fix(boot): Don't change group ownership of docker socket

This is a better fix for issue #804. Instead of changing the gid of the
docker socket to that of the deis group in the container, which affects
access to the docker socket by existing users on the host, we now either
add the deis user to an existing group in the container with the same
gid or create a new "docker" group with the same gid as the socket if no
existing group has that gid.

Author: felixbuenemann

rootfs/bin/boot

@@ -16,12 +16,16 @@ python --version
 mkdir -p /app/data/logs
 chmod -R 777 /app/data/logs
 
-# HACK(bacongobbler): explicitly add the docker socket to the deis group
-chgrp deis /var/run/docker.sock
-
-# allow deis user group permission to Docker socket
-groupadd -g "$(stat -c "%g" /var/run/docker.sock)" docker || true
-usermod -a -G docker deis || true
+# modify deis user groups to grant access to Docker socket
+DOCKER_SOCKET_GID=$(stat -c "%g" /var/run/docker.sock)
+DOCKER_SOCKET_GROUP=$(getent group "$DOCKER_SOCKET_GID" | cut -d : -f 1 || :)
+if [[ -z "$DOCKER_SOCKET_GROUP" ]]; then
+  DOCKER_SOCKET_GROUP=docker
+  groupadd -g "$DOCKER_SOCKET_GID" "$DOCKER_SOCKET_GROUP"
+fi
+if [[ "$DOCKER_SOCKET_GROUP" != "deis" ]]; then
+  usermod -a -G "$DOCKER_SOCKET_GROUP" deis
+fi
 
 echo ""
 echo "Django checks:"