  :read_timeout: 5
-  :timeout: 30
-<% else %>
-# sqlite adapter (default)
-:db_adapter: sqlite3
-:db_url: sqlite://gemstash.db
-<% end %>

From 9cbb3adbe97fe4b44f116c98eedc9f00ad60857c Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Tue, 22 Sep 2020 12:31:04 +0200
Subject: [PATCH 05/12] Remove entrypoint and configf file argument.

Co-authored-by: King'ori Maina <j@kingori.co>
---
 Dockerfile | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 13deee2..817583b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -27,6 +27,4 @@ RUN bundle install --jobs 4 --retry 3
 VOLUME "${GEMSTASH_HOME}/data"
 
 EXPOSE 9292
-USER ${GEMSTASH_USER}:${GEMSTASH_USER}
-ENTRYPOINT ["tini", "--"]
-CMD ["bundle", "exec", "gemstash", "start", "--no-daemonize", "--config-file=config.yml.erb"]
+CMD ["bundle", "exec", "gemstash", "start", "--no-daemonize"]

From 587b2b75d627fd77bd222e066de2b6b23b0636e9 Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Wed, 23 Sep 2020 11:37:49 +0200
Subject: [PATCH 06/12] Set user.

---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index 817583b..9beb8cc 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -27,4 +27,5 @@ RUN bundle install --jobs 4 --retry 3
 VOLUME "${GEMSTASH_HOME}/data"
 
 EXPOSE 9292
+USER ${GEMSTASH_USER}:${GEMSTASH_USER}
 CMD ["bundle", "exec", "gemstash", "start", "--no-daemonize"]

From 91761f442455a352cb924c2c8df49d4f81bc4452 Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Wed, 23 Sep 2020 16:29:37 +0200
Subject: [PATCH 07/12] Stop specifying volume in Dockerfile and docker-compose
 files.

---
 Dockerfile                  | 2 --
 docker-compose.mysql.yml    | 2 --
 docker-compose.postgres.yml | 2 --
 docker-compose.sqlite.yml   | 4 +---
 4 files changed, 1 insertion(+), 9 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 9beb8cc..659e777 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -24,8 +24,6 @@ WORKDIR "${GEMSTASH_HOME}/app"
 COPY "app/" "${GEMSTASH_HOME}/app"
 RUN bundle install --jobs 4 --retry 3
 
-VOLUME "${GEMSTASH_HOME}/data"
-
 EXPOSE 9292
 USER ${GEMSTASH_USER}:${GEMSTASH_USER}
 CMD ["bundle", "exec", "gemstash", "start", "--no-daemonize"]
diff --git a/docker-compose.mysql.yml b/docker-compose.mysql.yml
index 51dde31..8107cd1 100644
--- a/docker-compose.mysql.yml
+++ b/docker-compose.mysql.yml
@@ -14,8 +14,6 @@ services:
       GEMSTASH_PUMA_THREADS: 4
     ports:
       - 9292:9292
-    volumes:
-      - gemstash_data:/home/gemstash/data
     links:
       - mysql
     depends_on:
diff --git a/docker-compose.postgres.yml b/docker-compose.postgres.yml
index bde3a10..5c21e10 100644
--- a/docker-compose.postgres.yml
+++ b/docker-compose.postgres.yml
@@ -14,8 +14,6 @@ services:
       GEMSTASH_PUMA_THREADS: 4
     ports:
       - 9292:9292
-    volumes:
-      - gemstash_data:/home/gemstash/data
     links:
       - postgres
   postgres:
diff --git a/docker-compose.sqlite.yml b/docker-compose.sqlite.yml
index fc4d019..f7757bc 100644
--- a/docker-compose.sqlite.yml
+++ b/docker-compose.sqlite.yml
@@ -5,13 +5,11 @@ services:
     build:
       context: .
       dockerfile: Dockerfile
-    image: zappi/gemstash:1.2.0
+    # image: zappi/gemstash:1.2.0
     environment:
       RACK_ENV: production
     ports:
       - 9292:9292
-    volumes:
-      - gemstash_data:/home/gemstash/data
 
 volumes:
   gemstash_data:

From f919190c104dd9a770e117d8abb038f19976df4b Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Tue, 29 Sep 2020 12:21:20 +0200
Subject: [PATCH 08/12] Revert "Stop specifying volume in Dockerfile and
 docker-compose files."

This reverts commit 91761f442455a352cb924c2c8df49d4f81bc4452.
---
 Dockerfile                  | 2 ++
 docker-compose.mysql.yml    | 2 ++
 docker-compose.postgres.yml | 2 ++
 docker-compose.sqlite.yml   | 4 +++-
 4 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 659e777..9beb8cc 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -24,6 +24,8 @@ WORKDIR "${GEMSTASH_HOME}/app"
 COPY "app/" "${GEMSTASH_HOME}/app"
 RUN bundle install --jobs 4 --retry 3
 
+VOLUME "${GEMSTASH_HOME}/data"
+
 EXPOSE 9292
 USER ${GEMSTASH_USER}:${GEMSTASH_USER}
 CMD ["bundle", "exec", "gemstash", "start", "--no-daemonize"]
diff --git a/docker-compose.mysql.yml b/docker-compose.mysql.yml
index 8107cd1..51dde31 100644
--- a/docker-compose.mysql.yml
+++ b/docker-compose.mysql.yml
@@ -14,6 +14,8 @@ services:
       GEMSTASH_PUMA_THREADS: 4
     ports:
       - 9292:9292
+    volumes:
+      - gemstash_data:/home/gemstash/data
     links:
       - mysql
     depends_on:
diff --git a/docker-compose.postgres.yml b/docker-compose.postgres.yml
index 5c21e10..bde3a10 100644
--- a/docker-compose.postgres.yml
+++ b/docker-compose.postgres.yml
@@ -14,6 +14,8 @@ services:
       GEMSTASH_PUMA_THREADS: 4
     ports:
       - 9292:9292
+    volumes:
+      - gemstash_data:/home/gemstash/data
     links:
       - postgres
   postgres:
diff --git a/docker-compose.sqlite.yml b/docker-compose.sqlite.yml
index f7757bc..fc4d019 100644
--- a/docker-compose.sqlite.yml
+++ b/docker-compose.sqlite.yml
@@ -5,11 +5,13 @@ services:
     build:
       context: .
       dockerfile: Dockerfile
-    # image: zappi/gemstash:1.2.0
+    image: zappi/gemstash:1.2.0
     environment:
       RACK_ENV: production
     ports:
       - 9292:9292
+    volumes:
+      - gemstash_data:/home/gemstash/data
 
 volumes:
   gemstash_data:

From 40445a4b03868e6b80af40e5aa96300271fdbcef Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Tue, 29 Sep 2020 12:23:45 +0200
Subject: [PATCH 09/12] Revert "Set user."

This reverts commit 587b2b75d627fd77bd222e066de2b6b23b0636e9.
---
 Dockerfile | 1 -
 1 file changed, 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 9beb8cc..817583b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -27,5 +27,4 @@ RUN bundle install --jobs 4 --retry 3
 VOLUME "${GEMSTASH_HOME}/data"
 
 EXPOSE 9292
-USER ${GEMSTASH_USER}:${GEMSTASH_USER}
 CMD ["bundle", "exec", "gemstash", "start", "--no-daemonize"]

From b38e246869b27ed6ac86352e167ce8c004aaee97 Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Tue, 29 Sep 2020 12:23:53 +0200
Subject: [PATCH 10/12] Revert "Remove entrypoint and configf file argument."

This reverts commit 9cbb3adbe97fe4b44f116c98eedc9f00ad60857c.
---
 Dockerfile | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 817583b..13deee2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -27,4 +27,6 @@ RUN bundle install --jobs 4 --retry 3
 VOLUME "${GEMSTASH_HOME}/data"
 
 EXPOSE 9292
-CMD ["bundle", "exec", "gemstash", "start", "--no-daemonize"]
+USER ${GEMSTASH_USER}:${GEMSTASH_USER}
+ENTRYPOINT ["tini", "--"]
+CMD ["bundle", "exec", "gemstash", "start", "--no-daemonize", "--config-file=config.yml.erb"]

From c2ae0361a55c0e48a5ba34bd5cd5188dae001fa0 Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Tue, 29 Sep 2020 12:24:01 +0200
Subject: [PATCH 11/12] Revert "Remove config file."

This reverts commit 5912c049cc0bba2a98fa285d0b79672c9f30c4eb.
---
 app/config.yml.erb | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 app/config.yml.erb

diff --git a/app/config.yml.erb b/app/config.yml.erb
new file mode 100644
index 0000000..a8479d4
--- /dev/null
+++ b/app/config.yml.erb
@@ -0,0 +1,33 @@
+:base_path: <%= "#{ENV['GEMSTASH_HOME']}/data" %>
+:cache_type: memory
+:rubygems_url: https://rubygems.org
+:puma_threads: <%= (ENV['GEMSTASH_PUMA_THREADS'] || 16).to_i %>
+:bind: tcp://0.0.0.0:9292
+:protected_fetch: <%= ENV['GEMSTASH_PROTECTED_FETCH'] == 'true' ? 'true' : 'false' %>
+:fetch_timeout: 20
+:log_file: :stdout
+
+<% if ENV['GEMSTASH_DB_ADAPTER'] == 'mysql2' %>
+# mysql2 adapter
+:db_adapter: mysql2
+:db_url: <%= "mysql2://#{ENV['GEMSTASH_DB_HOST']}:#{ENV['GEMSTASH_DB_PORT']}/#{ENV['GEMSTASH_DB_DATABASE']}" %>
+:db_connection_options:
+  :adapter: 'mysql2'
+  :user: <%= ENV['GEMSTASH_DB_USERNAME'] %>
+  :password: <%= ENV['GEMSTASH_DB_PASSWORD'] %>
+<% elsif ENV['GEMSTASH_DB_ADAPTER'] == 'postgres' %>
+# postgres adapter
+:db_adapter: postgres
+:db_url: <%= "postgres://#{ENV['GEMSTASH_DB_HOST']}:#{ENV['GEMSTASH_DB_PORT']}/#{ENV['GEMSTASH_DB_DATABASE']}" %>
+:db_connection_options:
+  :adapter: 'postgres'
+  :user: <%= ENV['GEMSTASH_DB_USERNAME'] %>
+  :password: <%= ENV['GEMSTASH_DB_PASSWORD'] %>
+  :connect_timeout: 10
+  :read_timeout: 5
+  :timeout: 30
+<% else %>
+# sqlite adapter (default)
+:db_adapter: sqlite3
+:db_url: sqlite://gemstash.db
+<% end %>

From c2df0e9a257dda5756fdd11632a2cbe90d65e926 Mon Sep 17 00:00:00 2001
From: Hadrian Valentine <hadrian@intellectionsoftware.com>
Date: Tue, 29 Sep 2020 13:56:20 +0200
Subject: [PATCH 12/12] Update changelog.

---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ee23b78..1d37b63 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 1.4.0
+
+* Always specify the config file in the command and always run as gemstash user.
+
 ## 1.3.0
 
 * Add `GEMSTASH_PROTECTED_FETCH` configuration option to enable protected