fix dev containers for non-root containers

.devcontainer/api.dockerfile

@@ -1,3 +1,10 @@
+# pulls community scripts from git repo
+FROM python:3.9.9-slim AS GET_SCRIPTS_STAGE
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends git && \
+    git clone https://github.com/amidaware/community-scripts.git /community-scripts
+
 FROM python:3.9.9-slim
 
 ENV TACTICAL_DIR /opt/tactical
@@ -13,6 +20,9 @@ EXPOSE 8000 8383 8005
 RUN groupadd -g 1000 tactical && \
     useradd -u 1000 -g 1000 tactical
 
+# copy community scripts
+COPY --from=GET_SCRIPTS_STAGE /community-scripts /community-scripts
+
 # Copy dev python reqs
 COPY .devcontainer/requirements.txt  /
 

.devcontainer/docker-compose.debug.yml

@@ -1,19 +0,0 @@
-version: '3.4'
-
-services:
-  api-dev:
-    image: api-dev
-    build:
-      context: .
-      dockerfile: ./api.dockerfile
-    command: ["sh", "-c", "pip install debugpy -t /tmp && python /tmp/debugpy --wait-for-client --listen 0.0.0.0:5678 manage.py runserver 0.0.0.0:8000 --nothreading --noreload"]
-    ports:
-      - 8000:8000
-      - 5678:5678
-    volumes:
-      - tactical-data-dev:/opt/tactical
-      - ..:/workspace:cached
-    networks:
-      dev:
-        aliases: 
-          - tactical-backend

.devcontainer/docker-compose.yml

@@ -5,6 +5,7 @@ services:
     container_name: trmm-api-dev
     image: api-dev
     restart: always
+    user: 1000:1000
     build:
       context: ..
       dockerfile: .devcontainer/api.dockerfile
@@ -25,8 +26,7 @@ services:
     container_name: trmm-app-dev
     image: node:14-alpine
     restart: always
-    command: /bin/sh -c "npm install npm@latest -g && npm install && npm run serve
-      -- --host 0.0.0.0 --port ${APP_PORT}"
+    command: /bin/sh -c "npm install npm@latest -g && npm install && npm run serve -- --host 0.0.0.0 --port ${APP_PORT}"
     working_dir: /workspace/web
     volumes:
       - ..:/workspace:cached
@@ -42,6 +42,7 @@ services:
     container_name: trmm-nats-dev
     image: ${IMAGE_REPO}tactical-nats:${VERSION}
     restart: always
+    user: 1000:1000
     environment:
       API_HOST: ${API_HOST}
       API_PORT: ${API_PORT}
@@ -62,6 +63,7 @@ services:
     container_name: trmm-meshcentral-dev
     image: ${IMAGE_REPO}tactical-meshcentral:${VERSION}
     restart: always
+    user: 1000:1000
     environment:
       MESH_HOST: ${MESH_HOST}
       MESH_USER: ${MESH_USER}
@@ -85,6 +87,7 @@ services:
     container_name: trmm-mongodb-dev
     image: mongo:4.4
     restart: always
+    user: 1000:1000
     environment:
       MONGO_INITDB_ROOT_USERNAME: ${MONGODB_USER}
       MONGO_INITDB_ROOT_PASSWORD: ${MONGODB_PASSWORD}
@@ -116,6 +119,7 @@ services:
   redis-dev:
     container_name: trmm-redis-dev
     restart: always
+    user: 1000:1000
     command: redis-server --appendonly yes
     image: redis:6.0-alpine
     volumes:
@@ -148,6 +152,9 @@ services:
       - dev
     volumes:
       - tactical-data-dev:/opt/tactical
+      - mesh-data-dev:/meshcentral-data
+      - redis-data-dev:/redis/data
+      - mongo-dev-data:/mongo/data/db
       - ..:/workspace:cached
 
   # container for celery worker service
@@ -156,6 +163,7 @@ services:
     image: api-dev
     command: [ "tactical-celery-dev" ]
     restart: always
+    user: 1000:1000
     networks:
       - dev
     volumes:
@@ -171,6 +179,7 @@ services:
     image: api-dev
     command: [ "tactical-celerybeat-dev" ]
     restart: always
+    user: 1000:1000
     networks:
       - dev
     volumes:
@@ -186,6 +195,7 @@ services:
     image: api-dev
     command: [ "tactical-websockets-dev" ]
     restart: always
+    user: 1000:1000
     networks:
       dev:
         aliases:
@@ -202,6 +212,7 @@ services:
     container_name: trmm-nginx-dev
     image: ${IMAGE_REPO}tactical-nginx:${VERSION}
     restart: always
+    user: 1000:1000
     environment:
       APP_HOST: ${APP_HOST}
       API_HOST: ${API_HOST}
@@ -215,8 +226,8 @@ services:
       dev:
         ipv4_address: ${DOCKER_NGINX_IP}
     ports:
-      - "80:80"
-      - "443:443"
+      - "80:8080"
+      - "443:4443"
     volumes:
       - tactical-data-dev:/opt/tactical
 
@@ -224,6 +235,7 @@ services:
     container_name: trmm-mkdocs-dev
     image: api-dev
     restart: always
+    user: 1000:1000
     command: [ "tactical-mkdocs-dev" ]
     ports:
       - "8005:8005"

.devcontainer/entrypoint.sh

@@ -10,7 +10,7 @@ set -e
 : "${POSTGRES_PASS:=tactical}"
 : "${POSTGRES_DB:=tacticalrmm}"
 : "${MESH_SERVICE:=tactical-meshcentral}"
-: "${MESH_WS_URL:=ws://${MESH_SERVICE}:443}"
+: "${MESH_WS_URL:=ws://${MESH_SERVICE}:4443}"
 : "${MESH_USER:=meshcentral}"
 : "${MESH_PASS:=meshcentralpass}"
 : "${MESH_HOST:=tactical-meshcentral}"
@@ -41,7 +41,7 @@ function django_setup {
     sleep 5
   done
 
-  until (echo > /dev/tcp/"${MESH_SERVICE}"/443) &> /dev/null; do
+  until (echo > /dev/tcp/"${MESH_SERVICE}"/4443) &> /dev/null; do
     echo "waiting for meshcentral container to be ready..."
     sleep 5
   done
@@ -63,7 +63,7 @@ DOCKER_BUILD = True
 CERT_FILE = '${CERT_PUB_PATH}'
 KEY_FILE = '${CERT_PRIV_PATH}'
 
-SCRIPTS_DIR = '${WORKSPACE_DIR}/scripts'
+SCRIPTS_DIR = '/community-scripts'
 
 ALLOWED_HOSTS = ['${API_HOST}', '*']
 
@@ -103,7 +103,7 @@ EOF
   "${VIRTUAL_ENV}"/bin/python manage.py reload_nats
   "${VIRTUAL_ENV}"/bin/python manage.py create_natsapi_conf
   "${VIRTUAL_ENV}"/bin/python manage.py create_installer_user
-    "${VIRTUAL_ENV}"/bin/python manage.py post_update_tasks
+  "${VIRTUAL_ENV}"/bin/python manage.py post_update_tasks
   
 
   # create super user 
@@ -117,6 +117,20 @@ if [ "$1" = 'tactical-init-dev' ]; then
 
   test -f "${TACTICAL_READY_FILE}" && rm "${TACTICAL_READY_FILE}"
 
+  mkdir -p /meshcentral-data
+  mkdir -p ${TACTICAL_DIR}/tmp
+  mkdir -p ${TACTICAL_DIR}/certs
+  mkdir -p /mongo/data/db
+  mkdir -p /redis/data
+  touch /meshcentral-data/.initialized && chown -R 1000:1000 /meshcentral-data
+  touch ${TACTICAL_DIR}/tmp/.initialized && chown -R 1000:1000 ${TACTICAL_DIR}
+  touch ${TACTICAL_DIR}/certs/.initialized && chown -R 1000:1000 ${TACTICAL_DIR}/certs
+  touch /mongo/data/db/.initialized && chown -R 1000:1000 /mongo/data/db
+  touch /redis/data/.initialized && chown -R 1000:1000 /redis/data
+  mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/private/exe
+  mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/private/log
+  touch ${TACTICAL_DIR}/api/tacticalrmm/private/log/django_debug.log
+
   # setup Python virtual env and install dependencies
   ! test -e "${VIRTUAL_ENV}" && python -m venv ${VIRTUAL_ENV}
   "${VIRTUAL_ENV}"/bin/pip install --no-cache-dir -r /requirements.txt