From ec86f933d698cce6ef3819c96320fbac563294a7 Mon Sep 17 00:00:00 2001
From: owine <owine@users.noreply.github.com>
Date: Tue, 8 Aug 2023 15:30:55 -0500
Subject: [PATCH] Photoprism: Go rootless, cleanup group

---
 roles/photoprism/defaults/main.yml |  5 +++--
 roles/photoprism/tasks/main.yml    | 11 ++---------
 2 files changed, 5 insertions(+), 11 deletions(-)

diff --git a/roles/photoprism/defaults/main.yml b/roles/photoprism/defaults/main.yml
index 0b3501b2da..5e42788c97 100644
--- a/roles/photoprism/defaults/main.yml
+++ b/roles/photoprism/defaults/main.yml
@@ -102,8 +102,6 @@ photoprism_docker_envs_default:
   PHOTOPRISM_SITE_DESCRIPTION: "Trying out PhotoPrism!"
   PHOTOPRISM_SITE_AUTHOR: "{{ user.name }}"
   PHOTOPRISM_INIT: "gpu tensorflow"
-  PHOTOPRISM_UID: "{{ uid }}"
-  PHOTOPRISM_GID: "{{ gid }}"
 photoprism_docker_envs_custom: {}
 photoprism_docker_envs: "{{ photoprism_docker_envs_default
                             | combine(photoprism_docker_envs_custom) }}"
@@ -176,3 +174,6 @@ photoprism_docker_restart_policy: unless-stopped
 
 # State
 photoprism_docker_state: started
+
+# User
+photoprism_docker_user: "{{ uid }}:{{ gid }}"
diff --git a/roles/photoprism/tasks/main.yml b/roles/photoprism/tasks/main.yml
index 00a838295d..c4027afc65 100644
--- a/roles/photoprism/tasks/main.yml
+++ b/roles/photoprism/tasks/main.yml
@@ -21,20 +21,13 @@
     state: present
   ignore_errors: true
 
-- name: Permissions | Create photoprism group
+- name: Permissions | Delete photoprism group
   ansible.builtin.group:
     name: photoprism
-    state: present
+    state: absent
     gid: 1500
   ignore_errors: true
 
-- name: Permissions | Add to photoprism group
-  ansible.builtin.user:
-    name: "{{ user.name }}"
-    groups: photoprism
-    append: yes
-  ignore_errors: true
-
 - name: Add DNS record
   ansible.builtin.include_tasks: "{{ resources_tasks_path }}/dns/tasker.yml"
   vars: