[MAJOR] Slim container by removing CUDA and extracting NVRTC

There is no visible change to the user. However, the environment CUDA_VERSION is eliminated. Therefore, this commit is a breaking change.

Dockerfile

@@ -4,75 +4,48 @@
 
 # Ubuntu release versions 22.04, and 20.04 are supported
 ARG UBUNTU_RELEASE=22.04
-ARG CUDA_VERSION=11.7.1
-FROM nvcr.io/nvidia/cuda:${CUDA_VERSION}-runtime-ubuntu${UBUNTU_RELEASE}
+FROM ubuntu:${UBUNTU_RELEASE}
 
 LABEL maintainer "https://github.com/ehfd,https://github.com/danisla"
 
 ARG UBUNTU_RELEASE
-ARG CUDA_VERSION
-# Make all NVIDIA GPUs visible by default
-ARG NVIDIA_VISIBLE_DEVICES=all
 # Use noninteractive mode to skip confirmation when installing packages
 ARG DEBIAN_FRONTEND=noninteractive
-# All NVIDIA driver capabilities should preferably be used, check `NVIDIA_DRIVER_CAPABILITIES` inside the container if things do not work
-ENV NVIDIA_DRIVER_CAPABILITIES all
-# Disable VSYNC for NVIDIA GPUs
-ENV __GL_SYNC_TO_VBLANK 0
-# Expose CUDA libraries
-ENV LD_LIBRARY_PATH /usr/lib/x86_64-linux-gnu:/usr/lib/i386-linux-gnu${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
-# Enable AppImage execution in a container
-ENV APPIMAGE_EXTRACT_AND_RUN 1
 # System defaults that should not be changed
 ENV DISPLAY :0
 ENV XDG_RUNTIME_DIR /tmp/runtime-user
 ENV PULSE_SERVER unix:/run/pulse/native
 
-# Default environment variables (password is "mypasswd")
-ENV TZ UTC
-ENV SIZEW 1920
-ENV SIZEH 1080
-ENV REFRESH 60
-ENV DPI 96
-ENV CDEPTH 24
-ENV VIDEO_PORT DFP
-ENV PASSWD mypasswd
-ENV NOVNC_ENABLE false
-ENV WEBRTC_ENCODER nvh264enc
-ENV WEBRTC_ENABLE_RESIZE false
-ENV ENABLE_BASIC_AUTH true
-
-# Set versions for components that should be manually checked before upgrading, other component versions are automatically determined by fetching the version online
-ARG NOVNC_VERSION=1.4.0
-
-# Install locales to prevent X11 errors
-RUN apt-get clean && \
-    apt-get update && apt-get install --no-install-recommends -y locales && \
+# Install fundamental packages
+RUN apt-get clean && apt-get update && apt-get upgrade -y && apt-get install --no-install-recommends -y \
+        apt-transport-https \
+        apt-utils \
+        build-essential \
+        ca-certificates \
+        curl \
+        gnupg \
+        locales \
+        make \
+        software-properties-common \
+        wget && \
     rm -rf /var/lib/apt/lists/* && \
     locale-gen en_US.UTF-8
+# Set locales
 ENV LANG en_US.UTF-8
 ENV LANGUAGE en_US:en
 ENV LC_ALL en_US.UTF-8
 
-# Install Xorg and other important libraries or packages
+# Install operating system libraries or packages
 RUN dpkg --add-architecture i386 && \
     apt-get update && apt-get install --no-install-recommends -y \
-        software-properties-common \
         alsa-base \
         alsa-utils \
-        apt-transport-https \
-        apt-utils \
-        build-essential \
-        ca-certificates \
-        ssl-cert \
         cups-browsed \
         cups-bsd \
         cups-common \
         cups-filters \
         cups-pdf \
-        curl \
         file \
-        wget \
         bzip2 \
         gzip \
         xz-utils \
@@ -85,10 +58,10 @@ RUN dpkg --add-architecture i386 && \
         gcc \
         git \
         jq \
-        make \
         python3 \
         python3-cups \
         python3-numpy \
+        ssl-cert \
         mlocate \
         nano \
         vim \
@@ -117,30 +90,8 @@ RUN dpkg --add-architecture i386 && \
         pulseaudio \
         supervisor \
         net-tools \
-        libglvnd-dev \
-        libglvnd-dev:i386 \
-        libgl1-mesa-dev \
-        libgl1-mesa-dev:i386 \
-        libegl1-mesa-dev \
-        libegl1-mesa-dev:i386 \
-        libgles2-mesa-dev \
-        libgles2-mesa-dev:i386 \
-        libglvnd0 \
-        libglvnd0:i386 \
-        libgl1 \
-        libgl1:i386 \
-        libglx0 \
-        libglx0:i386 \
-        libegl1 \
-        libegl1:i386 \
-        libgles2 \
-        libgles2:i386 \
-        libglu1 \
-        libglu1:i386 \
-        libsm6 \
-        libsm6:i386 \
-        pkg-config \
         packagekit-tools \
+        pkg-config \
         mesa-utils \
         mesa-utils-extra \
         va-driver-all \
@@ -155,16 +106,36 @@ RUN dpkg --add-architecture i386 && \
         vdpau-driver-all \
         vdpau-driver-all:i386 \
         vdpauinfo \
+        mesa-vulkan-drivers \
+        mesa-vulkan-drivers:i386 \
+        libvulkan-dev \
+        libvulkan-dev:i386 \
+        vulkan-tools \
+        ocl-icd-libopencl1 \
+        clinfo \
+        dbus-user-session \
+        dbus-x11 \
+        libdbus-c++-1-0v5 \
+        xkb-data \
+        xauth \
+        xbitmaps \
+        xdg-user-dirs \
+        xdg-utils \
+        xfonts-base \
+        xfonts-scalable \
+        xinit \
+        xsettingsd \
+        libxrandr-dev \
+        x11-xkb-utils \
+        x11-xserver-utils \
+        x11-utils \
+        x11-apps \
         xserver-xorg-input-all \
         xserver-xorg-input-wacom \
         xserver-xorg-video-all \
         xserver-xorg-video-intel \
         xserver-xorg-video-qxl \
-        vulkan-tools \
-        mesa-vulkan-drivers \
-        mesa-vulkan-drivers:i386 \
-        libvulkan-dev \
-        libvulkan-dev:i386 \
+        # Install OpenGL libraries
         libxau6 \
         libxau6:i386 \
         libxdmcp6 \
@@ -179,41 +150,82 @@ RUN dpkg --add-architecture i386 && \
         libxv1:i386 \
         libxtst6 \
         libxtst6:i386 \
-        xdg-user-dirs \
-        xdg-utils \
-        dbus-user-session \
-        dbus-x11 \
-        libdbus-c++-1-0v5 \
-        xkb-data \
-        x11-xkb-utils \
-        x11-xserver-utils \
-        x11-utils \
-        x11-apps \
-        xauth \
-        xbitmaps \
-        xfonts-base \
-        xfonts-scalable \
-        xinit \
-        xsettingsd \
-        libxrandr-dev \
-        # Install essential Xorg and NVIDIA packages, packages above this line should be the same between docker-nvidia-glx-desktop and docker-nvidia-egl-desktop
-        kmod \
-        libc6-dev \
-        libc6:i386 \
-        libpci3 \
-        libelf-dev \
-        xorg && \
+        libglvnd0 \
+        libglvnd0:i386 \
+        libgl1 \
+        libgl1:i386 \
+        libglx0 \
+        libglx0:i386 \
+        libegl1 \
+        libegl1:i386 \
+        libgles2 \
+        libgles2:i386 \
+        libglu1 \
+        libglu1:i386 \
+        libsm6 \
+        libsm6:i386 && \
     rm -rf /var/lib/apt/lists/* && \
+    echo "/usr/local/nvidia/lib" >> /etc/ld.so.conf.d/nvidia.conf && \
+    echo "/usr/local/nvidia/lib64" >> /etc/ld.so.conf.d/nvidia.conf && \
+    # Configure OpenCL manually
+    mkdir -pm755 /etc/OpenCL/vendors && echo "libnvidia-opencl.so.1" > /etc/OpenCL/vendors/nvidia.icd && \
+    # Configure Vulkan manually
+    VULKAN_API_VERSION=$(dpkg -s libvulkan1 | grep -oP 'Version: [0-9|\.]+' | grep -oP '[0-9]+(\.[0-9]+)(\.[0-9]+)') && \
+    mkdir -pm755 /etc/vulkan/icd.d/ && echo "{\n\
+    \"file_format_version\" : \"1.0.0\",\n\
+    \"ICD\": {\n\
+        \"library_path\": \"libGLX_nvidia.so.0\",\n\
+        \"api_version\" : \"${VULKAN_API_VERSION}\"\n\
+    }\n\
+}" > /etc/vulkan/icd.d/nvidia_icd.json && \
     # Configure EGL manually
-    mkdir -p /usr/share/glvnd/egl_vendor.d/ && \
-    echo "{\n\
+    mkdir -pm755 /usr/share/glvnd/egl_vendor.d/ && echo "{\n\
     \"file_format_version\" : \"1.0.0\",\n\
     \"ICD\": {\n\
         \"library_path\": \"libEGL_nvidia.so.0\"\n\
     }\n\
 }" > /usr/share/glvnd/egl_vendor.d/10_nvidia.json
+# Expose NVIDIA libraries and paths
+ENV PATH /usr/local/nvidia/bin:${PATH}
+ENV LD_LIBRARY_PATH /usr/lib/x86_64-linux-gnu:/usr/lib/i386-linux-gnu${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}:/usr/local/nvidia/lib:/usr/local/nvidia/lib64
+# Make all NVIDIA GPUs visible by default
+ENV NVIDIA_VISIBLE_DEVICES all
+# All NVIDIA driver capabilities should preferably be used, check `NVIDIA_DRIVER_CAPABILITIES` inside the container if things do not work
+ENV NVIDIA_DRIVER_CAPABILITIES all
+# Disable VSYNC for NVIDIA GPUs
+ENV __GL_SYNC_TO_VBLANK 0
+
+# Anything above this line should always be kept the same between docker-nvidia-glx-desktop and docker-nvidia-egl-desktop
+
+# Default environment variables (password is "mypasswd")
+ENV TZ UTC
+ENV SIZEW 1920
+ENV SIZEH 1080
+ENV REFRESH 60
+ENV DPI 96
+ENV CDEPTH 24
+ENV VIDEO_PORT DFP
+ENV PASSWD mypasswd
+ENV NOVNC_ENABLE false
+ENV WEBRTC_ENCODER nvh264enc
+ENV WEBRTC_ENABLE_RESIZE false
+ENV ENABLE_BASIC_AUTH true
 
-# Anything below this line should be always kept the same between docker-nvidia-glx-desktop and docker-nvidia-egl-desktop
+# Set versions for components that should be manually checked before upgrading, other component versions are automatically determined by fetching the version online
+ARG NOVNC_VERSION=1.4.0
+
+# Install Xorg and NVIDIA driver installer dependencies
+RUN apt-get update && apt-get install --no-install-recommends -y \
+        kmod \
+        libc6-dev \
+        libc6:i386 \
+        libpci3 \
+        libelf-dev \
+        pkg-config \
+        xorg && \
+    rm -rf /var/lib/apt/lists/*
+
+# Anything below this line should always be kept the same between docker-nvidia-glx-desktop and docker-nvidia-egl-desktop
 
 # Install KDE and other GUI packages
 ENV XDG_CURRENT_DESKTOP KDE
@@ -221,13 +233,13 @@ ENV KWIN_COMPOSE N
 ENV KWIN_X11_NO_SYNC_TO_VBLANK 1
 # Use sudoedit to change protected files instead of using sudo on kate
 ENV SUDO_EDITOR kate
-RUN mkdir -pm755 /etc/apt/preferences.d && \
-    echo "Package: firefox*\n\
+# Enable AppImage execution in containers
+ENV APPIMAGE_EXTRACT_AND_RUN 1
+RUN mkdir -pm755 /etc/apt/preferences.d && echo "Package: firefox*\n\
 Pin: version 1:1snap*\n\
 Pin-Priority: -1" > /etc/apt/preferences.d/firefox-nosnap && \
-    # Add Mozilla Firefox PPA
     mkdir -pm755 /etc/apt/trusted.gpg.d && curl -fsSL "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x0AB215679C571D1C8325275B9BDB3D89CE49EC21" | gpg --dearmor -o /etc/apt/trusted.gpg.d/mozillateam-ubuntu-ppa.gpg && \
-    mkdir -pm755 /etc/apt/sources.list.d && echo "deb https://ppa.launchpadcontent.net/mozillateam/ppa/ubuntu $(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2) main" > "/etc/apt/sources.list.d/mozillateam-ubuntu-ppa-$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2).list" && \
+    mkdir -pm755 /etc/apt/sources.list.d && echo "deb https://ppa.launchpadcontent.net/mozillateam/ppa/ubuntu $(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2 | tr -d '\"') main" > "/etc/apt/sources.list.d/mozillateam-ubuntu-ppa-$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2 | tr -d '\"').list" && \
     apt-get update && apt-get install --no-install-recommends -y \
         kde-plasma-desktop \
         adwaita-icon-theme-full \
@@ -370,13 +382,13 @@ logout=false" > /etc/xdg/kdeglobals
 # Wine, Winetricks, Lutris, and PlayOnLinux, this process must be consistent with https://wiki.winehq.org/Ubuntu
 ARG WINE_BRANCH=staging
 RUN mkdir -pm755 /etc/apt/keyrings && curl -fsSL -o /etc/apt/keyrings/winehq-archive.key "https://dl.winehq.org/wine-builds/winehq.key" && \
-    curl -fsSL -o "/etc/apt/sources.list.d/winehq-$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2).sources" "https://dl.winehq.org/wine-builds/ubuntu/dists/$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2)/winehq-$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2).sources" && \
+    curl -fsSL -o "/etc/apt/sources.list.d/winehq-$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2 | tr -d '\"').sources" "https://dl.winehq.org/wine-builds/ubuntu/dists/$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2 | tr -d '\"')/winehq-$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2 | tr -d '\"').sources" && \
     apt-get update && apt-get install --install-recommends -y \
         winehq-${WINE_BRANCH} && \
     apt-get install --no-install-recommends -y \
         q4wine \
         playonlinux && \
-    LUTRIS_VERSION=$(curl -fsSL "https://api.github.com/repos/lutris/lutris/releases/latest" | jq -r '.tag_name' | sed 's/[^0-9\.\-]*//g') && \
+    LUTRIS_VERSION="$(curl -fsSL "https://api.github.com/repos/lutris/lutris/releases/latest" | jq -r '.tag_name' | sed 's/[^0-9\.\-]*//g')" && \
     curl -fsSL -O "https://github.com/lutris/lutris/releases/download/v${LUTRIS_VERSION}/lutris_${LUTRIS_VERSION}_all.deb" && \
     apt-get install --no-install-recommends -y ./lutris_${LUTRIS_VERSION}_all.deb && rm -f "./lutris_${LUTRIS_VERSION}_all.deb" && \
     rm -rf /var/lib/apt/lists/* && \
@@ -438,16 +450,16 @@ RUN apt-get update && apt-get install --no-install-recommends -y \
         vainfo \
         intel-gpu-tools \
         radeontop && \
-    if [ "${UBUNTU_RELEASE}" \> "20.04" ]; then apt-get install --no-install-recommends -y xcvt; fi && \
+    if [ "$(grep VERSION_ID= /etc/os-release | cut -d= -f2 | tr -d '\"')" \> "20.04" ]; then apt-get install --no-install-recommends -y xcvt; fi && \
     rm -rf /var/lib/apt/lists/* && \
-    cd /opt && \
     # Automatically fetch the latest selkies-gstreamer version and install the components
-    SELKIES_VERSION=$(curl -fsSL "https://api.github.com/repos/selkies-project/selkies-gstreamer/releases/latest" | jq -r '.tag_name' | sed 's/[^0-9\.\-]*//g') && \
-    curl -fsSL "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies-gstreamer-v${SELKIES_VERSION}-ubuntu${UBUNTU_RELEASE}.tgz" | tar -zxf - && \
-    curl -O -fsSL "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies_gstreamer-${SELKIES_VERSION}-py3-none-any.whl" && pip3 install "selkies_gstreamer-${SELKIES_VERSION}-py3-none-any.whl" && rm -f "selkies_gstreamer-${SELKIES_VERSION}-py3-none-any.whl" && \
-    curl -fsSL "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies-gstreamer-web-v${SELKIES_VERSION}.tgz" | tar -zxf - && \
-    curl -O -fsSL "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies-js-interposer-v${SELKIES_VERSION}-ubuntu${UBUNTU_RELEASE}.deb" && apt-get update && apt-get install --no-install-recommends -y "./selkies-js-interposer-v${SELKIES_VERSION}-ubuntu${UBUNTU_RELEASE}.deb" && rm -f "selkies-js-interposer-v${SELKIES_VERSION}-ubuntu${UBUNTU_RELEASE}.deb" && rm -rf /var/lib/apt/lists/* && \
-    cd /usr/local/cuda/lib64 && sudo find . -maxdepth 1 -type l -name "*libnvrtc.so.*" -exec sh -c 'ln -snf $(basename {}) libnvrtc.so' \;
+    SELKIES_VERSION="$(curl -fsSL "https://api.github.com/repos/selkies-project/selkies-gstreamer/releases/latest" | jq -r '.tag_name' | sed 's/[^0-9\.\-]*//g')" && \
+    cd /opt && curl -fsSL "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies-gstreamer-v${SELKIES_VERSION}-ubuntu$(grep VERSION_ID= /etc/os-release | cut -d= -f2 | tr -d '\"').tgz" | tar -zxf - && \
+    # Extract NVRTC dependency, https://developer.download.nvidia.com/compute/cuda/redist/cuda_nvrtc/LICENSE.txt
+    cd /tmp && curl -fsSL -o nvidia_cuda_nvrtc_linux_x86_64.whl "https://developer.download.nvidia.com/compute/redist/nvidia-cuda-nvrtc/nvidia_cuda_nvrtc-11.0.221-cp36-cp36m-linux_x86_64.whl" && unzip -joq -d ./nvrtc nvidia_cuda_nvrtc_linux_x86_64.whl && cd nvrtc && chmod 755 libnvrtc* && find . -maxdepth 1 -type f -name "*libnvrtc.so.*" -exec sh -c 'ln -snf $(basename {}) libnvrtc.so' \; && mv -f libnvrtc* /opt/gstreamer/lib/x86_64-linux-gnu/ && cd /tmp && rm -rf /tmp/* && \
+    cd /tmp && curl -fsSL -O "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies_gstreamer-${SELKIES_VERSION}-py3-none-any.whl" && pip3 install "selkies_gstreamer-${SELKIES_VERSION}-py3-none-any.whl" && rm -f "selkies_gstreamer-${SELKIES_VERSION}-py3-none-any.whl" && \
+    cd /opt && curl -fsSL "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies-gstreamer-web-v${SELKIES_VERSION}.tgz" | tar -zxf - && \
+    cd /tmp && curl -fsSL -o selkies-js-interposer.deb "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies-js-interposer-v${SELKIES_VERSION}-ubuntu$(grep VERSION_ID= /etc/os-release | cut -d= -f2 | tr -d '\"').deb" && apt-get update && apt-get install --no-install-recommends -y ./selkies-js-interposer.deb && rm -f ./selkies-js-interposer.deb && rm -rf /var/lib/apt/lists/* /tmp/*
 # Add configuration for Selkies-GStreamer Joystick interposer
 ENV LD_PRELOAD /usr/local/lib/selkies-js-interposer/joystick_interposer.so${LD_PRELOAD:+:${LD_PRELOAD}}
 ENV SDL_JOYSTICK_DEVICE /dev/input/js0
@@ -482,7 +494,7 @@ RUN apt-get update && apt-get install --no-install-recommends -y \
     cd /tmp/x11vnc && autoreconf -fi && ./configure && make install && cd / && rm -rf /tmp/* && \
     curl -fsSL "https://github.com/novnc/noVNC/archive/v${NOVNC_VERSION}.tar.gz" | tar -xzf - -C /opt && \
     mv -f "/opt/noVNC-${NOVNC_VERSION}" /opt/noVNC && \
-    ln -snf /opt/noVNC/vnc.html /opt/noVNC/index.html && \
+    cd /opt/noVNC && ln -snf vnc.html index.html && \
     # Use the latest Websockify source to expose noVNC
     git clone "https://github.com/novnc/websockify.git" /opt/noVNC/utils/websockify
 
@@ -511,7 +523,7 @@ RUN chmod 755 /etc/supervisord.conf
 
 EXPOSE 8080
 
-USER user
+USER 1000
 ENV SHELL /bin/bash
 ENV USER user
 WORKDIR /home/user

entrypoint.sh

@@ -18,7 +18,7 @@ echo "user:$PASSWD" | sudo chpasswd
 sudo rm -rf /tmp/.X* ~/.cache
 # Change time zone from environment variable
 sudo ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime && echo "$TZ" | sudo tee /etc/timezone > /dev/null
-# Add game directories for Lutris to path
+# Add Lutris directories to path
 export PATH="${PATH}:/usr/local/games:/usr/games"
 # Add LibreOffice to library path
 export LD_LIBRARY_PATH="/usr/lib/libreoffice/program:${LD_LIBRARY_PATH}"
@@ -27,22 +27,21 @@ export LD_LIBRARY_PATH="/usr/lib/libreoffice/program:${LD_LIBRARY_PATH}"
 sudo ln -snf /dev/ptmx /dev/tty7
 # Start DBus without systemd
 sudo /etc/init.d/dbus start
-# Configure environment for selkies-gstreamer utilities
-source /opt/gstreamer/gst-env
 
 # Install NVIDIA userspace driver components including X graphic libraries
 if ! command -v nvidia-xconfig &> /dev/null; then
   # Driver version is provided by the kernel through the container toolkit
-  export DRIVER_VERSION=$(head -n1 </proc/driver/nvidia/version | awk '{print $8}')
+  export DRIVER_ARCH="$(dpkg --print-architecture | sed -e 's/arm64/aarch64/'  -e 's/i.*86/x86/' -e 's/amd64/x86_64/' -e 's/unknown/x86_64/')"
+  export DRIVER_VERSION="$(head -n1 </proc/driver/nvidia/version | awk '{print $8}')"
   cd /tmp
   # If version is different, new installer will overwrite the existing components
-  if [ ! -f "/tmp/NVIDIA-Linux-x86_64-$DRIVER_VERSION.run" ]; then
+  if [ ! -f "/tmp/NVIDIA-Linux-${DRIVER_ARCH}-${DRIVER_VERSION}.run" ]; then
     # Check multiple sources in order to probe both consumer and datacenter driver versions
-    curl -fsL -O "https://us.download.nvidia.com/XFree86/Linux-x86_64/$DRIVER_VERSION/NVIDIA-Linux-x86_64-$DRIVER_VERSION.run" || curl -fsL -O "https://us.download.nvidia.com/tesla/$DRIVER_VERSION/NVIDIA-Linux-x86_64-$DRIVER_VERSION.run" || { echo "Failed NVIDIA GPU driver download. Exiting."; exit 1; }
+    curl -fsSL -O "https://international.download.nvidia.com/XFree86/Linux-${DRIVER_ARCH}/${DRIVER_VERSION}/NVIDIA-Linux-${DRIVER_ARCH}-${DRIVER_VERSION}.run" || curl -fsSL -O "https://international.download.nvidia.com/tesla/${DRIVER_VERSION}/NVIDIA-Linux-${DRIVER_ARCH}-${DRIVER_VERSION}.run" || { echo "Failed NVIDIA GPU driver download. Exiting."; exit 1; }
   fi
   # Extract installer before installing
-  sudo sh "NVIDIA-Linux-x86_64-$DRIVER_VERSION.run" -x
-  cd "NVIDIA-Linux-x86_64-$DRIVER_VERSION"
+  sudo sh "NVIDIA-Linux-${DRIVER_ARCH}-${DRIVER_VERSION}.run" -x
+  cd "NVIDIA-Linux-${DRIVER_ARCH}-${DRIVER_VERSION}"
   # Run installation without the kernel modules and host components
   sudo ./nvidia-installer --silent \
                     --no-kernel-module \
@@ -69,15 +68,13 @@ if [ -f "/etc/X11/xorg.conf" ]; then
 fi
 
 # Get first GPU device if all devices are available or `NVIDIA_VISIBLE_DEVICES` is not set
-if [ "$NVIDIA_VISIBLE_DEVICES" == "all" ]; then
-  export GPU_SELECT=$(sudo nvidia-smi --query-gpu=uuid --format=csv | sed -n 2p)
-elif [ -z "$NVIDIA_VISIBLE_DEVICES" ]; then
-  export GPU_SELECT=$(sudo nvidia-smi --query-gpu=uuid --format=csv | sed -n 2p)
+if [ "$NVIDIA_VISIBLE_DEVICES" == "all" ] || [ -z "$NVIDIA_VISIBLE_DEVICES" ]; then
+  export GPU_SELECT="$(sudo nvidia-smi --query-gpu=uuid --format=csv | sed -n 2p)"
 # Get first GPU device out of the visible devices in other situations
 else
-  export GPU_SELECT=$(sudo nvidia-smi --id=$(echo "$NVIDIA_VISIBLE_DEVICES" | cut -d ',' -f1) --query-gpu=uuid --format=csv | sed -n 2p)
+  export GPU_SELECT="$(sudo nvidia-smi --id=$(echo "$NVIDIA_VISIBLE_DEVICES" | cut -d ',' -f1) --query-gpu=uuid --format=csv | sed -n 2p)"
   if [ -z "$GPU_SELECT" ]; then
-    export GPU_SELECT=$(sudo nvidia-smi --query-gpu=uuid --format=csv | sed -n 2p)
+    export GPU_SELECT="$(sudo nvidia-smi --query-gpu=uuid --format=csv | sed -n 2p)"
   fi
 fi
 
@@ -95,14 +92,14 @@ else
 fi
 
 # Bus ID from nvidia-smi is in hexadecimal format, should be converted to decimal format which Xorg understands, required because nvidia-xconfig doesn't work as intended in a container
-HEX_ID=$(sudo nvidia-smi --query-gpu=pci.bus_id --id="$GPU_SELECT" --format=csv | sed -n 2p)
+HEX_ID="$(sudo nvidia-smi --query-gpu=pci.bus_id --id="$GPU_SELECT" --format=csv | sed -n 2p)"
 IFS=":." ARR_ID=($HEX_ID)
 unset IFS
-BUS_ID=PCI:$((16#${ARR_ID[1]})):$((16#${ARR_ID[2]})):$((16#${ARR_ID[3]}))
+BUS_ID="PCI:$((16#${ARR_ID[1]})):$((16#${ARR_ID[2]})):$((16#${ARR_ID[3]}))"
 # A custom modeline should be generated because there is no monitor to fetch this information normally
-export MODELINE=$(cvt -r "${SIZEW}" "${SIZEH}" "${REFRESH}" | sed -n 2p)
+export MODELINE="$(cvt -r "${SIZEW}" "${SIZEH}" "${REFRESH}" | sed -n 2p)"
 # Generate /etc/X11/xorg.conf with nvidia-xconfig
-sudo nvidia-xconfig --virtual="${SIZEW}x${SIZEH}" --depth="$CDEPTH" --mode=$(echo "$MODELINE" | awk '{print $2}' | tr -d '"') --allow-empty-initial-configuration --no-probe-all-gpus --busid="$BUS_ID" --no-multigpu --no-sli --no-base-mosaic --only-one-x-screen ${CONNECTED_MONITOR}
+sudo nvidia-xconfig --virtual="${SIZEW}x${SIZEH}" --depth="$CDEPTH" --mode="$(echo "$MODELINE" | awk '{print $2}' | tr -d '\"')" --allow-empty-initial-configuration --no-probe-all-gpus --busid="$BUS_ID" --no-multigpu --no-sli --no-base-mosaic --only-one-x-screen ${CONNECTED_MONITOR}
 # Guarantee that the X server starts without a monitor by adding more options to the configuration
 sudo sed -i '/Driver\s\+"nvidia"/a\    Option         "ModeValidation" "NoMaxPClkCheck, NoEdidMaxPClkCheck, NoMaxSizeCheck, NoHorizSyncCheck, NoVertRefreshCheck, NoVirtualSizeCheck, NoExtendedGpuCapabilitiesCheck, NoTotalSizeCheck, NoDualLinkDVICheck, NoDisplayPortBandwidthCheck, AllowNon3DVisionModes, AllowNonHDMI3DModes, AllowNonEdidModes, NoEdidHDMI2Check, AllowDpInterlaced"\n    Option         "HardDPMS" "False"' /etc/X11/xorg.conf
 # Add custom generated modeline to the configuration
@@ -128,7 +125,7 @@ if [ "${NOVNC_ENABLE,,}" = "true" ]; then
 fi
 
 # Start KDE desktop environment
-/usr/bin/startplasma-x11 &
+/usr/bin/dbus-launch /usr/bin/startplasma-x11 &
 
 # Start Fcitx input method framework
 /usr/bin/fcitx &

selkies-gstreamer-entrypoint.sh

@@ -6,8 +6,6 @@
 
 # Source environment for GStreamer
 source /opt/gstreamer/gst-env
-# Add CUDA library path
-export LD_LIBRARY_PATH="/usr/local/cuda/lib64:${LD_LIBRARY_PATH}"
 
 # Set default display
 export DISPLAY="${DISPLAY:-:0}"
@@ -39,8 +37,8 @@ sudo sed -i \
     -e "s|PWA_CACHE|${PWA_APP_SHORT_NAME}-webrtc-pwa|g" \
 /opt/gst-web/sw.js
 
-# Clear the cache registry to force the CUDA elements to refresh
-rm -f "${HOME}/.cache/gstreamer-1.0/registry.x86_64.bin"
+# Clear the cache registry
+rm -rf "${HOME}/.cache/gstreamer-1.0"
 
 # Start the selkies-gstreamer WebRTC HTML5 remote desktop application
 selkies-gstreamer \

xgl.yml

@@ -65,6 +65,13 @@ spec:
           value: "false"
         - name: ENABLE_BASIC_AUTH
           value: "true"
+        - name: ENABLE_HTTPS_WEB
+          value: "false"
+        # Volume mount trusted HTTPS certificate to new path for no web browser warnings
+#        - name: HTTPS_WEB_CERT
+#          value: /etc/ssl/certs/ssl-cert-snakeoil.pem
+#        - name: HTTPS_WEB_KEY
+#          value: /etc/ssl/private/ssl-cert-snakeoil.key
         # Defaults to `PASSWD` if unspecified, choose either `value:` or `secretKeyRef:` but not both at the same time
 #        - name: BASIC_AUTH_PASSWORD
 #          value: "mypasswd"