From 6d9c5ed530f78e5a56d30c9e129c663ecb9f61f1 Mon Sep 17 00:00:00 2001 From: Aaron Riedel Date: Fri, 10 Nov 2023 21:17:02 +0100 Subject: [PATCH] make rootless --- Dockerfile | 27 ++++++++++++++++++++------- authconfig.ini | 6 ++++++ masterconfig.ini | 4 ++-- 3 files changed, 28 insertions(+), 9 deletions(-) create mode 100644 authconfig.ini diff --git a/Dockerfile b/Dockerfile index 53470e8..8b37042 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,14 +1,24 @@ FROM debian:12-slim -WORKDIR /app - RUN apt-get update -qq && apt-get install -qq libmariadb3 --no-install-recommends && rm -rf /var/lib/apt/lists/* -COPY ./DarkflameServer/build /app -COPY ./start.sh /app/ -COPY ./masterconfig.ini /app/ +ARG PUID=1000 +ENV GROUP dockergroup +ENV USER docker +ENV HOMEDIR "/home/${USER}" +ENV PATH ${HOMEDIR}/.local/bin:$PATH +RUN useradd -u "${PUID}" -m "${USER}" -RUN chmod +x /app/start.sh +WORKDIR ${HOMEDIR} + +COPY ./DarkflameServer/build ${HOMEDIR}/app +COPY ./start.sh ${HOMEDIR}/app/ +COPY ./masterconfig.ini ${HOMEDIR}/app/ +COPY ./authconfig.ini ${HOMEDIR}/app/ + +RUN chown -R 1000:1000 ${HOMEDIR} + +RUN chmod +x ${HOMEDIR}/app/start.sh ENV MYSQL_HOST darkflame_db ENV MYSQL_DATABASE darkflame @@ -17,4 +27,7 @@ ENV MAX_CLIENTS 999 ENV TEAM_LOOT 1 ENV CLIENT_VERSION 171022 -ENTRYPOINT [ "/app/start.sh" ] +USER ${USER} +WORKDIR ${HOMEDIR} + +ENTRYPOINT [ "${HOMEDIR}/app/start.sh" ] diff --git a/authconfig.ini b/authconfig.ini new file mode 100644 index 0000000..8cc6198 --- /dev/null +++ b/authconfig.ini @@ -0,0 +1,6 @@ +# Port number. The client has the authserver port hardcoded to 1001 +port=11001 + +# 0 or 1, should ignore playkeys +# If 1 everyone with an account will be able to login, regardless of if they have a key or not +dont_use_keys=0 \ No newline at end of file diff --git a/masterconfig.ini b/masterconfig.ini index f70a92f..ce4e145 100644 --- a/masterconfig.ini +++ b/masterconfig.ini @@ -2,10 +2,10 @@ master_ip=localhost # Port number -port=2000 +port=12000 # The port number to start world servers on. Will be incremented for each world -world_port_start=3000 +world_port_start=13000 # Use sudo when launching the auth server. # Required by default if on Linux as auth runs on port 1001