From be1ec0217cc7eed99c1634f44524410b24f4c8aa Mon Sep 17 00:00:00 2001 From: Andrew Ferrazzutti Date: Mon, 12 Jul 2021 02:27:33 -0400 Subject: [PATCH] Update Dockerfiles and dependencies * Update Dockerfiles to work properly * Use latest available version of Alpine Linux * Update Puppeteer to 9.1.1 to match Chrome version available in latest Alpine Linux * Add docker script for Node process to allow custom config * Provide separate example config for running Node in docker TODO: Update SETUP.md with Docker instructions --- Dockerfile | 43 ++++++++++++++---------------- docker-run.sh | 21 +++++++-------- puppet/Dockerfile | 25 +++++++++++------- puppet/docker-run.sh | 18 +++++++++++++ puppet/example-config-docker.json | 13 +++++++++ puppet/package.json | 2 +- puppet/yarn.lock | 44 ++++++++++++++++--------------- 7 files changed, 99 insertions(+), 67 deletions(-) create mode 100755 puppet/docker-run.sh create mode 100644 puppet/example-config-docker.json diff --git a/Dockerfile b/Dockerfile index 041d295..2d762bf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,49 +1,46 @@ -FROM alpine:3.12 +FROM alpine:3.14 ARG TARGETARCH=amd64 -RUN echo $'\ -@edge http://dl-cdn.alpinelinux.org/alpine/edge/main\n\ -@edge http://dl-cdn.alpinelinux.org/alpine/edge/testing\n\ -@edge http://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories - RUN apk add --no-cache \ python3 py3-pip py3-setuptools py3-wheel \ - py3-virtualenv \ py3-pillow \ py3-aiohttp \ py3-magic \ py3-ruamel.yaml \ - py3-commonmark@edge \ - # Other dependencies - ca-certificates \ - su-exec \ + py3-commonmark \ # encryption - olm-dev \ + py3-olm \ py3-cffi \ - py3-pycryptodome \ + py3-pycryptodome \ py3-unpaddedbase64 \ py3-future \ + # Other dependencies + ca-certificates \ bash \ curl \ - jq && \ - curl -sLo yq https://github.com/mikefarah/yq/releases/download/3.3.2/yq_linux_${TARGETARCH} && \ - chmod +x yq && mv yq /usr/bin/yq + jq \ + yq - -COPY requirements.txt /opt/matrix-puppeteer-line/requirements.txt -COPY optional-requirements.txt /opt/matrix-puppeteer-line/optional-requirements.txt WORKDIR /opt/matrix-puppeteer-line + +COPY requirements.txt optional-requirements.txt ./ RUN apk add --virtual .build-deps python3-dev libffi-dev build-base \ && pip3 install -r requirements.txt -r optional-requirements.txt \ && apk del .build-deps -COPY . /opt/matrix-puppeteer-line -RUN apk add git && pip3 install .[e2be] && apk del git \ +COPY LICENSE setup.py ./ +COPY matrix_puppeteer_line matrix_puppeteer_line +RUN apk add --no-cache git && pip3 install .[e2be] && apk del git \ # This doesn't make the image smaller, but it's needed so that the `version` command works properly && cp matrix_puppeteer_line/example-config.yaml . && rm -rf matrix_puppeteer_line VOLUME /data -ENV UID=1337 GID=1337 -CMD ["/opt/matrix-puppeteer-line/docker-run.sh"] +# Needed to prevent "KeyError: 'getpwuid(): uid not found: 1337'" when connecting to postgres +RUN adduser -DHu 1337 --gecos "" line + +COPY docker-run.sh ./ +RUN chown -R 1337:1337 . +USER 1337 +CMD ["./docker-run.sh"] \ No newline at end of file diff --git a/docker-run.sh b/docker-run.sh index 3984327..5878c01 100755 --- a/docker-run.sh +++ b/docker-run.sh @@ -1,11 +1,9 @@ #!/bin/sh -# Define functions. -function fixperms { - chown -R $UID:$GID /data /opt/matrix-puppeteer-line -} - -cd /opt/matrix-puppeteer-line +if [ ! -w . ]; then + echo "Please ensure the /data volume of this container is writable for user:group $UID:$GID." >&2 + exit +fi if [ ! -f /data/config.yaml ]; then cp example-config.yaml /data/config.yaml @@ -13,18 +11,17 @@ if [ ! -f /data/config.yaml ]; then echo "Copied default config file to /data/config.yaml" echo "Modify that config file to your liking." echo "Start the container again after that to generate the registration file." - fixperms exit fi if [ ! -f /data/registration.yaml ]; then - python3 -m matrix_puppeteer_line -g -c /data/config.yaml -r /data/registration.yaml + if ! python3 -m matrix_puppeteer_line -g -c /data/config.yaml -r /data/registration.yaml; then + exit + fi echo "Didn't find a registration file." echo "Generated one for you." - echo "Copy that over to synapses app service directory." - fixperms + echo "Copy that over to Synapse's app service directory." exit fi -fixperms -exec su-exec $UID:$GID python3 -m matrix_puppeteer_line -c /data/config.yaml +python3 -m matrix_puppeteer_line -c /data/config.yaml \ No newline at end of file diff --git a/puppet/Dockerfile b/puppet/Dockerfile index 079db9e..bc620a2 100644 --- a/puppet/Dockerfile +++ b/puppet/Dockerfile @@ -1,17 +1,22 @@ -FROM node:14-alpine3.12 +FROM node:16-alpine3.14 -RUN echo $'\ -@edge http://dl-cdn.alpinelinux.org/alpine/edge/main\n\ -@edge http://dl-cdn.alpinelinux.org/alpine/edge/testing\n\ -@edge http://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories +ARG TARGETARCH=amd64 -RUN apk add --no-cache chromium@edge +RUN apk add --no-cache chromium xvfb-run xdotool WORKDIR /opt/matrix-puppeteer-line/puppet -RUN chown node:node /opt/matrix-puppeteer-line/puppet -USER node + +# Want to use same UID as Python process so the Unix socket can be shared. +# But yarn hits snags if there is no user for the UID it's run under. +RUN adduser -Du 1337 --gecos "" line + +VOLUME /data + +RUN chown 1337:1337 . +USER 1337 COPY package.json yarn.lock ./ RUN yarn --production && rm -rf node_modules/puppeteer/.local-chromium -COPY . /opt/matrix-puppeteer-line/puppet -CMD ["yarn", "start", "--config", "/data/config.json", "--browser", "/usr/lib/chromium/chrome", "--no-sandbox"] +COPY src src +COPY docker-run.sh example-config-docker.json ./ +CMD ["./docker-run.sh"] \ No newline at end of file diff --git a/puppet/docker-run.sh b/puppet/docker-run.sh new file mode 100755 index 0000000..63aabba --- /dev/null +++ b/puppet/docker-run.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +if [ ! -w . ]; then + echo "Please ensure the /data volume of this container is writable for user:group $UID:$GID." >&2 + exit +fi + +if [ ! -f /data/config.json ]; then + cp example-config-docker.json /data/config.json + echo "Didn't find a config file." + echo "Copied default config file to /data/config.json" + echo "Modify that config file to your liking, then restart the container." + exit +fi + +# Allow setting custom browser path via "executable_path" config setting +# TODO Decide if --no-sandbox is needed +xvfb-run yarn start --config /data/config.json \ No newline at end of file diff --git a/puppet/example-config-docker.json b/puppet/example-config-docker.json new file mode 100644 index 0000000..ecd18bb --- /dev/null +++ b/puppet/example-config-docker.json @@ -0,0 +1,13 @@ +{ + "listen": { + "type": "unix", + "path": "/data/puppet.sock" + }, + "executable_path": "/usr/lib/chromium/chrome", + "profile_dir": "./profiles", + "extension_dir": "/data/extension_files", + "cycle_delay": 5000, + "use_xdotool": true, + "jiggle_delay": 20000, + "devtools": false +} diff --git a/puppet/package.json b/puppet/package.json index 0e6270d..06874c1 100644 --- a/puppet/package.json +++ b/puppet/package.json @@ -20,7 +20,7 @@ "dependencies": { "arg": "^4.1.3", "chrono-node": "^2.1.7", - "puppeteer": "5.5.0" + "puppeteer": "9.1.1" }, "devDependencies": { "babel-eslint": "^10.1.0", diff --git a/puppet/yarn.lock b/puppet/yarn.lock index 6c7af9c..79a23af 100644 --- a/puppet/yarn.lock +++ b/puppet/yarn.lock @@ -125,10 +125,12 @@ acorn@^7.3.1: resolved "https://registry.yarnpkg.com/acorn/-/acorn-7.4.0.tgz#e1ad486e6c54501634c6c397c5c121daa383607c" integrity sha512-+G7P8jJmCHr+S+cLfQxygbWhXy+8YTVGzAkpEbcLo2mLoL7tij/VG41QSHACSf5QgYRhMZYHuNc6drJaO0Da+w== -agent-base@5: - version "5.1.1" - resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-5.1.1.tgz#e8fb3f242959db44d63be665db7a8e739537a32c" - integrity sha512-TMeqbNl2fMW0nMjTEPOwe3J/PRFP4vqeoNuQMG0HlMrtm5QxKqdvAkZ1pRBQ/ulIyDD5Yq0nJ7YbdD8ey0TO3g== +agent-base@6: + version "6.0.2" + resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.2.tgz#49fff58577cfee3f37176feab4c22e00f86d7f77" + integrity sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ== + dependencies: + debug "4" ajv@^6.10.0, ajv@^6.10.2: version "6.12.4" @@ -364,10 +366,10 @@ define-properties@^1.1.2, define-properties@^1.1.3: dependencies: object-keys "^1.0.12" -devtools-protocol@0.0.818844: - version "0.0.818844" - resolved "https://registry.yarnpkg.com/devtools-protocol/-/devtools-protocol-0.0.818844.tgz#d1947278ec85b53e4c8ca598f607a28fa785ba9e" - integrity sha512-AD1hi7iVJ8OD0aMLQU5VK0XH9LDlA1+BcPIgrAxPfaibx2DbWucuyOhc4oyQCbnvDDO68nN6/LcKfqTP343Jjg== +devtools-protocol@0.0.869402: + version "0.0.869402" + resolved "https://registry.yarnpkg.com/devtools-protocol/-/devtools-protocol-0.0.869402.tgz#03ade701761742e43ae4de5dc188bcd80f156d8d" + integrity sha512-VvlVYY+VDJe639yHs5PHISzdWTLL3Aw8rO4cvUtwvoxFd6FHbE4OpHHcde52M6096uYYazAmd4l0o5VuFRO2WA== doctrine@1.5.0: version "1.5.0" @@ -740,12 +742,12 @@ hosted-git-info@^2.1.4: resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.8.tgz#7539bd4bc1e0e0a895815a2e0262420b12858488" integrity sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg== -https-proxy-agent@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-4.0.0.tgz#702b71fb5520a132a66de1f67541d9e62154d82b" - integrity sha512-zoDhWrkR3of1l9QAL8/scJZyLu8j/gBkcwcaQOZh7Gyh/+uJQzGVETdgT30akuwkpL8HTRfssqI3BZuV18teDg== +https-proxy-agent@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz#e2a90542abb68a762e0a0850f6c9edadfd8506b2" + integrity sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA== dependencies: - agent-base "5" + agent-base "6" debug "4" ieee754@^1.1.4: @@ -1139,7 +1141,7 @@ progress@^2.0.0, progress@^2.0.1: resolved "https://registry.yarnpkg.com/progress/-/progress-2.0.3.tgz#7e8cf8d8f5b8f239c1bc68beb4eb78567d572ef8" integrity sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA== -proxy-from-env@^1.0.0: +proxy-from-env@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-1.1.0.tgz#e102f16ca355424865755d2c9e8ea4f24d58c3e2" integrity sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg== @@ -1157,19 +1159,19 @@ punycode@^2.1.0: resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec" integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A== -puppeteer@5.5.0: - version "5.5.0" - resolved "https://registry.yarnpkg.com/puppeteer/-/puppeteer-5.5.0.tgz#331a7edd212ca06b4a556156435f58cbae08af00" - integrity sha512-OM8ZvTXAhfgFA7wBIIGlPQzvyEETzDjeRa4mZRCRHxYL+GNH5WAuYUQdja3rpWZvkX/JKqmuVgbsxDNsDFjMEg== +puppeteer@9.1.1: + version "9.1.1" + resolved "https://registry.yarnpkg.com/puppeteer/-/puppeteer-9.1.1.tgz#f74b7facf86887efd6c6b9fabb7baae6fdce012c" + integrity sha512-W+nOulP2tYd/ZG99WuZC/I5ljjQQ7EUw/jQGcIb9eu8mDlZxNY2SgcJXTLG9h5gRvqA3uJOe4hZXYsd3EqioMw== dependencies: debug "^4.1.0" - devtools-protocol "0.0.818844" + devtools-protocol "0.0.869402" extract-zip "^2.0.0" - https-proxy-agent "^4.0.0" + https-proxy-agent "^5.0.0" node-fetch "^2.6.1" pkg-dir "^4.2.0" progress "^2.0.1" - proxy-from-env "^1.0.0" + proxy-from-env "^1.1.0" rimraf "^3.0.2" tar-fs "^2.0.0" unbzip2-stream "^1.3.3"