Akatsuki-Misaki/ArchiSteamFarm
1
0
Fork 0
mirror of https://github.com/JustArchiNET/ArchiSteamFarm.git synced 2025-12-16 22:40:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use ASF user account inside docker

Browse Source
This commit is contained in:
Archi
2021-10-17 16:19:07 +02:00
parent f022822e94
commit 618ff781eb
9 changed files with 133 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ArchiSteamFarm/Core/OS.cs
View File

@@ -166,13 +166,6 @@ namespace ArchiSteamFarm.Core {
return false; return false;
} }
internal static bool IsRunningInDocker() =>
#if ASF_VARIANT_DOCKER
true;
#else
Environment.GetEnvironmentVariable("DOTNET_RUNNING_IN_CONTAINER") == "true";
#endif
internal static async Task<bool> RegisterProcess() { internal static async Task<bool> RegisterProcess() {
if (SingleInstance != null) { if (SingleInstance != null) {
return false; return false;

2
ArchiSteamFarm/Program.cs
View File

@@ -220,7 +220,7 @@ namespace ArchiSteamFarm {
return false; return false;
} }
if (!OS.IsRunningInDocker() && OS.IsRunningAsRoot()) { if (OS.IsRunningAsRoot()) {
ASF.ArchiLogger.LogGenericError(Strings.WarningRunningAsRoot); ASF.ArchiLogger.LogGenericError(Strings.WarningRunningAsRoot);
await Task.Delay(SharedInfo.InformationDelay).ConfigureAwait(false); await Task.Delay(SharedInfo.InformationDelay).ConfigureAwait(false);

27
ArchiSteamFarm/overlay/generic-netf/ArchiSteamFarm-Service.sh
View File

@@ -63,6 +63,15 @@ for ARG in "$@"; do
fi fi
done done
BINARY_PREFIX=""
if [ -n "${ASF_USER-}" ] && [ "$(id -u)" -eq 0 ] && id -u "$ASF_USER" >/dev/null 2>&1; then
# Fix permissions first to ensure ASF has read/write access to the directory specified by --path and its own
chown -hR "${ASF_USER}:${ASF_USER}" . "$SCRIPT_DIR"
BINARY_PREFIX="su ${ASF_USER} -c"
fi
CONFIG_PATH="$(pwd)/${CONFIG_PATH}" CONFIG_PATH="$(pwd)/${CONFIG_PATH}"
# Kill underlying ASF process on shell process exit # Kill underlying ASF process on shell process exit
@@ -78,11 +87,23 @@ mono --version
while :; do while :; do
if [ -f "$CONFIG_PATH" ] && grep -Eq '"Headless":\s+?true' "$CONFIG_PATH"; then if [ -f "$CONFIG_PATH" ] && grep -Eq '"Headless":\s+?true' "$CONFIG_PATH"; then
# We're running ASF in headless mode so we don't need STDIN # We're running ASF in headless mode so we don't need STDIN
mono ${MONO_ARGS-} "$BINARY" $BINARY_ARGS & # Start ASF in the background, trap will work properly due to non-blocking call # Start ASF in the background, trap will work properly due to non-blocking call
wait $! # This will forward mono error code, set -e will abort the script if it's non-zero if [ -n "$BINARY_PREFIX" ]; then
$BINARY_PREFIX "mono ${MONO_ARGS-} $BINARY $BINARY_ARGS" &
else
mono ${MONO_ARGS-} "$BINARY" $BINARY_ARGS &
fi
# This will forward mono error code, set -e will abort the script if it's non-zero
wait $!
else else
# We're running ASF in non-headless mode, so we need STDIN to be operative # We're running ASF in non-headless mode, so we need STDIN to be operative
mono ${MONO_ARGS-} "$BINARY" $BINARY_ARGS # Start ASF in the foreground, trap sadly won't work until process exit # Start ASF in the foreground, trap won't work until process exit
if [ -n "$BINARY_PREFIX" ]; then
$BINARY_PREFIX "mono ${MONO_ARGS-} $BINARY $BINARY_ARGS"
else
mono ${MONO_ARGS-} "$BINARY" $BINARY_ARGS
fi
fi fi
chmod +x "$SCRIPT_PATH" # If ASF exited by itself, we need to ensure that our script is still set to +x after auto-update chmod +x "$SCRIPT_PATH" # If ASF exited by itself, we need to ensure that our script is still set to +x after auto-update

27
ArchiSteamFarm/overlay/generic-netf/ArchiSteamFarm.sh
View File

@@ -63,6 +63,15 @@ for ARG in "$@"; do
fi fi
done done
BINARY_PREFIX=""
if [ -n "${ASF_USER-}" ] && [ "$(id -u)" -eq 0 ] && id -u "$ASF_USER" >/dev/null 2>&1; then
# Fix permissions first to ensure ASF has read/write access to the directory specified by --path and its own
chown -hR "${ASF_USER}:${ASF_USER}" . "$SCRIPT_DIR"
BINARY_PREFIX="su ${ASF_USER} -c"
fi
CONFIG_PATH="$(pwd)/${CONFIG_PATH}" CONFIG_PATH="$(pwd)/${CONFIG_PATH}"
# Kill underlying ASF process on shell process exit # Kill underlying ASF process on shell process exit
@@ -77,11 +86,23 @@ mono --version
if [ -f "$CONFIG_PATH" ] && grep -Eq '"Headless":\s+?true' "$CONFIG_PATH"; then if [ -f "$CONFIG_PATH" ] && grep -Eq '"Headless":\s+?true' "$CONFIG_PATH"; then
# We're running ASF in headless mode so we don't need STDIN # We're running ASF in headless mode so we don't need STDIN
mono ${MONO_ARGS-} "$BINARY" $BINARY_ARGS & # Start ASF in the background, trap will work properly due to non-blocking call # Start ASF in the background, trap will work properly due to non-blocking call
wait $! # This will forward mono error code, set -e will abort the script if it's non-zero if [ -n "$BINARY_PREFIX" ]; then
$BINARY_PREFIX "mono ${MONO_ARGS-} $BINARY $BINARY_ARGS" &
else
mono ${MONO_ARGS-} "$BINARY" $BINARY_ARGS &
fi
# This will forward mono error code, set -e will abort the script if it's non-zero
wait $!
else else
# We're running ASF in non-headless mode, so we need STDIN to be operative # We're running ASF in non-headless mode, so we need STDIN to be operative
mono ${MONO_ARGS-} "$BINARY" $BINARY_ARGS # Start ASF in the foreground, trap won't work until process exit # Start ASF in the foreground, trap won't work until process exit
if [ -n "$BINARY_PREFIX" ]; then
$BINARY_PREFIX "mono ${MONO_ARGS-} $BINARY $BINARY_ARGS"
else
mono ${MONO_ARGS-} "$BINARY" $BINARY_ARGS
fi
fi fi
chmod +x "$SCRIPT_PATH" # If ASF exited by itself, we need to ensure that our script is still set to +x after auto-update chmod +x "$SCRIPT_PATH" # If ASF exited by itself, we need to ensure that our script is still set to +x after auto-update

27
ArchiSteamFarm/overlay/generic/ArchiSteamFarm-Service.sh
View File

@@ -63,6 +63,15 @@ for ARG in "$@"; do
fi fi
done done
BINARY_PREFIX=""
if [ -n "${ASF_USER-}" ] && [ "$(id -u)" -eq 0 ] && id -u "$ASF_USER" >/dev/null 2>&1; then
# Fix permissions first to ensure ASF has read/write access to the directory specified by --path and its own
chown -hR "${ASF_USER}:${ASF_USER}" . "$SCRIPT_DIR"
BINARY_PREFIX="su ${ASF_USER} -c"
fi
CONFIG_PATH="$(pwd)/${CONFIG_PATH}" CONFIG_PATH="$(pwd)/${CONFIG_PATH}"
# Kill underlying ASF process on shell process exit # Kill underlying ASF process on shell process exit
@@ -78,11 +87,23 @@ dotnet --info
while :; do while :; do
if [ -f "$CONFIG_PATH" ] && grep -Eq '"Headless":\s+?true' "$CONFIG_PATH"; then if [ -f "$CONFIG_PATH" ] && grep -Eq '"Headless":\s+?true' "$CONFIG_PATH"; then
# We're running ASF in headless mode so we don't need STDIN # We're running ASF in headless mode so we don't need STDIN
dotnet ${DOTNET_ARGS-} "$BINARY" $BINARY_ARGS & # Start ASF in the background, trap will work properly due to non-blocking call # Start ASF in the background, trap will work properly due to non-blocking call
wait $! # This will forward dotnet error code, set -e will abort the script if it's non-zero if [ -n "$BINARY_PREFIX" ]; then
$BINARY_PREFIX "dotnet ${DOTNET_ARGS-} $BINARY $BINARY_ARGS" &
else
dotnet ${DOTNET_ARGS-} "$BINARY" $BINARY_ARGS &
fi
# This will forward dotnet error code, set -e will abort the script if it's non-zero
wait $!
else else
# We're running ASF in non-headless mode, so we need STDIN to be operative # We're running ASF in non-headless mode, so we need STDIN to be operative
dotnet ${DOTNET_ARGS-} "$BINARY" $BINARY_ARGS # Start ASF in the foreground, trap sadly won't work until process exit # Start ASF in the foreground, trap won't work until process exit
if [ -n "$BINARY_PREFIX" ]; then
$BINARY_PREFIX "dotnet ${DOTNET_ARGS-} $BINARY $BINARY_ARGS"
else
dotnet ${DOTNET_ARGS-} "$BINARY" $BINARY_ARGS
fi
fi fi
chmod +x "$SCRIPT_PATH" # If ASF exited by itself, we need to ensure that our script is still set to +x after auto-update chmod +x "$SCRIPT_PATH" # If ASF exited by itself, we need to ensure that our script is still set to +x after auto-update

27
ArchiSteamFarm/overlay/generic/ArchiSteamFarm.sh
View File

@@ -63,6 +63,15 @@ for ARG in "$@"; do
fi fi
done done
BINARY_PREFIX=""
if [ -n "${ASF_USER-}" ] && [ "$(id -u)" -eq 0 ] && id -u "$ASF_USER" >/dev/null 2>&1; then
# Fix permissions first to ensure ASF has read/write access to the directory specified by --path and its own
chown -hR "${ASF_USER}:${ASF_USER}" . "$SCRIPT_DIR"
BINARY_PREFIX="su ${ASF_USER} -c"
fi
CONFIG_PATH="$(pwd)/${CONFIG_PATH}" CONFIG_PATH="$(pwd)/${CONFIG_PATH}"
# Kill underlying ASF process on shell process exit # Kill underlying ASF process on shell process exit
@@ -77,11 +86,23 @@ dotnet --info
if [ -f "$CONFIG_PATH" ] && grep -Eq '"Headless":\s+?true' "$CONFIG_PATH"; then if [ -f "$CONFIG_PATH" ] && grep -Eq '"Headless":\s+?true' "$CONFIG_PATH"; then
# We're running ASF in headless mode so we don't need STDIN # We're running ASF in headless mode so we don't need STDIN
dotnet ${DOTNET_ARGS-} "$BINARY" $BINARY_ARGS & # Start ASF in the background, trap will work properly due to non-blocking call # Start ASF in the background, trap will work properly due to non-blocking call
wait $! # This will forward dotnet error code, set -e will abort the script if it's non-zero if [ -n "$BINARY_PREFIX" ]; then
$BINARY_PREFIX "dotnet ${DOTNET_ARGS-} $BINARY $BINARY_ARGS" &
else
dotnet ${DOTNET_ARGS-} "$BINARY" $BINARY_ARGS &
fi
# This will forward dotnet error code, set -e will abort the script if it's non-zero
wait $!
else else
# We're running ASF in non-headless mode, so we need STDIN to be operative # We're running ASF in non-headless mode, so we need STDIN to be operative
dotnet ${DOTNET_ARGS-} "$BINARY" $BINARY_ARGS # Start ASF in the foreground, trap won't work until process exit # Start ASF in the foreground, trap won't work until process exit
if [ -n "$BINARY_PREFIX" ]; then
$BINARY_PREFIX "dotnet ${DOTNET_ARGS-} $BINARY $BINARY_ARGS"
else
dotnet ${DOTNET_ARGS-} "$BINARY" $BINARY_ARGS
fi
fi fi
chmod +x "$SCRIPT_PATH" # If ASF exited by itself, we need to ensure that our script is still set to +x after auto-update chmod +x "$SCRIPT_PATH" # If ASF exited by itself, we need to ensure that our script is still set to +x after auto-update

27
ArchiSteamFarm/overlay/linux/ArchiSteamFarm-Service.sh
View File

@@ -63,6 +63,15 @@ for ARG in "$@"; do
fi fi
done done
BINARY_PREFIX=""
if [ -n "${ASF_USER-}" ] && [ "$(id -u)" -eq 0 ] && id -u "$ASF_USER" >/dev/null 2>&1; then
# Fix permissions first to ensure ASF has read/write access to the directory specified by --path and its own
chown -hR "${ASF_USER}:${ASF_USER}" . "$SCRIPT_DIR"
BINARY_PREFIX="su ${ASF_USER} -c"
fi
CONFIG_PATH="$(pwd)/${CONFIG_PATH}" CONFIG_PATH="$(pwd)/${CONFIG_PATH}"
# Kill underlying ASF process on shell process exit # Kill underlying ASF process on shell process exit
@@ -71,11 +80,23 @@ trap "trap - TERM && kill -- -$$" INT TERM
while :; do while :; do
if [ -f "$CONFIG_PATH" ] && grep -Eq '"Headless":\s+?true' "$CONFIG_PATH"; then if [ -f "$CONFIG_PATH" ] && grep -Eq '"Headless":\s+?true' "$CONFIG_PATH"; then
# We're running ASF in headless mode so we don't need STDIN # We're running ASF in headless mode so we don't need STDIN
"$BINARY" $BINARY_ARGS & # Start ASF in the background, trap will work properly due to non-blocking call # Start ASF in the background, trap will work properly due to non-blocking call
wait $! # This will forward dotnet error code, set -e will abort the script if it's non-zero if [ -n "$BINARY_PREFIX" ]; then
$BINARY_PREFIX "$BINARY $BINARY_ARGS" &
else
"$BINARY" $BINARY_ARGS &
fi
# This will forward dotnet error code, set -e will abort the script if it's non-zero
wait $!
else else
# We're running ASF in non-headless mode, so we need STDIN to be operative # We're running ASF in non-headless mode, so we need STDIN to be operative
"$BINARY" $BINARY_ARGS # Start ASF in the foreground, trap sadly won't work until process exit # Start ASF in the foreground, trap won't work until process exit
if [ -n "$BINARY_PREFIX" ]; then
$BINARY_PREFIX "$BINARY $BINARY_ARGS"
else
"$BINARY" $BINARY_ARGS
fi
fi fi
chmod +x "$SCRIPT_PATH" # If ASF exited by itself, we need to ensure that our script is still set to +x after auto-update chmod +x "$SCRIPT_PATH" # If ASF exited by itself, we need to ensure that our script is still set to +x after auto-update

6
Dockerfile
View File

@@ -46,6 +46,7 @@ RUN dotnet --info && \
if [ -d "out/${STEAM_TOKEN_DUMPER_NAME}/${NET_CORE_VERSION}" ]; then mkdir -p "out/result/plugins/${STEAM_TOKEN_DUMPER_NAME}"; cp -pR "out/${STEAM_TOKEN_DUMPER_NAME}/${NET_CORE_VERSION}/"* "out/result/plugins/${STEAM_TOKEN_DUMPER_NAME}"; fi if [ -d "out/${STEAM_TOKEN_DUMPER_NAME}/${NET_CORE_VERSION}" ]; then mkdir -p "out/result/plugins/${STEAM_TOKEN_DUMPER_NAME}"; cp -pR "out/${STEAM_TOKEN_DUMPER_NAME}/${NET_CORE_VERSION}/"* "out/result/plugins/${STEAM_TOKEN_DUMPER_NAME}"; fi
FROM --platform=$TARGETPLATFORM mcr.microsoft.com/dotnet/aspnet:5.0${IMAGESUFFIX} AS runtime FROM --platform=$TARGETPLATFORM mcr.microsoft.com/dotnet/aspnet:5.0${IMAGESUFFIX} AS runtime
ENV ASF_USER asf
ENV ASPNETCORE_URLS= ENV ASPNETCORE_URLS=
ENV DOTNET_CLI_TELEMETRY_OPTOUT 1 ENV DOTNET_CLI_TELEMETRY_OPTOUT 1
ENV DOTNET_NOLOGO 1 ENV DOTNET_NOLOGO 1
@@ -63,6 +64,11 @@ LABEL maintainer="JustArchi <JustArchi@JustArchi.net>" \
EXPOSE 1242 EXPOSE 1242
WORKDIR /app WORKDIR /app
COPY --from=build-dotnet /app/out/result . COPY --from=build-dotnet /app/out/result .
RUN groupadd -r -g 1000 asf && \
useradd -r -d /app -g 1000 -u 1000 asf && \
chown -hR asf:asf /app
VOLUME ["/app/config", "/app/logs"] VOLUME ["/app/config", "/app/logs"]
HEALTHCHECK CMD ["pidof", "-q", "dotnet"] HEALTHCHECK CMD ["pidof", "-q", "dotnet"]
ENTRYPOINT ["sh", "ArchiSteamFarm.sh", "--no-restart", "--process-required", "--system-required"] ENTRYPOINT ["sh", "ArchiSteamFarm.sh", "--no-restart", "--process-required", "--system-required"]

6
Dockerfile.Service
View File

@@ -47,6 +47,7 @@ RUN dotnet --info && \
if [ -d "out/${STEAM_TOKEN_DUMPER_NAME}/${NET_CORE_VERSION}" ]; then mkdir -p "out/result/plugins/${STEAM_TOKEN_DUMPER_NAME}"; cp -pR "out/${STEAM_TOKEN_DUMPER_NAME}/${NET_CORE_VERSION}/"* "out/result/plugins/${STEAM_TOKEN_DUMPER_NAME}"; fi if [ -d "out/${STEAM_TOKEN_DUMPER_NAME}/${NET_CORE_VERSION}" ]; then mkdir -p "out/result/plugins/${STEAM_TOKEN_DUMPER_NAME}"; cp -pR "out/${STEAM_TOKEN_DUMPER_NAME}/${NET_CORE_VERSION}/"* "out/result/plugins/${STEAM_TOKEN_DUMPER_NAME}"; fi
FROM --platform=$TARGETPLATFORM mcr.microsoft.com/dotnet/runtime-deps:5.0${IMAGESUFFIX} AS runtime FROM --platform=$TARGETPLATFORM mcr.microsoft.com/dotnet/runtime-deps:5.0${IMAGESUFFIX} AS runtime
ENV ASF_USER asf
ENV ASPNETCORE_URLS= ENV ASPNETCORE_URLS=
ENV DOTNET_CLI_TELEMETRY_OPTOUT 1 ENV DOTNET_CLI_TELEMETRY_OPTOUT 1
ENV DOTNET_NOLOGO 1 ENV DOTNET_NOLOGO 1
@@ -64,6 +65,11 @@ LABEL maintainer="JustArchi <JustArchi@JustArchi.net>" \
EXPOSE 1242 EXPOSE 1242
WORKDIR /app WORKDIR /app
COPY --from=build-dotnet /app/out/result . COPY --from=build-dotnet /app/out/result .
RUN groupadd -r -g 1000 asf && \
useradd -r -d /app -g 1000 -u 1000 asf && \
chown -hR asf:asf /app
VOLUME ["/app/config", "/app/logs"] VOLUME ["/app/config", "/app/logs"]
HEALTHCHECK CMD ["pidof", "-q", "ArchiSteamFarm"] HEALTHCHECK CMD ["pidof", "-q", "ArchiSteamFarm"]
ENTRYPOINT ["sh", "ArchiSteamFarm-Service.sh", "--no-restart", "--process-required", "--system-required"] ENTRYPOINT ["sh", "ArchiSteamFarm-Service.sh", "--no-restart", "--process-required", "--system-required"]