To provide a way to add more security regarding file/folder permissions
this PR adds a way to allow setting a custom `UMASK` variable.
This allows people to set a more secure default like only allowing the
owner the the process/container to read/write files and folders.
Examples:
- `UMASK=022` File: 644 | Folder: 755 (Default of the containers)
This means Owner read/write and group/world read-only
- `UMASK=027` File: 640 | Folder: 750
This means Owner read/write, group read-only, world no access
- `UMASK=077` File: 600 | Folder: 700
This measn Owner read/write and group/world no access
resolves#4571
Signed-off-by: BlackDex <black.dex@gmail.com>
This is useful for making local customizations upon container start. To use
this feature, mount a script into the container as `/etc/bitwarden_rs.sh`
and/or a directory of scripts as `/etc/bitwarden_rs.d`. In the latter case,
only files with an `.sh` extension are sourced, so files with other
extensions (e.g., data/config files) can reside in the same dir.
Note that the init scripts are run each time the container starts (not just
the first time), so these scripts should be idempotent.