-
Notifications
You must be signed in to change notification settings - Fork 3
/
Dockerfile
183 lines (170 loc) · 5.9 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
# taken from https://github.com/linuxserver/docker-baseimage-kasmvnc/blob/debianbookworm/Dockerfile
# modified to apply 'novnc.patch' (fixing a disconnect/reconnect issue)
FROM node:12-buster AS wwwstage
ARG KASMWEB_RELEASE="5ba4695e6526a27b8e38ec8d55dc33b39143e68a"
RUN \
echo "**** build clientside ****" && \
mkdir /src && \
cd /src && \
wget https://github.com/kasmtech/noVNC/tarball/${KASMWEB_RELEASE} -O - \
| tar --strip-components=1 -xz
COPY ./patches/novnc.patch /src/
RUN \
export QT_QPA_PLATFORM=offscreen && \
export QT_QPA_FONTDIR=/usr/share/fonts && \
echo "apply novnc.patch" && \
cd /src && \
patch -p1 -i novnc.patch && \
npm install && \
npm run-script build
RUN \
echo "**** organize output ****" && \
mkdir /build-out && \
cd /src && \
rm -rf node_modules/ && \
cp -R ./* /build-out/ && \
cd /build-out && \
rm *.md && \
rm AUTHORS && \
cp index.html vnc.html && \
mkdir Downloads
FROM ghcr.io/linuxserver/baseimage-kasmvnc:debianbookworm-f7a8978f-ls89 AS buildstage
# these are specified in Makefile
ARG ARCH
ARG PLATFORM
ARG SPARROW_VERSION
ARG SPARROW_DEBVERSION
ARG SPARROW_PGP_SIG
ARG YQ_VERSION
ARG YQ_SHA
RUN \
echo "**** install packages ****" && \
apt-get update && \
DEBIAN_FRONTEND=noninteractive \
apt-get install -y --no-install-recommends \
exo-utils \
mousepad \
xfce4-terminal \
tumbler \
thunar \
# from 'recommended packages', solves a few warnings
thunar-archive-plugin \
librsvg2-common \
python3-xdg \
# dark theme
hsetroot \
gnome-themes-extra \
compton \
# desktop notifications
xfce4-notifyd \
libnotify-bin \
notification-daemon \
xclip \
# other
wget \
socat \
gnupg && \
# remove unused packages from base image
DEBIAN_FRONTEND=noninteractive \
apt-get remove --purge --autoremove -y \
containerd.io \
cpp \
cpp-12 \
docker-ce \
docker-ce-cli \
docker-buildx-plugin \
docker-compose-plugin \
fonts-noto-color-emoji \
fonts-noto-core \
intel-media-va-driver \
mesa-va-drivers \
mesa-vulkan-drivers \
x11-apps \
xserver-xorg-video-amdgpu \
xserver-xorg-video-ati \
xserver-xorg-video-intel \
xserver-xorg-video-nouveau \
xserver-xorg-video-qxl \
xserver-xorg-video-radeon \
perl \
locales-all && \
# remove left-over locales and generate default
rm -rf $(ls -d /usr/share/locale/* | grep -vw /usr/share/locale/en) && \
localedef -i en_US -f UTF-8 en_US.UTF-8 && \
# upgrade remaining packages
DEBIAN_FRONTEND=noninteractive \
apt-get upgrade -y && \
# install yq
wget -qO /tmp/yq https://github.com/mikefarah/yq/releases/download/v${YQ_VERSION}/yq_linux_${PLATFORM} && \
echo "${YQ_SHA} /tmp/yq" | sha256sum --check || exit 1 && \
mv /tmp/yq /usr/local/bin/yq && chmod +x /usr/local/bin/yq && \
echo "**** xfce tweaks ****" && \
rm -f /etc/xdg/autostart/xscreensaver.desktop && \
# StartOS branding
echo "Starting Sparrow on Webtop for StartOS..." > /etc/s6-overlay/s6-rc.d/init-adduser/branding; sed -i '/run_branding() {/,/}/d' /docker-mods && \
# cleanup and remove some unneeded large binaries
echo "**** cleanup ****" && \
rm /kasmbins/kasm_webcam_server && \
apt-get autoclean && \
rm -rf \
/config/.cache \
/var/lib/apt/lists/* \
/var/tmp/* \
/tmp/*
# Sparrow
RUN \
echo "**** install Sparrow ****" && \
# sparrow requires this directory to exist
mkdir -p /usr/share/desktop-directories/ && \
# Download and install Sparrow (todo: gpg sig verification)
wget --quiet https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow_${SPARROW_DEBVERSION}_${PLATFORM}.deb \
https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-${SPARROW_VERSION}-manifest.txt \
https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-${SPARROW_VERSION}-manifest.txt.asc \
https://keybase.io/craigraw/pgp_keys.asc && \
# verify pgp and sha signatures
gpg --import pgp_keys.asc && \
gpg --status-fd 1 --verify sparrow-${SPARROW_VERSION}-manifest.txt.asc | grep -q "GOODSIG ${SPARROW_PGP_SIG} Craig Raw <craig@sparrowwallet.com>" || exit 1 && \
sha256sum --check sparrow-${SPARROW_VERSION}-manifest.txt --ignore-missing || exit 1 && \
DEBIAN_FRONTEND=noninteractive \
apt-get install -y ./sparrow_${SPARROW_DEBVERSION}_${PLATFORM}.deb && \
# cleanup
rm ./sparrow* ./pgp_keys.asc
# start from scratch so we create smaller layers in the resulting image
FROM scratch
COPY --from=buildstage / .
COPY --from=wwwstage /build-out /usr/local/share/kasmvnc/www
# since we start from scratch, we need these env variables from the base images
ENV \
# from ghcr.io/linuxserver/baseimage-debian:bookworm (https://github.com/linuxserver/docker-baseimage-debian/blob/master/Dockerfile)
HOME="/root" \
LANGUAGE="en_US.UTF-8" \
LANG="en_US.UTF-8" \
TERM="xterm" \
S6_CMD_WAIT_FOR_SERVICES_MAXTIME="0" \
S6_VERBOSITY=1 \
S6_STAGE2_HOOK=/docker-mods \
VIRTUAL_ENV=/lsiopy \
PATH="/lsiopy/bin:$PATH" \
# from ghcr.io/linuxserver/baseimage-kasmvnc:debianbookworm (https://github.com/linuxserver/docker-baseimage-kasmvnc/blob/debianbookworm/Dockerfile)
DISPLAY=:1 \
PERL5LIB=/usr/local/bin \
OMP_WAIT_POLICY=PASSIVE \
GOMP_SPINCOUNT=0 \
HOME=/config \
# base container starts docker by default, but we removed it, so set to false
START_DOCKER=false \
PULSE_RUNTIME_PATH=/defaults \
NVIDIA_DRIVER_CAPABILITIES=all \
# set dark theme
GTK_THEME=Adwaita:dark \
GTK2_RC_FILES=/usr/share/themes/Adwaita-dark/gtk-2.0/gtkrc \
# prevent kasm from touching our rc.xml
NO_FULL=1
# add local files
COPY /root /
COPY --chmod=755 ./docker_entrypoint.sh /usr/local/bin/docker_entrypoint.sh
COPY --chmod=664 icon.png /kclient/public/icon.png
COPY --chmod=664 icon.png /kclient/public/favicon.ico
# ports and volumes
EXPOSE 3000
VOLUME /config