discord-ircd: Run container as root, daemon as user

This allows us to do some early setup tasks as root, which are then
required for the correct operation of the daemon.

config/service/discord-ircd/Containerfile

@@ -1,7 +1,7 @@
 FROM docker.io/debian:bullseye-slim
 
 RUN apt-get update -y && apt-get install -y --no-install-recommends \
-    ca-certificates python3 python3-aiohttp gettext git
+    ca-certificates python3 python3-aiohttp gettext git sudo
 
 RUN git clone --depth 1 https://github.com/mk-fg/reliable-discord-client-irc-daemon.git /rdircd && \
     cp /rdircd/rdircd /usr/bin && chmod 0755 /usr/bin/rdircd && \
@@ -14,7 +14,5 @@ COPY container/config /etc/rdircd
 COPY container/run-rdircd /run-rdircd
 RUN chown -R rdircd:rdircd /etc/rdircd
 
-USER rdircd
 EXPOSE 6667
-
 ENTRYPOINT ["/run-rdircd"]

config/service/discord-ircd/container/run-rdircd

@@ -1,12 +1,13 @@
 #!/bin/sh
 
 # Prepare configuration files for environment variable substitution.
-ENV_NAMES="`env | awk -F '=' '{printf "$%s ", $1}'`"
+ENV_NAMES="$(env | awk -F '=' '{printf "$%s ", $1}')"
 for file in /etc/rdircd/*.template; do
-	envsubst "${ENV_NAMES}" < "$file" > "`echo $file | awk -F '.template$' '{print $1}'`"
+	envsubst "$ENV_NAMES" < "$file" > "$(echo "$file" | awk -F '.template$' '{print $1}')"
 done
 
 # Ensure state file exists before starting service.
 touch /var/lib/rdircd/state.conf
+chmod -R rdircd:rdircd /var/lib/rdircd
 
-/usr/bin/rdircd --conf /etc/rdircd/rdircd.conf --conf /var/lib/rdircd/state.conf "$@"
+sudo --user rdircd -- /usr/bin/rdircd --conf /etc/rdircd/rdircd.conf --conf /var/lib/rdircd/state.conf "$@"