menu: remove assumption user ID is 1000

On menu.sh start, store current UID and GID to .env, if they are missing.
Use these to run services that support custom user.

.templates/blynk_server/service.yml

@@ -7,8 +7,8 @@ blynk_server:
   restart: unless-stopped
   environment:
     - TZ=Etc/UTC
-    - IOTSTACK_UID=1000
-    - IOTSTACK_GID=1000
+    - IOTSTACK_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - IOTSTACK_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
   ports:
     - "8180:8080"
     - "8440:8440"

.templates/domoticz/service.yml

@@ -10,8 +10,8 @@ domoticz:
   restart: unless-stopped
   network_mode: bridge
   environment:
-    - PUID=1000
-    - PGID=1000
+    - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
     # - TZ=
     # - WEBROOT=domoticz
 

.templates/gitea/service.yml

@@ -6,8 +6,8 @@ gitea:
     - "7920:3000/tcp"
     - "2222:22/tcp"
   environment:
-    - USER_UID=1000
-    - USER_GID=1000
+    - USER_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - USER_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
   volumes:
     - ./volumes/gitea/data:/data
     - /etc/timezone:/etc/timezone:ro

.templates/heimdall/service.yml

@@ -2,8 +2,8 @@ heimdall:
   image: ghcr.io/linuxserver/heimdall
   container_name: heimdall
   environment:
-    - PUID=1000
-    - PGID=1000
+    - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
     - TZ=Europe/Paris
   volumes:
     - ./volumes/heimdall/config:/config

.templates/homebridge/service.yml

@@ -4,8 +4,8 @@ homebridge:
   restart: unless-stopped
   environment:
     - TZ=Etc/UTC
-    - PGID=1000
-    - PUID=1000
+    - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
+    - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
     - HOMEBRIDGE_CONFIG_UI=1
     - HOMEBRIDGE_CONFIG_UI_PORT=8581
   volumes:

.templates/homer/service.yml

@@ -2,8 +2,8 @@ homer:
   image: b4bz/homer:latest
   container_name: homer
   environment:
-    - UID=1000
-    - GID=1000
+    - UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
   volumes:
     - ./volumes/homer/assets:/www/assets
   ports:

.templates/mariadb/service.yml

@@ -3,8 +3,8 @@ mariadb:
   container_name: mariadb
   environment:
     - TZ=Etc/UTC
-    - PUID=1000
-    - PGID=1000
+    - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
     - MYSQL_ROOT_PASSWORD=%randomAdminPassword%
     - MYSQL_DATABASE=default
     - MYSQL_USER=mariadbuser

.templates/n8n/service.yml

@@ -22,8 +22,8 @@ n8n:
 #           - N8N_BASIC_AUTH_USER=<USER>
 #           - N8N_BASIC_AUTH_PASSWORD=<PASSWORD>
 
-#            - PGID=1000
-#            - PUID=1000
+#            - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
+#            - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
 #            - USBDEVICES=/dev/ttyAMA0
 #            - PACKAGES=mc
 

.templates/nextcloud/service.yml

@@ -23,8 +23,8 @@ nextcloud_db:
   restart: unless-stopped
   environment:
     - TZ=Etc/UTC
-    - PUID=1000
-    - PGID=1000
+    - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
     - MYSQL_ROOT_PASSWORD=%randomPassword%
     - MYSQL_PASSWORD=%randomMySqlPassword%
     - MYSQL_DATABASE=nextcloud

.templates/plex/service.yml

@@ -3,8 +3,8 @@ plex:
   container_name: plex
   network_mode: host
   environment:
-    - PUID=1000
-    - PGID=1000
+    - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
     - VERSION=docker
   volumes:
     - ./volumes/plex/config:/config

.templates/prometheus/service.yml

@@ -6,8 +6,8 @@ prometheus:
   ports:
     - "9090:9090"
   environment:
-    - IOTSTACK_UID=1000
-    - IOTSTACK_GID=1000
+    - IOTSTACK_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - IOTSTACK_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
   volumes:
     - ./volumes/prometheus/data:/prometheus
   command:

.templates/python/service.yml

@@ -4,8 +4,8 @@ python:
   restart: unless-stopped
   environment:
     - TZ=Etc/UTC
-    - IOTSTACK_UID=1000
-    - IOTSTACK_GID=1000
+    - IOTSTACK_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - IOTSTACK_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
   # ports:
   #   - "external:internal"
   volumes:

.templates/qbittorrent/service.yml

@@ -2,8 +2,8 @@
     image: linuxserver/qbittorrent
     container_name: qbittorrent
     environment:
-      - PUID=1000
-      - PGID=1000
+      - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+      - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
       - UMASK_SET=022
       - WEBUI_PORT=15080
     volumes:

.templates/syncthing/service.yml

@@ -3,8 +3,8 @@
     container_name: syncthing
     hostname: raspberrypi #optional
     environment:
-      - PUID=1000
-      - PGID=1000
+      - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+      - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
       - HOME=/app
       - TZ=Etc/UTC
     volumes:

.templates/transmission/service.yml

@@ -2,8 +2,8 @@ transmission:
   image: linuxserver/transmission
   container_name: transmission
   environment:
-    - PUID=1000
-    - PGID=1000
+    - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
     - TZ=Etc/UTC
   volumes:
     - ./volumes/transmission/config:/config

.templates/wireguard/service.yml

@@ -3,8 +3,8 @@ wireguard:
   image: ghcr.io/linuxserver/wireguard
   restart: unless-stopped
   environment:
-  - PUID=1000
-  - PGID=1000
+  - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+  - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
   - TZ=Etc/UTC
   - SERVERURL=your.dynamic.dns.name
   - SERVERPORT=51820

docs/Basic_setup/Backup-and-Restore.md

@@ -14,7 +14,9 @@ There are 2 ways to run backups:
 
 The command that's run from the command line can also be executed from a cronjob:
 
-```0 2 * * * cd /home/pi/IOTstack && /bin/bash ./scripts/backup.sh```
+```
+0 2 * * * cd /home/pi/IOTstack && /bin/bash ./scripts/backup.sh
+```
 
 The current directory of bash must be in IOTstack's directory, to ensure that it can find the relative paths of the files it's meant to back up. In the example above, it's assume that it's inside the `pi` user's home directory.
 
@@ -60,7 +62,13 @@ There are 2 ways to run a restore:
 * From the menu: `Backup and Restore` > `Restore from backup`
 * Running the following command: `bash ./scripts/restore.sh`
 
-**Important**: The restore script assumes that the IOTstack directory is fresh, as if it was just cloned. If it is not fresh, errors may occur, or your data may not correctly be restored even if no errors are apparent.
+**Important**:
+
+* The restore script assumes that the IOTstack directory is fresh, as if it was
+  just cloned. If it is not fresh, errors may occur, or your data may not
+  correctly be restored even if no errors are apparent.
+* When reinstalling Raspberry or migrating to a new installation, use the same
+  user and ID (usually pi and 1000) as when you created the backup.
 
 *Note*: It is suggested that you test that your backups can be restored after initially setting up, and anytime you add or remove a service. Major updates to services can also break backups.
 

docs/Basic_setup/index.md

@@ -17,9 +17,11 @@ IOTstack makes the following assumptions:
 1. Your hardware is a Raspberry Pi (typically a 3B+ or 4B).
 
 	* The Raspberry Pi Zero W2 has been tested with IOTstack. It works but the 512MB RAM means you should not try to run too many containers concurrently.
-    * Users have also [reported success
-      ](https://github.com/SensorsIot/IOTstack/issues/375) on Orange Pi
+	* Users have also [reported success](
+	  https://github.com/SensorsIot/IOTstack/issues/375) on Orange Pi
       Win/Plus.
+	* Most services will run on any Linux machine with Docker, but some have
+	  Raspberry Pi specific default configurations or dependencies.
 
 2. Your Raspberry Pi has a reasonably-recent version of 32-bit or 64-bit Raspberry Pi OS (aka "Raspbian") installed. You can download operating-system images:
 
@@ -35,14 +37,14 @@ IOTstack makes the following assumptions:
 	$ sudo apt upgrade -y
 	```
 
-4. You are logged-in as the user "pi".
-5. User "pi" has the user ID 1000.
-6. The home directory for user "pi" is `/home/pi/`.
-7. IOTstack is installed at `/home/pi/IOTstack` (with that exact spelling).
+For brevity, this documentation makes the following guesses, that are not
+technical requirements. If you use a different choice, you'll just have to
+change the commands presented in these instructions correspondingly:
 
-If the first three assumptions hold, assumptions four through six are Raspberry Pi defaults on a clean installation. The seventh is what you get if you follow these instructions faithfully.
-
-Please don't read these assumptions as saying that IOTstack will not run on other hardware, other operating systems, or as a different user. It is just that IOTstack gets most of its testing under these conditions. The further you get from these implicit assumptions, the more your mileage may vary.
+- You are logged-in as the user "pi".
+- The home directory for user "pi" is `/home/pi/`.
+- IOTstack is installed at `~/IOTstack` (with that exact spelling).
+- The system hostname is `raspberrypi`
 
 ## New installation
 

docs/Containers/Home-Assistant.md

@@ -124,8 +124,8 @@ your RPi hostname is raspberrypi)
 	    cap_add:
 	      - NET_ADMIN
 	    environment:
-	      - PUID=1000
-	      - PGID=1000
+	      - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+	      - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
 	      - TZ=Etc/UTC
 	      - URL=<yourdomain>.duckdns.org
 	      - SUBDOMAINS=wildcard

docs/Containers/NextCloud.md

@@ -27,8 +27,8 @@ nextcloud_db:
   restart: unless-stopped
   environment:
     - TZ=Etc/UTC
-    - PUID=1000
-    - PGID=1000
+    - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+    - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
     - MYSQL_ROOT_PASSWORD=«root_password»
     - MYSQL_PASSWORD=«user_password»
     - MYSQL_DATABASE=nextcloud

docs/Containers/Prometheus.md

@@ -237,8 +237,8 @@ The IOTstack implementation of *Prometheus* supports two environment variables:
 
 ```yaml
 environment:
-  - IOTSTACK_UID=1000
-  - IOTSTACK_GID=1000
+  - IOTSTACK_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+  - IOTSTACK_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
 ```
 
 Those variables control ownership of the [Configuration directory](#configDir) and its contents. Those environment variables are present in the standard IOTstack service definition for *Prometheus* and have the effect of assigning ownership to "pi:pi".

docs/Containers/Python.md

@@ -34,8 +34,8 @@ When you select Python in the menu:
 	  restart: unless-stopped
 	  environment:
 	  - TZ=Etc/UTC
-	  - IOTSTACK_UID=1000
-	  - IOTSTACK_GID=1000
+	  - IOTSTACK_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+	  - IOTSTACK_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
 	# ports:
 	#   - "external:internal"
 	  volumes:
@@ -48,7 +48,7 @@ The service definition contains a number of customisation points:
 
 1. `restart: unless-stopped` assumes your Python script will run in an infinite loop. If your script is intended to run once and terminate, you should remove this directive.
 2. `TZ=Etc/UTC` should be set to your local time-zone. Never use quote marks on the right hand side of a `TZ=` variable.
-3. If you are running as a different user ID, you may want to change both `IOTSTACK_UID` and `IOTSTACK_GID` to appropriate values.
+3. If you need a different user ID, you may want to change both `IOTSTACK_UID` and `IOTSTACK_GID` to appropriate values. By default they are defined to be the same as the current user when you run the menu, and saved to the file `~/IOTstack/.env`, changing this file will affect many services which may not be what you want.
 
 	Notes:
 
@@ -444,8 +444,8 @@ Proceed like this:
 	  restart: unless-stopped                     restart: unless-stopped
 	  environment:                                environment:
 	    - TZ=Etc/UTC                                - TZ=Etc/UTC
-	    - IOTSTACK_UID=1000                         - IOTSTACK_UID=1000
-	    - IOTSTACK_GID=1000                         - IOTSTACK_GID=1000
+	    - IOTSTACK_UID=${IOTSTACK_UID:?...}         - IOTSTACK_UID=${IOTSTACK_UID:?...}
+	    - IOTSTACK_GID=${IOTSTACK_GID:?...}         - IOTSTACK_GID=${IOTSTACK_GID:?...}
 	  # ports:                                    # ports:
 	  #   - "external:internal"                   #   - "external:internal"
 	  volumes:                                    volumes:

docs/Containers/WireGuard.md

@@ -41,8 +41,8 @@ wireguard:
   image: ghcr.io/linuxserver/wireguard
   restart: unless-stopped
   environment:
-  - PUID=1000
-  - PGID=1000
+  - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+  - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
   - TZ=Etc/UTC
   - SERVERURL=your.dynamic.dns.name
   - SERVERPORT=51820
@@ -247,8 +247,8 @@ You will need to create the `compose-override.yml` **before** running the menu t
 	services:
 	  wireguard:
 	    environment:
-	    - PUID=1000
-	    - PGID=1000
+	    - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env}
+	    - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env}
 	    - TZ=Australia/Sydney
 	    - SERVERURL=downunda.duckdns.org
 	    - SERVERPORT=51820

menu.sh

@@ -381,6 +381,18 @@ function do_checks() {
 	fi
 }
 
+function do_dotenv_defaults() {
+	echo "Checking .env is setting IOTSTACK_UID and IOTSTACK_GID"
+	grep -qs '^IOTSTACK_UID=' .env || {
+		echo "Adding missing definitions to .env using UID:GID=$(id --user):$(id --group)"
+		echo "# Changing IOTSTACK_UID or IOTSTACK_GID after you have started the stack is not" >> .env
+		echo "# supported. File owners in the 'volumes'-folder won't automatically update to" >> .env
+		echo "# match, resulting in various problems." >> .env
+		echo "IOTSTACK_UID=$(id --user)" >> .env
+	}
+	grep -qs '^IOTSTACK_GID=' .env || echo "IOTSTACK_GID=$(id --group)" >> .env
+}
+
 function do_help() {
 	echo "USAGE:
 	$0 [OPTIONS...]"
@@ -436,6 +448,8 @@ if [[ -z "$NO_CHECKS" ]]; then
 	do_checks
 fi
 
+do_dotenv_defaults
+
 # This section is temporary, it's just for notifying people of potential breaking changes.
 if [[ -f .new_install ]]; then
 	echo "Existing installation detected."

scripts/backup.sh

@@ -90,6 +90,8 @@ bash ./scripts/backup_restore/pre_backup_complete.sh >> $LOGFILE 2>&1
 echo "./services/" >> $BACKUPLIST
 echo "./volumes/" >> $BACKUPLIST
 [ -f "./docker-compose.yml" ] && echo "./docker-compose.yml" >> $BACKUPLIST
+[ -f "./docker-compose.override.yml" ] && echo "./docker-compose.override.yml" >> $BACKUPLIST
+[ -f "./.env" ] && echo "./.env" >> $BACKUPLIST
 [ -f "./compose-override.yml" ] && echo "./compose-override.yml" >> $BACKUPLIST
 [ -f "./extra" ] && echo "./extra" >> $BACKUPLIST
 [ -f "./.tmp/databases_backup" ] && echo "./.tmp/databases_backup" >> $BACKUPLIST