diff --git a/Dockerfile b/Dockerfile index 2ecb85ad9..748834989 100644 --- a/Dockerfile +++ b/Dockerfile @@ -109,6 +109,10 @@ RUN chmod +x /home/steam/server/*.sh && \ mv /home/steam/server/restore.sh /usr/local/bin/restore WORKDIR /home/steam/server +RUN touch rcon.yaml crontab && \ + chmod o+w rcon.yaml crontab && \ + chown steam:steam -R /home/steam && \ + chmod -R o+w /home/steam/steamcmd HEALTHCHECK --start-period=5m \ CMD pgrep "PalServer-Linux" > /dev/null || exit 1 diff --git a/README.md b/README.md index af34d5f77..cad749819 100644 --- a/README.md +++ b/README.md @@ -160,6 +160,29 @@ All files you will need to deploy this container to kubernetes are located in th Follow the steps in the [README.md here](k8s/readme.md) to deploy it. +### Running without root + +This is only for advanced users + +It is possible to run this container and +[override the default user](https://docs.docker.com/engine/reference/run/#user) which is root in this image. + +Because you are specifiying the user and group `PUID` and `PGID` are ignored. + +If you want to find your UID: `id -u` +If you want to find your GID: `id -g` + +You must set user to `NUMBERICAL_UID:NUMBERICAL_GID` + +Below we assume your UID is 1000 and your GID is 1001 + +* In docker run add `--user 1000:1001 \` above the last line. +* In docker compose add `user: 1000:1001` above ports. + +If you wish to run it with a different UID/GID than your own you will need to change the ownership of the directory that +is being bind: `chown UID:GID palworld/` +or by changing the permissions for all other: `chmod o=rwx palworld/` + #### Using helm chart The official helm chart can be found in a seperate repository, [palworld-server-chart](https://github.com/Twinki14/palworld-server-chart) diff --git a/docusaurus/docs/guides/running-without-root.md b/docusaurus/docs/guides/running-without-root.md new file mode 100644 index 000000000..a71a7a957 --- /dev/null +++ b/docusaurus/docs/guides/running-without-root.md @@ -0,0 +1,26 @@ +--- +sidebar_position: 6 +--- + +# Running without root + +This is only for advanced users + +It is possible to run this container and +[override the default user](https://docs.docker.com/engine/reference/run/#user) which is root in this image. + +Because you are specifiying the user and group `PUID` and `PGID` are ignored. + +If you want to find your UID: `id -u` +If you want to find your GID: `id -g` + +You must set user to `NUMBERICAL_UID:NUMBERICAL_GID` + +Below we assume your UID is 1000 and your GID is 1001 + +* In docker run add `--user 1000:1001 \` above the last line. +* In docker compose add `user: 1000:1001` above ports. + +If you wish to run it with a different UID/GID than your own you will need to change the ownership of the directory that +is being bind: `chown UID:GID palworld/` +or by changing the permissions for all other: `chmod o=rwx palworld/` diff --git a/scripts/init.sh b/scripts/init.sh index 219be9bb6..0c03448e9 100644 --- a/scripts/init.sh +++ b/scripts/init.sh @@ -2,17 +2,27 @@ # shellcheck source=/dev/null source "/home/steam/server/helper_functions.sh" -if [[ ! "${PUID}" -eq 0 ]] && [[ ! "${PGID}" -eq 0 ]]; then - LogAction "EXECUTING USERMOD" - usermod -o -u "${PUID}" steam - groupmod -o -g "${PGID}" steam -else - LogError "Running as root is not supported, please fix your PUID and PGID!" +if [[ "$(id -u)" -eq 0 ]] && [[ "$(id -g)" -eq 0 ]]; then + if [[ "${PUID}" -ne 0 ]] && [[ "${PGID}" -ne 0 ]]; then + LogAction "EXECUTING USERMOD" + usermod -o -u "${PUID}" steam + groupmod -o -g "${PGID}" steam + chown -R steam:steam /palworld /home/steam/ + else + LogError "Running as root is not supported, please fix your PUID and PGID!" + exit 1 + fi +elif [[ "$(id -u)" -eq 0 ]] || [[ "$(id -g)" -eq 0 ]]; then + LogError "Running as root is not supported, please fix your user!" + exit 1 +fi + +if ! [ -w "/palworld" ]; then + LogError "/palworld is not writable." exit 1 fi mkdir -p /palworld/backups -chown -R steam:steam /palworld /home/steam/ # shellcheck disable=SC2317 term_handler() { @@ -30,7 +40,11 @@ term_handler() { trap 'term_handler' SIGTERM -su steam -c ./start.sh & +if [[ "$(id -u)" -eq 0 ]]; then + su steam -c ./start.sh & +else + ./start.sh & +fi # Process ID of su killpid="$!" wait "$killpid" diff --git a/scripts/start.sh b/scripts/start.sh index 9a0fa4b08..e15b47b0f 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -102,7 +102,7 @@ else fi LogAction "GENERATING CRONTAB" -rm -f "/home/steam/server/crontab" +truncate -s 0 "/home/steam/server/crontab" if [ "${BACKUP_ENABLED,,}" = true ]; then LogInfo "BACKUP_ENABLED=${BACKUP_ENABLED,,}" LogInfo "Adding cronjob for auto backups"