feat: Add rootless Docker support #574

Fank · 2025-07-03T11:10:07Z

Summary

This PR implements rootless Docker support as requested in #547, providing a cleaner solution for users experiencing permission issues with Docker volumes.

What's Changed

New Rootless Images

Added Dockerfile.rootless that runs as UID 1000 by default
Created simplified docker-entrypoint-rootless.sh without chown operations
Added build-rootless.py to build rootless variants with -rootless suffix
Each regular tag now has a rootless variant (e.g., stable-rootless, latest-rootless)

Key Improvements

No Runtime Permission Changes: Eliminates recursive chown operations that can cause race conditions
Predictable Permissions: Always runs as UID 1000, making volume permissions predictable
Rootless Docker Compatible: Works seamlessly with rootless Docker installations
Better Security: Runs as non-root from the start

Documentation

Added comprehensive README-ROOTLESS.md with usage instructions
Updated main README with rootless section

How It Solves Permission Issues

The rootless images address the problems identified in #558:

No more interrupted chown operations leaving files with inconsistent ownership
No complex UID/GID mapping logic at runtime
Directories created with open permissions (777) during build
Container runs as non-root user from the start

Usage Example

# For rootless Docker users
docker run -d \
  -v ~/factorio:/factorio \
  factoriotools/factorio:stable-rootless

# For regular Docker users wanting predictable permissions
docker run -d \
  --user $(id -u):$(id -g) \
  -v /opt/factorio:/factorio \
  factoriotools/factorio:stable-rootless

Testing

Built and tested rootless images locally
Verified container starts without permission errors
Confirmed no chown operations occur at runtime

Compatibility

Maintains full backward compatibility - existing images are unchanged
Rootless images support all the same environment variables except PUID/PGID
Can be built alongside regular images using build-rootless.py

Fixes #547
Related to #558

🤖 Generated with Claude Code

Implements #547 - Add support for rootless Docker images to avoid permission issues. Key changes: - Add Dockerfile.rootless that runs as UID 1000 by default - Create simplified entrypoint script without chown operations - Add build-rootless.py to build rootless variants with -rootless suffix - Document rootless usage in README-ROOTLESS.md - Update main README with rootless section The rootless images eliminate common permission problems by: - Running as non-root from the start (USER 1000:1000) - Avoiding recursive chown operations that can cause race conditions - Using open permissions (777) on directories during build - Not supporting PUID/PGID environment variables This provides a cleaner solution for rootless Docker users and those experiencing permission issues with volumes. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>

github-actions · 2025-07-03T11:10:17Z

docker/Dockerfile.rootless

@@ -0,0 +1,93 @@
+# build rcon client
+FROM debian:stable-slim AS rcon-builder
+RUN apt-get -q update \


📝 [hadolint] <DL3015> _{reported by reviewdog 🐶}
Avoid additional packages by specifying --no-install-reco 8000 mmends

github-actions · 2025-07-03T11:10:17Z

docker/Dockerfile.rootless

+RUN chmod +x /*.sh
+
+# Set proper permissions for the factorio directory
+RUN chmod -R 777 /opt/factorio /factorio


📝 [hadolint] <DL3059> _{reported by reviewdog 🐶}
Multiple consecutive RUN instructions. Consider consolidation.

github-actions · 2025-07-03T11:10:21Z