diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8fce603 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +data/ diff --git a/Dockerfile b/Dockerfile index 948e6bb..da0db34 100644 --- a/Dockerfile +++ b/Dockerfile @@ -53,6 +53,12 @@ RUN cd /tmp && \ dpkg -i *.deb && \ rm -f *.deb +# Workaround2: Steam severely floods DNS requests on Linux, so let's use a DNS cache +# (see https://github.com/ValveSoftware/steam-for-linux/issues/3401) +RUN apt-get update && \ + apt-get -y install dnsmasq +COPY ./dnsmasq.conf /etc/dnsmasq.conf +RUN cp /etc/resolv.conf /etc/resolv.dnsmasq # Fix bug https://github.com/arno01/steam/issues/11 where Pulseaudio crashes # microphone is accessed via push-to-talk. diff --git a/README.md b/README.md index be1d1b6..08eaa85 100644 --- a/README.md +++ b/README.md @@ -3,26 +3,19 @@ ## Why? Some people asked me why would someone want to have Steam in a Docker container? - Few main points which pushed me making this Docker container: 1. I want to set-up more fences when running the code I don't/can't trust; [issue 3671](https://github.com/valvesoftware/steam-for-linux/issues/3671) - 2. I don't want to spend time on figuring out how to install Steam (what deps) in a non-Debian (or non-SteamOS) based distro; - 3. I like cleanliness: I can erase Steam and all its dependencies in a matter of seconds; - And few Pros from my PoV: - I can have Steam on my Ubuntu/openSUSE/[put any other distro I will want to use] in a short time that Docker takes when downloads this Steam container; - - Since Steam is meant to run in Debian (SteamOS) based distro, it is not a problem anymore, since it is in a container now. - Suggestions / PR's are welcomed! - ## What's tested? The following games have been tested: @@ -30,6 +23,7 @@ The following games have been tested: - Half-Life: Counter-Strike 1.6 - Counter-Strike: Global Offensive - Iron Snout +- Toribash Tested in Ubuntu 16.04 LTS (64bit) and openSUSE Leap 42.1 with the following GPU's: @@ -38,41 +32,53 @@ with the following GPU's: - Intel HD Graphics 4400 - NVIDIA's GeForce GTX 560 Ti - ## Requirements - [Docker](https://www.docker.com/) - [Docker Compose](https://docs.docker.com/compose/) minimum version 1.7.3 - # Building and launching Steam -## Build Steam Docker image +## Launching Steam in Docker -You may want to re-run this command later on in order to keep the image updated. +The simplest way to launch Steam is by running: -``` -docker build -t andrey01/steam . +```sh +git clone https://github.com/arno01/steam.git +cd steam +docker-compose run steam ``` +If Steam does not start, you may need to allow your user making local +connections to X server, which can be achieved with this command on host: -## Launch the Steam in Docker - -You may need to allow your user making local connections to X server, -which can be achieved with this command: - -``` +```sh xhost +SI:localuser:$(id -un) ``` -You can use the following shortcut function and place it to your `~/.bash_aliases` file - -``` -function docker_helper() { { pushd ~/docker/$1; docker-compose rm -fa "$1"; docker-compose run -d --name "$1" "$@"; popd; } } -function steam() { { docker_helper $FUNCNAME $@; } } +You can use the following shortcut function and place it to your `~/.bash_aliases` file: + +```sh +function docker_helper() {{ + pushd ~/docker/$1 + docker-compose rm -fa "$1" + docker-compose run -d --name "$1" "$@" + popd +}} +function steam() { + docker_helper $FUNCNAME $@ +}} ``` -Then just issue "steam" command to run Steam in docker. +Then just use `steam` command to run Steam in docker. + +## Updating Steam Docker image + +You may want to re-run this command later on in order to keep the image updated: + +```sh +docker build -t andrey01/steam . +``` ## Troubleshooting @@ -84,8 +90,8 @@ The best result is when you have a similar to the following output, using the `g If you are getting `segmentation fault` error or Steam does not start, then you could try resetting its config: -``` -$ docker-compose run --rm steam --reset +```sh +docker-compose run --rm steam --reset ``` ## Grsecurity notes @@ -100,9 +106,9 @@ It only needs a `/proc/sys/kernel/grsecurity/tpe_gid` accessible by root for rea ### grsec: PaX -It is also working with PaX part of the grsecurity. -I have tested it with Half-Life games like CS 1.6, and CS:GO. -Please refer to the `launch` file if grsecurity is blocking some executable or a library. +It is also working with PaX part of the grsecurity. +I have tested it with Half-Life games like CS 1.6, and CS:GO. +Please refer to the `launch` file if grsecurity is blocking some executable or a library. # Links diff --git a/data/README.md b/data/README.md new file mode 100644 index 0000000..212e53e --- /dev/null +++ b/data/README.md @@ -0,0 +1,4 @@ +Steam will store its data in this folder: + +- .steam/ for updates, game downloads & storage. +- .local/share/Steam/ for account configuration. \ No newline at end of file diff --git a/dnsmasq.conf b/dnsmasq.conf new file mode 100644 index 0000000..6ae1220 --- /dev/null +++ b/dnsmasq.conf @@ -0,0 +1,42 @@ +# +# Configuration file for dnsmasq acting as a caching nameserver. +# +# Format is one option per line, legal options are the same +# as the long options legal on the command line. See +# "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details. +# +# Updated versions of this configuration file may be available at: +# +# http://www.g-loaded.eu/2010/09/18/caching-nameserver-using-dnsmasq/ +# + +# +# Basic server configuration +# + +listen-address=0.0.0.0 +port=53 +bind-interfaces +user=root +pid-file=/var/run/dnsmasq.pid + +# +# Logging +# + +#log-facility=/var/log/dnsmasq.log +#log-queries + +# +# Name resolution options +# + +domain-needed +bogus-priv +no-hosts +dns-forward-max=150 +cache-size=1000 +#no-negcache +neg-ttl=3600 +resolv-file=/etc/resolv.dnsmasq +no-poll diff --git a/docker-compose.yml b/docker-compose.yml index 450af7b..05c0ee8 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,7 +12,7 @@ services: - /etc/localtime:/etc/localtime:ro - /etc/machine-id:/etc/machine-id:ro - $XDG_RUNTIME_DIR/pulse:/run/user/1000/pulse - - data:/home + - ./data:/home/user # - /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket:ro # Ubuntu's NVIDIA driver: - /usr/lib/nvidia-361-prime:/h1_64:ro @@ -30,6 +30,7 @@ services: - /usr/X11R6/lib64:/h11_64:ro - /usr/lib:/h12_32:ro - /usr/lib64:/h13_64:ro + dns: steam # a DNS cache is needed to avoid upstream bug https://github.com/ValveSoftware/steam-for-linux/issues/3401 devices: - /dev/nvidia0 - /dev/nvidiactl diff --git a/launch b/launch index b06a07c..0b29cf2 100644 --- a/launch +++ b/launch @@ -5,6 +5,8 @@ # exec 2>&1 +service dnsmasq start + # # Befriend with grsecurity patched Linux kernel #