Update README.md

ps3netsrv/Dockerfile

@@ -46,7 +46,7 @@ FROM ${BUILD_FROM}
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 
 # Copy binary from build container
-COPY --from=builder /tmp/ps3netsrv-bin/ps3netsrv /usr/local/bin/ps3netsrv
+COPY --from=builder /tmp/ps3netsrv-bin/ps3netsrv /bin/ps3netsrv
 
 # Install runtime deps and add users
 RUN \
@@ -59,14 +59,7 @@ RUN \
     libstdc++ \
     musl \
     musl-utils \
-    mbedtls && \
-  echo "Creating ps3netsrv user..." && \
-    useradd -u 1000 -U -M -s /bin/false ps3netsrv && \
-    usermod -G users ps3netsrv && \
-    mkdir -p /var/log/ps3netsrv && \
-    chown -R nobody:nogroup /var/log/ps3netsrv && \
-  echo "Cleaning up temp directory..." && \
-    rm -rf /tmp/*
+    mbedtls
 
 # Add files
 COPY rootfs/ /
@@ -90,11 +83,11 @@ LABEL \
     io.hass.arch="${BUILD_ARCH}" \
     io.hass.type="addon" \
     io.hass.version=${BUILD_VERSION} \
-    maintainer="Franck Nijhof <frenck@addons.community>" \
+    maintainer="D-Two <the.dtwo@gmail.com>" \
     org.opencontainers.image.title="${BUILD_NAME}" \
     org.opencontainers.image.description="${BUILD_DESCRIPTION}" \
     org.opencontainers.image.vendor="Home Assistant Community Add-ons" \
-    org.opencontainers.image.authors="Franck Nijhof <frenck@addons.community>" \
+    org.opencontainers.image.authors="D-Two <the.dtwo@gmail.com>" \
     org.opencontainers.image.licenses="MIT" \
     org.opencontainers.image.url="https://addons.community" \
     org.opencontainers.image.source="https://github.com/${BUILD_REPOSITORY}" \

ps3netsrv/README.md

@@ -20,7 +20,7 @@ The architectures supported by this image are:
 
 ## Quick Start
 
-  - `media/ps3netsrv`: This location contains files from your host that need to be accessible by the application.
+  - coming soon
 
 ### Ports
 

ps3netsrv/apparmor.txt

@@ -0,0 +1,66 @@
+#include <tunables/global>
+
+profile ps3netserver_addon flags=(attach_disconnected,mediate_deleted) {
+  #include <abstractions/base>
+
+  capability,
+  file,
+  signal,
+  mount,
+  umount,
+  remount,
+  network udp,
+  network tcp,
+  network dgram,
+  network stream,
+  network inet,
+  network inet6,
+  network netlink raw,
+  network unix dgram,
+
+  capability setgid,
+  capability setuid,
+  capability sys_admin,
+  capability dac_read_search,
+  # capability dac_override,
+  # capability sys_rawio,
+
+# S6-Overlay
+  /init ix,
+  /run/{s6,s6-rc*,service}/** ix,
+  /package/** ix,
+  /command/** ix,
+  /run/{,**} rwk,
+  /dev/tty rw,
+  /bin/** ix,
+  /usr/bin/** ix,
+  /usr/lib/bashio/** ix,
+  /etc/s6/** rix,
+  /run/s6/** rix,
+  /etc/services.d/** rwix,
+  /etc/cont-init.d/** rwix,
+  /etc/cont-finish.d/** rwix,
+  /init rix,
+  /var/run/** mrwkl,
+  /var/run/ mrwkl,
+  /dev/i2c-1 mrwkl,
+  # Files required
+  /dev/fuse mrwkl,
+  /dev/sda1 mrwkl,
+  /dev/sdb1 mrwkl,
+  /dev/nvme0 mrwkl,
+  /dev/nvme1 mrwkl,
+  /dev/mmcblk0p1 mrwkl,
+  /dev/* mrwkl,
+  /tmp/** mrkwl,
+
+  # Data access
+  /data/** rw,
+
+  # suppress ptrace denials when using 'docker ps' or using 'ps' inside a container
+  ptrace (trace,read) peer=docker-default,
+
+  # docker daemon confinement requires explict allow rule for signal
+  signal (receive) set=(kill,term) peer=/usr/bin/docker,
+
+}

ps3netsrv/config.yaml

@@ -1,7 +1,7 @@
 ---
 name: Ps3NetServer
 slug: ps3netserver
-version: 0.1.0
+version: 0.1.0-NAS
 description: This is a Docker container for ps3netsrv (or ps3netsvr).
 url: https://github.com/d-two/hassio-addons/tree/main/ps3netsrv
 startup: application
@@ -13,9 +13,15 @@ arch:
 - armv7
 - i386
 boot: auto
-map:
-- media:rw
 ports:
   38008/tcp: 38008
 ports_description:
   38008/tcp: Network port
+privileged:
+- SYS_ADMIN
+- DAC_READ_SEARCH
+schema:
+  cifsdomain: str?
+  cifspassword: str?
+  cifsusername: str?
+  networkdisks: str?

ps3netsrv/rootfs/etc/cont-init.d/00_smb

@@ -0,0 +1,151 @@
+#!/command/with-contenv bashio
+# shellcheck shell=bash
+# shellcheck disable=
+
+#########################
+# MOUNT SMB SHARES v1.6 #
+#########################
+if bashio::config.has_value 'networkdisks'; then
+
+    # Define variables
+    MOREDISKS=$(bashio::config 'networkdisks')
+    CIFS_USERNAME=$(bashio::config 'cifsusername')
+    CIFS_PASSWORD=$(bashio::config 'cifspassword')
+
+    SMBVERS=""
+    SECVERS=""
+
+    # Mount CIFS Share if configured and if Protection Mode is active
+    echo 'Mounting smb share(s)...'
+
+    if bashio::config.has_value 'cifsdomain'; then
+        echo "Using domain $(bashio::config 'cifsdomain')"
+        DOMAIN=",domain=$(bashio::config 'cifsdomain')"
+    else
+        DOMAIN=""
+    fi
+
+    # Mount using UID/GID values
+    if bashio::config.has_value 'PUID' && bashio::config.has_value 'PGID' && [ -z ${ROOTMOUNT+x} ]; then
+        echo "Using PUID $(bashio::config 'PUID') and PGID $(bashio::config 'PGID')"
+        PUID=",uid=$(bashio::config 'PUID')"
+        PGID=",gid=$(bashio::config 'PGID')"
+    else
+        PUID=",uid=$(id -u)"
+        PGID=",gid=$(id -g)"
+    fi
+
+    # Clean data
+    MOREDISKS=${MOREDISKS// \/\//,\/\/}
+    MOREDISKS=${MOREDISKS//, /,}
+    MOREDISKS=${MOREDISKS// /"\040"}
+
+    # Mounting disks
+    # shellcheck disable=SC2086
+    for disk in ${MOREDISKS//,/ }; do # Separate comma separated values
+
+        # Clean name of network share
+        # shellcheck disable=SC2116,SC2001
+        disk=$(echo $disk | sed "s,/$,,") # Remove / at end of name
+        disk="${disk//"\040"/ }"            #replace \040 with
+        diskname="${disk//\\//}"            #replace \ with /
+        diskname="${diskname##*/}"          # Get only last part of the name
+        MOUNTED=false
+
+        # Data validation
+        if [[ ! $disk =~ ^.*+[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+[/]+.*+$ ]]; then
+            bashio::log.fatal "The structure of your \"networkdisks\" option : \"$disk\" doesn't seem correct, please use a structure like //123.12.12.12/sharedfolder,//123.12.12.12/sharedfolder2. If you don't use it, you can simply remove the text, this will avoid this error message in the future."
+            break 2
+        fi
+
+        # Does server exists
+        server="$(echo "$disk" | grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+")"
+        if ping -w 1 -c 1 8.8.8.8 >/dev/null; then
+            ping -w 5 -c 1 "$server" >/dev/null || \
+                { bashio::log.fatal "Your server $server from $disk doesn't ping, is it correct?"; break 2; }
+        fi
+
+        # Prepare mount point
+        mkdir -p /mnt/"$diskname"
+        chown -R root:root /mnt/"$diskname"
+
+        # if Fail test different smb and sec versions
+        if [ "$MOUNTED" = false ]; then
+
+            # Test with domain, remove otherwise
+            ####################################
+            for DOMAINVAR in "$DOMAIN" ",domain=WORKGROUP" ""; do
+
+                # Test with PUIDPGID, remove otherwise
+                ######################################
+                for PUIDPGID in "$PUID$PGID" "$PUID$PGID,forceuid,forcegid" ""; do
+
+                    # Test with iocharset utf8, remove otherwise
+                    ############################################
+                    for CHARSET in ",iocharset=utf8" ""; do
+
+                        # Test with different SMB versions
+                        ##################################
+                        for SMBVERS in "" ",vers=3" ",vers=1.0" ",vers=2.1" ",vers=3.0" ",nodfs"; do
+
+                            # Test with different security versions
+                            #######################################
+                            for SECVERS in "" ",sec=ntlm" ",sec=ntlmv2" ",sec=ntlmv2i" ",sec=ntlmssp" ",sec=ntlmsspi" ",sec=krb5i" ",sec=krb5"; do
+                                if [ "$MOUNTED" = false ]; then
+                                    mount -t cifs -o "rw,file_mode=0775,dir_mode=0775,username=$CIFS_USERNAME,password=${CIFS_PASSWORD},nobrl$SMBVERS$SECVERS$PUIDPGID$CHARSET$DOMAINVAR" "$disk" /mnt/"$diskname" 2>ERRORCODE \
+                                        && MOUNTED=true && MOUNTOPTIONS="$SMBVERS$SECVERS$PUIDPGID$CHARSET$DOMAINVAR" || MOUNTED=false
+                                fi
+                            done
+
+                        done
+
+                    done
+
+                done
+
+            done
+        fi
+
+        # Messages
+        if [ "$MOUNTED" = true ] && mountpoint -q /mnt/"$diskname"; then
+            #Test write permissions
+            # shellcheck disable=SC2015
+            touch "/mnt/$diskname/testaze" && rm "/mnt/$diskname/testaze" &&
+            bashio::log.info "... $disk successfully mounted to /mnt/$diskname with options $MOUNTOPTIONS" ||
+            bashio::log.fatal "Disk is mounted, however unable to write in the shared disk. Please check UID/GID for permissions, and if the share is rw"
+
+            # Test for serverino
+            # shellcheck disable=SC2015
+            touch "/mnt/$diskname/testaze" && mv "/mnt/$diskname/testaze" "/mnt/$diskname/testaze2" && rm "/mnt/$diskname/testaze2" ||
+            (umount "/mnt/$diskname" && mount -t cifs -o "iocharset=utf8,rw,file_mode=0775,dir_mode=0775,username=$CIFS_USERNAME,password=${CIFS_PASSWORD}$MOUNTOPTIONS,noserverino" "$disk" /mnt/"$diskname" && bashio::log.warning "noserverino option used")
+
+        else
+            # Mounting failed messages
+            bashio::log.fatal "Error, unable to mount $disk to /mnt/$diskname with username $CIFS_USERNAME, $CIFS_PASSWORD. Please check your remote share path, username, password, domain, try putting 0 in UID and GID"
+            bashio::log.fatal "Here is some debugging info :"
+
+            # Download smbclient
+            if command -v "apk" &>/dev/null; then apk add --no-cache samba-client &>/dev/null; fi
+            if command -v "apt" &>/dev/null; then apt-get install smbclient &>/dev/null; fi
+            if command -v "pacman" &>/dev/null; then pacman -S smbclient; fi
+
+            # Provide debugging info
+            smbclient -L $disk -U "$CIFS_USERNAME%$CIFS_PASSWORD" || true
+
+            # Error code
+            mount -t cifs -o "rw,file_mode=0775,dir_mode=0775,username=$CIFS_USERNAME,password=${CIFS_PASSWORD},nobrl$DOMAINVAR" "$disk" /mnt/"$diskname" 2>ERRORCODE || MOUNTED=false
+            bashio::log.fatal "Error read : $(<ERRORCODE)"
+            rm ERRORCODE*
+
+            # clean folder
+            umount "/mnt/$diskname" 2>/dev/null || true
+            rmdir "/mnt/$diskname" || true
+        fi
+
+    done
+
+    if [ -f ERRORCODE ]; then
+        rm ERRORCODE*
+    fi
+
+fi

ps3netsrv/rootfs/etc/s6-overlay/s6-rc.d/init-ps3netsrv/run

@@ -1,20 +1,20 @@
 #!/command/with-contenv bashio
 # shellcheck shell=bash
 
-USER_ID=${USER_ID:-1000}
-GROUP_ID=${GROUP_ID:-1000}
+USER_ID=${USER_ID:-0}
+GROUP_ID=${GROUP_ID:-0}
 
-groupmod -o -g "$GROUP_ID" ps3netsrv
-usermod -o -u "$USER_ID" ps3netsrv
+#groupmod -o -g "$GROUP_ID" ps3netsrv
+#usermod -o -u "$USER_ID" ps3netsrv
 
 echo '
 -------------------------------------
 GID/UID
 -------------------------------------'
 echo "
-User uid:    $(id -u ps3netsrv)
-User gid:    $(id -g ps3netsrv)
+User uid:    $(id -u ${USER_ID})
+User gid:    $(id -g ${GROUP_ID})
 -------------------------------------
 "
 
-mkdir -p /media/ps3netsrv
+#mkdir -p /media/ps3netsrv

ps3netsrv/rootfs/etc/s6-overlay/s6-rc.d/ps3netsrv/run

@@ -5,5 +5,5 @@
 # Runs the ps3netsrv
 # ==============================================================================
 
-bashio::log.info "Starting Ps3NetSrv...."
-/usr/local/bin/ps3netsrv /media/ps3netsrv
+bashio::log.info "Starting Ps3NetSrv.... (Share)"
+exec ps3netsrv /mnt/Share