diff --git a/.github/ISSUE_TEMPLATE/issue.bug.yml b/.github/ISSUE_TEMPLATE/issue.bug.yml index 59a10f56..ce3d19af 100755 --- a/.github/ISSUE_TEMPLATE/issue.bug.yml +++ b/.github/ISSUE_TEMPLATE/issue.bug.yml @@ -53,7 +53,6 @@ body: options: - x86-64 - arm64 - - armhf validations: required: true - type: textarea diff --git a/.github/workflows/external_trigger.yml b/.github/workflows/external_trigger.yml index 467f7186..5b2fc0bf 100644 --- a/.github/workflows/external_trigger.yml +++ b/.github/workflows/external_trigger.yml @@ -12,93 +12,5 @@ jobs: - name: External Trigger if: github.ref == 'refs/heads/master' run: | - if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_WEBTOP_MASTER }}" ]; then - echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_WEBTOP_MASTER is set; skipping trigger. ****" - exit 0 - fi - echo "**** External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_WEBTOP_MASTER\". ****" - echo "**** Retrieving external version ****" - EXT_RELEASE=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.16/community/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \ - && awk '/^P:'"xfce4"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') - if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then - echo "**** Can't retrieve external version, exiting ****" - FAILURE_REASON="Can't retrieve external version for webtop branch master" - GHA_TRIGGER_URL="https://github.com/linuxserver/docker-webtop/actions/runs/${{ github.run_id }}" - curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, - "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n**Trigger URL:** '"${GHA_TRIGGER_URL}"' \n"}], - "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} - exit 1 - fi - EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g') - echo "**** External version: ${EXT_RELEASE} ****" - echo "**** Retrieving last pushed version ****" - image="linuxserver/webtop" - tag="latest" - token=$(curl -sX GET \ - "https://ghcr.io/token?scope=repository%3Alinuxserver%2Fwebtop%3Apull" \ - | jq -r '.token') - multidigest=$(curl -s \ - --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ - --header "Authorization: Bearer ${token}" \ - "https://ghcr.io/v2/${image}/manifests/${tag}" \ - | jq -r 'first(.manifests[].digest)') - digest=$(curl -s \ - --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ - --header "Authorization: Bearer ${token}" \ - "https://ghcr.io/v2/${image}/manifests/${multidigest}" \ - | jq -r '.config.digest') - image_info=$(curl -sL \ - --header "Authorization: Bearer ${token}" \ - "https://ghcr.io/v2/${image}/blobs/${digest}") - if [[ $(echo $image_info | jq -r '.container_config') == "null" ]]; then - image_info=$(echo $image_info | jq -r '.config') - else - image_info=$(echo $image_info | jq -r '.container_config') - fi - IMAGE_RELEASE=$(echo ${image_info} | jq -r '.Labels.build_version' | awk '{print $3}') - IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ls' '{print $1}') - if [ -z "${IMAGE_VERSION}" ]; then - echo "**** Can't retrieve last pushed version, exiting ****" - FAILURE_REASON="Can't retrieve last pushed version for webtop tag latest" - curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, - "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], - "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} - exit 1 - fi - echo "**** Last pushed version: ${IMAGE_VERSION} ****" - if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then - echo "**** Version ${EXT_RELEASE} already pushed, exiting ****" - exit 0 - elif [[ $(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.16/community/aarch64/APKINDEX.tar.gz" | tar -xz -C /tmp && awk '/^P:'"xfce4"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') != "${EXT_RELEASE}" ]] || [[ $(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.16/community/armv7/APKINDEX.tar.gz" | tar -xz -C /tmp && awk '/^P:'"xfce4"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') != "${EXT_RELEASE}" ]]; then - echo "**** New version ${EXT_RELEASE} found; but not all arch repos updated yet; exiting ****" - FAILURE_REASON="New version ${EXT_RELEASE} for webtop tag latest is detected, however not all arch repos are updated yet. Will try again later." - curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, - "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], - "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} - exit 0 - elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-webtop/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then - echo "**** New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting ****" - exit 0 - else - echo "**** New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build ****" - response=$(curl -iX POST \ - https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-webtop/job/master/buildWithParameters?PACKAGE_CHECK=false \ - --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") - echo "**** Jenkins job queue url: ${response%$'\r'} ****" - echo "**** Sleeping 10 seconds until job starts ****" - sleep 10 - buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') - buildurl="${buildurl%$'\r'}" - echo "**** Jenkins job build url: ${buildurl} ****" - echo "**** Attempting to change the Jenkins job description ****" - curl -iX POST \ - "${buildurl}submitDescription" \ - --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ - --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ - --data-urlencode "Submit=Submit" - echo "**** Notifying Discord ****" - TRIGGER_REASON="A version change was detected for webtop tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}" - curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, - "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}], - "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} - fi + echo "**** No external release, exiting ****" + exit 0 diff --git a/Dockerfile b/Dockerfile index 309a6e33..ca7a07db 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/linuxserver/baseimage-rdesktop-web:3.16 +FROM ghcr.io/linuxserver/baseimage-kasmvnc:alpine317 # set version label ARG BUILD_DATE @@ -11,19 +11,28 @@ LABEL maintainer="thelamer" RUN \ echo "**** install packages ****" && \ apk add --no-cache \ + chromium \ faenza-icon-theme \ faenza-icon-theme-xfce4-appfinder \ faenza-icon-theme-xfce4-panel \ - firefox \ mousepad \ + ristretto \ thunar \ + util-linux-misc \ xfce4 \ xfce4-terminal && \ - apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \ - xfce4-pulseaudio-plugin && \ + echo "**** application tweaks ****" && \ + sed -i \ + 's#^Exec=.*#Exec=/usr/local/bin/wrapped-chromium#g' \ + /usr/share/applications/chromium.desktop && \ + mv /usr/bin/exo-open /usr/bin/exo-open-real && \ echo "**** cleanup ****" && \ - rm -f /usr/share/xfce4/panel/plugins/power-manager-plugin.desktop && \ + rm -f \ + /etc/xdg/autostart/xfce4-power-manager.desktop \ + /etc/xdg/autostart/xscreensaver.desktop \ + /usr/share/xfce4/panel/plugins/power-manager-plugin.desktop && \ rm -rf \ + /config/.cache \ /tmp/* # add local files diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 93de9a55..8794d040 100644 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -1,4 +1,4 @@ -FROM ghcr.io/linuxserver/baseimage-rdesktop-web:arm64v8-3.16 +FROM ghcr.io/linuxserver/baseimage-kasmvnc:arm64v8-alpine317 # set version label ARG BUILD_DATE @@ -11,19 +11,28 @@ LABEL maintainer="thelamer" RUN \ echo "**** install packages ****" && \ apk add --no-cache \ + chromium \ faenza-icon-theme \ faenza-icon-theme-xfce4-appfinder \ faenza-icon-theme-xfce4-panel \ - firefox \ mousepad \ + ristretto \ thunar \ + util-linux-misc \ xfce4 \ xfce4-terminal && \ - apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \ - xfce4-pulseaudio-plugin && \ + echo "**** application tweaks ****" && \ + sed -i \ + 's#^Exec=.*#Exec=/usr/local/bin/wrapped-chromium#g' \ + /usr/share/applications/chromium.desktop && \ + mv /usr/bin/exo-open /usr/bin/exo-open-real && \ echo "**** cleanup ****" && \ - rm -f /usr/share/xfce4/panel/plugins/power-manager-plugin.desktop && \ + rm -f \ + /etc/xdg/autostart/xfce4-power-manager.desktop \ + /etc/xdg/autostart/xscreensaver.desktop \ + /usr/share/xfce4/panel/plugins/power-manager-plugin.desktop && \ rm -rf \ + /config/.cache \ /tmp/* # add local files diff --git a/Dockerfile.armhf b/Dockerfile.armhf deleted file mode 100644 index e6ac1860..00000000 --- a/Dockerfile.armhf +++ /dev/null @@ -1,35 +0,0 @@ -FROM ghcr.io/linuxserver/baseimage-rdesktop-web:arm32v7-3.16 - -# set version label -ARG BUILD_DATE -ARG VERSION -ARG XFCE_VERSION -LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}" -LABEL maintainer="thelamer" - - -RUN \ - echo "**** install packages ****" && \ - apk add --no-cache \ - faenza-icon-theme \ - faenza-icon-theme-xfce4-appfinder \ - faenza-icon-theme-xfce4-panel \ - firefox \ - mousepad \ - thunar \ - xfce4 \ - xfce4-terminal && \ - apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \ - xfce4-pulseaudio-plugin && \ - echo "**** cleanup ****" && \ - rm -f /usr/share/xfce4/panel/plugins/power-manager-plugin.desktop && \ - rm -rf \ - /tmp/* - -# add local files -COPY /root / - -# ports and volumes -EXPOSE 3000 - -VOLUME /config diff --git a/Jenkinsfile b/Jenkinsfile index 83243991..295423bd 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -25,9 +25,6 @@ pipeline { DEV_DOCKERHUB_IMAGE = 'lsiodev/webtop' PR_DOCKERHUB_IMAGE = 'lspipepr/webtop' DIST_IMAGE = 'alpine' - DIST_TAG = '3.16' - DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.16/community/' - DIST_REPO_PACKAGES = 'xfce4' MULTIARCH = 'true' CI = 'true' CI_WEB = 'true' @@ -102,15 +99,12 @@ pipeline { /* ######################## External Release Tagging ######################## */ - // If this is an alpine repo change for external version determine an md5 from the version string - stage("Set tag Alpine Repo"){ + // If this is an os release set release type to none to indicate no external release + stage("Set ENV os"){ steps{ script{ - env.EXT_RELEASE = sh( - script: '''curl -sL "${DIST_REPO}x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \ - && awk '/^P:'"${DIST_REPO_PACKAGES}"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://' ''', - returnStdout: true).trim() - env.RELEASE_LINK = 'alpine_repo' + env.EXT_RELEASE = env.PACKAGE_TAG + env.RELEASE_LINK = 'none' } } } @@ -161,7 +155,7 @@ pipeline { env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER } else { env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER } @@ -184,7 +178,7 @@ pipeline { env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA } else { env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA } @@ -207,7 +201,7 @@ pipeline { env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST } else { env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST } @@ -492,41 +486,6 @@ pipeline { --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." } } - stage('Build ARMHF') { - agent { - label 'ARMHF' - } - steps { - echo "Running on node: ${NODE_NAME}" - echo 'Logging into Github' - sh '''#! /bin/bash - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin - ''' - sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.armhf" - sh "docker buildx build \ - --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ - --label \"org.opencontainers.image.authors=linuxserver.io\" \ - --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-webtop/packages\" \ - --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-webtop\" \ - --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-webtop\" \ - --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ - --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.vendor=linuxserver.io\" \ - --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ - --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.title=Webtop\" \ - --label \"org.opencontainers.image.description=[Webtop](https://github.com/linuxserver/docker-webtop) - Alpine, Ubuntu, Fedora, and Arch based containers containing full desktop environments in officially supported flavors accessible via any modern web browser. \" \ - --no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} --platform=linux/arm/v7 \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh "docker tag ${IMAGE}:arm32v7-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}" - retry(5) { - sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}" - } - sh '''docker rmi \ - ${IMAGE}:arm32v7-${META_TAG} \ - ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} || :''' - } - } stage('Build ARM64') { agent { label 'ARM64' @@ -677,9 +636,7 @@ pipeline { set -e docker pull ghcr.io/linuxserver/ci:latest if [ "${MULTIARCH}" == "true" ]; then - docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} - docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG} docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG} fi docker run --rm \ @@ -795,8 +752,6 @@ pipeline { echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin if [ "${CI}" == "false" ]; then - docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} - docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG} docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG} fi @@ -804,47 +759,35 @@ pipeline { docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-latest docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} - docker tag ${IMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} - docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-latest - docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-latest docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} if [ -n "${SEMVER}" ]; then docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${SEMVER} - docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${SEMVER} docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${SEMVER} fi docker push ${MANIFESTIMAGE}:amd64-${META_TAG} docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} docker push ${MANIFESTIMAGE}:amd64-latest - docker push ${MANIFESTIMAGE}:arm32v7-${META_TAG} - docker push ${MANIFESTIMAGE}:arm32v7-latest - docker push ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG} docker push ${MANIFESTIMAGE}:arm64v8-latest docker push ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} if [ -n "${SEMVER}" ]; then docker push ${MANIFESTIMAGE}:amd64-${SEMVER} - docker push ${MANIFESTIMAGE}:arm32v7-${SEMVER} docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER} fi docker manifest push --purge ${MANIFESTIMAGE}:latest || : - docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:arm64v8-latest - docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm32v7-latest --os linux --arch arm + docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8 docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || : - docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} - docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} --os linux --arch arm + docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8 docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} || : - docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} - docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} --os linux --arch arm + docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} --os linux --arch arm64 --variant v8 if [ -n "${SEMVER}" ]; then docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} || : - docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} - docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} --os linux --arch arm + docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} --os linux --arch arm64 --variant v8 fi docker manifest push --purge ${MANIFESTIMAGE}:latest @@ -862,21 +805,16 @@ pipeline { ${DELETEIMAGE}:amd64-${META_TAG} \ ${DELETEIMAGE}:amd64-latest \ ${DELETEIMAGE}:amd64-${EXT_RELEASE_TAG} \ - ${DELETEIMAGE}:arm32v7-${META_TAG} \ - ${DELETEIMAGE}:arm32v7-latest \ - ${DELETEIMAGE}:arm32v7-${EXT_RELEASE_TAG} \ ${DELETEIMAGE}:arm64v8-${META_TAG} \ ${DELETEIMAGE}:arm64v8-latest \ ${DELETEIMAGE}:arm64v8-${EXT_RELEASE_TAG} || : if [ -n "${SEMVER}" ]; then docker rmi \ ${DELETEIMAGE}:amd64-${SEMVER} \ - ${DELETEIMAGE}:arm32v7-${SEMVER} \ ${DELETEIMAGE}:arm64v8-${SEMVER} || : fi done docker rmi \ - ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} \ ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || : ''' } @@ -902,11 +840,11 @@ pipeline { "tagger": {"name": "LinuxServer Jenkins","email": "jenkins@linuxserver.io","date": "'${GITHUB_DATE}'"}}' ''' echo "Pushing New release for Tag" sh '''#! /bin/bash - echo "Updating external repo packages to ${EXT_RELEASE_CLEAN}" > releasebody.json + echo "Updating base packages to ${PACKAGE_TAG}" > releasebody.json echo '{"tag_name":"'${META_TAG}'",\ "target_commitish": "master",\ "name": "'${META_TAG}'",\ - "body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Repo Changes:**\\n\\n' > start + "body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**OS Changes:**\\n\\n' > start printf '","draft": false,"prerelease": false}' >> releasebody.json paste -d'\\0' start releasebody.json > releasebody.json.done curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done''' diff --git a/README.md b/README.md index 17edb473..dcb5d291 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ The architectures supported by this image are: | :----: | :----: | ---- | | x86-64 | ✅ | amd64-\ | | arm64 | ✅ | arm64v8-\ | -| armhf | ✅ | arm32v7-\ | +| armhf | ❌ | | ## Version Tags @@ -68,91 +68,72 @@ This image provides various versions that are available via tags. Please read th | ubuntu-xfce | ✅ | XFCE Ubuntu | | fedora-xfce | ✅ | XFCE Fedora | | arch-xfce | ✅ | XFCE Arch | +| debian-xfce | ✅ | XFCE Debian | | alpine-kde | ✅ | KDE Alpine | | ubuntu-kde | ✅ | KDE Ubuntu | | fedora-kde | ✅ | KDE Fedora | | arch-kde | ✅ | KDE Arch | +| debian-kde | ✅ | KDE Debian | | alpine-mate | ✅ | MATE Alpine | | ubuntu-mate | ✅ | MATE Ubuntu | | fedora-mate | ✅ | MATE Fedora | | arch-mate | ✅ | MATE Arch | +| debian-mate | ✅ | MATE Debian | | alpine-i3 | ✅ | i3 Alpine | | ubuntu-i3 | ✅ | i3 Ubuntu | | fedora-i3 | ✅ | i3 Fedora | | arch-i3 | ✅ | i3 Arch | +| debian-i3 | ✅ | i3 Debian | | alpine-openbox | ✅ | Openbox Alpine | | ubuntu-openbox | ✅ | Openbox Ubuntu | | fedora-openbox | ✅ | Openbox Fedora | | arch-openbox | ✅ | Openbox Arch | +| debian-openbox | ✅ | Openbox Debian | | alpine-icewm | ✅ | IceWM Alpine | | ubuntu-icewm | ✅ | IceWM Ubuntu | | fedora-icewm | ✅ | IceWM Fedora | | arch-icewm | ✅ | IceWM Arch | +| debian-icewm | ✅ | IceWM Debian | ## Application Setup The Webtop can be accessed at: * http://yourhost:3000/ +* https://yourhost:3001/ -By default the user/pass is abc/abc, if you change your password or want to login manually to the GUI session for any reason use the following link: +**Modern GUI desktop apps (including some flavors terminals) have issues with the latest Docker and syscall compatibility, you can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls** -* http://yourhost:3000/?login=true +**Unlike our other containers these Desktops are not designed to be upgraded by Docker, you will keep your home directoy but anything you installed system level will be lost if you upgrade an existing container. To keep packages up to date instead use Ubuntu/Debians's own apt, Alpine's apk, Fedora's dnf, or Arch's pacman program** -You can also force login on the '/' path without this parameter by passing the environment variable `-e AUTO_LOGIN=false`. +### Options in all KasmVNC based GUI containers -You can access advanced features of the Guacamole remote desktop using ctrl+alt+shift enabling you to use remote copy/paste, an onscreen keyboard, or a baked in file manager. This can also be accessed by clicking the small circle on the left side of the screen. +This container is based on [Docker Baseimage KasmVNC](https://github.com/linuxserver/docker-baseimage-kasmvnc) which means there are additional environment variables and run configurations to enable or disable specific functionality. -**Modern GUI desktop apps (including some flavors terminals) have issues with the latest Docker and syscall compatibility, you can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls or try [podman](https://podman.io/) as they have updated their codebase to support them** +#### Optional environment variables -**Unlike our other containers these Desktops are not designed to be upgraded by Docker, you will keep your home directoy but anything you installed system level will be lost if you upgrade an existing container. To keep packages up to date instead use Ubuntu's own apt, Alpine's apk, Fedora's dnf, or Arch's pacman program** +| Variable | Description | +| :----: | --- | +| CUSTOM_PORT | Internal port the container listens on for http if it needs to be swapped from the default 3000. | +| CUSTOM_HTTPS_PORT | Internal port the container listens on for https if it needs to be swapped from the default 3001. | +| CUSTOM_USER | HTTP Basic auth username, abc is default. | +| PASSWORD | HTTP Basic auth password, abc is default. If unset there will be no auth | +| SUBFOLDER | Subfolder for the application if running a subfolder reverse proxy, need both slashes IE `/subfolder/` | +| TITLE | The page title displayed on the web browser, default "KasmVNC Client". | +| FM_HOME | This is the home directory (landing) for the file manager, default "/config". | +| START_DOCKER | If set to false a container with privilege will not automatically start the DinD Docker setup. | +| DRINODE | If mounting in /dev/dri for [DRI3 GPU Acceleration](https://www.kasmweb.com/kasmvnc/docs/master/gpu_acceleration.html) allows you to specify the device to use IE `/dev/dri/renderD128` | -#### Keyboard Layouts +#### Optional run configurations -This should match the layout on the computer you are accessing the container from. +| Variable | Description | +| :----: | --- | +| `--privileged` | Will start a Docker in Docker (DinD) setup inside the container to use docker in an isolated environment. For increased performance mount the Docker directory inside the container to the host IE `-v /home/user/docker-data:/var/lib/docker`. | +| `-v /var/run/docker.sock:/var/run/docker.sock` | Mount in the host level Docker socket to either interact with it via CLI or use Docker enabled applications. | +| `--device /dev/dri:/dev/dri` | Mount a GPU into the container, this can be used in conjunction with the `DRINODE` environment variable to leverage a host video card for GPU accelerated appplications. Only **Open Source** drivers are supported IE (Intel,AMDGPU,Radeon,ATI,Nouveau) | -The keyboard layouts available for use are: -* da-dk-qwerty- Danish keyboard -* de-ch-qwertz- Swiss German keyboard (qwertz) -* de-de-qwertz- German keyboard (qwertz) - **OSK available** -* en-gb-qwerty- English (UK) keyboard -* en-us-qwerty- English (US) keyboard - **OSK available** **DEFAULT** -* es-es-qwerty- Spanish keyboard - **OSK available** -* fr-ch-qwertz- Swiss French keyboard (qwertz) -* fr-fr-azerty- French keyboard (azerty) - **OSK available** -* it-it-qwerty- Italian keyboard - **OSK available** -* ja-jp-qwerty- Japanese keyboard -* pt-br-qwerty- Portuguese Brazilian keyboard -* sv-se-qwerty- Swedish keyboard -* tr-tr-qwerty- Turkish-Q keyboard +### Lossless mode -If you ever lose your password you can always reset it by execing into the container as root: -``` -docker exec -it webtop passwd abc -``` -By default we perform all logic for the abc user and we reccomend using that user only in the container, but new users can be added as long as there is a `startwm.sh` executable script in their home directory. -All of these containers are configured with passwordless sudo, we make no efforts to secure or harden these containers and we do not reccomend ever publishing their ports to the public Internet. - -## Hardware Acceleration (Ubuntu Container Only) - -Many desktop application will need access to a GPU to function properly and even some Desktop Environments have compisitor effects that will not function without a GPU. This is not a hard requirement and all base images will function without a video device mounted into the container. - -### Intel/ATI/AMD - -To leverage hardware acceleration you will need to mount /dev/dri video device inside of the conainer. -``` ---device=/dev/dri:/dev/dri -``` -We will automatically ensure the abc user inside of the container has the proper permissions to access this device. -### Nvidia - -Hardware acceleration users for Nvidia will need to install the container runtime provided by Nvidia on their host, instructions can be found here: -https://github.com/NVIDIA/nvidia-docker - -We automatically add the necessary environment variable that will utilise all the features available on a GPU on the host. Once nvidia-docker is installed on your host you will need to re/create the docker container with the nvidia container runtime `--runtime=nvidia` and add an environment variable `-e NVIDIA_VISIBLE_DEVICES=all` (can also be set to a specific gpu's UUID, this can be discovered by running `nvidia-smi --query-gpu=gpu_name,gpu_uuid --format=csv` ). NVIDIA automatically mounts the GPU and drivers from your host into the container. - -### Arm Devices - -Best effort is made to install tools to allow mounting in /dev/dri on Arm devices. In most cases if /dev/dri exists on the host it should just work. If running a Raspberry Pi 4 be sure to enable `dtoverlay=vc4-fkms-v3d` in your usercfg.txt. +This container is capable of delivering a true lossless image at a high framerate to your web browser by changing the Stream Quality preset to "Lossless", more information [here](https://www.kasmweb.com/docs/latest/how_to/lossless.html#technical-background). In order to use this mode from a non localhost endpoint the HTTPS port on 3001 needs to be used. If using a reverse proxy to port 3000 specific headers will need to be set as outlined [here](https://github.com/linuxserver/docker-baseimage-kasmvnc#lossless). ## Usage @@ -174,13 +155,13 @@ services: - PGID=1000 - TZ=Etc/UTC - SUBFOLDER=/ #optional - - KEYBOARD=en-us-qwerty #optional - TITLE=Webtop #optional volumes: - /path/to/data:/config - /var/run/docker.sock:/var/run/docker.sock #optional ports: - 3000:3000 + - 3001:3001 devices: - /dev/dri:/dev/dri #optional shm_size: "1gb" #optional @@ -197,9 +178,9 @@ docker run -d \ -e PGID=1000 \ -e TZ=Etc/UTC \ -e SUBFOLDER=/ `#optional` \ - -e KEYBOARD=en-us-qwerty `#optional` \ -e TITLE=Webtop `#optional` \ -p 3000:3000 \ + -p 3001:3001 \ -v /path/to/data:/config \ -v /var/run/docker.sock:/var/run/docker.sock `#optional` \ --device /dev/dri:/dev/dri `#optional` \ @@ -216,11 +197,11 @@ Container images are configured using parameters passed at runtime (such as thos | Parameter | Function | | :----: | --- | | `-p 3000` | Web Desktop GUI | +| `-p 3001` | Web Desktop GUI HTTPS | | `-e PUID=1000` | for UserID - see below for explanation | | `-e PGID=1000` | for GroupID - see below for explanation | | `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). | | `-e SUBFOLDER=/` | Specify a subfolder to use with reverse proxies, IE `/subfolder/` | -| `-e KEYBOARD=en-us-qwerty` | See the keyboard layouts section for more information and options. | | `-e TITLE=Webtop` | String which will be used as page/tab title in the web browser. | | `-v /config` | abc users home directory | | `-v /var/run/docker.sock` | Docker Socket on the system, if you want to use Docker in the container | @@ -337,6 +318,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64 ## Versions +* **23.03.23:** - Rebase all Webtops to KasmVNC base image. * **21.10.22:** - Rebase xfce to Alpine 3.16, migrate to s6v3. * **12.03.22:** - Add documentation for mounting in a GPU. * **05.02.22:** - Rebase KDE Ubuntu to Jammy, add new documentation for updated gclient, stop recommending priv mode. diff --git a/jenkins-vars.yml b/jenkins-vars.yml index 06507d1b..3e0726bf 100644 --- a/jenkins-vars.yml +++ b/jenkins-vars.yml @@ -2,10 +2,11 @@ # jenkins variables project_name: docker-webtop -external_type: alpine_repo +external_type: os release_type: stable release_tag: latest ls_branch: master +build_armhf: false repo_vars: - BUILD_VERSION_ARG = 'XFCE_VERSION' - LS_USER = 'linuxserver' @@ -15,9 +16,6 @@ repo_vars: - DEV_DOCKERHUB_IMAGE = 'lsiodev/webtop' - PR_DOCKERHUB_IMAGE = 'lspipepr/webtop' - DIST_IMAGE = 'alpine' - - DIST_TAG = '3.16' - - DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.16/community/' - - DIST_REPO_PACKAGES = 'xfce4' - MULTIARCH = 'true' - CI = 'true' - CI_WEB = 'true' diff --git a/readme-vars.yml b/readme-vars.yml index 037855e2..020e6d43 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -12,7 +12,6 @@ project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_ available_architectures: - { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"} - { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"} - - { arch: "{{ arch_armhf }}", tag: "arm32v7-latest"} # development version development_versions: true @@ -21,26 +20,32 @@ development_versions_items: - { tag: "ubuntu-xfce", desc: "XFCE Ubuntu" } - { tag: "fedora-xfce", desc: "XFCE Fedora" } - { tag: "arch-xfce", desc: "XFCE Arch" } + - { tag: "debian-xfce", desc: "XFCE Debian" } - { tag: "alpine-kde", desc: "KDE Alpine" } - { tag: "ubuntu-kde", desc: "KDE Ubuntu" } - { tag: "fedora-kde", desc: "KDE Fedora" } - - { tag: "arch-kde", desc: "KDE Arch" } + - { tag: "arch-kde", desc: "KDE Arch" } + - { tag: "debian-kde", desc: "KDE Debian" } - { tag: "alpine-mate", desc: "MATE Alpine" } - { tag: "ubuntu-mate", desc: "MATE Ubuntu" } - { tag: "fedora-mate", desc: "MATE Fedora" } - { tag: "arch-mate", desc: "MATE Arch" } + - { tag: "debian-mate", desc: "MATE Debian" } - { tag: "alpine-i3", desc: "i3 Alpine" } - { tag: "ubuntu-i3", desc: "i3 Ubuntu" } - { tag: "fedora-i3", desc: "i3 Fedora" } - { tag: "arch-i3", desc: "i3 Arch" } + - { tag: "debian-i3", desc: "i3 Debian" } - { tag: "alpine-openbox", desc: "Openbox Alpine" } - { tag: "ubuntu-openbox", desc: "Openbox Ubuntu" } - { tag: "fedora-openbox", desc: "Openbox Fedora" } - { tag: "arch-openbox", desc: "Openbox Arch" } + - { tag: "debian-openbox", desc: "Openbox Debian" } - { tag: "alpine-icewm", desc: "IceWM Alpine" } - { tag: "ubuntu-icewm", desc: "IceWM Ubuntu" } - { tag: "fedora-icewm", desc: "IceWM Fedora" } - { tag: "arch-icewm", desc: "IceWM Arch" } + - { tag: "debian-icewm", desc: "IceWM Debian" } # container parameters param_container_name: "{{ project_name }}" @@ -50,6 +55,7 @@ param_volumes: param_usage_include_ports: true param_ports: - { external_port: "3000", internal_port: "3000", port_desc: "Web Desktop GUI" } + - { external_port: "3001", internal_port: "3001", port_desc: "Web Desktop GUI HTTPS" } param_usage_include_env: true param_env_vars: - { env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London"} @@ -57,7 +63,6 @@ param_env_vars: opt_param_usage_include_env: true opt_param_env_vars: - { env_var: "SUBFOLDER", env_value: "/", desc: "Specify a subfolder to use with reverse proxies, IE `/subfolder/`"} - - { env_var: "KEYBOARD", env_value: "en-us-qwerty", desc: "See the keyboard layouts section for more information and options."} - { env_var: "TITLE", env_value: "Webtop", desc: "String which will be used as page/tab title in the web browser." } opt_param_usage_include_vols: true opt_param_volumes: @@ -77,69 +82,45 @@ app_setup_block: | The Webtop can be accessed at: * http://yourhost:3000/ - - By default the user/pass is abc/abc, if you change your password or want to login manually to the GUI session for any reason use the following link: - - * http://yourhost:3000/?login=true - - You can also force login on the '/' path without this parameter by passing the environment variable `-e AUTO_LOGIN=false`. - - You can access advanced features of the Guacamole remote desktop using ctrl+alt+shift enabling you to use remote copy/paste, an onscreen keyboard, or a baked in file manager. This can also be accessed by clicking the small circle on the left side of the screen. - - **Modern GUI desktop apps (including some flavors terminals) have issues with the latest Docker and syscall compatibility, you can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls or try [podman](https://podman.io/) as they have updated their codebase to support them** - - **Unlike our other containers these Desktops are not designed to be upgraded by Docker, you will keep your home directoy but anything you installed system level will be lost if you upgrade an existing container. To keep packages up to date instead use Ubuntu's own apt, Alpine's apk, Fedora's dnf, or Arch's pacman program** - - #### Keyboard Layouts + * https://yourhost:3001/ - This should match the layout on the computer you are accessing the container from. + **Modern GUI desktop apps (including some flavors terminals) have issues with the latest Docker and syscall compatibility, you can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls** - The keyboard layouts available for use are: - * da-dk-qwerty- Danish keyboard - * de-ch-qwertz- Swiss German keyboard (qwertz) - * de-de-qwertz- German keyboard (qwertz) - **OSK available** - * en-gb-qwerty- English (UK) keyboard - * en-us-qwerty- English (US) keyboard - **OSK available** **DEFAULT** - * es-es-qwerty- Spanish keyboard - **OSK available** - * fr-ch-qwertz- Swiss French keyboard (qwertz) - * fr-fr-azerty- French keyboard (azerty) - **OSK available** - * it-it-qwerty- Italian keyboard - **OSK available** - * ja-jp-qwerty- Japanese keyboard - * pt-br-qwerty- Portuguese Brazilian keyboard - * sv-se-qwerty- Swedish keyboard - * tr-tr-qwerty- Turkish-Q keyboard + **Unlike our other containers these Desktops are not designed to be upgraded by Docker, you will keep your home directoy but anything you installed system level will be lost if you upgrade an existing container. To keep packages up to date instead use Ubuntu/Debians's own apt, Alpine's apk, Fedora's dnf, or Arch's pacman program** - If you ever lose your password you can always reset it by execing into the container as root: - ``` - docker exec -it webtop passwd abc - ``` - By default we perform all logic for the abc user and we reccomend using that user only in the container, but new users can be added as long as there is a `startwm.sh` executable script in their home directory. - All of these containers are configured with passwordless sudo, we make no efforts to secure or harden these containers and we do not reccomend ever publishing their ports to the public Internet. + ### Options in all KasmVNC based GUI containers - ## Hardware Acceleration (Ubuntu Container Only) + This container is based on [Docker Baseimage KasmVNC](https://github.com/linuxserver/docker-baseimage-kasmvnc) which means there are additional environment variables and run configurations to enable or disable specific functionality. - Many desktop application will need access to a GPU to function properly and even some Desktop Environments have compisitor effects that will not function without a GPU. This is not a hard requirement and all base images will function without a video device mounted into the container. + #### Optional environment variables - ### Intel/ATI/AMD + | Variable | Description | + | :----: | --- | + | CUSTOM_PORT | Internal port the container listens on for http if it needs to be swapped from the default 3000. | + | CUSTOM_HTTPS_PORT | Internal port the container listens on for https if it needs to be swapped from the default 3001. | + | CUSTOM_USER | HTTP Basic auth username, abc is default. | + | PASSWORD | HTTP Basic auth password, abc is default. If unset there will be no auth | + | SUBFOLDER | Subfolder for the application if running a subfolder reverse proxy, need both slashes IE `/subfolder/` | + | TITLE | The page title displayed on the web browser, default "KasmVNC Client". | + | FM_HOME | This is the home directory (landing) for the file manager, default "/config". | + | START_DOCKER | If set to false a container with privilege will not automatically start the DinD Docker setup. | + | DRINODE | If mounting in /dev/dri for [DRI3 GPU Acceleration](https://www.kasmweb.com/kasmvnc/docs/master/gpu_acceleration.html) allows you to specify the device to use IE `/dev/dri/renderD128` | - To leverage hardware acceleration you will need to mount /dev/dri video device inside of the conainer. - ``` - --device=/dev/dri:/dev/dri - ``` - We will automatically ensure the abc user inside of the container has the proper permissions to access this device. - ### Nvidia + #### Optional run configurations - Hardware acceleration users for Nvidia will need to install the container runtime provided by Nvidia on their host, instructions can be found here: - https://github.com/NVIDIA/nvidia-docker + | Variable | Description | + | :----: | --- | + | `--privileged` | Will start a Docker in Docker (DinD) setup inside the container to use docker in an isolated environment. For increased performance mount the Docker directory inside the container to the host IE `-v /home/user/docker-data:/var/lib/docker`. | + | `-v /var/run/docker.sock:/var/run/docker.sock` | Mount in the host level Docker socket to either interact with it via CLI or use Docker enabled applications. | + | `--device /dev/dri:/dev/dri` | Mount a GPU into the container, this can be used in conjunction with the `DRINODE` environment variable to leverage a host video card for GPU accelerated appplications. Only **Open Source** drivers are supported IE (Intel,AMDGPU,Radeon,ATI,Nouveau) | - We automatically add the necessary environment variable that will utilise all the features available on a GPU on the host. Once nvidia-docker is installed on your host you will need to re/create the docker container with the nvidia container runtime `--runtime=nvidia` and add an environment variable `-e NVIDIA_VISIBLE_DEVICES=all` (can also be set to a specific gpu's UUID, this can be discovered by running `nvidia-smi --query-gpu=gpu_name,gpu_uuid --format=csv` ). NVIDIA automatically mounts the GPU and drivers from your host into the container. + ### Lossless mode - ### Arm Devices - - Best effort is made to install tools to allow mounting in /dev/dri on Arm devices. In most cases if /dev/dri exists on the host it should just work. If running a Raspberry Pi 4 be sure to enable `dtoverlay=vc4-fkms-v3d` in your usercfg.txt. + This container is capable of delivering a true lossless image at a high framerate to your web browser by changing the Stream Quality preset to "Lossless", more information [here](https://www.kasmweb.com/docs/latest/how_to/lossless.html#technical-background). In order to use this mode from a non localhost endpoint the HTTPS port on 3001 needs to be used. If using a reverse proxy to port 3000 specific headers will need to be set as outlined [here](https://github.com/linuxserver/docker-baseimage-kasmvnc#lossless). # changelog changelogs: + - { date: "23.03.23:", desc: "Rebase all Webtops to KasmVNC base image." } - { date: "21.10.22:", desc: "Rebase xfce to Alpine 3.16, migrate to s6v3." } - { date: "12.03.22:", desc: "Add documentation for mounting in a GPU." } - { date: "05.02.22:", desc: "Rebase KDE Ubuntu to Jammy, add new documentation for updated gclient, stop recommending priv mode." } diff --git a/root/defaults/startwm.sh b/root/defaults/startwm.sh index a91a812d..f9b074c1 100755 --- a/root/defaults/startwm.sh +++ b/root/defaults/startwm.sh @@ -1,3 +1,8 @@ #!/bin/bash -/startpulse.sh & -/usr/bin/startxfce4 > /dev/null 2>&1 + +if [ -f "${HOME}"/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml ]; then + sed -i \ + '/use_compositing/c ' \ + "${HOME}"/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml +fi +/usr/bin/xfce4-session > /dev/null 2>&1 diff --git a/root/usr/bin/exo-open b/root/usr/bin/exo-open new file mode 100755 index 00000000..87d07324 --- /dev/null +++ b/root/usr/bin/exo-open @@ -0,0 +1,7 @@ +#! /bin/bash + +if [ "${2}" == "WebBrowser" ]; then + /usr/bin/xdg-open /usr/share/applications/chromium.desktop +else + /usr/bin/exo-open-real "$@" +fi diff --git a/root/usr/local/bin/wrapped-chromium b/root/usr/local/bin/wrapped-chromium new file mode 100755 index 00000000..7c4cb51a --- /dev/null +++ b/root/usr/local/bin/wrapped-chromium @@ -0,0 +1,10 @@ +#! /bin/bash + +BIN=/usr/bin/chromium-browser + +# Run normally on privved containers or modified un non priv +if grep -q 'Seccomp: 0' /proc/1/status; then + ${BIN} --password-store=basic "$@" +else + ${BIN} --password-store=basic --no-sandbox --test-type "$@" +fi