/steamcmd

Sane SteamCMD docker images!

Primary LanguageShellMIT LicenseMIT

Build Status CodeFactor MIT License

Sane SteamCMD Docker images

This project aims to provide pre-packaged SteamCMD docker images which are up-to-date and especially easy to use.

thetredev-steamcmd.mp4

Differences to official images

While the official images are fine, my take differs in a couple ways:

Base image

  • Based on the official SteamRT v3 "(Sniper)" image with all necessary dependencies and basic tools preinstalled
  • For legacy game servers (Source 1, non-CS:GO and HLDS) SteamRT v2 "Soldier" is used instead
  • The SteamCMD runtime error [S_API FAIL] SteamAPI_Init() failed; unable to locate a running instance of Steam, or a local steamclient.dll. is fixed
  • It does not operate under the root user - a steamcmd user with default UID and GID of 5000 each is used instead
  • The server path is changed to /var/lib/steamcmd/server
  • openssh-server is installed to provide an easy and secure way of managing server files externally, even when using Kubernetes

SSH server

See the SSHD configuration at image/base/etc/ssh/sshd_config.d/steamcmd.conf for the options applied to the server. Only public key authentication is enabled!

To enable the SSH server, set the environment variables STEAMCMD_SSH_SERVER_ENABLE to 1 and STEAMCMD_SSH_AUTHORIZED_KEYS to the Base64 encoded public SSH keys separated by newlines (see compose/hlds/cs-ssh.yml or compose/srcds/css-ssh.yml). STEAMCMD_SSH_AUTHORIZED_KEYS essentially represents the ~/.ssh/authorized_keys file on the server side in encoded format.

Base64-encode your public SSH keys:

cat <ssh-key1>.pub <ssh-key2>.pub <ssh-keyN>.pub | base64 -w 0

Then use the output as the value for STEAMCMD_SSH_AUTHORIZED_KEYS.

HLDS image

  • Based on the base image
  • Provides a generic base for HLDS-based game servers
  • Provides the script server.sh (HLDS) to manage game servers using a single tmux session
  • Provides a docker-entrypoint.sh which itself is executed as root with always-correct timezone and ownership of server files

The server.sh checks for the user executing it. If it's root, it executes itself as the steamcmd user via exec gosu to prevent ownership mismatch.

HLDS-based game servers

  • Composed via compose/hlds
  • Game server specific environment variables are used for configuration

Currently supported game server images:

Game Docker Image
Half-Life ghcr.io/thetredev/steamcmd:hlds-latest
Half-Life: Opposing Force ghcr.io/thetredev/steamcmd:hlds-latest
Counter-Strike ghcr.io/thetredev/steamcmd:hlds-latest
Counter-Strike: Condition Zero ghcr.io/thetredev/steamcmd:hlds-latest
Day of Defeat ghcr.io/thetredev/steamcmd:hlds-latest
Deathmatch Classic ghcr.io/thetredev/steamcmd:hlds-latest
Team Fortress Classic ghcr.io/thetredev/steamcmd:hlds-latest

Note: Ricochet seems like it's not available anymore.

SRCDS image

  • Based on the base image
  • Provides a generic base for SRCDS-based game servers
  • libstdc++, libtinfo and other runtime errors due to missing dependencies are fixed
  • Provides the script server.sh (SRCDS) to manage game servers using a single tmux session
  • Provides a docker-entrypoint.sh which itself is executed as root with always-correct timezone and ownership of server files
  • Tries to enable 128 tick configurations by default (CS:GO). CS:S will default to 67 because Valve said it's better this way (in 2010).

The server.sh checks for the user executing it. If it's root, it executes itself as the steamcmd user via exec gosu to prevent ownership mismatch.

SRCDS-based game servers

  • Composed via compose/srcds
  • Game server specific environment variables are used for configuration

Currently supported game server images:

Game Docker Image
Black Mesa: Deathmatch ghcr.io/thetredev/steamcmd:csgo-latest
Counter-Strike: Source ghcr.io/thetredev/steamcmd:srcds-latest
Counter-Strike: Global Offensive ghcr.io/thetredev/steamcmd:csgo-latest
Day of Defeat: Source ghcr.io/thetredev/steamcmd:srcds-latest
Garry's Mod ghcr.io/thetredev/steamcmd:srcds-latest
Half Life 2: Deathmatch ghcr.io/thetredev/steamcmd:srcds-latest
Left 4 Dead ghcr.io/thetredev/steamcmd:srcds-latest
Left 4 Dead 2 ghcr.io/thetredev/steamcmd:srcds-latest

Note that Black Mesa: Deathmatch and Counter-Strike: Global Offensive have their own dedicated csgo image, as these games are based on the CS:GO game engine and require newer runtimes to work correctly.

Running multiple game servers

If you want to run multiple game servers using one single compose file, see the example file compose/srcds/multiple.yml.

Kubernetes

See https://github.com/thetredev/helm-charts.

Image repositories

The main image repository is: ghcr.io/thetredev/steamcmd
See https://github.com/thetredev/steamcmd/pkgs/container/steamcmd/versions for details.

The GitHub image repository is synchronized with the Docker Hub repository:
https://hub.docker.com/r/thetredev/steamcmd

The GitHub Actions workflows are setup in the following way:

  • Pushes to the main branch lead to the image tags ghcr.io/thetredev/steamcmd:<image>-latest, where <image> is one of the following: base, hlds or srcds (see the supported game server images above)
  • Pushes of tags lead to retagging the ghcr.io/thetredev/steamcmd:<image>-latest images to ghcr.io/thetredev/steamcmd:<image>-<tag>

All image builds used to be scanned for CVEs and only pushed as latest or the given tag if no CVEs are found. These scans have been removed and/or disabled since we're relying on official Steam Runtime images now (commit a64d5003ac8d84eccc6326bc8270eef1105745e0) and we simply trust Valve to make the base images as secure as possible.

Known bugs

See the project issues.

How to contribute?

Just throw me a pull request - feel free to hack along!