Update Dockerfiles and dependencies

* Update Dockerfiles to work properly
* Use latest available version of Alpine Linux
* Update Puppeteer to 9.1.1 to match Chrome version available in latest
  Alpine Linux
* Add docker script for Node process to allow custom config
* Provide separate example config for running Node in docker

TODO: Update SETUP.md with Docker instructions

Dockerfile

@@ -1,49 +1,46 @@
-FROM alpine:3.12
+FROM alpine:3.14
 
 ARG TARGETARCH=amd64
 
-RUN echo $'\
-@edge http://dl-cdn.alpinelinux.org/alpine/edge/main\n\
-@edge http://dl-cdn.alpinelinux.org/alpine/edge/testing\n\
-@edge http://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories
-
 RUN apk add --no-cache \
       python3 py3-pip py3-setuptools py3-wheel \
-      py3-virtualenv \
       py3-pillow \
       py3-aiohttp \
       py3-magic \
       py3-ruamel.yaml \
-      py3-commonmark@edge \
-      # Other dependencies
-      ca-certificates \
-      su-exec \
+      py3-commonmark \
       # encryption
-      olm-dev \
+      py3-olm \
       py3-cffi \
-	  py3-pycryptodome \
+      py3-pycryptodome \
       py3-unpaddedbase64 \
       py3-future \
+      # Other dependencies
+      ca-certificates \
       bash \
       curl \
-      jq && \
-  curl -sLo yq https://github.com/mikefarah/yq/releases/download/3.3.2/yq_linux_${TARGETARCH} && \
-  chmod +x yq && mv yq /usr/bin/yq
-
+      jq \
+      yq
 
-COPY requirements.txt /opt/matrix-puppeteer-line/requirements.txt
-COPY optional-requirements.txt /opt/matrix-puppeteer-line/optional-requirements.txt
 WORKDIR /opt/matrix-puppeteer-line
+
+COPY requirements.txt optional-requirements.txt ./
 RUN apk add --virtual .build-deps python3-dev libffi-dev build-base \
  && pip3 install -r requirements.txt -r optional-requirements.txt \
  && apk del .build-deps
 
-COPY . /opt/matrix-puppeteer-line
-RUN apk add git && pip3 install .[e2be] && apk del git \
+COPY LICENSE setup.py ./
+COPY matrix_puppeteer_line matrix_puppeteer_line
+RUN apk add --no-cache git && pip3 install .[e2be] && apk del git \
   # This doesn't make the image smaller, but it's needed so that the `version` command works properly
   && cp matrix_puppeteer_line/example-config.yaml . && rm -rf matrix_puppeteer_line
 
 VOLUME /data
-ENV UID=1337 GID=1337
 
-CMD ["/opt/matrix-puppeteer-line/docker-run.sh"]
+# Needed to prevent "KeyError: 'getpwuid(): uid not found: 1337'" when connecting to postgres
+RUN adduser -DHu 1337 --gecos "" line
+
+COPY docker-run.sh ./
+RUN chown -R 1337:1337 .
+USER 1337
+CMD ["./docker-run.sh"]

docker-run.sh

@@ -1,11 +1,9 @@
 #!/bin/sh
 
-# Define functions.
-function fixperms {
-	chown -R $UID:$GID /data /opt/matrix-puppeteer-line
-}
-
-cd /opt/matrix-puppeteer-line
+if [ ! -w . ]; then
+	echo "Please ensure the /data volume of this container is writable for user:group $UID:$GID." >&2
+	exit
+fi
 
 if [ ! -f /data/config.yaml ]; then
 	cp example-config.yaml /data/config.yaml
@@ -13,18 +11,17 @@ if [ ! -f /data/config.yaml ]; then
 	echo "Copied default config file to /data/config.yaml"
 	echo "Modify that config file to your liking."
 	echo "Start the container again after that to generate the registration file."
-	fixperms
 	exit
 fi
 
 if [ ! -f /data/registration.yaml ]; then
-	python3 -m matrix_puppeteer_line -g -c /data/config.yaml -r /data/registration.yaml
+	if ! python3 -m matrix_puppeteer_line -g -c /data/config.yaml -r /data/registration.yaml; then
+		exit
+	fi
 	echo "Didn't find a registration file."
 	echo "Generated one for you."
-	echo "Copy that over to synapses app service directory."
-	fixperms
+	echo "Copy that over to Synapse's app service directory."
 	exit
 fi
 
-fixperms
-exec su-exec $UID:$GID python3 -m matrix_puppeteer_line -c /data/config.yaml
+python3 -m matrix_puppeteer_line -c /data/config.yaml

puppet/Dockerfile

@@ -1,17 +1,22 @@
-FROM node:14-alpine3.12
+FROM node:16-alpine3.14
 
-RUN echo $'\
-@edge http://dl-cdn.alpinelinux.org/alpine/edge/main\n\
-@edge http://dl-cdn.alpinelinux.org/alpine/edge/testing\n\
-@edge http://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories
+ARG TARGETARCH=amd64
 
-RUN apk add --no-cache chromium@edge
+RUN apk add --no-cache chromium xvfb-run xdotool
 
 WORKDIR /opt/matrix-puppeteer-line/puppet
-RUN chown node:node /opt/matrix-puppeteer-line/puppet
-USER node
+
+# Want to use same UID as Python process so the Unix socket can be shared.
+# But yarn hits snags if there is no user for the UID it's run under.
+RUN adduser -Du 1337 --gecos "" line
+
+VOLUME /data
+
+RUN chown 1337:1337 .
+USER 1337
 COPY package.json yarn.lock ./
 RUN yarn --production && rm -rf node_modules/puppeteer/.local-chromium
 
-COPY . /opt/matrix-puppeteer-line/puppet
-CMD ["yarn", "start", "--config", "/data/config.json", "--browser", "/usr/lib/chromium/chrome", "--no-sandbox"]
+COPY src src
+COPY docker-run.sh example-config-docker.json ./
+CMD ["./docker-run.sh"]

puppet/docker-run.sh

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+if [ ! -w . ]; then
+	echo "Please ensure the /data volume of this container is writable for user:group $UID:$GID." >&2
+	exit
+fi
+
+if [ ! -f /data/config.json ]; then
+	cp example-config-docker.json /data/config.json
+	echo "Didn't find a config file."
+	echo "Copied default config file to /data/config.json"
+	echo "Modify that config file to your liking, then restart the container."
+	exit
+fi
+
+# Allow setting custom browser path via "executable_path" config setting
+# TODO Decide if --no-sandbox is needed
+xvfb-run yarn start --config /data/config.json

puppet/example-config-docker.json

@@ -0,0 +1,13 @@
+{
+	"listen": {
+		"type": "unix",
+		"path": "/data/puppet.sock"
+	},
+	"executable_path": "/usr/lib/chromium/chrome",
+	"profile_dir": "./profiles",
+	"extension_dir": "/data/extension_files",
+	"cycle_delay": 5000,
+	"use_xdotool": true,
+	"jiggle_delay": 20000,
+	"devtools": false
+}

puppet/package.json

@@ -20,7 +20,7 @@
   "dependencies": {
     "arg": "^4.1.3",
     "chrono-node": "^2.1.7",
-    "puppeteer": "5.5.0"
+    "puppeteer": "9.1.1"
   },
   "devDependencies": {
     "babel-eslint": "^10.1.0",

puppet/yarn.lock

@@ -125,10 +125,12 @@ acorn@^7.3.1:
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-7.4.0.tgz#e1ad486e6c54501634c6c397c5c121daa383607c"
   integrity sha512-+G7P8jJmCHr+S+cLfQxygbWhXy+8YTVGzAkpEbcLo2mLoL7tij/VG41QSHACSf5QgYRhMZYHuNc6drJaO0Da+w==
 
-agent-base@5:
-  version "5.1.1"
-  resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-5.1.1.tgz#e8fb3f242959db44d63be665db7a8e739537a32c"
-  integrity sha512-TMeqbNl2fMW0nMjTEPOwe3J/PRFP4vqeoNuQMG0HlMrtm5QxKqdvAkZ1pRBQ/ulIyDD5Yq0nJ7YbdD8ey0TO3g==
+agent-base@6:
+  version "6.0.2"
+  resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.2.tgz#49fff58577cfee3f37176feab4c22e00f86d7f77"
+  integrity sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==
+  dependencies:
+    debug "4"
 
 ajv@^6.10.0, ajv@^6.10.2:
   version "6.12.4"
@@ -364,10 +366,10 @@ define-properties@^1.1.2, define-properties@^1.1.3:
   dependencies:
     object-keys "^1.0.12"
 
-devtools-protocol@0.0.818844:
-  version "0.0.818844"
-  resolved "https://registry.yarnpkg.com/devtools-protocol/-/devtools-protocol-0.0.818844.tgz#d1947278ec85b53e4c8ca598f607a28fa785ba9e"
-  integrity sha512-AD1hi7iVJ8OD0aMLQU5VK0XH9LDlA1+BcPIgrAxPfaibx2DbWucuyOhc4oyQCbnvDDO68nN6/LcKfqTP343Jjg==
+devtools-protocol@0.0.869402:
+  version "0.0.869402"
+  resolved "https://registry.yarnpkg.com/devtools-protocol/-/devtools-protocol-0.0.869402.tgz#03ade701761742e43ae4de5dc188bcd80f156d8d"
+  integrity sha512-VvlVYY+VDJe639yHs5PHISzdWTLL3Aw8rO4cvUtwvoxFd6FHbE4OpHHcde52M6096uYYazAmd4l0o5VuFRO2WA==
 
 doctrine@1.5.0:
   version "1.5.0"
@@ -740,12 +742,12 @@ hosted-git-info@^2.1.4:
   resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.8.tgz#7539bd4bc1e0e0a895815a2e0262420b12858488"
   integrity sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==
 
-https-proxy-agent@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-4.0.0.tgz#702b71fb5520a132a66de1f67541d9e62154d82b"
-  integrity sha512-zoDhWrkR3of1l9QAL8/scJZyLu8j/gBkcwcaQOZh7Gyh/+uJQzGVETdgT30akuwkpL8HTRfssqI3BZuV18teDg==
+https-proxy-agent@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz#e2a90542abb68a762e0a0850f6c9edadfd8506b2"
+  integrity sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA==
   dependencies:
-    agent-base "5"
+    agent-base "6"
     debug "4"
 
 ieee754@^1.1.4:
@@ -1139,7 +1141,7 @@ progress@^2.0.0, progress@^2.0.1:
   resolved "https://registry.yarnpkg.com/progress/-/progress-2.0.3.tgz#7e8cf8d8f5b8f239c1bc68beb4eb78567d572ef8"
   integrity sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==
 
-proxy-from-env@^1.0.0:
+proxy-from-env@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-1.1.0.tgz#e102f16ca355424865755d2c9e8ea4f24d58c3e2"
   integrity sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==
@@ -1157,19 +1159,19 @@ punycode@^2.1.0:
   resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec"
   integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==
 
-puppeteer@5.5.0:
-  version "5.5.0"
-  resolved "https://registry.yarnpkg.com/puppeteer/-/puppeteer-5.5.0.tgz#331a7edd212ca06b4a556156435f58cbae08af00"
-  integrity sha512-OM8ZvTXAhfgFA7wBIIGlPQzvyEETzDjeRa4mZRCRHxYL+GNH5WAuYUQdja3rpWZvkX/JKqmuVgbsxDNsDFjMEg==
+puppeteer@9.1.1:
+  version "9.1.1"
+  resolved "https://registry.yarnpkg.com/puppeteer/-/puppeteer-9.1.1.tgz#f74b7facf86887efd6c6b9fabb7baae6fdce012c"
+  integrity sha512-W+nOulP2tYd/ZG99WuZC/I5ljjQQ7EUw/jQGcIb9eu8mDlZxNY2SgcJXTLG9h5gRvqA3uJOe4hZXYsd3EqioMw==
   dependencies:
     debug "^4.1.0"
-    devtools-protocol "0.0.818844"
+    devtools-protocol "0.0.869402"
     extract-zip "^2.0.0"
-    https-proxy-agent "^4.0.0"
+    https-proxy-agent "^5.0.0"
     node-fetch "^2.6.1"
     pkg-dir "^4.2.0"
     progress "^2.0.1"
-    proxy-from-env "^1.0.0"
+    proxy-from-env "^1.1.0"
     rimraf "^3.0.2"
     tar-fs "^2.0.0"
     unbzip2-stream "^1.3.3"