From edbd17579012ad480eaeb86427405d31a35440cd Mon Sep 17 00:00:00 2001
From: thespad <spad@linuxserver.io>
Date: Mon, 23 Dec 2024 18:02:59 +0000
Subject: [PATCH 1/2] Rebase to 3.21

---
 Dockerfile                                        |  2 +-
 Dockerfile.aarch64                                |  2 +-
 Jenkinsfile                                       |  2 +-
 README.md                                         |  6 ++++++
 jenkins-vars.yml                                  |  2 +-
 readme-vars.yml                                   |  2 ++
 .../etc/s6-overlay/s6-rc.d/init-sonarr-config/run |  9 +++++----
 root/etc/s6-overlay/s6-rc.d/svc-sonarr/run        | 15 +++++++++++----
 8 files changed, 28 insertions(+), 12 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 8789548b..02043e38 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1
 
-FROM ghcr.io/linuxserver/baseimage-alpine:3.20
+FROM ghcr.io/linuxserver/baseimage-alpine:3.21
 
 # set version label
 ARG BUILD_DATE
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index 7b26c5bc..1bc311f7 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1
 
-FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.20
+FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.21
 
 # set version label
 ARG BUILD_DATE
diff --git a/Jenkinsfile b/Jenkinsfile
index 2f2cba57..546d5388 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -32,7 +32,7 @@ pipeline {
     CI_WEB='true'
     CI_PORT='8989'
     CI_SSL='false'
-    CI_DELAY='120'
+    CI_DELAY='240'
     CI_DOCKERENV=''
     CI_AUTH=''
     CI_WEBPATH='/system/status'
diff --git a/README.md b/README.md
index 493950cc..b6415aee 100644
--- a/README.md
+++ b/README.md
@@ -82,6 +82,10 @@ The folks over at servarr.com wrote a good [write-up](https://wiki.servarr.com/D
 
 This image can be run with a read-only container filesystem. For details please [read the docs](https://docs.linuxserver.io/misc/read-only/).
 
+## Non-Root Operation
+
+This image can be run with a non-root user. For details please [read the docs](https://docs.linuxserver.io/misc/non-root/).
+
 ## Usage
 
 To help you get started creating a container from this image you can either use docker-compose or the docker cli.
@@ -140,6 +144,7 @@ Containers are configured using parameters passed at runtime (such as those abov
 | `-v /tv` | Location of TV library on disk (See note in Application setup) |
 | `-v /downloads` | Location of download managers output directory (See note in Application setup) |
 | `--read-only=true` | Run container with a read-only filesystem. Please [read the docs](https://docs.linuxserver.io/misc/read-only/). |
+| `--user=1000:1000` | Run container with a non-root user. Please [read the docs](https://docs.linuxserver.io/misc/non-root/). |
 
 ## Environment variables from files (Docker secrets)
 
@@ -303,6 +308,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **23.12.24:** - Rebase Alpine 3.21.
 * **31.05.24:** - Rebase Alpine 3.20.
 * **12.01.24:** - Update download url.
 * **30.12.23:** - Rebase master branch to Alpine 3.19.
diff --git a/jenkins-vars.yml b/jenkins-vars.yml
index 366adadc..56c2f2ca 100644
--- a/jenkins-vars.yml
+++ b/jenkins-vars.yml
@@ -21,7 +21,7 @@ repo_vars:
   - CI_WEB='true'
   - CI_PORT='8989'
   - CI_SSL='false'
-  - CI_DELAY='120'
+  - CI_DELAY='240'
   - CI_DOCKERENV=''
   - CI_AUTH=''
   - CI_WEBPATH='/system/status'
diff --git a/readme-vars.yml b/readme-vars.yml
index fae3ff0c..5eaa7ac9 100644
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -29,6 +29,7 @@ param_usage_include_ports: true
 param_ports:
   - {external_port: "8989", internal_port: "8989", port_desc: "The port for the Sonarr web interface"}
 readonly_supported: true
+nonroot_supported: true
 # application setup block
 app_setup_block_enabled: true
 app_setup_block: |
@@ -86,6 +87,7 @@ init_diagram: |
   "sonarr:latest" <- Base Images
 # changelog
 changelogs:
+  - {date: "23.12.24:", desc: "Rebase Alpine 3.21."}
   - {date: "31.05.24:", desc: "Rebase Alpine 3.20."}
   - {date: "12.01.24:", desc: "Update download url."}
   - {date: "30.12.23:", desc: "Rebase master branch to Alpine 3.19."}
diff --git a/root/etc/s6-overlay/s6-rc.d/init-sonarr-config/run b/root/etc/s6-overlay/s6-rc.d/init-sonarr-config/run
index 1272a88d..f69ce5b3 100755
--- a/root/etc/s6-overlay/s6-rc.d/init-sonarr-config/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-sonarr-config/run
@@ -3,7 +3,8 @@
 
 mkdir -p /run/sonarr-temp
 
-# permissions
-lsiown -R abc:abc \
-    /config \
-    /run/sonarr-temp
+if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
+    lsiown -R abc:abc \
+        /config \
+        /run/sonarr-temp
+fi
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-sonarr/run b/root/etc/s6-overlay/s6-rc.d/svc-sonarr/run
index 9dd8c247..dee31f42 100755
--- a/root/etc/s6-overlay/s6-rc.d/svc-sonarr/run
+++ b/root/etc/s6-overlay/s6-rc.d/svc-sonarr/run
@@ -1,7 +1,14 @@
 #!/usr/bin/with-contenv bash
 # shellcheck shell=bash
 
-exec \
-    s6-notifyoncheck -d -n 300 -w 1000 \
-        cd /app/sonarr/bin s6-setuidgid abc /app/sonarr/bin/Sonarr \
-        -nobrowser -data=/config
+if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
+    exec \
+        s6-notifyoncheck -d -n 300 -w 1000 \
+            cd /app/sonarr/bin s6-setuidgid abc /app/sonarr/bin/Sonarr \
+            -nobrowser -data=/config
+else
+    exec \
+        s6-notifyoncheck -d -n 300 -w 1000 \
+            cd /app/sonarr/bin s6-setuidgid abc /app/sonarr/bin/Sonarr \
+            -nobrowser -data=/config
+fi

From df0fa0d56fdd920293a7cd07e00162f2235aa691 Mon Sep 17 00:00:00 2001
From: thespad <spad@linuxserver.io>
Date: Mon, 23 Dec 2024 18:05:25 +0000
Subject: [PATCH 2/2] Newline

---
 root/etc/s6-overlay/s6-rc.d/init-sonarr-config/run | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/root/etc/s6-overlay/s6-rc.d/init-sonarr-config/run b/root/etc/s6-overlay/s6-rc.d/init-sonarr-config/run
index f69ce5b3..8bb25046 100755
--- a/root/etc/s6-overlay/s6-rc.d/init-sonarr-config/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-sonarr-config/run
@@ -7,4 +7,4 @@ if [[ -z ${LSIO_NON_ROOT_USER} ]]; then
     lsiown -R abc:abc \
         /config \
         /run/sonarr-temp
-fi
\ No newline at end of file
+fi