Docker with non-root using supercronic

Replaces cronie with supercronic to allow non-root users to have
cronjobs. Creates user/group acme:acme UID:1000/GID:1000 with
home directory pointing to LE_CONFIG_HOME (default: /acme.sh)
'crontab' is generated in LE_CONFIG_HOME which is used by
supercronic.

Note that `acme.sh --installcronjob` and `--uninstallcronjob`
when run as a non-root user will fail but neither of should be
used in `daemon` mode anyway.

Signed-off-by: invario <67800603+invario@users.noreply.github.com>

Dockerfile

@@ -14,7 +14,7 @@ RUN apk --no-cache add -f \
   libidn \
   jq \
   yq-go \
-  cronie
+  supercronic
 
 ENV LE_WORKING_DIR=/acmebin
 
@@ -30,10 +30,12 @@ COPY ./deploy /install_acme.sh/deploy
 COPY ./dnsapi /install_acme.sh/dnsapi
 COPY ./notify /install_acme.sh/notify
 
+RUN addgroup -g 1000 acme && adduser -h $LE_CONFIG_HOME -s /bin/sh -G acme -D -H -u 1000 acme
+
 RUN cd /install_acme.sh && ([ -f /install_acme.sh/acme.sh ] && /install_acme.sh/acme.sh --install || curl https://get.acme.sh | sh) && rm -rf /install_acme.sh/
 
-
-RUN ln -s $LE_WORKING_DIR/acme.sh /usr/local/bin/acme.sh && crontab -l | grep acme.sh | sed 's#> /dev/null#> /proc/1/fd/1 2>/proc/1/fd/2#' | crontab -
+RUN ln -s $LE_WORKING_DIR/acme.sh /usr/local/bin/acme.sh \
+  && crontab -l | grep acme.sh | sed 's#> /dev/null##' > $LE_CONFIG_HOME/crontab
 
 RUN for verb in help \
   version \
@@ -72,12 +74,15 @@ RUN for verb in help \
 
 RUN printf "%b" '#!'"/usr/bin/env sh\n \
 if [ \"\$1\" = \"daemon\" ];  then \n \
- exec crond -n -s -m off \n \
+  echo \"Running Supercronic using crontab at \$LE_CONFIG_HOME/crontab\" \n \
+  exec -- /usr/bin/supercronic \"\$LE_CONFIG_HOME/crontab\" \n \
 else \n \
  exec -- \"\$@\"\n \
 fi\n" >/entry.sh && chmod +x /entry.sh && chmod -R o+rwx $LE_WORKING_DIR && chmod -R o+rwx $LE_CONFIG_HOME
 
 VOLUME /acme.sh
 
+USER 1000:1000
+
 ENTRYPOINT ["/entry.sh"]
 CMD ["--help"]