search

mschnitzer / ark-survival-ascended-linux-container-image

A docker/podman container that is able to run an ARK: Survival Ascended on a Linux host.
92 stars 17 forks source link

Mounting cluster & server files to a user folder for easy SFTP access #88

Closed axieum closed 1 month ago

axieum commented 1 month ago

Since the Docker image runs under user 25000:25000, we need to make sure that user can still access the files.

My updated docker-compose.yaml where ark user has SUID 1001 -

services:
  # ARK Server 1
  ark-1:
    image: docker.io/mschnitzer/asa-linux-server:latest
    container_name: ark-1
    entrypoint: /usr/bin/start_server
    restart: unless-stopped
    user: gameserver
    tty: true
    networks:
      - ark
    ports:
      - 7777:7777/udp  # Game
      - 27020:27020/tcp  # RCON
    environment:
      - ASA_START_PARAMS=TheIsland_WP?listen?Port=7777?RCONPort=27020?RCONEnabled=True -WinLiveMaxPlayers=50 -clusterid=default -ClusterDirOverride="/home/gameserver/cluster-shared"
      - ENABLE_DEBUG=0
    volumes:
      - ark-1-steam:/home/gameserver/Steam:rw
      - ark-1-steamcmd:/home/gameserver/steamcmd:rw
+     - /home/ark/cluster:/home/gameserver/cluster-shared:rw
+     - /home/ark/server-1:/home/gameserver/server-files:rw
      - /etc/localtime:/etc/localtime:ro
      - /etc/machine-id:/etc/machine-id:ro
    depends_on:
      - set-permissions-1

  # Permission Helper
  set-permissions-1:
    image: docker.io/opensuse/leap
    entrypoint: >-
      /bin/bash -c '
      chown -R 25000:25000 /steam;
      chown -R 25000:25000 /steamcmd;
+     chown -R 25000:1001 /server-files;
+     chown -R 25000:1001 /cluster-shared'
    user: root
    volumes:
+     - /home/ark/cluster:/cluster-shared:rw
+     - /home/ark/server-1:/server-files:rw
      - ark-1-steam:/steam:rw
      - ark-1-steamcmd:/steamcmd:rw

volumes:
  ark-1-steam:
  ark-1-steamcmd:
- ark-1-server:
- ark-cluster:

Moving the original volumes.

cp -R /var/lib/containers/storage/volumes/ark_ark-cluster/_data /home/ark/cluster
cp -R /var/lib/containers/storage/volumes/ark_ark-1-server/_data /home/ark/server-1
podman volume rm ark_ark-cluster
podman volume rm ark_ark-1-server

Assigning the correct folder/file ownership (suid) and group (guid) permissions.

chown -R 25000:ark /home/ark/cluster
find /home/ark/cluster -type d -exec chmod 750 {} \;
find /home/ark/cluster -type f -exec chmod 660 {} \;

chown -R 25000:ark /home/ark/server-1
find /home/ark/server-1 -type d -exec chmod 750 {} \;
find /home/ark/server-1 -type f -exec chmod 660 {} \;

Now your ark user should be able to access the files as it is in the ark (1001) GUID. The gameserver user in the container can still access its own files as they are owned by SUID 25000.

Now I can SFTP into the ark user at folder /home/ark and make changes to the server configuration there instead.

axieum commented 1 month ago

Related #64