fix(ark-suac): align ports, service naming, and permissions bootstrap

Apps/ark-suac/README.md

@@ -23,7 +23,7 @@ This app provides a dedicated server for ARK: Survival Ascended, allowing you to
 
 ### Volumes
 
-All volumes are mounted under `/DATA/AppData/ark-survival-ascended/`:
+All volumes are mounted under `/DATA/AppData/ark-suac/`:
 
 - `steam`: Steam runtime files
 - `steamcmd`: SteamCMD installation
@@ -46,6 +46,12 @@ All volumes are mounted under `/DATA/AppData/ark-survival-ascended/`:
 - No privileged mode required
 - No Docker socket access
 
+### Permission Bootstrap
+
+The compose includes a one-shot helper service `set-permissions` that runs as `root`
+before the game server starts. It only performs `chown` on app-specific bind mounts so
+the main `ark-asa-server` service can run as non-root `gameserver`.
+
 ### Data Persistence
 
 All game data, including server files, save games, and configuration, is persisted in the bound volumes. The container will automatically download and update server files on startup.

Apps/ark-suac/docker-compose.yaml

@@ -1,26 +1,48 @@
-name: ark-survival-ascended
+name: ark-suac
 
 services:
-  server:
+  ark-asa-server:
     image: mschnitzer/asa-linux-server:1.4.0
-    container_name: ark-survival-ascended
+    container_name: ark-asa-server
+    hostname: ark-asa-server
+    entrypoint: /usr/bin/start_server
+    user: gameserver
+    tty: true
     restart: unless-stopped
 
     environment:
       TZ: Europe/Stockholm
-      PUID: "1000"
+      ASA_START_PARAMS: 'TheIsland_WP?listen?Port=7777?RCONPort=27020?RCONEnabled=True -WinLiveMaxPlayers=50 -clusterid=default -ClusterDirOverride="/home/gameserver/cluster-shared"'
-      PGID: "1000"
+      ENABLE_DEBUG: "0"
-      WEBUI_PORT: "8080"
 
     ports:
-      - target: 8080
+      - target: 7777
-        published: "8080"
+        published: "7777"
+        protocol: udp
+      - target: 27020
+        published: "27020"
         protocol: tcp
 
+    depends_on:
+      - set-permissions
+
     volumes:
       - type: bind
-        source: /DATA/AppData/$AppID/config
+        source: /DATA/AppData/$AppID/steam
-        target: /config
+        target: /home/gameserver/Steam
+      - type: bind
+        source: /DATA/AppData/$AppID/steamcmd
+        target: /home/gameserver/steamcmd
+      - type: bind
+        source: /DATA/AppData/$AppID/server-files
+        target: /home/gameserver/server-files
+      - type: bind
+        source: /DATA/AppData/$AppID/cluster-shared
+        target: /home/gameserver/cluster-shared
+      - type: bind
+        source: /etc/localtime
+        target: /etc/localtime
+        read_only: true
 
     # Secure-by-default baseline. Relax only if appen kräver det.
     security_opt:
@@ -32,27 +54,62 @@ services:
       envs:
         - container: TZ
           description:
-            en_US: Timezone, for example Europe/Stockholm
+            en_us: Timezone, for example Europe/Stockholm
-        - container: PUID
+        - container: ASA_START_PARAMS
           description:
-            en_US: User ID for filesystem permissions
+            en_us: ARK start params, including map and ports
-        - container: PGID
+        - container: ENABLE_DEBUG
           description:
-            en_US: Group ID for filesystem permissions
+            en_us: Set 1 to enter debug mode without starting the server
       ports:
-        - container: "8080"
+        - container: "7777"
           description:
-            en_US: Web UI port
+            en_us: Game port for player connections (UDP)
+        - container: "27020"
+          description:
+            en_us: RCON admin port (TCP)
       volumes:
-        - container: /config
+        - container: /home/gameserver/Steam
           description:
-            en_US: Application configuration directory
+            en_us: Steam runtime cache
+        - container: /home/gameserver/steamcmd
+          description:
+            en_us: SteamCMD cache
+        - container: /home/gameserver/server-files
+          description:
+            en_us: ARK server files and saved data
+        - container: /home/gameserver/cluster-shared
+          description:
+            en_us: Shared cluster transfer data
+
+  set-permissions:
+    image: opensuse/leap:15.6
+    container_name: ark-asa-set-permissions
+    user: root
+    restart: "no"
+    entrypoint:
+      - /bin/bash
+      - -c
+      - chown -R 25000:25000 /steam /steamcmd /server-files /cluster-shared
+    volumes:
+      - type: bind
+        source: /DATA/AppData/$AppID/steam
+        target: /steam
+      - type: bind
+        source: /DATA/AppData/$AppID/steamcmd
+        target: /steamcmd
+      - type: bind
+        source: /DATA/AppData/$AppID/server-files
+        target: /server-files
+      - type: bind
+        source: /DATA/AppData/$AppID/cluster-shared
+        target: /cluster-shared
 
 x-casaos:
   architectures:
     - amd64
     - arm64
-  main: server
+  main: ark-asa-server
   category: phirna
   author: Joachim Friberg
   developer: Joachim Friberg
@@ -69,4 +126,4 @@ x-casaos:
   title:
     en_us: ARK Survival Ascended Server
   index: /
-  port_map: "8080"
+  port_map: "7777"