arno/steam
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #8 from bagage/fix/dnsmasq

Browse Source 
Dockerfile: use a DNS cache to avoid steam issue 3401
This commit is contained in:
Andy 2016-10-26 21:34:19 +02:00 committed by GitHub
commit 66351f453e
7 changed files with 92 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
data/

6
Dockerfile
View File

@ -53,6 +53,12 @@ RUN cd /tmp && \
dpkg -i *.deb && \ dpkg -i *.deb && \
rm -f *.deb rm -f *.deb
# Workaround2: Steam severely floods DNS requests on Linux, so let's use a DNS cache
# (see https://github.com/ValveSoftware/steam-for-linux/issues/3401)
RUN apt-get update && \
apt-get -y install dnsmasq
COPY ./dnsmasq.conf /etc/dnsmasq.conf
RUN cp /etc/resolv.conf /etc/resolv.dnsmasq
# Fix bug https://github.com/arno01/steam/issues/11 where Pulseaudio crashes # Fix bug https://github.com/arno01/steam/issues/11 where Pulseaudio crashes
# microphone is accessed via push-to-talk. # microphone is accessed via push-to-talk.

64
README.md
View File

@ -3,26 +3,19 @@
## Why? ## Why?
Some people asked me why would someone want to have Steam in a Docker container? Some people asked me why would someone want to have Steam in a Docker container?
Few main points which pushed me making this Docker container: Few main points which pushed me making this Docker container:
1. I want to set-up more fences when running the code I don't/can't trust; [issue 3671](https://github.com/valvesoftware/steam-for-linux/issues/3671) 1. I want to set-up more fences when running the code I don't/can't trust; [issue 3671](https://github.com/valvesoftware/steam-for-linux/issues/3671)
2. I don't want to spend time on figuring out how to install Steam (what deps) in a non-Debian (or non-SteamOS) based distro; 2. I don't want to spend time on figuring out how to install Steam (what deps) in a non-Debian (or non-SteamOS) based distro;
3. I like cleanliness: I can erase Steam and all its dependencies in a matter of seconds; 3. I like cleanliness: I can erase Steam and all its dependencies in a matter of seconds;
And few Pros from my PoV: And few Pros from my PoV:
- I can have Steam on my Ubuntu/openSUSE/[put any other distro I will want to use] in a short time that Docker takes when downloads this Steam container; - I can have Steam on my Ubuntu/openSUSE/[put any other distro I will want to use] in a short time that Docker takes when downloads this Steam container;
- Since Steam is meant to run in Debian (SteamOS) based distro, it is not a problem anymore, since it is in a container now. - Since Steam is meant to run in Debian (SteamOS) based distro, it is not a problem anymore, since it is in a container now.
Suggestions / PR's are welcomed! Suggestions / PR's are welcomed!
## What's tested? ## What's tested?
The following games have been tested: The following games have been tested:
@ -30,6 +23,7 @@ The following games have been tested:
- Half-Life: Counter-Strike 1.6 - Half-Life: Counter-Strike 1.6
- Counter-Strike: Global Offensive - Counter-Strike: Global Offensive
- Iron Snout - Iron Snout
- Toribash
Tested in Ubuntu 16.04 LTS (64bit) and openSUSE Leap 42.1 Tested in Ubuntu 16.04 LTS (64bit) and openSUSE Leap 42.1
with the following GPU's: with the following GPU's:
@ -38,41 +32,53 @@ with the following GPU's:
- Intel HD Graphics 4400 - Intel HD Graphics 4400
- NVIDIA's GeForce GTX 560 Ti - NVIDIA's GeForce GTX 560 Ti
## Requirements ## Requirements
- [Docker](https://www.docker.com/) - [Docker](https://www.docker.com/)
- [Docker Compose](https://docs.docker.com/compose/) minimum version 1.7.3 - [Docker Compose](https://docs.docker.com/compose/) minimum version 1.7.3
# Building and launching Steam # Building and launching Steam
## Build Steam Docker image ## Launching Steam in Docker
You may want to re-run this command later on in order to keep the image updated. The simplest way to launch Steam is by running:
``` ```sh
docker build -t andrey01/steam . git clone https://github.com/arno01/steam.git
cd steam
docker-compose run steam
``` ```
If Steam does not start, you may need to allow your user making local
connections to X server, which can be achieved with this command on host:
## Launch the Steam in Docker ```sh
You may need to allow your user making local connections to X server,
which can be achieved with this command:
```
xhost +SI:localuser:$(id -un) xhost +SI:localuser:$(id -un)
``` ```
You can use the following shortcut function and place it to your `~/.bash_aliases` file You can use the following shortcut function and place it to your `~/.bash_aliases` file:
``` ```sh
function docker_helper() { { pushd ~/docker/$1; docker-compose rm -fa "$1"; docker-compose run -d --name "$1" "$@"; popd; } } function docker_helper() {{
function steam() { { docker_helper $FUNCNAME $@; } } pushd ~/docker/$1
docker-compose rm -fa "$1"
docker-compose run -d --name "$1" "$@"
popd
}}
function steam() {
docker_helper $FUNCNAME $@
}}
``` ```
Then just issue "steam" command to run Steam in docker. Then just use `steam` command to run Steam in docker.
## Updating Steam Docker image
You may want to re-run this command later on in order to keep the image updated:
```sh
docker build -t andrey01/steam .
```
## Troubleshooting ## Troubleshooting
@ -84,8 +90,8 @@ The best result is when you have a similar to the following output, using the `g
If you are getting `segmentation fault` error or Steam does not start, then you could try resetting its config: If you are getting `segmentation fault` error or Steam does not start, then you could try resetting its config:
``` ```sh
$ docker-compose run --rm steam --reset docker-compose run --rm steam --reset
``` ```
## Grsecurity notes ## Grsecurity notes
@ -100,9 +106,9 @@ It only needs a `/proc/sys/kernel/grsecurity/tpe_gid` accessible by root for rea
### grsec: PaX ### grsec: PaX
It is also working with PaX part of the grsecurity. It is also working with PaX part of the grsecurity.
I have tested it with Half-Life games like CS 1.6, and CS:GO. I have tested it with Half-Life games like CS 1.6, and CS:GO.
Please refer to the `launch` file if grsecurity is blocking some executable or a library. Please refer to the `launch` file if grsecurity is blocking some executable or a library.
# Links # Links

4
data/README.md Normal file
View File

@ -0,0 +1,4 @@
Steam will store its data in this folder:
- .steam/ for updates, game downloads & storage.
- .local/share/Steam/ for account configuration.

42
dnsmasq.conf Normal file
View File

@ -0,0 +1,42 @@
#
# Configuration file for dnsmasq acting as a caching nameserver.
#
# Format is one option per line, legal options are the same
# as the long options legal on the command line. See
# "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details.
#
# Updated versions of this configuration file may be available at:
#
# http://www.g-loaded.eu/2010/09/18/caching-nameserver-using-dnsmasq/
#
#
# Basic server configuration
#
listen-address=0.0.0.0
port=53
bind-interfaces
user=root
pid-file=/var/run/dnsmasq.pid
#
# Logging
#
#log-facility=/var/log/dnsmasq.log
#log-queries
#
# Name resolution options
#
domain-needed
bogus-priv
no-hosts
dns-forward-max=150
cache-size=1000
#no-negcache
neg-ttl=3600
resolv-file=/etc/resolv.dnsmasq
no-poll

3
docker-compose.yml
View File

@ -12,7 +12,7 @@ services:
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
- /etc/machine-id:/etc/machine-id:ro - /etc/machine-id:/etc/machine-id:ro
- $XDG_RUNTIME_DIR/pulse:/run/user/1000/pulse - $XDG_RUNTIME_DIR/pulse:/run/user/1000/pulse
- data:/home - ./data:/home/user
# - /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket:ro # - /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket:ro
# Ubuntu's NVIDIA driver: # Ubuntu's NVIDIA driver:
- /usr/lib/nvidia-361-prime:/h1_64:ro - /usr/lib/nvidia-361-prime:/h1_64:ro
@ -30,6 +30,7 @@ services:
- /usr/X11R6/lib64:/h11_64:ro - /usr/X11R6/lib64:/h11_64:ro
- /usr/lib:/h12_32:ro - /usr/lib:/h12_32:ro
- /usr/lib64:/h13_64:ro - /usr/lib64:/h13_64:ro
dns: steam # a DNS cache is needed to avoid upstream bug https://github.com/ValveSoftware/steam-for-linux/issues/3401
devices: devices:
- /dev/nvidia0 - /dev/nvidia0
- /dev/nvidiactl - /dev/nvidiactl

2
launch
View File

@ -5,6 +5,8 @@
# #
exec 2>&1 exec 2>&1
service dnsmasq start
# #
# Befriend with grsecurity patched Linux kernel # Befriend with grsecurity patched Linux kernel
# #