Run as non-root user and add optional no-sandbox flag
This commit is contained in:
parent
03e8090cd1
commit
5e828ae68d
|
@ -0,0 +1 @@
|
||||||
|
node_modules
|
|
@ -6,7 +6,10 @@ RUN echo $'\
|
||||||
@edge http://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories
|
@edge http://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories
|
||||||
|
|
||||||
RUN apk add --no-cache chromium@edge
|
RUN apk add --no-cache chromium@edge
|
||||||
|
|
||||||
WORKDIR /opt/mautrix-amp/puppet
|
WORKDIR /opt/mautrix-amp/puppet
|
||||||
|
RUN chown node:node /opt/mautrix-amp/puppet
|
||||||
|
USER node
|
||||||
COPY package.json yarn.lock ./
|
COPY package.json yarn.lock ./
|
||||||
RUN yarn --production && rm -rf node_modules/puppeteer/.local-chromium
|
RUN yarn --production && rm -rf node_modules/puppeteer/.local-chromium
|
||||||
|
|
||||||
|
|
|
@ -24,12 +24,14 @@ import MessagesPuppeteer from "./puppet.js"
|
||||||
const args = arg({
|
const args = arg({
|
||||||
"--config": String,
|
"--config": String,
|
||||||
"--browser": String,
|
"--browser": String,
|
||||||
|
"--no-sandbox": Boolean,
|
||||||
"-c": "--config",
|
"-c": "--config",
|
||||||
"-b": "--browser",
|
"-b": "--browser",
|
||||||
})
|
})
|
||||||
|
|
||||||
const configPath = args["--config"] || "config.json"
|
const configPath = args["--config"] || "config.json"
|
||||||
MessagesPuppeteer.executablePath = args["--browser"] || MessagesPuppeteer.executablePath
|
MessagesPuppeteer.executablePath = args["--browser"] || MessagesPuppeteer.executablePath
|
||||||
|
MessagesPuppeteer.noSandbox = args["--no-sandbox"]
|
||||||
|
|
||||||
console.log("Reading config from", configPath)
|
console.log("Reading config from", configPath)
|
||||||
const config = JSON.parse(fs.readFileSync(configPath).toString())
|
const config = JSON.parse(fs.readFileSync(configPath).toString())
|
||||||
|
|
|
@ -26,6 +26,7 @@ export default class MessagesPuppeteer {
|
||||||
static profileDir = "./profiles"
|
static profileDir = "./profiles"
|
||||||
static executablePath = undefined
|
static executablePath = undefined
|
||||||
static disableDebug = false
|
static disableDebug = false
|
||||||
|
static noSandbox = false
|
||||||
static viewport = { width: 1920, height: 1080 }
|
static viewport = { width: 1920, height: 1080 }
|
||||||
static url = "https://messages.google.com/web/"
|
static url = "https://messages.google.com/web/"
|
||||||
|
|
||||||
|
@ -64,6 +65,7 @@ export default class MessagesPuppeteer {
|
||||||
this.browser = await puppeteer.launch({
|
this.browser = await puppeteer.launch({
|
||||||
executablePath: MessagesPuppeteer.executablePath,
|
executablePath: MessagesPuppeteer.executablePath,
|
||||||
userDataDir: this.profilePath,
|
userDataDir: this.profilePath,
|
||||||
|
args: MessagesPuppeteer.noSandbox ? ["--no-sandbox"] : undefined,
|
||||||
headless: MessagesPuppeteer.disableDebug || !debug,
|
headless: MessagesPuppeteer.disableDebug || !debug,
|
||||||
defaultViewport: MessagesPuppeteer.viewport,
|
defaultViewport: MessagesPuppeteer.viewport,
|
||||||
})
|
})
|
||||||
|
@ -133,8 +135,12 @@ export default class MessagesPuppeteer {
|
||||||
*/
|
*/
|
||||||
async stop() {
|
async stop() {
|
||||||
this.taskQueue.stop()
|
this.taskQueue.stop()
|
||||||
await this.page.close()
|
if (this.page) {
|
||||||
await this.browser.close()
|
await this.page.close()
|
||||||
|
}
|
||||||
|
if (this.browser) {
|
||||||
|
await this.browser.close()
|
||||||
|
}
|
||||||
this.log("Everything stopped")
|
this.log("Everything stopped")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue