From 15fe001a5cbbc537014c3a801963edb20b66be56 Mon Sep 17 00:00:00 2001 From: Felddy Date: Sun, 3 Apr 2022 14:23:12 -0400 Subject: [PATCH 01/11] Remove restart policy from Docker compose examples --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index d014c3874..7240bb30d 100644 --- a/README.md +++ b/README.md @@ -88,7 +88,6 @@ configuration files, set `CONTAINER_PRESERVE_CONFIG` to `true`. image: felddy/foundryvtt:release hostname: my_foundry_host init: true - restart: "unless-stopped" volumes: - type: bind source: @@ -150,7 +149,6 @@ uses `secrets.json`. Regardless of the name you choose it must be targeted to image: felddy/foundryvtt:release hostname: my_foundry_host init: true - restart: "unless-stopped" volumes: - type: bind source: From 3e7f577d09abeacd19eedb979b3fd05b8a585f27 Mon Sep 17 00:00:00 2001 From: Felddy Date: Sun, 3 Apr 2022 18:11:09 -0400 Subject: [PATCH 02/11] Make CONTAINER_CACHE set by default Caching is now enabled by default. It can be disabled by setting the environment variable CONTAINER_CACHE to and empty string. This partially addresses issue #306 --- src/entrypoint.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/entrypoint.sh b/src/entrypoint.sh index 3daaa1de6..e280222d7 100755 --- a/src/entrypoint.sh +++ b/src/entrypoint.sh @@ -107,9 +107,15 @@ if [ $install_required = true ]; then fi fi + # If CONTAINER_CACHE is null, set it to a default. + # If it set to an empty string, disable the caching. + CONTAINER_CACHE="${CONTAINER_CACHE-/data/container_cache}" + if [[ "${CONTAINER_CACHE:-}" ]]; then log "Using CONTAINER_CACHE: ${CONTAINER_CACHE}" mkdir -p "${CONTAINER_CACHE}" + else + log_warn "CONTAINER_CACHE has been unset. Release caching is disabled." fi set +o nounset From cae7222b3604ea388ff259e44e13ddc80bd6b0e7 Mon Sep 17 00:00:00 2001 From: Felddy Date: Sun, 3 Apr 2022 18:14:27 -0400 Subject: [PATCH 03/11] Make curl verbose when CONTAINER_VERBOSE set --- src/entrypoint.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/entrypoint.sh b/src/entrypoint.sh index e280222d7..8a391d56b 100755 --- a/src/entrypoint.sh +++ b/src/entrypoint.sh @@ -127,8 +127,8 @@ if [ $install_required = true ]; then log "Downloading Foundry Virtual Tabletop release." # Download release if newer than cached version. # Filter out warnings about bad date formats if the file is missing. - curl --fail --location --time-cond "${release_filename}" \ - --output "${downloading_filename}" "${s3_url}" 2>&1 \ + curl ${CONTAINER_VERBOSE+--verbose} --fail --location --time-cond \ + "${release_filename}" --output "${downloading_filename}" "${s3_url}" 2>&1 \ | tr "\r" "\n" \ | sed --unbuffered '/^Warning: .* date/d' @@ -162,7 +162,7 @@ if [ $install_required = true ]; then for url in ${CONTAINER_PATCH_URLS}; do log "Downloading patch from URL: $url" patch_file=$(mktemp -t patch_url.sh.XXXXXX) - curl --silent --output "${patch_file}" "${url}" + curl ${CONTAINER_VERBOSE+--verbose} --silent --output "${patch_file}" "${url}" log_debug "Sourcing patch file: ${patch_file}" # shellcheck disable=SC1090 source "${patch_file}" From 16e38d4f5ce4b0cac891d661e11428fcc9bee81f Mon Sep 17 00:00:00 2001 From: Felddy Date: Sun, 3 Apr 2022 18:16:33 -0400 Subject: [PATCH 04/11] Document CONTAINER_CACHE behavior change --- README.md | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 7240bb30d..9afa450e6 100644 --- a/README.md +++ b/README.md @@ -260,20 +260,12 @@ secrets](#using-secrets) instead of environment variables. |------------------|----------| | `FOUNDRY_RELEASE_URL` | S3 pre-signed URL generate from the user's profile. Required for downloading an application distribution. | -#### Pre-cached distribution variable #### - -A distribution can be downloaded and placed into a cache directory. The -distribution's name must be of the form: `foundryvtt-9.255.zip` - -| Name | Purpose | -|------------------|----------| -| `CONTAINER_CACHE` | Set a path to cache downloads of the Foundry distribution archive and speed up subsequent container startups. The path should be in `/data` or another persistent mount point in the container. e.g.; `/data/container_cache`| | - ### Optional ### | Name | Purpose | Default | |-------|---------|---------| -| `CONTAINER_PATCHES` | Set a path to a directory of shell scripts to be sourced after Foundry is installed but before it is started. The path should be in `/data` or another persistent mount point in the container. e.g.; `/data/container_patches` Patch files are sourced in lexicographic order. `CONTAINER_PATCHES` are processed after `CONTAINER_PATCH_URLS`.| | +`CONTAINER_CACHE` | Set a path to cache downloads of the Foundry distribution archive and speed up subsequent container startups. The path should be in `/data` or another persistent mount point in the container. Set to `""` to disable. A distribution can be pre-downloaded and placed into a cache directory. The distribution's name must be of the form: `foundryvtt-9.255.zip`| `/data/container_cache` | +| `CONTAINER_PATCHES` | Set a path to a directory of shell scripts to be sourced after Foundry is installed but before it is started. The path should be in `/data` or another persistent mount point in the container. e.g.; `/data/container_patches` Patch files are sourced in lexicographic order. `CONTAINER_PATCHES` are processed after `CONTAINER_PATCH_URLS`.| | | `CONTAINER_PATCH_URLS` | Set to a space-delimited list of URLs to be sourced after Foundry is installed but before it is started. Patch URLs are sourced in the order specified. `CONTAINER_PATCH_URLS` are processed before `CONTAINER_PATCHES`. ⚠️ **Only use patch URLs from trusted sources!** | | | `CONTAINER_PRESERVE_CONFIG` | Normally new `options.json` and `admin.txt` files are generated by the container at each startup. Setting this to `true` prevents the container from modifying these files when they exist. If they do not exist, they will be created as normal. | `false` | | `CONTAINER_PRESERVE_OWNER` | Normally the ownership of the `/data` directory and its contents are changed to match that of the server at startup. Setting this to a regular expression will exclude any matching paths and preserve their ownership. _Note: This is a match on the whole path, not a search._ This is useful if you want mount a volume as read-only inside `/data` (e.g.; a volume that contains assets mounted at `/data/Data/assets`). | | From beb835710552d6c220ee8cab7ccf63cace09ab3e Mon Sep 17 00:00:00 2001 From: Felddy Date: Sun, 3 Apr 2022 21:54:21 -0400 Subject: [PATCH 05/11] Add --user-agent option to node utilities --- src/authenticate.ts | 13 ++++++++----- src/get_license.ts | 14 +++++++++----- src/get_release_url.ts | 14 +++++++++----- 3 files changed, 26 insertions(+), 15 deletions(-) diff --git a/src/authenticate.ts b/src/authenticate.ts index 669bc2649..c35eb4e1b 100755 --- a/src/authenticate.ts +++ b/src/authenticate.ts @@ -9,7 +9,7 @@ EXIT STATUS >0 An error occurred. Usage: - authenticate.js [--log-level=LEVEL] + authenticate.js [options] authenticate.js (-h | --help) Options: @@ -17,6 +17,8 @@ Options: --log-level=LEVEL If specified, then the log level will be set to the specified value. Valid values are "debug", "info", "warn", and "error". [default: info] + --user-agent=USERAGENT If specified, then the user-agent header will be set to + the specified value. [default: node-fetch] `; // Imports @@ -27,7 +29,7 @@ import createLogger from "./logging.js"; import winston from "winston"; import docopt from "docopt"; import fetchCookie from "fetch-cookie"; -import nodeFetch from "node-fetch"; +import nodeFetch, { Headers } from "node-fetch"; import process from "process"; // Setup globals, to be configured in main() @@ -41,12 +43,12 @@ const LOCAL_DOMAIN = "felddy.com"; const LOGIN_URL = BASE_URL + "/auth/login/"; const USERNAME_RE = /\/community\/(?.+)/; -const HEADERS = { +const HEADERS: Headers = new Headers({ DNT: "1", Referer: BASE_URL, "Upgrade-Insecure-Requests": "1", - "User-Agent": "Mozilla/5.0", -}; + "User-Agent": "node-fetch", +}); /** * fetchTokens - Fetch the CSRF form and cookie tokens. @@ -154,6 +156,7 @@ async function main(): Promise { // Extract values from CLI options. const cookiejar_filename = options[""]; const log_level = options["--log-level"].toLowerCase(); + HEADERS.set("User-Agent", options["--user-agent"]); const password = options[""]; const username = options[""].toLowerCase(); diff --git a/src/get_license.ts b/src/get_license.ts index 5cde99503..04010446b 100755 --- a/src/get_license.ts +++ b/src/get_license.ts @@ -12,7 +12,7 @@ EXIT STATUS >0 An error occurred. Usage: - get_license.js [--log-level=LEVEL] [--select=MODE] + get_license.js [options] get_license.js (-h | --help) Options: @@ -24,6 +24,9 @@ Options: account return the one specified by index. In unspecified, a random license will be returned. Index starts at 1. + --user-agent=USERAGENT If specified, then the user-agent header will be set to + the specified value. [default: node-fetch] + `; // Imports @@ -33,7 +36,7 @@ import cheerio from "cheerio"; import createLogger from "./logging.js"; import docopt from "docopt"; import fetchCookie from "fetch-cookie"; -import nodeFetch, { HeadersInit } from "node-fetch"; +import nodeFetch, { Headers } from "node-fetch"; import process from "process"; import winston from "winston"; @@ -46,12 +49,12 @@ var logger: winston.Logger; const BASE_URL: string = "https://foundryvtt.com"; const LOCAL_DOMAIN: string = "felddy.com"; -const HEADERS: HeadersInit = { +const HEADERS: Headers = new Headers({ DNT: "1", Referer: BASE_URL, "Upgrade-Insecure-Requests": "1", - "User-Agent": "Mozilla/5.0", -}; + "User-Agent": "node-fetch", +}); /** * fetchLicense - Fetch a license key for a user. @@ -94,6 +97,7 @@ async function main(): Promise { const cookiejar_filename: string = options[""]; const log_level: string = options["--log-level"].toLowerCase(); const select_mode: string = options["--select"]; + HEADERS.set("User-Agent", options["--user-agent"]); // Setup logging. logger = createLogger("License", log_level); diff --git a/src/get_release_url.ts b/src/get_release_url.ts index abe48082b..7d202c4ed 100755 --- a/src/get_release_url.ts +++ b/src/get_release_url.ts @@ -12,7 +12,7 @@ EXIT STATUS >0 An error occurred. Usage: - get_release_url.js [--log-level=LEVEL] + get_release_url.js [options] get_release_url.js (-h | --help) Options: @@ -20,6 +20,9 @@ Options: --log-level=LEVEL If specified, then the log level will be set to the specified value. Valid values are "debug", "info", "warn", and "error". [default: info] + --user-agent=USERAGENT If specified, then the user-agent header will be set to + the specified value. [default: node-fetch] + `; // Imports @@ -28,7 +31,7 @@ import { FileCookieStore } from "tough-cookie-file-store"; import createLogger from "./logging.js"; import docopt from "docopt"; import fetchCookie from "fetch-cookie"; -import nodeFetch, { Response } from "node-fetch"; +import nodeFetch, { Headers, Response } from "node-fetch"; import process from "process"; import winston from "winston"; @@ -40,12 +43,12 @@ var logger: winston.Logger; // Constants const BASE_URL = "https://foundryvtt.com"; -const HEADERS = { +const HEADERS: Headers = new Headers({ DNT: "1", Referer: BASE_URL, "Upgrade-Insecure-Requests": "1", - "User-Agent": "Mozilla/5.0", -}; + "User-Agent": "node-fetch", +}); /** * fetchReleaseURL - Fetch the pre-signed S3 URL. @@ -85,6 +88,7 @@ async function main(): Promise { const cookiejar_filename: string = options[""]; const foundry_version: string = options[""]; const log_level: string = options["--log-level"].toLowerCase(); + HEADERS.set("User-Agent", options["--user-agent"]); // Setup logging. logger = createLogger("ReleaseURL", log_level); From 27f797d6c4373cf8e148eb40efbe9d77d0bed613 Mon Sep 17 00:00:00 2001 From: Felddy Date: Sun, 3 Apr 2022 21:56:35 -0400 Subject: [PATCH 06/11] Caclulate and set user-agent header for curl and node utils --- src/entrypoint.sh | 32 +++++++++++++++++++++++++------- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/src/entrypoint.sh b/src/entrypoint.sh index 8a391d56b..7b1f5f8a1 100755 --- a/src/entrypoint.sh +++ b/src/entrypoint.sh @@ -41,6 +41,11 @@ cookiejar_file="cookiejar.json" license_min_length=24 secret_file="/run/secrets/config.json" +# Calculate a user-agent comment to use in for curl and node-fetch requests +CONTAINER_USER_AGENT_COMMENT="(felddy/foundryvtt:${image_version})" +curl_user_agent=$(curl --version | awk 'NR==1 {print $1 "/" $2}')" ${CONTAINER_USER_AGENT_COMMENT}" +node_user_agent="node-fetch ${CONTAINER_USER_AGENT_COMMENT}" + # Warn user if the container version does not start with the FOUNDRY_VERSION. # The FOUNDRY_VERSION looks like x.yyy # The container version is a semver x.y.z @@ -97,13 +102,17 @@ if [ $install_required = true ]; then # The resulting cookiejar is used to get a release URL or license. # CONTAINER_VERBOSE default value should not be quoted. # shellcheck disable=SC2086 - ./authenticate.js ${CONTAINER_VERBOSE+--log-level=debug} "${FOUNDRY_USERNAME}" "${FOUNDRY_PASSWORD}" "${cookiejar_file}" + ./authenticate.js ${CONTAINER_VERBOSE+--log-level=debug} \ + --user-agent="${node_user_agent}" \ + "${FOUNDRY_USERNAME}" "${FOUNDRY_PASSWORD}" "${cookiejar_file}" if [[ ! "${s3_url:-}" ]]; then # If the s3_url wasn't set by FOUNDRY_RELEASE_URL generate one now. log "Using authenticated credentials to download release." # CONTAINER_VERBOSE default value should not be quoted. # shellcheck disable=SC2086 - s3_url=$(./get_release_url.js ${CONTAINER_VERBOSE+--log-level=debug} "${cookiejar_file}" "${FOUNDRY_VERSION}") + s3_url=$(./get_release_url.js ${CONTAINER_VERBOSE+--log-level=debug} \ + --user-agent="${node_user_agent}" \ + "${cookiejar_file}" "${FOUNDRY_VERSION}") fi fi @@ -127,8 +136,10 @@ if [ $install_required = true ]; then log "Downloading Foundry Virtual Tabletop release." # Download release if newer than cached version. # Filter out warnings about bad date formats if the file is missing. - curl ${CONTAINER_VERBOSE+--verbose} --fail --location --time-cond \ - "${release_filename}" --output "${downloading_filename}" "${s3_url}" 2>&1 \ + curl ${CONTAINER_VERBOSE+--verbose} --fail --location \ + --user-agent "${curl_user_agent}" \ + --time-cond "${release_filename}" \ + --output "${downloading_filename}" "${s3_url}" 2>&1 \ | tr "\r" "\n" \ | sed --unbuffered '/^Warning: .* date/d' @@ -162,7 +173,9 @@ if [ $install_required = true ]; then for url in ${CONTAINER_PATCH_URLS}; do log "Downloading patch from URL: $url" patch_file=$(mktemp -t patch_url.sh.XXXXXX) - curl ${CONTAINER_VERBOSE+--verbose} --silent --output "${patch_file}" "${url}" + curl ${CONTAINER_VERBOSE+--verbose} --silent \ + --user-agent "${curl_user_agent}" \ + --output "${patch_file}" "${url}" log_debug "Sourcing patch file: ${patch_file}" # shellcheck disable=SC1090 source "${patch_file}" @@ -208,10 +221,15 @@ if [ ! -f "${LICENSE_FILE}" ]; then # FOUNDRY_LICENSE_KEY can be an index, try passing it. # CONTAINER_VERBOSE default value should not be quoted. # shellcheck disable=SC2086 - fetched_license_key=$(./get_license.js ${CONTAINER_VERBOSE+--log-level=debug} --select="${FOUNDRY_LICENSE_KEY}" "${cookiejar_file}") + fetched_license_key=$(./get_license.js ${CONTAINER_VERBOSE+--log-level=debug} \ + --user-agent="${node_user_agent}" \ + --select="${FOUNDRY_LICENSE_KEY}" \ + "${cookiejar_file}") else # shellcheck disable=SC2086 - fetched_license_key=$(./get_license.js ${CONTAINER_VERBOSE+--log-level=debug} "${cookiejar_file}") + fetched_license_key=$(./get_license.js ${CONTAINER_VERBOSE+--log-level=debug} \ + --user-agent="${node_user_agent}" \ + "${cookiejar_file}") fi echo "{ \"license\": \"${fetched_license_key}\" }" > "${LICENSE_FILE}" else From 13c3c73378367d2c04306354b21cf2a7e415898f Mon Sep 17 00:00:00 2001 From: Felddy Date: Sun, 3 Apr 2022 22:51:44 -0400 Subject: [PATCH 07/11] Add error logging if node does not exit cleanly --- src/launcher.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/launcher.sh b/src/launcher.sh index f28fb7b0c..57810d07c 100755 --- a/src/launcher.sh +++ b/src/launcher.sh @@ -60,4 +60,4 @@ fi # Spawn node with clean environment to prevent credential leaks log "Starting Foundry Virtual Tabletop." -env -i HOME="$HOME" node "$@" +env -i HOME="$HOME" node "$@" || log_error "Node process exited with code $?" From 77d4bd24fedf3706046d3cae8c78b1d2e8198a81 Mon Sep 17 00:00:00 2001 From: Felddy Date: Sun, 3 Apr 2022 22:53:32 -0400 Subject: [PATCH 08/11] Add logic to prevent containers from entering a download loop Partially addresses #306 --- src/entrypoint.sh | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/src/entrypoint.sh b/src/entrypoint.sh index 7b1f5f8a1..37ffccd45 100755 --- a/src/entrypoint.sh +++ b/src/entrypoint.sh @@ -73,6 +73,9 @@ fi # Check to see if an install is required install_required=false +# Track whether an S3 URL request is made. +# We use this information to protect from a download loop. +requested_s3_url=false if [ -f "resources/app/package.json" ]; then # FoundryVTT no longer supports the "version" field in package.json # We need to build up a pseudo-version using the generation and build values @@ -113,6 +116,7 @@ if [ $install_required = true ]; then s3_url=$(./get_release_url.js ${CONTAINER_VERBOSE+--log-level=debug} \ --user-agent="${node_user_agent}" \ "${cookiejar_file}" "${FOUNDRY_VERSION}") + requested_s3_url=true fi fi @@ -258,5 +262,16 @@ export CONTAINER_PRESERVE_CONFIG FOUNDRY_ADMIN_KEY FOUNDRY_AWS_CONFIG \ FOUNDRY_LOCAL_HOSTNAME FOUNDRY_MINIFY_STATIC_FILES FOUNDRY_PASSWORD_SALT \ FOUNDRY_PROXY_PORT FOUNDRY_PROXY_SSL FOUNDRY_ROUTE_PREFIX FOUNDRY_SSL_CERT \ FOUNDRY_SSL_KEY FOUNDRY_UPNP FOUNDRY_UPNP_LEASE_DURATION FOUNDRY_WORLD -su-exec "${FOUNDRY_UID:-foundry}:${FOUNDRY_GID:-foundry}" ./launcher.sh "$@" +su-exec "${FOUNDRY_UID:-foundry}:${FOUNDRY_GID:-foundry}" ./launcher.sh "$@" \ + || log_error "Launcher exited with error code: $?" + +# If the container requested a new S3 URL but disabled the cache +# we are going to sleep forever to prevent a downlaod loop. +if [[ "${requested_s3_url}" == "true" && "${CONTAINER_CACHE:-}" == "" ]]; then + log_warn "Server exited after using a new S3 URL but the CONTAINER_CACHE was disabled." + log_warn "Sleeping forever to prevent a download loop." + log_warn "Enabling the container cache will allow the container to exit properly." + while true; do sleep 60; done +fi + exit 0 From 4538feff9b448823e872514d6c900fb9f24190bd Mon Sep 17 00:00:00 2001 From: Felddy Date: Sun, 3 Apr 2022 23:30:05 -0400 Subject: [PATCH 09/11] Add a note about the effects of disabling the cache --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9afa450e6..3e3c894e9 100644 --- a/README.md +++ b/README.md @@ -264,7 +264,7 @@ secrets](#using-secrets) instead of environment variables. | Name | Purpose | Default | |-------|---------|---------| -`CONTAINER_CACHE` | Set a path to cache downloads of the Foundry distribution archive and speed up subsequent container startups. The path should be in `/data` or another persistent mount point in the container. Set to `""` to disable. A distribution can be pre-downloaded and placed into a cache directory. The distribution's name must be of the form: `foundryvtt-9.255.zip`| `/data/container_cache` | +| `CONTAINER_CACHE` | Set a path to cache downloads of the Foundry distribution archive and speed up subsequent container startups. The path should be in `/data` or another persistent mount point in the container. Set to `""` to disable. ***Note***: When the cache is disabled the container may sleep instead of exiting, in certian circumstances, to prevent a download loop. A distribution can be pre-downloaded and placed into a cache directory. The distribution's name must be of the form: `foundryvtt-9.255.zip`| `/data/container_cache` | | `CONTAINER_PATCHES` | Set a path to a directory of shell scripts to be sourced after Foundry is installed but before it is started. The path should be in `/data` or another persistent mount point in the container. e.g.; `/data/container_patches` Patch files are sourced in lexicographic order. `CONTAINER_PATCHES` are processed after `CONTAINER_PATCH_URLS`.| | | `CONTAINER_PATCH_URLS` | Set to a space-delimited list of URLs to be sourced after Foundry is installed but before it is started. Patch URLs are sourced in the order specified. `CONTAINER_PATCH_URLS` are processed before `CONTAINER_PATCHES`. ⚠️ **Only use patch URLs from trusted sources!** | | | `CONTAINER_PRESERVE_CONFIG` | Normally new `options.json` and `admin.txt` files are generated by the container at each startup. Setting this to `true` prevents the container from modifying these files when they exist. If they do not exist, they will be created as normal. | `false` | From 055dc0795f9904f5de43c0d4a7d7d26acd132d99 Mon Sep 17 00:00:00 2001 From: Felddy Date: Sun, 3 Apr 2022 23:31:13 -0400 Subject: [PATCH 10/11] Standardize emphasis style --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3e3c894e9..16605fa75 100644 --- a/README.md +++ b/README.md @@ -208,7 +208,7 @@ It is recommended that most users use the `:release` tag. | Image:tag | Description | |-----------|-------------| |`felddy/foundryvtt:release` | The most recent image from the `stable` channel. These images are **considered stable**, and well-tested. Most users will use this tag. The `latest` tag always points to the same version as `release`.| -|`felddy/foundryvtt:prerelease` | The most recent image from the `testing`, `development`, or `prototype` channels. Pre-releases are **VERY LIKELY to introduce breaking bugs** that will be disruptive to play. Do not install this version unless you are using for the specific purposes of testing. The intention of pre-release builds are to allow for previewing new features and to help developers to begin updating modules which are impacted by the changes. If you choose to update to this version for a live game you do so entirely at your own risk of having a bad experience. _Please back up your critical user data before installing this version._ | +|`felddy/foundryvtt:prerelease` | The most recent image from the `testing`, `development`, or `prototype` channels. Pre-releases are **VERY LIKELY to introduce breaking bugs** that will be disruptive to play. Do not install this version unless you are using for the specific purposes of testing. The intention of pre-release builds are to allow for previewing new features and to help developers to begin updating modules which are impacted by the changes. If you choose to update to this version for a live game you do so entirely at your own risk of having a bad experience. *Please back up your critical user data before installing this version.* | |`felddy/foundryvtt:9.255.0`| An exact image version. | |`felddy/foundryvtt:9.255`| The most recent image matching the major and minor version numbers. | |`felddy/foundryvtt:9`| The most recent image matching the major version number. | @@ -268,7 +268,7 @@ secrets](#using-secrets) instead of environment variables. | `CONTAINER_PATCHES` | Set a path to a directory of shell scripts to be sourced after Foundry is installed but before it is started. The path should be in `/data` or another persistent mount point in the container. e.g.; `/data/container_patches` Patch files are sourced in lexicographic order. `CONTAINER_PATCHES` are processed after `CONTAINER_PATCH_URLS`.| | | `CONTAINER_PATCH_URLS` | Set to a space-delimited list of URLs to be sourced after Foundry is installed but before it is started. Patch URLs are sourced in the order specified. `CONTAINER_PATCH_URLS` are processed before `CONTAINER_PATCHES`. ⚠️ **Only use patch URLs from trusted sources!** | | | `CONTAINER_PRESERVE_CONFIG` | Normally new `options.json` and `admin.txt` files are generated by the container at each startup. Setting this to `true` prevents the container from modifying these files when they exist. If they do not exist, they will be created as normal. | `false` | -| `CONTAINER_PRESERVE_OWNER` | Normally the ownership of the `/data` directory and its contents are changed to match that of the server at startup. Setting this to a regular expression will exclude any matching paths and preserve their ownership. _Note: This is a match on the whole path, not a search._ This is useful if you want mount a volume as read-only inside `/data` (e.g.; a volume that contains assets mounted at `/data/Data/assets`). | | +| `CONTAINER_PRESERVE_OWNER` | Normally the ownership of the `/data` directory and its contents are changed to match that of the server at startup. Setting this to a regular expression will exclude any matching paths and preserve their ownership. *Note: This is a match on the whole path, not a search.* This is useful if you want mount a volume as read-only inside `/data` (e.g.; a volume that contains assets mounted at `/data/Data/assets`). | | | `CONTAINER_VERBOSE` | Set to `true` to enable verbose logging for the container utility scripts. | `false` | | `FOUNDRY_ADMIN_KEY` | Admin password to be applied at startup. If omitted the admin password will be cleared. May be set [using secrets](#using-secrets). | | | `FOUNDRY_AWS_CONFIG` | An absolute or relative path that points to the [awsConfig.json](https://foundryvtt.com/article/aws-s3/) or `true` for AWS environment variable [credentials evaluation](https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/setting-credentials-node.html) usage. | `null` | From 4eb53d044a09915d06f2dd9cd28054d639faf957 Mon Sep 17 00:00:00 2001 From: Felddy Date: Mon, 4 Apr 2022 13:30:46 -0400 Subject: [PATCH 11/11] Improve disabled cache warning upon exit --- src/entrypoint.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/entrypoint.sh b/src/entrypoint.sh index 37ffccd45..8e30a57ce 100755 --- a/src/entrypoint.sh +++ b/src/entrypoint.sh @@ -268,9 +268,10 @@ su-exec "${FOUNDRY_UID:-foundry}:${FOUNDRY_GID:-foundry}" ./launcher.sh "$@" \ # If the container requested a new S3 URL but disabled the cache # we are going to sleep forever to prevent a downlaod loop. if [[ "${requested_s3_url}" == "true" && "${CONTAINER_CACHE:-}" == "" ]]; then - log_warn "Server exited after using a new S3 URL but the CONTAINER_CACHE was disabled." - log_warn "Sleeping forever to prevent a download loop." - log_warn "Enabling the container cache will allow the container to exit properly." + log_warn "Server exited after downloading a release while the CONTAINER_CACHE was disabled." + log_warn "This configuration could lead to a restart loop putting excessive load on the release server." + log_warn "Please re-enable the CONTAINER_CACHE to allow the container to safely exit." + log_warn "Sleeping..." while true; do sleep 60; done fi