Skip to content

Commit

Permalink
fork alpine320
Browse files Browse the repository at this point in the history
  • Loading branch information
thelamer committed Dec 6, 2024
1 parent 4169752 commit ecdb4c0
Show file tree
Hide file tree
Showing 10 changed files with 196 additions and 581 deletions.
4 changes: 2 additions & 2 deletions .github/CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
## Readme

If you would like to change our readme, please __**do not**__ directly edit the readme, as it is auto-generated on each commit.
Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-baseimage-kasmvnc/edit/master/readme-vars.yml).
Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-baseimage-kasmvnc/edit/alpine320/readme-vars.yml).

These variables are used in a template for our [Jenkins Builder](https://github.com/linuxserver/docker-jenkins-builder) as part of an ansible play.
Most of these variables are also carried over to [docs.linuxserver.io](https://docs.linuxserver.io)
Expand Down Expand Up @@ -115,7 +115,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64

## Update the changelog

If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-baseimage-kasmvnc/tree/master/root), add an entry to the changelog
If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-baseimage-kasmvnc/tree/alpine320/root), add an entry to the changelog

```yml
changelogs:
Expand Down
2 changes: 1 addition & 1 deletion .github/PULL_REQUEST_TEMPLATE.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@

------------------------------

- [ ] I have read the [contributing](https://github.com/linuxserver/docker-baseimage-kasmvnc/blob/master/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications
- [ ] I have read the [contributing](https://github.com/linuxserver/docker-baseimage-kasmvnc/blob/alpine320/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications

------------------------------

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/external_trigger.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,13 @@ on:
workflow_dispatch:

jobs:
external-trigger-master:
external-trigger-alpine320:
runs-on: ubuntu-latest
steps:
- uses: actions/[email protected]

- name: External Trigger
if: github.ref == 'refs/heads/master'
if: github.ref == 'refs/heads/alpine320'
env:
SKIP_EXTERNAL_TRIGGER: ${{ vars.SKIP_EXTERNAL_TRIGGER }}
run: |
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/greetings.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,5 +9,5 @@ jobs:
- uses: actions/first-interaction@v1
with:
issue-message: 'Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.'
pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-baseimage-kasmvnc/blob/master/.github/PULL_REQUEST_TEMPLATE.md)!'
pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-baseimage-kasmvnc/blob/alpine320/.github/PULL_REQUEST_TEMPLATE.md)!'
repo-token: ${{ secrets.GITHUB_TOKEN }}
6 changes: 3 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ RUN \
cp index.html vnc.html && \
mkdir Downloads

FROM ghcr.io/linuxserver/baseimage-alpine:3.20 AS buildstage
FROM ghcr.io/linuxserver/baseimage-alpine:3.21 AS buildstage

ARG KASMVNC_RELEASE="0ebbbc6412e131092308cc1ce10b9d106e3b4e05"

Expand Down Expand Up @@ -193,7 +193,7 @@ RUN \
-C /build-out/

# nodejs builder
FROM ghcr.io/linuxserver/baseimage-alpine:3.20 AS nodebuilder
FROM ghcr.io/linuxserver/baseimage-alpine:3.21 AS nodebuilder
ARG KCLIENT_RELEASE

RUN \
Expand Down Expand Up @@ -231,7 +231,7 @@ RUN \
rm -f package-lock.json

# runtime stage
FROM ghcr.io/linuxserver/baseimage-alpine:3.20
FROM ghcr.io/linuxserver/baseimage-alpine:3.21

# set version label
ARG BUILD_DATE
Expand Down
6 changes: 3 additions & 3 deletions Dockerfile.aarch64
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ RUN \
cp index.html vnc.html && \
mkdir Downloads

FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.20 AS buildstage
FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.21 AS buildstage

ARG KASMVNC_RELEASE="0ebbbc6412e131092308cc1ce10b9d106e3b4e05"

Expand Down Expand Up @@ -205,7 +205,7 @@ RUN \
-C /build-out/

# nodejs builder
FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.20 AS nodebuilder
FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.21 AS nodebuilder
ARG KCLIENT_RELEASE

RUN \
Expand Down Expand Up @@ -243,7 +243,7 @@ RUN \
rm -f package-lock.json

# runtime stage
FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.20
FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.21

# set version label
ARG BUILD_DATE
Expand Down
303 changes: 179 additions & 124 deletions Jenkinsfile

Large diffs are not rendered by default.

224 changes: 2 additions & 222 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,223 +1,3 @@
<!-- DO NOT EDIT THIS FILE MANUALLY -->
<!-- Please read https://github.com/linuxserver/docker-baseimage-kasmvnc/blob/master/.github/CONTRIBUTING.md -->
# KasmVNC Base Images from LinuxServer

The purpose of these images is to provide a full featured web native Linux desktop experience for any Linux application or desktop environment. These images replace our old base images at [Rdesktop Web](https://github.com/linuxserver/docker-baseimage-rdesktop-web) for greatly increased performance, fidelity, and feature set. They ship with passwordless sudo to allow easy package installation, testing, and customization. By default they have no logic to mount out anything but the users home directory, meaning on image updates anything outside of `/config` will be lost.

These images contain the following services:

* [KasmVNC](https://www.kasmweb.com/kasmvnc) - The core technology for interacting with a containerized desktop from a web browser.
* [Kclient](https://github.com/linuxserver/kclient) - NodeJS Iframe wrapper for KasmVNC providing audio and file access.
* [NGINX](https://www.nginx.com/) - Used to serve the mix of KasmVNC and Kclient with the appropriate headers and provide basic auth.
* [Docker](https://www.docker.com/) - Can be used for interacting with a mounted in Docker socket or if the container is run in privileged mode will start a [DinD](https://www.docker.com/blog/docker-can-now-run-within-docker/) setup.
* [PulseAudio](https://www.freedesktop.org/wiki/Software/PulseAudio/) - Sound subsystem used to capture audio from the active desktop session and send it to the browser via the Kclient helper application.

# Options

**Authentication for these containers is included as a convenience and to keep in sync with the previous xrdp containers they replace. We use bash to substitute in settings user/password and some strings might break that. In general this authentication mechanism should be used to keep the kids out not the internet**

If you are looking for a robust secure application gateway please check out [SWAG](https://github.com/linuxserver/docker-swag).

All application settings are passed via environment variables:

| Variable | Description |
| :----: | --- |
| CUSTOM_PORT | Internal port the container listens on for http if it needs to be swapped from the default 3000. |
| CUSTOM_HTTPS_PORT | Internal port the container listens on for https if it needs to be swapped from the default 3001. |
| CUSTOM_USER | HTTP Basic auth username, abc is default. |
| PASSWORD | HTTP Basic auth password, abc is default. If unset there will be no auth |
| SUBFOLDER | Subfolder for the application if running a subfolder reverse proxy, need both slashes IE `/subfolder/` |
| TITLE | The page title displayed on the web browser, default "KasmVNC Client". |
| FM_HOME | This is the home directory (landing) for the file manager, default "/config". |
| START_DOCKER | If set to false a container with privilege will not automatically start the DinD Docker setup. |
| DRINODE | If mounting in /dev/dri for [DRI3 GPU Acceleration](https://www.kasmweb.com/kasmvnc/docs/master/gpu_acceleration.html) allows you to specify the device to use |
| DISABLE_DRI | When using privilged mode or mounting in a video card, do not attempt to use it for DRI3 acceleration in KasmVNC |
| DISABLE_IPV6 | If set to true or any value this will disable IPv6 |
| LC_ALL | Set the Language for the container to run as IE `fr_FR.UTF-8` `ar_AE.UTF-8` |
| NO_DECOR | If set the application will run without window borders for use as a PWA. (Decor can be enabled and disabled with Ctrl+Shift+d) |
| NO_FULL | Do not autmatically fullscreen applications when using openbox. |

## Language Support - Internationalization

The environment variable `LC_ALL` can be used to start this image in a different language than English simply pass for example to launch the Desktop session in French `LC_ALL=fr_FR.UTF-8`. Some languages like Chinese, Japanese, or Korean will be missing fonts needed to render properly known as cjk fonts, but others may exist and not be installed. We only ensure fonts for Latin characters are present. Fonts can be installed with a mod on startup.

To install cjk fonts on startup as an example pass the environment variables(Alpine):

```
-e DOCKER_MODS=linuxserver/mods:universal-package-install
-e INSTALL_PACKAGES=font-noto-cjk
-e LC_ALL=zh_CN.UTF-8
```

The web interface has the option for "IME Input Mode" in Settings which will allow non english characters to be used from a non en_US keyboard on the client. Once enabled it will perform the same as a local Linux installation set to your locale.

# Available Distros

All base images are built for x86_64 and aarch64 platforms.

| Distro | Current Tag |
| :----: | --- |
| Alpine | alpine320 |
| Arch | arch |
| Debian | debianbookworm |
| Fedora | fedora39 |
| Fedora | fedora40 |
| Ubuntu | ubuntujammy |
| Ubuntu | ubuntunoble |

# PRoot Apps

All images include [proot-apps](https://github.com/linuxserver/proot-apps) which allow portable applications to be installed to persistent storage in the user's `$HOME` directory. These applications and their settings will persist upgrades of the base container and can be mounted into different flavors of KasmVNC containers. IE if you are running an Alpine based container you will be able to use the same `/config` directory mounted into a Debian based container and retain the same applications and settings as long as they were installed with `proot-apps install`.

A list of linuxserver.io supported applications is located [HERE](https://github.com/linuxserver/proot-apps?tab=readme-ov-file#supported-apps).

# I like to read documentation

## Building images

### Application containers

Included in these base images is a simple [Openbox DE](http://openbox.org/) and the accompanying logic needed to launch a single application. Lets look at the bare minimum needed to create an application container starting with a Dockerfile:

```
FROM ghcr.io/linuxserver/baseimage-kasmvnc:alpine320
RUN apk add --no-cache firefox
COPY /root /
```

And we can define the application to start using:

```
mkdir -p root/defaults
echo "firefox" > root/defaults/autostart
```

Resulting in a folder that looks like this:

```
├── Dockerfile
└── root
└── defaults
└── autostart
```

Now build and test:

```
docker build -t firefox .
docker run --rm -it -p 3000:3000 firefox bash
```

On http://localhost:3000 you should be presented with a Firefox web browser interface.

This similar setup can be used to embed any Linux Desktop application in a web accesible container.

**If building images it is important to note that many application will not work inside of Docker without `--security-opt seccomp=unconfined`, they may have launch flags to not use syscalls blocked by Docker like with chromium based applications and `--no-sandbox`. In general do not expect every application will simply work like a native Linux installation without some modifications**

#### In container application launching

Also included in the init logic is the ability to define application launchers. As the user has the ability to close the application or if they want to open multiple instances of it this can be useful. Here is an example of a menu definition file for Firefox:

```
<?xml version="1.0" encoding="utf-8"?>
<openbox_menu xmlns="http://openbox.org/3.4/menu">
<menu id="root-menu" label="MENU">
<item label="xterm" icon="/usr/share/pixmaps/xterm-color_48x48.xpm"><action name="Execute"><command>/usr/bin/xterm</command></action></item>
<item label="FireFox" icon="/usr/share/icons/hicolor/48x48/apps/firefox.png"><action name="Execute"><command>/usr/bin/firefox</command></action></item>
</menu>
</openbox_menu>
```

Simply create this file and add it to your defaults folder as `menu.xml`:

```
├── Dockerfile
└── root
└── defaults
└── autostart
└── menu.xml
```

This allows users to right click the desktop background to launch the application.


### Full Desktop environments

When building an application container we are leveraging the Openbox DE to handle window management, but it is also possible to completely replace the DE that is launched on container init using the `startwm.sh` script, located again in defaults:

```
├── Dockerfile
└── root
└── defaults
└── startwm.sh
```

If included in the build logic it will be launched in place of Openbox. Examples for this kind of configuration can be found in our [Webtop repository](https://github.com/linuxserver/docker-webtop)

### Kasm Workspaces compatibility

Included in these base images are binary blobs `/kasmbins` and a special init process `/kasminit` to maintain compatibility with [Kasm Workspaces](https://www.kasmweb.com/), If using this base image as reccomended with the `startwm.sh` or `autostart` entrypoints. They will be able to be used on that platform without issue.

## Docker in Docker (DinD)

These base images include an installation of Docker that can be used in two ways. The simple method is simply leveraging the Docker/Docker Compose cli bins to manage the host level Docker installation by mounting in `-v /var/run/docker.sock:/var/run/docker.sock`.

The base images can also run an isolated in container DinD setup simply by passing `--privileged` to the container when launching. If for any reason the application needs privilege but Docker is not wanted the `-e START_DOCKER=false` can be set at runtime or in the Dockerfile.
In container Docker (DinD) will most likely use the fuse-overlayfs driver for storage which is not as fast as native overlay2. To increase perormance the `/var/lib/docker/` directory in the container can be mounted out to a Linux host and will use overlay2. Keep in mind Docker runs as root and the contents of this directory will not respect the PUID/PGID environment variables available on all LinuxServer.io containers.

## DRI3 GPU Acceleration

For accelerated apps or games, render devices can be mounted into the container and leveraged by applications using:

`--device /dev/dri:/dev/dri`

This feature only supports **Open Source** GPU drivers:

| Driver | Description |
| :----: | --- |
| Intel | i965 and i915 drivers for Intel iGPU chipsets |
| AMD | AMDGPU, Radeon, and ATI drivers for AMD dedicated or APU chipsets |
| NVIDIA | nouveau2 drivers only, closed source NVIDIA drivers lack DRI3 support |

The `DRINODE` environment variable can be used to point to a specific GPU.
Up to date information can be found [here](https://www.kasmweb.com/kasmvnc/docs/master/gpu_acceleration.html)

### Display Compositing (desktop effects)

When using this image in tandem with a supported video card, compositing will function albeit with a performance hit when syncing the frames with pixmaps for the applications using it. This can greatly increase app compatibility if the application in question requires compositing, but requires a real GPU to be mounted into the container. By default we disable compositing at a DE level for performance reasons on our downstream images, but it can be enabled by the user and programs using compositing will still function even if the DE has it disabled in its settings. When building desktop images be sure you understand that with it enabled by default only users that have a compatible GPU mounted in will be able to use your image.

## Nvidia GPU Support

**Nvidia is not compatible with Alpine based images**

Nvidia support is available by leveraging Zink for OpenGL support. This can be enabled with the following run flags:

| Variable | Description |
| :----: | --- |
| --gpus all | This can be filtered down but for most setups this will pass the one Nvidia GPU on the system |
| --runtime nvidia | Specify the Nvidia runtime which mounts drivers and tools in from the host |

The compose syntax is slightly different for this as you will need to set nvidia as the default runtime:

```
sudo nvidia-ctk runtime configure --runtime=docker --set-as-default
sudo service docker restart
```

And to assign the GPU in compose:

```
services:
myimage:
image: myname/myimage:mytag
deploy:
resources:
reservations:
devices:
- driver: nvidia
count: 1
capabilities: [compute,video,graphics,utility]
```

The following line is only in this repo for loop testing:
- { date: "01.01.50:", desc: "I am the release message for this internal repo." }
<!-- Please read https://github.com/linuxserver/docker-baseimage-kasmvnc/blob/alpine320/.github/CONTRIBUTING.md -->
Up to date documentation is available [here](https://github.com/linuxserver/docker-baseimage-kasmvnc/blob/master/README.md).
4 changes: 2 additions & 2 deletions jenkins-vars.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
# jenkins variables
project_name: docker-baseimage-kasmvnc
external_type: os
release_type: stable
release_type: prerelease
release_tag: alpine320
ls_branch: master
ls_branch: alpine320
build_armhf: false
repo_vars:
- BUILD_VERSION_ARG = 'KASMVNC_RELEASE'
Expand Down
Loading

0 comments on commit ecdb4c0

Please sign in to comment.