The auto-detect read PUID/PGID from /data/db ownership (UID 102 in pre-PUID images), causing all upgrading users to run as UID 102 instead of the expected UID 1000. This broke host-side access (SSH, WinSCP), made existing DATA_DIR files unwritable, and failed comskip on recordings created before the change.
- replaced $_pg_tmp_port with $POSTRGES_PORT in migration logic. Works because "pg_ctl stop -w" is run before entrypoint.sh restarts postgres. Verified that this does not cause a race condition.
- Correcting unquoted environment variables to prevent inappropriate variables from causing execution inconsistencies (still unquoted in comments and prints)
PostgreSQL now runs as the PUID/PGID user ($POSTGRES_USER) instead of the internal postgres system user (UID 102). This fixes container startup failures when PUID/PGID is set, caused by chown permission errors on restricted filesystems (NFS root_squash, CIFS) and UID collisions with the postgres system user.
Changes:
- Run all PostgreSQL operations (initdb, pg_ctl, psql) as $POSTGRES_USER
- Auto-detect PUID/PGID from existing data owner when not explicitly set
- Validate PUID/PGID (reject zero, non-numeric values) before startup
- Migrate existing data ownership with sentinel-based skip optimization
- Use trust auth for local Unix sockets, md5 for network connections
- Add promote_app_role() and ensure_app_database() as idempotent startup guarantees that handle fresh installs, upgrades, and PUID changes
- Preserve postgres role as superuser for rollback compatibility
- Centralize /data/db ownership in 02-postgres.sh (sentinel-aware)
- Add integration test suite (20 scenarios) covering fresh installs, upgrades, restarts, PUID changes, UID collisions, bind mounts, modular mode, PG major upgrades, and end-to-end web UI verification
The script was creating a group named 'dispatch' (hardcoded) while
nginx.conf expected a group matching POSTGRES_USER (e.g., 'dispatcharr').
Changes:
- Use $POSTGRES_USER for group name instead of hardcoded 'dispatch'
- Make sed command more robust to match any existing user directive
This ensures the group name matches the user name, fixing the error:
"getgrnam("dispatcharr") failed in /etc/nginx/nginx.conf:1"
Fixes#877
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>