I realise this is a very niche question, but I was hoping someone here either knows the answer or can point me to a better place to ask.
My @[email protected] uses Puppeteer to take screenshots of the game for its posts. I want to run the bot on my Synology NAS inside of a Docker container so I can just set it and forget it, rather than needing to ensure my desktop is on and running the bot. Unfortunately, the Synology doesn’t seem to play nicely with Puppeteer’s use of the Chrome sandbox. I need to add the --no-sandbox and --disable-setuid-sandbox flags to get it to run successfully. That seems rather risky and I’d rather not be running it like that.
It works fine on my desktop, including if run in Docker for Windows on my desktop. Any idea how to set up Synology to have the sandbox work?
I have no idea how Puppeteer handles this but Playwright has a little section on Chrome within Docker: https://playwright.dev/docs/docker#run-the-image
Basically, the Chrome sandbox needs a non-root user as well as a different seccomp profile configuration. No idea if this helps or if you already tried this but it’s worth giving it a shot.
Which I just now (after posting) noticed was already mentioned in a different comment. Sorry!
I’m guessing the user who made that other comment is on lemmy.world? I can’t see any comment other than yours, and LW has known issues with federation (issues that would be fixed if the instance weren’t 5 version behind…) that mean I probably won’t be able to see it for about 2 days right now. So thanks!
I haven’t looked into the suggestion in great detail yet, but I will say I’m already running as a non-root user (
USER nodeis a line in my Dockerfile). I’m not sure what a seccomp profile is, but in case it wasn’t clear from the original post, I just want to emphasise that the current configuration works in Docker on my Windows PC. It’s only on the Synology NAS that it fails.