tyler.durden/docker-webtop
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-webtop.git synced 2025-07-27 07:34:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update alpine-xfce to new KasmVNC baseimage, update docs (#113)

Browse Source 
* Update alpine-xfce to new KasmVNC baseimage, update docs

* finalize screen blanking

* update bin wrapper to pass cli options

---------

Co-authored-by: thelamer <ryankuba@gmai.com>
This commit is contained in:
Ryan Kuba 2023-04-08 01:59:47 +00:00 committed by GitHub
parent cff7067bc5
commit d4a8575805
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 139 additions and 324 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.github/ISSUE_TEMPLATE/issue.bug.yml vendored
View File

@ -53,7 +53,6 @@ body:
options:
- x86-64
- arm64
- armhf
validations:
required: true
- type: textarea

92
.github/workflows/external_trigger.yml vendored
View File

@ -12,93 +12,5 @@ jobs:
- name: External Trigger
if: github.ref == 'refs/heads/master'
run: |
if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_WEBTOP_MASTER }}" ]; then
echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_WEBTOP_MASTER is set; skipping trigger. ****"
exit 0
fi
echo "**** External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_WEBTOP_MASTER\". ****"
echo "**** Retrieving external version ****"
EXT_RELEASE=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.16/community/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
&& awk '/^P:'"xfce4"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://')
if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then
echo "**** Can't retrieve external version, exiting ****"
FAILURE_REASON="Can't retrieve external version for webtop branch master"
GHA_TRIGGER_URL="https://github.com/linuxserver/docker-webtop/actions/runs/${{ github.run_id }}"
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680,
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n**Trigger URL:** '"${GHA_TRIGGER_URL}"' \n"}],
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
exit 1
fi
EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g')
echo "**** External version: ${EXT_RELEASE} ****"
echo "**** Retrieving last pushed version ****"
image="linuxserver/webtop"
tag="latest"
token=$(curl -sX GET \
"https://ghcr.io/token?scope=repository%3Alinuxserver%2Fwebtop%3Apull" \
| jq -r '.token')
multidigest=$(curl -s \
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
--header "Authorization: Bearer ${token}" \
"https://ghcr.io/v2/${image}/manifests/${tag}" \
| jq -r 'first(.manifests[].digest)')
digest=$(curl -s \
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
--header "Authorization: Bearer ${token}" \
"https://ghcr.io/v2/${image}/manifests/${multidigest}" \
| jq -r '.config.digest')
image_info=$(curl -sL \
--header "Authorization: Bearer ${token}" \
"https://ghcr.io/v2/${image}/blobs/${digest}")
if [[ $(echo $image_info | jq -r '.container_config') == "null" ]]; then
image_info=$(echo $image_info | jq -r '.config')
else
image_info=$(echo $image_info | jq -r '.container_config')
fi
IMAGE_RELEASE=$(echo ${image_info} | jq -r '.Labels.build_version' | awk '{print $3}')
IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ls' '{print $1}')
if [ -z "${IMAGE_VERSION}" ]; then
echo "**** Can't retrieve last pushed version, exiting ****"
FAILURE_REASON="Can't retrieve last pushed version for webtop tag latest"
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680,
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}],
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
exit 1
fi
echo "**** Last pushed version: ${IMAGE_VERSION} ****"
if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then
echo "**** Version ${EXT_RELEASE} already pushed, exiting ****"
exit 0
elif [[ $(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.16/community/aarch64/APKINDEX.tar.gz" | tar -xz -C /tmp && awk '/^P:'"xfce4"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') != "${EXT_RELEASE}" ]] || [[ $(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.16/community/armv7/APKINDEX.tar.gz" | tar -xz -C /tmp && awk '/^P:'"xfce4"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') != "${EXT_RELEASE}" ]]; then
echo "**** New version ${EXT_RELEASE} found; but not all arch repos updated yet; exiting ****"
FAILURE_REASON="New version ${EXT_RELEASE} for webtop tag latest is detected, however not all arch repos are updated yet. Will try again later."
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}],
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
exit 0
elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-webtop/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
echo "**** New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting ****"
exit 0
else
echo "**** New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build ****"
response=$(curl -iX POST \
https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-webtop/job/master/buildWithParameters?PACKAGE_CHECK=false \
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
echo "**** Jenkins job queue url: ${response%$'\r'} ****"
echo "**** Sleeping 10 seconds until job starts ****"
sleep 10
buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
buildurl="${buildurl%$'\r'}"
echo "**** Jenkins job build url: ${buildurl} ****"
echo "**** Attempting to change the Jenkins job description ****"
curl -iX POST \
"${buildurl}submitDescription" \
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \
--data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
--data-urlencode "Submit=Submit"
echo "**** Notifying Discord ****"
TRIGGER_REASON="A version change was detected for webtop tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}"
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
"description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}],
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
fi
echo "**** No external release, exiting ****"
exit 0

19
Dockerfile
View File

@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-rdesktop-web:3.16
FROM ghcr.io/linuxserver/baseimage-kasmvnc:alpine317
# set version label
ARG BUILD_DATE
@ -11,19 +11,28 @@ LABEL maintainer="thelamer"
RUN \
echo "**** install packages ****" && \
apk add --no-cache \
chromium \
faenza-icon-theme \
faenza-icon-theme-xfce4-appfinder \
faenza-icon-theme-xfce4-panel \
firefox \
mousepad \
ristretto \
thunar \
util-linux-misc \
xfce4 \
xfce4-terminal && \
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \
xfce4-pulseaudio-plugin && \
echo "**** application tweaks ****" && \
sed -i \
's#^Exec=.*#Exec=/usr/local/bin/wrapped-chromium#g' \
/usr/share/applications/chromium.desktop && \
mv /usr/bin/exo-open /usr/bin/exo-open-real && \
echo "**** cleanup ****" && \
rm -f /usr/share/xfce4/panel/plugins/power-manager-plugin.desktop && \
rm -f \
/etc/xdg/autostart/xfce4-power-manager.desktop \
/etc/xdg/autostart/xscreensaver.desktop \
/usr/share/xfce4/panel/plugins/power-manager-plugin.desktop && \
rm -rf \
/config/.cache \
/tmp/*
# add local files

19
Dockerfile.aarch64
View File

@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-rdesktop-web:arm64v8-3.16
FROM ghcr.io/linuxserver/baseimage-kasmvnc:arm64v8-alpine317
# set version label
ARG BUILD_DATE
@ -11,19 +11,28 @@ LABEL maintainer="thelamer"
RUN \
echo "**** install packages ****" && \
apk add --no-cache \
chromium \
faenza-icon-theme \
faenza-icon-theme-xfce4-appfinder \
faenza-icon-theme-xfce4-panel \
firefox \
mousepad \
ristretto \
thunar \
util-linux-misc \
xfce4 \
xfce4-terminal && \
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \
xfce4-pulseaudio-plugin && \
echo "**** application tweaks ****" && \
sed -i \
's#^Exec=.*#Exec=/usr/local/bin/wrapped-chromium#g' \
/usr/share/applications/chromium.desktop && \
mv /usr/bin/exo-open /usr/bin/exo-open-real && \
echo "**** cleanup ****" && \
rm -f /usr/share/xfce4/panel/plugins/power-manager-plugin.desktop && \
rm -f \
/etc/xdg/autostart/xfce4-power-manager.desktop \
/etc/xdg/autostart/xscreensaver.desktop \
/usr/share/xfce4/panel/plugins/power-manager-plugin.desktop && \
rm -rf \
/config/.cache \
/tmp/*
# add local files

35
Dockerfile.armhf
View File

@ -1,35 +0,0 @@
FROM ghcr.io/linuxserver/baseimage-rdesktop-web:arm32v7-3.16
# set version label
ARG BUILD_DATE
ARG VERSION
ARG XFCE_VERSION
LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
LABEL maintainer="thelamer"
RUN \
echo "**** install packages ****" && \
apk add --no-cache \
faenza-icon-theme \
faenza-icon-theme-xfce4-appfinder \
faenza-icon-theme-xfce4-panel \
firefox \
mousepad \
thunar \
xfce4 \
xfce4-terminal && \
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \
xfce4-pulseaudio-plugin && \
echo "**** cleanup ****" && \
rm -f /usr/share/xfce4/panel/plugins/power-manager-plugin.desktop && \
rm -rf \
/tmp/*
# add local files
COPY /root /
# ports and volumes
EXPOSE 3000
VOLUME /config

88
Jenkinsfile vendored
View File

@ -25,9 +25,6 @@ pipeline {
DEV_DOCKERHUB_IMAGE = 'lsiodev/webtop'
PR_DOCKERHUB_IMAGE = 'lspipepr/webtop'
DIST_IMAGE = 'alpine'
DIST_TAG = '3.16'
DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.16/community/'
DIST_REPO_PACKAGES = 'xfce4'
MULTIARCH = 'true'
CI = 'true'
CI_WEB = 'true'
@ -102,15 +99,12 @@ pipeline {
/* ########################
External Release Tagging
######################## */
// If this is an alpine repo change for external version determine an md5 from the version string
stage("Set tag Alpine Repo"){
// If this is an os release set release type to none to indicate no external release
stage("Set ENV os"){
steps{
script{
env.EXT_RELEASE = sh(
script: '''curl -sL "${DIST_REPO}x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
&& awk '/^P:'"${DIST_REPO_PACKAGES}"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://' ''',
returnStdout: true).trim()
env.RELEASE_LINK = 'alpine_repo'
env.EXT_RELEASE = env.PACKAGE_TAG
env.RELEASE_LINK = 'none'
}
}
}
@ -161,7 +155,7 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
} else {
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
}
@ -184,7 +178,7 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
} else {
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
}
@ -207,7 +201,7 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
} else {
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
}
@ -492,41 +486,6 @@ pipeline {
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
}
}
stage('Build ARMHF') {
agent {
label 'ARMHF'
}
steps {
echo "Running on node: ${NODE_NAME}"
echo 'Logging into Github'
sh '''#! /bin/bash
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
'''
sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.armhf"
sh "docker buildx build \
--label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
--label \"org.opencontainers.image.authors=linuxserver.io\" \
--label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-webtop/packages\" \
--label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-webtop\" \
--label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-webtop\" \
--label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \
--label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \
--label \"org.opencontainers.image.vendor=linuxserver.io\" \
--label \"org.opencontainers.image.licenses=GPL-3.0-only\" \
--label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
--label \"org.opencontainers.image.title=Webtop\" \
--label \"org.opencontainers.image.description=[Webtop](https://github.com/linuxserver/docker-webtop) - Alpine, Ubuntu, Fedora, and Arch based containers containing full desktop environments in officially supported flavors accessible via any modern web browser. \" \
--no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} --platform=linux/arm/v7 \
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
sh "docker tag ${IMAGE}:arm32v7-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
retry(5) {
sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
}
sh '''docker rmi \
${IMAGE}:arm32v7-${META_TAG} \
ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} || :'''
}
}
stage('Build ARM64') {
agent {
label 'ARM64'
@ -677,9 +636,7 @@ pipeline {
set -e
docker pull ghcr.io/linuxserver/ci:latest
if [ "${MULTIARCH}" == "true" ]; then
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
fi
docker run --rm \
@ -795,8 +752,6 @@ pipeline {
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
if [ "${CI}" == "false" ]; then
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
fi
@ -804,47 +759,35 @@ pipeline {
docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG}
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-latest
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
docker tag ${IMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG}
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-latest
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-latest
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
if [ -n "${SEMVER}" ]; then
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${SEMVER}
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${SEMVER}
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
fi
docker push ${MANIFESTIMAGE}:amd64-${META_TAG}
docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
docker push ${MANIFESTIMAGE}:amd64-latest
docker push ${MANIFESTIMAGE}:arm32v7-${META_TAG}
docker push ${MANIFESTIMAGE}:arm32v7-latest
docker push ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker push ${MANIFESTIMAGE}:arm64v8-latest
docker push ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
if [ -n "${SEMVER}" ]; then
docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
docker push ${MANIFESTIMAGE}:arm32v7-${SEMVER}
docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
fi
docker manifest push --purge ${MANIFESTIMAGE}:latest || :
docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:arm64v8-latest
docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm32v7-latest --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || :
docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} || :
docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} --os linux --arch arm64 --variant v8
if [ -n "${SEMVER}" ]; then
docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} || :
docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} --os linux --arch arm64 --variant v8
fi
docker manifest push --purge ${MANIFESTIMAGE}:latest
@ -862,21 +805,16 @@ pipeline {
${DELETEIMAGE}:amd64-${META_TAG} \
${DELETEIMAGE}:amd64-latest \
${DELETEIMAGE}:amd64-${EXT_RELEASE_TAG} \
${DELETEIMAGE}:arm32v7-${META_TAG} \
${DELETEIMAGE}:arm32v7-latest \
${DELETEIMAGE}:arm32v7-${EXT_RELEASE_TAG} \
${DELETEIMAGE}:arm64v8-${META_TAG} \
${DELETEIMAGE}:arm64v8-latest \
${DELETEIMAGE}:arm64v8-${EXT_RELEASE_TAG} || :
if [ -n "${SEMVER}" ]; then
docker rmi \
${DELETEIMAGE}:amd64-${SEMVER} \
${DELETEIMAGE}:arm32v7-${SEMVER} \
${DELETEIMAGE}:arm64v8-${SEMVER} || :
fi
done
docker rmi \
ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} \
ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || :
'''
}
@ -902,11 +840,11 @@ pipeline {
"tagger": {"name": "LinuxServer Jenkins","email": "jenkins@linuxserver.io","date": "'${GITHUB_DATE}'"}}' '''
echo "Pushing New release for Tag"
sh '''#! /bin/bash
echo "Updating external repo packages to ${EXT_RELEASE_CLEAN}" > releasebody.json
echo "Updating base packages to ${PACKAGE_TAG}" > releasebody.json
echo '{"tag_name":"'${META_TAG}'",\
"target_commitish": "master",\
"name": "'${META_TAG}'",\
"body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Repo Changes:**\\n\\n' > start
"body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**OS Changes:**\\n\\n' > start
printf '","draft": false,"prerelease": false}' >> releasebody.json
paste -d'\\0' start releasebody.json > releasebody.json.done
curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''

90
README.md
View File

@ -56,7 +56,7 @@ The architectures supported by this image are:
| :----: | :----: | ---- |
| x86-64 | ✅ | amd64-\<version tag\> |
| arm64 | ✅ | arm64v8-\<version tag\> |
| armhf | ✅ | arm32v7-\<version tag\> |
| armhf | ❌ | |
## Version Tags
@ -68,91 +68,72 @@ This image provides various versions that are available via tags. Please read th
| ubuntu-xfce | ✅ | XFCE Ubuntu |
| fedora-xfce | ✅ | XFCE Fedora |
| arch-xfce | ✅ | XFCE Arch |
| debian-xfce | ✅ | XFCE Debian |
| alpine-kde | ✅ | KDE Alpine |
| ubuntu-kde | ✅ | KDE Ubuntu |
| fedora-kde | ✅ | KDE Fedora |
| arch-kde | ✅ | KDE Arch |
| debian-kde | ✅ | KDE Debian |
| alpine-mate | ✅ | MATE Alpine |
| ubuntu-mate | ✅ | MATE Ubuntu |
| fedora-mate | ✅ | MATE Fedora |
| arch-mate | ✅ | MATE Arch |
| debian-mate | ✅ | MATE Debian |
| alpine-i3 | ✅ | i3 Alpine |
| ubuntu-i3 | ✅ | i3 Ubuntu |
| fedora-i3 | ✅ | i3 Fedora |
| arch-i3 | ✅ | i3 Arch |
| debian-i3 | ✅ | i3 Debian |
| alpine-openbox | ✅ | Openbox Alpine |
| ubuntu-openbox | ✅ | Openbox Ubuntu |
| fedora-openbox | ✅ | Openbox Fedora |
| arch-openbox | ✅ | Openbox Arch |
| debian-openbox | ✅ | Openbox Debian |
| alpine-icewm | ✅ | IceWM Alpine |
| ubuntu-icewm | ✅ | IceWM Ubuntu |
| fedora-icewm | ✅ | IceWM Fedora |
| arch-icewm | ✅ | IceWM Arch |
| debian-icewm | ✅ | IceWM Debian |
## Application Setup
The Webtop can be accessed at:
* http://yourhost:3000/
* https://yourhost:3001/
By default the user/pass is abc/abc, if you change your password or want to login manually to the GUI session for any reason use the following link:
**Modern GUI desktop apps (including some flavors terminals) have issues with the latest Docker and syscall compatibility, you can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls**
* http://yourhost:3000/?login=true
**Unlike our other containers these Desktops are not designed to be upgraded by Docker, you will keep your home directoy but anything you installed system level will be lost if you upgrade an existing container. To keep packages up to date instead use Ubuntu/Debians's own apt, Alpine's apk, Fedora's dnf, or Arch's pacman program**
You can also force login on the '/' path without this parameter by passing the environment variable `-e AUTO_LOGIN=false`.
### Options in all KasmVNC based GUI containers
You can access advanced features of the Guacamole remote desktop using ctrl+alt+shift enabling you to use remote copy/paste, an onscreen keyboard, or a baked in file manager. This can also be accessed by clicking the small circle on the left side of the screen.
This container is based on [Docker Baseimage KasmVNC](https://github.com/linuxserver/docker-baseimage-kasmvnc) which means there are additional environment variables and run configurations to enable or disable specific functionality.
**Modern GUI desktop apps (including some flavors terminals) have issues with the latest Docker and syscall compatibility, you can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls or try [podman](https://podman.io/) as they have updated their codebase to support them**
#### Optional environment variables
**Unlike our other containers these Desktops are not designed to be upgraded by Docker, you will keep your home directoy but anything you installed system level will be lost if you upgrade an existing container. To keep packages up to date instead use Ubuntu's own apt, Alpine's apk, Fedora's dnf, or Arch's pacman program**
| Variable | Description |
| :----: | --- |
| CUSTOM_PORT | Internal port the container listens on for http if it needs to be swapped from the default 3000. |
| CUSTOM_HTTPS_PORT | Internal port the container listens on for https if it needs to be swapped from the default 3001. |
| CUSTOM_USER | HTTP Basic auth username, abc is default. |
| PASSWORD | HTTP Basic auth password, abc is default. If unset there will be no auth |
| SUBFOLDER | Subfolder for the application if running a subfolder reverse proxy, need both slashes IE `/subfolder/` |
| TITLE | The page title displayed on the web browser, default "KasmVNC Client". |
| FM_HOME | This is the home directory (landing) for the file manager, default "/config". |
| START_DOCKER | If set to false a container with privilege will not automatically start the DinD Docker setup. |
| DRINODE | If mounting in /dev/dri for [DRI3 GPU Acceleration](https://www.kasmweb.com/kasmvnc/docs/master/gpu_acceleration.html) allows you to specify the device to use IE `/dev/dri/renderD128` |
#### Keyboard Layouts
#### Optional run configurations
This should match the layout on the computer you are accessing the container from.
| Variable | Description |
| :----: | --- |
| `--privileged` | Will start a Docker in Docker (DinD) setup inside the container to use docker in an isolated environment. For increased performance mount the Docker directory inside the container to the host IE `-v /home/user/docker-data:/var/lib/docker`. |
| `-v /var/run/docker.sock:/var/run/docker.sock` | Mount in the host level Docker socket to either interact with it via CLI or use Docker enabled applications. |
| `--device /dev/dri:/dev/dri` | Mount a GPU into the container, this can be used in conjunction with the `DRINODE` environment variable to leverage a host video card for GPU accelerated appplications. Only **Open Source** drivers are supported IE (Intel,AMDGPU,Radeon,ATI,Nouveau) |
The keyboard layouts available for use are:
* da-dk-qwerty- Danish keyboard
* de-ch-qwertz- Swiss German keyboard (qwertz)
* de-de-qwertz- German keyboard (qwertz) - **OSK available**
* en-gb-qwerty- English (UK) keyboard
* en-us-qwerty- English (US) keyboard - **OSK available** **DEFAULT**
* es-es-qwerty- Spanish keyboard - **OSK available**
* fr-ch-qwertz- Swiss French keyboard (qwertz)
* fr-fr-azerty- French keyboard (azerty) - **OSK available**
* it-it-qwerty- Italian keyboard - **OSK available**
* ja-jp-qwerty- Japanese keyboard
* pt-br-qwerty- Portuguese Brazilian keyboard
* sv-se-qwerty- Swedish keyboard
* tr-tr-qwerty- Turkish-Q keyboard
### Lossless mode
If you ever lose your password you can always reset it by execing into the container as root:
```
docker exec -it webtop passwd abc
```
By default we perform all logic for the abc user and we reccomend using that user only in the container, but new users can be added as long as there is a `startwm.sh` executable script in their home directory.
All of these containers are configured with passwordless sudo, we make no efforts to secure or harden these containers and we do not reccomend ever publishing their ports to the public Internet.
## Hardware Acceleration (Ubuntu Container Only)
Many desktop application will need access to a GPU to function properly and even some Desktop Environments have compisitor effects that will not function without a GPU. This is not a hard requirement and all base images will function without a video device mounted into the container.
### Intel/ATI/AMD
To leverage hardware acceleration you will need to mount /dev/dri video device inside of the conainer.
```
--device=/dev/dri:/dev/dri
```
We will automatically ensure the abc user inside of the container has the proper permissions to access this device.
### Nvidia
Hardware acceleration users for Nvidia will need to install the container runtime provided by Nvidia on their host, instructions can be found here:
https://github.com/NVIDIA/nvidia-docker
We automatically add the necessary environment variable that will utilise all the features available on a GPU on the host. Once nvidia-docker is installed on your host you will need to re/create the docker container with the nvidia container runtime `--runtime=nvidia` and add an environment variable `-e NVIDIA_VISIBLE_DEVICES=all` (can also be set to a specific gpu's UUID, this can be discovered by running `nvidia-smi --query-gpu=gpu_name,gpu_uuid --format=csv` ). NVIDIA automatically mounts the GPU and drivers from your host into the container.
### Arm Devices
Best effort is made to install tools to allow mounting in /dev/dri on Arm devices. In most cases if /dev/dri exists on the host it should just work. If running a Raspberry Pi 4 be sure to enable `dtoverlay=vc4-fkms-v3d` in your usercfg.txt.
This container is capable of delivering a true lossless image at a high framerate to your web browser by changing the Stream Quality preset to "Lossless", more information [here](https://www.kasmweb.com/docs/latest/how_to/lossless.html#technical-background). In order to use this mode from a non localhost endpoint the HTTPS port on 3001 needs to be used. If using a reverse proxy to port 3000 specific headers will need to be set as outlined [here](https://github.com/linuxserver/docker-baseimage-kasmvnc#lossless).
## Usage
@ -174,13 +155,13 @@ services:
- PGID=1000
- TZ=Etc/UTC
- SUBFOLDER=/ #optional
- KEYBOARD=en-us-qwerty #optional
- TITLE=Webtop #optional
volumes:
- /path/to/data:/config
- /var/run/docker.sock:/var/run/docker.sock #optional
ports:
- 3000:3000
- 3001:3001
devices:
- /dev/dri:/dev/dri #optional
shm_size: "1gb" #optional
@ -197,9 +178,9 @@ docker run -d \
-e PGID=1000 \
-e TZ=Etc/UTC \
-e SUBFOLDER=/ `#optional` \
-e KEYBOARD=en-us-qwerty `#optional` \
-e TITLE=Webtop `#optional` \
-p 3000:3000 \
-p 3001:3001 \
-v /path/to/data:/config \
-v /var/run/docker.sock:/var/run/docker.sock `#optional` \
--device /dev/dri:/dev/dri `#optional` \
@ -216,11 +197,11 @@ Container images are configured using parameters passed at runtime (such as thos
| Parameter | Function |
| :----: | --- |
| `-p 3000` | Web Desktop GUI |
| `-p 3001` | Web Desktop GUI HTTPS |
| `-e PUID=1000` | for UserID - see below for explanation |
| `-e PGID=1000` | for GroupID - see below for explanation |
| `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). |
| `-e SUBFOLDER=/` | Specify a subfolder to use with reverse proxies, IE `/subfolder/` |
| `-e KEYBOARD=en-us-qwerty` | See the keyboard layouts section for more information and options. |
| `-e TITLE=Webtop` | String which will be used as page/tab title in the web browser. |
| `-v /config` | abc users home directory |
| `-v /var/run/docker.sock` | Docker Socket on the system, if you want to use Docker in the container |
@ -337,6 +318,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
* **23.03.23:** - Rebase all Webtops to KasmVNC base image.
* **21.10.22:** - Rebase xfce to Alpine 3.16, migrate to s6v3.
* **12.03.22:** - Add documentation for mounting in a GPU.
* **05.02.22:** - Rebase KDE Ubuntu to Jammy, add new documentation for updated gclient, stop recommending priv mode.

6
jenkins-vars.yml
View File

@ -2,10 +2,11 @@
# jenkins variables
project_name: docker-webtop
external_type: alpine_repo
external_type: os
release_type: stable
release_tag: latest
ls_branch: master
build_armhf: false
repo_vars:
- BUILD_VERSION_ARG = 'XFCE_VERSION'
- LS_USER = 'linuxserver'
@ -15,9 +16,6 @@ repo_vars:
- DEV_DOCKERHUB_IMAGE = 'lsiodev/webtop'
- PR_DOCKERHUB_IMAGE = 'lspipepr/webtop'
- DIST_IMAGE = 'alpine'
- DIST_TAG = '3.16'
- DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.16/community/'
- DIST_REPO_PACKAGES = 'xfce4'
- MULTIARCH = 'true'
- CI = 'true'
- CI_WEB = 'true'

87
readme-vars.yml
View File

@ -12,7 +12,6 @@ project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_
available_architectures:
- { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
- { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
- { arch: "{{ arch_armhf }}", tag: "arm32v7-latest"}
# development version
development_versions: true
@ -21,26 +20,32 @@ development_versions_items:
- { tag: "ubuntu-xfce", desc: "XFCE Ubuntu" }
- { tag: "fedora-xfce", desc: "XFCE Fedora" }
- { tag: "arch-xfce", desc: "XFCE Arch" }
- { tag: "debian-xfce", desc: "XFCE Debian" }
- { tag: "alpine-kde", desc: "KDE Alpine" }
- { tag: "ubuntu-kde", desc: "KDE Ubuntu" }
- { tag: "fedora-kde", desc: "KDE Fedora" }
- { tag: "arch-kde", desc: "KDE Arch" }
- { tag: "arch-kde", desc: "KDE Arch" }
- { tag: "debian-kde", desc: "KDE Debian" }
- { tag: "alpine-mate", desc: "MATE Alpine" }
- { tag: "ubuntu-mate", desc: "MATE Ubuntu" }
- { tag: "fedora-mate", desc: "MATE Fedora" }
- { tag: "arch-mate", desc: "MATE Arch" }
- { tag: "debian-mate", desc: "MATE Debian" }
- { tag: "alpine-i3", desc: "i3 Alpine" }
- { tag: "ubuntu-i3", desc: "i3 Ubuntu" }
- { tag: "fedora-i3", desc: "i3 Fedora" }
- { tag: "arch-i3", desc: "i3 Arch" }
- { tag: "debian-i3", desc: "i3 Debian" }
- { tag: "alpine-openbox", desc: "Openbox Alpine" }
- { tag: "ubuntu-openbox", desc: "Openbox Ubuntu" }
- { tag: "fedora-openbox", desc: "Openbox Fedora" }
- { tag: "arch-openbox", desc: "Openbox Arch" }
- { tag: "debian-openbox", desc: "Openbox Debian" }
- { tag: "alpine-icewm", desc: "IceWM Alpine" }
- { tag: "ubuntu-icewm", desc: "IceWM Ubuntu" }
- { tag: "fedora-icewm", desc: "IceWM Fedora" }
- { tag: "arch-icewm", desc: "IceWM Arch" }
- { tag: "debian-icewm", desc: "IceWM Debian" }
# container parameters
param_container_name: "{{ project_name }}"
@ -50,6 +55,7 @@ param_volumes:
param_usage_include_ports: true
param_ports:
- { external_port: "3000", internal_port: "3000", port_desc: "Web Desktop GUI" }
- { external_port: "3001", internal_port: "3001", port_desc: "Web Desktop GUI HTTPS" }
param_usage_include_env: true
param_env_vars:
- { env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London"}
@ -57,7 +63,6 @@ param_env_vars:
opt_param_usage_include_env: true
opt_param_env_vars:
- { env_var: "SUBFOLDER", env_value: "/", desc: "Specify a subfolder to use with reverse proxies, IE `/subfolder/`"}
- { env_var: "KEYBOARD", env_value: "en-us-qwerty", desc: "See the keyboard layouts section for more information and options."}
- { env_var: "TITLE", env_value: "Webtop", desc: "String which will be used as page/tab title in the web browser." }
opt_param_usage_include_vols: true
opt_param_volumes:
@ -77,69 +82,45 @@ app_setup_block: |
The Webtop can be accessed at:
* http://yourhost:3000/
By default the user/pass is abc/abc, if you change your password or want to login manually to the GUI session for any reason use the following link:
* http://yourhost:3000/?login=true
You can also force login on the '/' path without this parameter by passing the environment variable `-e AUTO_LOGIN=false`.
You can access advanced features of the Guacamole remote desktop using ctrl+alt+shift enabling you to use remote copy/paste, an onscreen keyboard, or a baked in file manager. This can also be accessed by clicking the small circle on the left side of the screen.
**Modern GUI desktop apps (including some flavors terminals) have issues with the latest Docker and syscall compatibility, you can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls or try [podman](https://podman.io/) as they have updated their codebase to support them**
**Unlike our other containers these Desktops are not designed to be upgraded by Docker, you will keep your home directoy but anything you installed system level will be lost if you upgrade an existing container. To keep packages up to date instead use Ubuntu's own apt, Alpine's apk, Fedora's dnf, or Arch's pacman program**
#### Keyboard Layouts
* https://yourhost:3001/
This should match the layout on the computer you are accessing the container from.
**Modern GUI desktop apps (including some flavors terminals) have issues with the latest Docker and syscall compatibility, you can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls**
The keyboard layouts available for use are:
* da-dk-qwerty- Danish keyboard
* de-ch-qwertz- Swiss German keyboard (qwertz)
* de-de-qwertz- German keyboard (qwertz) - **OSK available**
* en-gb-qwerty- English (UK) keyboard
* en-us-qwerty- English (US) keyboard - **OSK available** **DEFAULT**
* es-es-qwerty- Spanish keyboard - **OSK available**
* fr-ch-qwertz- Swiss French keyboard (qwertz)
* fr-fr-azerty- French keyboard (azerty) - **OSK available**
* it-it-qwerty- Italian keyboard - **OSK available**
* ja-jp-qwerty- Japanese keyboard
* pt-br-qwerty- Portuguese Brazilian keyboard
* sv-se-qwerty- Swedish keyboard
* tr-tr-qwerty- Turkish-Q keyboard
**Unlike our other containers these Desktops are not designed to be upgraded by Docker, you will keep your home directoy but anything you installed system level will be lost if you upgrade an existing container. To keep packages up to date instead use Ubuntu/Debians's own apt, Alpine's apk, Fedora's dnf, or Arch's pacman program**
If you ever lose your password you can always reset it by execing into the container as root:
```
docker exec -it webtop passwd abc
```
By default we perform all logic for the abc user and we reccomend using that user only in the container, but new users can be added as long as there is a `startwm.sh` executable script in their home directory.
All of these containers are configured with passwordless sudo, we make no efforts to secure or harden these containers and we do not reccomend ever publishing their ports to the public Internet.
### Options in all KasmVNC based GUI containers
## Hardware Acceleration (Ubuntu Container Only)
This container is based on [Docker Baseimage KasmVNC](https://github.com/linuxserver/docker-baseimage-kasmvnc) which means there are additional environment variables and run configurations to enable or disable specific functionality.
Many desktop application will need access to a GPU to function properly and even some Desktop Environments have compisitor effects that will not function without a GPU. This is not a hard requirement and all base images will function without a video device mounted into the container.
#### Optional environment variables
### Intel/ATI/AMD
| Variable | Description |
| :----: | --- |
| CUSTOM_PORT | Internal port the container listens on for http if it needs to be swapped from the default 3000. |
| CUSTOM_HTTPS_PORT | Internal port the container listens on for https if it needs to be swapped from the default 3001. |
| CUSTOM_USER | HTTP Basic auth username, abc is default. |
| PASSWORD | HTTP Basic auth password, abc is default. If unset there will be no auth |
| SUBFOLDER | Subfolder for the application if running a subfolder reverse proxy, need both slashes IE `/subfolder/` |
| TITLE | The page title displayed on the web browser, default "KasmVNC Client". |
| FM_HOME | This is the home directory (landing) for the file manager, default "/config". |
| START_DOCKER | If set to false a container with privilege will not automatically start the DinD Docker setup. |
| DRINODE | If mounting in /dev/dri for [DRI3 GPU Acceleration](https://www.kasmweb.com/kasmvnc/docs/master/gpu_acceleration.html) allows you to specify the device to use IE `/dev/dri/renderD128` |
To leverage hardware acceleration you will need to mount /dev/dri video device inside of the conainer.
```
--device=/dev/dri:/dev/dri
```
We will automatically ensure the abc user inside of the container has the proper permissions to access this device.
### Nvidia
#### Optional run configurations
Hardware acceleration users for Nvidia will need to install the container runtime provided by Nvidia on their host, instructions can be found here:
https://github.com/NVIDIA/nvidia-docker
| Variable | Description |
| :----: | --- |
| `--privileged` | Will start a Docker in Docker (DinD) setup inside the container to use docker in an isolated environment. For increased performance mount the Docker directory inside the container to the host IE `-v /home/user/docker-data:/var/lib/docker`. |
| `-v /var/run/docker.sock:/var/run/docker.sock` | Mount in the host level Docker socket to either interact with it via CLI or use Docker enabled applications. |
| `--device /dev/dri:/dev/dri` | Mount a GPU into the container, this can be used in conjunction with the `DRINODE` environment variable to leverage a host video card for GPU accelerated appplications. Only **Open Source** drivers are supported IE (Intel,AMDGPU,Radeon,ATI,Nouveau) |
We automatically add the necessary environment variable that will utilise all the features available on a GPU on the host. Once nvidia-docker is installed on your host you will need to re/create the docker container with the nvidia container runtime `--runtime=nvidia` and add an environment variable `-e NVIDIA_VISIBLE_DEVICES=all` (can also be set to a specific gpu's UUID, this can be discovered by running `nvidia-smi --query-gpu=gpu_name,gpu_uuid --format=csv` ). NVIDIA automatically mounts the GPU and drivers from your host into the container.
### Lossless mode
### Arm Devices
Best effort is made to install tools to allow mounting in /dev/dri on Arm devices. In most cases if /dev/dri exists on the host it should just work. If running a Raspberry Pi 4 be sure to enable `dtoverlay=vc4-fkms-v3d` in your usercfg.txt.
This container is capable of delivering a true lossless image at a high framerate to your web browser by changing the Stream Quality preset to "Lossless", more information [here](https://www.kasmweb.com/docs/latest/how_to/lossless.html#technical-background). In order to use this mode from a non localhost endpoint the HTTPS port on 3001 needs to be used. If using a reverse proxy to port 3000 specific headers will need to be set as outlined [here](https://github.com/linuxserver/docker-baseimage-kasmvnc#lossless).
# changelog
changelogs:
- { date: "23.03.23:", desc: "Rebase all Webtops to KasmVNC base image." }
- { date: "21.10.22:", desc: "Rebase xfce to Alpine 3.16, migrate to s6v3." }
- { date: "12.03.22:", desc: "Add documentation for mounting in a GPU." }
- { date: "05.02.22:", desc: "Rebase KDE Ubuntu to Jammy, add new documentation for updated gclient, stop recommending priv mode." }

9
root/defaults/startwm.sh
View File

@ -1,3 +1,8 @@
#!/bin/bash
/startpulse.sh &
/usr/bin/startxfce4 > /dev/null 2>&1
if [ -f "${HOME}"/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml ]; then
sed -i \
'/use_compositing/c <property name="use_compositing" type="bool" value="false"/>' \
"${HOME}"/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml
fi
/usr/bin/xfce4-session > /dev/null 2>&1

7
root/usr/bin/exo-open Executable file
View File

@ -0,0 +1,7 @@
#! /bin/bash
if [ "${2}" == "WebBrowser" ]; then
/usr/bin/xdg-open /usr/share/applications/chromium.desktop
else
/usr/bin/exo-open-real "$@"
fi

10
root/usr/local/bin/wrapped-chromium Executable file
View File

@ -0,0 +1,10 @@
#! /bin/bash
BIN=/usr/bin/chromium-browser
# Run normally on privved containers or modified un non priv
if grep -q 'Seccomp: 0' /proc/1/status; then
${BIN} --password-store=basic "$@"
else
${BIN} --password-store=basic --no-sandbox --test-type "$@"
fi