Compare commits

...

4 Commits

Author SHA1 Message Date
800f51958d Fix sandboxing
- Allow setting the sandbox in the config file, and document it
- Enable the sandbox in the default Docker config
- Don't assign to a const when trying to set the sandbox flag
2022-05-03 22:56:55 -04:00
8d4bb3d777 Add required gtk+3.0 dependency for Docker
See: https://gitlab.alpinelinux.org/alpine/aports/-/issues/13029
2022-05-03 22:56:06 -04:00
47a29005ff Ignore unix socket files in Docker builds 2022-05-03 22:42:56 -04:00
8d06c5a0ed Update Docker instructions 2022-04-22 19:29:10 -04:00
8 changed files with 17 additions and 10 deletions

View File

@ -8,3 +8,4 @@ registration.yaml
*.pickle *.pickle
profiles profiles
node_modules node_modules
**/*.sock

View File

@ -113,20 +113,21 @@ These instructions describe how to run the bridge with Docker containers.
## Initial setup ## Initial setup
1. `cd` to the directory where you cloned this repository 1. `cd` to the directory where you cloned this repository
1. Build the image for the bridge module with `docker build . -t matrix-puppeteer-line` 1. Ensure that the repository root and `puppet` directories are writable by UID/GID 1337. A coarse way to achieve this is with `chmod o+w . puppet`
1. Extract the downloaded .crx/.zip of the LINE Chrome extension to `puppet/extension_files`
1. `cd` to the `puppet` directory, and build the image for the Puppeteer module with `docker build . -t matrix-puppeteer-line-chrome` 1. `cd` to the `puppet` directory, and build the image for the Puppeteer module with `docker build . -t matrix-puppeteer-line-chrome`
1. Create a new directory outside of the repository directory, and `cd` into it
1. Extract the downloaded .crx/.zip of the LINE Chrome extension to this directory
1. Run a container for the Puppeteer module for the first time, so it can create a config file for you: `docker run --rm -v $(pwd):/data:z matrix-puppeteer-line-chrome` 1. Run a container for the Puppeteer module for the first time, so it can create a config file for you: `docker run --rm -v $(pwd):/data:z matrix-puppeteer-line-chrome`
1. Update the config to your liking, but leave the `"executable_path"` setting as-is (unless you need to use a version of Chrome/Chromium from the host or another container). 1. Update the config to your liking, but leave the `"executable_path"` setting as-is (unless you need to use a version of Chrome/Chromium from the host or another container)
1. Run the Puppeteer module with `docker run --restart unless-stopped -v $(pwd):/data:z matrix-puppeteer-line-chrome` 1. Run the Puppeteer module with `docker run --restart unless-stopped -v $(pwd):/data:z matrix-puppeteer-line-chrome`
1. Open a new shell, since the prior `docker run` command runs in the foreground (unless `-d` is used)
1. `cd` to the repository root, and build the image for the bridge module with `docker build . -t matrix-puppeteer-line`
1. Run a container for the bridge module for the first time, so it can create a config file for you: `docker run --rm -v $(pwd):/data:z matrix-puppeteer-line` 1. Run a container for the bridge module for the first time, so it can create a config file for you: `docker run --rm -v $(pwd):/data:z matrix-puppeteer-line`
1. Update the config to your liking. You'll at least need to change the homeserver settings, appservice address and permissions, as well as the socket connection to the Puppeteer module 1. Update the config to your liking. You'll at least need to change the homeserver settings, appservice address and permissions, as well as the socket connection to the Puppeteer module
* Note that the Puppeteer module's default config uses a unix socket at `/data/puppet.sock` * Note that the Puppeteer module container's `/data/` directory is accessible in the bridge module's container at `/data/puppet/`
* Thus, if the Puppeteer module is configured to use a unix socket at `/data/<sock_name>`, the bridge module's config must set `puppeteer.connection.path: /data/puppet/<sockname>`
1. Generate the appservice registration by running the container again, and update your homeserver configuration to accept it 1. Generate the appservice registration by running the container again, and update your homeserver configuration to accept it
1. Run the bridge module with `docker run --restart unless-stopped -v $(pwd):/data:z matrix-puppeteer-line` 1. Run the bridge module with `docker run --restart unless-stopped -v $(pwd):/data:z matrix-puppeteer-line`
* Additionally, you should either add the bridge to the same Docker network as your homeserver and database with `--network=<name>` (when they are running in Docker), or expose the correct port(s) with `-p <port>:<port>` or `--network=host` (when they are running outside Docker).
Additionally, you should either add the bridge to the same Docker network as your homeserver and datapase with `--network=<name>`, or expose the correct port(s) with `-p <port>:<port>.` (A quick-and-dirty option is to use `--network="host"`.)
## Upgrading ## Upgrading
Simply `git pull` or `git rebase` the latest changes, rerun all `docker build` commands, then run new containers for the freshly-built images. Simply `git pull` or `git rebase` the latest changes, rerun all `docker build` commands, then run new containers for the freshly-built images.

View File

@ -2,7 +2,7 @@ FROM node:16-alpine3.14
ARG TARGETARCH=amd64 ARG TARGETARCH=amd64
RUN apk add --no-cache chromium xvfb-run xdotool RUN apk add --no-cache chromium xvfb-run xdotool gtk+3.0
WORKDIR /opt/matrix-puppeteer-line/puppet WORKDIR /opt/matrix-puppeteer-line/puppet

View File

@ -6,6 +6,9 @@ If `type` is `tcp`, `port` and `host` are the host/port where to listen.
### Executable path ### Executable path
The `executable_path` specifies the path to the Chromium binary for Puppeteer to use. Leaving this setting blank will use the x86_64 Chromium installation bundled with Puppeteer. For other architectures, it is necessary to install a compatible version of Chromium (ideally via your distribution's package manager), and to set `executable_path` to the path of its binary (typically `/usr/bin/chromium`). The `executable_path` specifies the path to the Chromium binary for Puppeteer to use. Leaving this setting blank will use the x86_64 Chromium installation bundled with Puppeteer. For other architectures, it is necessary to install a compatible version of Chromium (ideally via your distribution's package manager), and to set `executable_path` to the path of its binary (typically `/usr/bin/chromium`).
### Sandbox
Whether or not to pass the `--no-sandbox` flag to Chromium. May be required when running Chromium in a container.
### Profile directory ### Profile directory
The `profile_dir` specifies which directory to put Chromium user data directories. The `profile_dir` specifies which directory to put Chromium user data directories.

View File

@ -4,6 +4,7 @@
"path": "/data/puppet.sock" "path": "/data/puppet.sock"
}, },
"executable_path": "/usr/lib/chromium/chrome", "executable_path": "/usr/lib/chromium/chrome",
"no_sandbox": true,
"profile_dir": "./profiles", "profile_dir": "./profiles",
"extension_dir": "/data/extension_files", "extension_dir": "/data/extension_files",
"cycle_delay": 5000, "cycle_delay": 5000,

View File

@ -4,6 +4,7 @@
"path": "/var/run/matrix-puppeteer-line/puppet.sock" "path": "/var/run/matrix-puppeteer-line/puppet.sock"
}, },
"executable_path": "", "executable_path": "",
"no_sandbox": false,
"profile_dir": "./profiles", "profile_dir": "./profiles",
"extension_dir": "./extension_files", "extension_dir": "./extension_files",
"cycle_delay": 5000, "cycle_delay": 5000,

View File

@ -35,7 +35,7 @@ const configPath = args["--config"] || "config.json"
console.log("[Main] Reading config from", configPath) console.log("[Main] Reading config from", configPath)
const config = JSON.parse(fs.readFileSync(configPath).toString()) const config = JSON.parse(fs.readFileSync(configPath).toString())
MessagesPuppeteer.executablePath = args["--browser"] || config.executable_path || MessagesPuppeteer.executablePath MessagesPuppeteer.executablePath = args["--browser"] || config.executable_path || MessagesPuppeteer.executablePath
MessagesPuppeteer.noSandbox = args["--no-sandbox"] || MessagesPuppeteer.noSandbox MessagesPuppeteer.noSandbox = args["--no-sandbox"] || config.no_sandbox || MessagesPuppeteer.noSandbox
MessagesPuppeteer.profileDir = config.profile_dir || MessagesPuppeteer.profileDir MessagesPuppeteer.profileDir = config.profile_dir || MessagesPuppeteer.profileDir
MessagesPuppeteer.devtools = config.devtools || false MessagesPuppeteer.devtools = config.devtools || false
MessagesPuppeteer.extensionDir = config.extension_dir || MessagesPuppeteer.extensionDir MessagesPuppeteer.extensionDir = config.extension_dir || MessagesPuppeteer.extensionDir

View File

@ -82,7 +82,7 @@ export default class MessagesPuppeteer {
`--window-size=${MessagesPuppeteer.viewport.width},${MessagesPuppeteer.viewport.height+120}`, `--window-size=${MessagesPuppeteer.viewport.width},${MessagesPuppeteer.viewport.height+120}`,
] ]
if (MessagesPuppeteer.noSandbox) { if (MessagesPuppeteer.noSandbox) {
args = args.concat(`--no-sandbox`) args.push(`--no-sandbox`)
} }
this.browser = await puppeteer.launch({ this.browser = await puppeteer.launch({