From 798a86216446dfba760fdda3e656b2cdee2815f4 Mon Sep 17 00:00:00 2001
From: Martin Ortbauer <mortbauer@gmail.com>
Date: Sun, 18 Feb 2024 21:50:32 -0500
Subject: [PATCH] limit available scopes to hopefully serve rails and other
 routes properly

---
 Dockerfile           | 4 ++--
 config/routes.rb     | 2 +-
 docker-entrypoint.sh | 6 +++++-
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 55a1268fa..f9fcc8dab 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -69,9 +69,9 @@ RUN mkdir -p tmp storage && \
     chown nobody storage
 
 COPY docker-entrypoint.sh ./
-
+RUN apt-get install -y gosu
 # Run app as unprivileged user
-USER nobody
+# USER nobody
 
 EXPOSE 3000
 
diff --git a/config/routes.rb b/config/routes.rb
index ab262ddd9..dbcdd1dc9 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -10,7 +10,7 @@
 
   root to: 'sessions#redirect_to_foodcoop', as: nil
 
-  scope '/:foodcoop' do
+  scope '/:foodcoop', foodcoop: /__FOODCOOPS__/ do
     use_doorkeeper
 
     # Root path
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index f61817856..4d42deb2b 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -10,6 +10,10 @@ if [ ! -z "${FOODSOFT_DB_PREFIX}" ] || [ ! -z "${FOODSOFT_DB_PREFIX_FILE}" ]; th
   FOODSOFT_FOODCOOPS=`BUNDLE_CONFIG=/dev/null bundle exec ruby script/list_databases`
 fi
 
+FOODSOFT_FOODCOOPS_REGEX=`echo $FOODSOFT_FOODCOOPS | sed 's/ /|/g'`
+
+sed -i "s/__FOODCOOPS__/$FOODSOFT_FOODCOOPS_REGEX/g" config/routes.rb
+
 if [ -e app_config.defaults.yml ] ; then
   cat app_config.defaults.yml > config/app_config.yml
 
@@ -23,4 +27,4 @@ EOF
   done
 fi
 
-exec "$@"
+exec gosu nobody:nogroup "$@"