# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at https://mozilla.org/MPL/2.0/. # Ubuntu release versions 22.04, and 20.04 are supported ARG UBUNTU_RELEASE=22.04 FROM ubuntu:${UBUNTU_RELEASE} LABEL maintainer "https://github.com/ehfd,https://github.com/danisla" ARG UBUNTU_RELEASE # Use noninteractive mode to skip confirmation when installing packages ARG DEBIAN_FRONTEND=noninteractive # System defaults that should not be changed ENV DISPLAY :0 ENV XDG_RUNTIME_DIR /tmp/runtime-user ENV PULSE_SERVER unix:/run/pulse/native # Install fundamental packages RUN apt-get clean && apt-get update && apt-get upgrade -y && apt-get install --no-install-recommends -y \ apt-transport-https \ apt-utils \ build-essential \ ca-certificates \ curl \ gnupg \ locales \ make \ software-properties-common \ wget && \ rm -rf /var/lib/apt/lists/* && \ locale-gen en_US.UTF-8 # Set locales ENV LANG en_US.UTF-8 ENV LANGUAGE en_US:en ENV LC_ALL en_US.UTF-8 # Install operating system libraries or packages RUN dpkg --add-architecture i386 && \ apt-get update && apt-get install --no-install-recommends -y \ alsa-base \ alsa-utils \ cups-browsed \ cups-bsd \ cups-common \ cups-filters \ cups-pdf \ file \ bzip2 \ gzip \ xz-utils \ unar \ rar \ unrar \ zip \ unzip \ zstd \ gcc \ git \ jq \ python3 \ python3-cups \ python3-numpy \ ssl-cert \ mlocate \ nano \ vim \ htop \ fakeroot \ fonts-dejavu \ fonts-freefont-ttf \ fonts-hack \ fonts-liberation \ fonts-noto \ fonts-noto-cjk \ fonts-noto-cjk-extra \ fonts-noto-color-emoji \ fonts-noto-extra \ fonts-noto-ui-extra \ fonts-noto-hinted \ fonts-noto-mono \ fonts-noto-unhinted \ fonts-opensymbol \ fonts-symbola \ fonts-ubuntu \ lame \ less \ libavcodec-extra \ libpulse0 \ pulseaudio \ supervisor \ net-tools \ packagekit-tools \ pkg-config \ mesa-utils \ mesa-utils-extra \ va-driver-all \ va-driver-all:i386 \ i965-va-driver-shaders \ i965-va-driver-shaders:i386 \ intel-media-va-driver-non-free \ intel-media-va-driver-non-free:i386 \ libva2 \ libva2:i386 \ vainfo \ vdpau-driver-all \ vdpau-driver-all:i386 \ vdpauinfo \ mesa-vulkan-drivers \ mesa-vulkan-drivers:i386 \ libvulkan-dev \ libvulkan-dev:i386 \ vulkan-tools \ ocl-icd-libopencl1 \ clinfo \ dbus-user-session \ dbus-x11 \ libdbus-c++-1-0v5 \ xkb-data \ xauth \ xbitmaps \ xdg-user-dirs \ xdg-utils \ xfonts-base \ xfonts-scalable \ xinit \ xsettingsd \ libxrandr-dev \ x11-xkb-utils \ x11-xserver-utils \ x11-utils \ x11-apps \ xserver-xorg-input-all \ xserver-xorg-input-wacom \ xserver-xorg-video-all \ xserver-xorg-video-intel \ xserver-xorg-video-qxl \ # Install OpenGL libraries libxau6 \ libxau6:i386 \ libxdmcp6 \ libxdmcp6:i386 \ libxcb1 \ libxcb1:i386 \ libxext6 \ libxext6:i386 \ libx11-6 \ libx11-6:i386 \ libxv1 \ libxv1:i386 \ libxtst6 \ libxtst6:i386 \ libglvnd0 \ libglvnd0:i386 \ libgl1 \ libgl1:i386 \ libglx0 \ libglx0:i386 \ libegl1 \ libegl1:i386 \ libgles2 \ libgles2:i386 \ libglu1 \ libglu1:i386 \ libsm6 \ libsm6:i386 && \ rm -rf /var/lib/apt/lists/* && \ echo "/usr/local/nvidia/lib" >> /etc/ld.so.conf.d/nvidia.conf && \ echo "/usr/local/nvidia/lib64" >> /etc/ld.so.conf.d/nvidia.conf && \ # Configure OpenCL manually mkdir -pm755 /etc/OpenCL/vendors && echo "libnvidia-opencl.so.1" > /etc/OpenCL/vendors/nvidia.icd && \ # Configure Vulkan manually VULKAN_API_VERSION=$(dpkg -s libvulkan1 | grep -oP 'Version: [0-9|\.]+' | grep -oP '[0-9]+(\.[0-9]+)(\.[0-9]+)') && \ mkdir -pm755 /etc/vulkan/icd.d/ && echo "{\n\ \"file_format_version\" : \"1.0.0\",\n\ \"ICD\": {\n\ \"library_path\": \"libGLX_nvidia.so.0\",\n\ \"api_version\" : \"${VULKAN_API_VERSION}\"\n\ }\n\ }" > /etc/vulkan/icd.d/nvidia_icd.json && \ # Configure EGL manually mkdir -pm755 /usr/share/glvnd/egl_vendor.d/ && echo "{\n\ \"file_format_version\" : \"1.0.0\",\n\ \"ICD\": {\n\ \"library_path\": \"libEGL_nvidia.so.0\"\n\ }\n\ }" > /usr/share/glvnd/egl_vendor.d/10_nvidia.json # Expose NVIDIA libraries and paths ENV PATH /usr/local/nvidia/bin:${PATH} ENV LD_LIBRARY_PATH /usr/lib/x86_64-linux-gnu:/usr/lib/i386-linux-gnu${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}:/usr/local/nvidia/lib:/usr/local/nvidia/lib64 # Make all NVIDIA GPUs visible by default ENV NVIDIA_VISIBLE_DEVICES all # All NVIDIA driver capabilities should preferably be used, check `NVIDIA_DRIVER_CAPABILITIES` inside the container if things do not work ENV NVIDIA_DRIVER_CAPABILITIES all # Disable VSYNC for NVIDIA GPUs ENV __GL_SYNC_TO_VBLANK 0 # Anything above this line should always be kept the same between docker-nvidia-glx-desktop and docker-nvidia-egl-desktop # Default environment variables (password is "mypasswd") ENV TZ UTC ENV SIZEW 1920 ENV SIZEH 1080 ENV REFRESH 60 ENV DPI 96 ENV CDEPTH 24 ENV VIDEO_PORT DFP ENV PASSWD mypasswd ENV NOVNC_ENABLE false ENV WEBRTC_ENCODER nvh264enc ENV WEBRTC_ENABLE_RESIZE false ENV ENABLE_BASIC_AUTH true # Set versions for components that should be manually checked before upgrading, other component versions are automatically determined by fetching the version online ARG NOVNC_VERSION=1.4.0 # Install Xorg and NVIDIA driver installer dependencies RUN apt-get update && apt-get install --no-install-recommends -y \ kmod \ libc6-dev \ libc6:i386 \ libpci3 \ libelf-dev \ pkg-config \ xorg && \ rm -rf /var/lib/apt/lists/* # Anything below this line should always be kept the same between docker-nvidia-glx-desktop and docker-nvidia-egl-desktop # Install KDE and other GUI packages ENV XDG_CURRENT_DESKTOP KDE ENV XDG_SESSION_DESKTOP KDE ENV XDG_SESSION_TYPE x11 ENV DESKTOP_SESSION plasma ENV KDE_FULL_SESSION true ENV KWIN_COMPOSE N ENV KWIN_X11_NO_SYNC_TO_VBLANK 1 # Use sudoedit to change protected files instead of using sudo on kate ENV SUDO_EDITOR kate # Set input to fcitx ENV GTK_IM_MODULE fcitx ENV QT_IM_MODULE fcitx ENV XIM fcitx ENV XMODIFIERS "@im=fcitx" # Enable AppImage execution in containers ENV APPIMAGE_EXTRACT_AND_RUN 1 RUN mkdir -pm755 /etc/apt/preferences.d && echo "Package: firefox*\n\ Pin: version 1:1snap*\n\ Pin-Priority: -1" > /etc/apt/preferences.d/firefox-nosnap && \ mkdir -pm755 /etc/apt/trusted.gpg.d && curl -fsSL "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x0AB215679C571D1C8325275B9BDB3D89CE49EC21" | gpg --dearmor -o /etc/apt/trusted.gpg.d/mozillateam-ubuntu-ppa.gpg && \ mkdir -pm755 /etc/apt/sources.list.d && echo "deb https://ppa.launchpadcontent.net/mozillateam/ppa/ubuntu $(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2 | tr -d '\"') main" > "/etc/apt/sources.list.d/mozillateam-ubuntu-ppa-$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2 | tr -d '\"').list" && \ apt-get update && apt-get install --no-install-recommends -y \ kde-plasma-desktop \ adwaita-icon-theme-full \ appmenu-gtk3-module \ ark \ aspell \ aspell-en \ breeze \ breeze-cursor-theme \ breeze-gtk-theme \ breeze-icon-theme \ debconf-kde-helper \ desktop-file-utils \ dolphin \ dolphin-plugins \ dbus-x11 \ enchant-2 \ fcitx \ fcitx-frontend-gtk2 \ fcitx-frontend-gtk3 \ fcitx-frontend-qt5 \ fcitx-module-dbus \ fcitx-module-kimpanel \ fcitx-module-lua \ fcitx-module-x11 \ fcitx-tools \ fcitx-hangul \ fcitx-libpinyin \ fcitx-m17n \ fcitx-mozc \ fcitx-sayura \ fcitx-unikey \ filelight \ frameworkintegration \ gwenview \ haveged \ hunspell \ im-config \ kate \ kcalc \ kcharselect \ kdeadmin \ kde-config-fcitx \ kde-config-gtk-style \ kde-config-gtk-style-preview \ kdeconnect \ kdegraphics-thumbnailers \ kde-spectacle \ kdf \ kdialog \ kget \ kimageformat-plugins \ kinfocenter \ kio \ kio-extras \ kmag \ kmenuedit \ kmix \ kmousetool \ kmouth \ ksshaskpass \ ktimer \ kwayland-integration \ kwin-addons \ kwin-x11 \ libdbusmenu-glib4 \ libdbusmenu-gtk3-4 \ libgail-common \ libgdk-pixbuf2.0-bin \ libgtk2.0-bin \ libgtk-3-bin \ libkf5baloowidgets-bin \ libkf5dbusaddons-bin \ libkf5iconthemes-bin \ libkf5kdelibs4support5-bin \ libkf5khtml-bin \ libkf5parts-plugins \ libqt5multimedia5-plugins \ librsvg2-common \ media-player-info \ okular \ okular-extra-backends \ partitionmanager \ plasma-browser-integration \ plasma-calendar-addons \ plasma-dataengines-addons \ plasma-discover \ plasma-integration \ plasma-runners-addons \ plasma-widgets-addons \ policykit-desktop-privileges \ polkit-kde-agent-1 \ print-manager \ qapt-deb-installer \ qml-module-org-kde-runnermodel \ qml-module-org-kde-qqc2desktopstyle \ qml-module-qtgraphicaleffects \ qml-module-qtquick-xmllistmodel \ qt5-gtk-platformtheme \ qt5-image-formats-plugins \ qt5-style-plugins \ qtspeech5-flite-plugin \ qtvirtualkeyboard-plugin \ software-properties-qt \ sonnet-plugins \ sweeper \ systemsettings \ ubuntu-drivers-common \ vlc \ vlc-l10n \ vlc-plugin-access-extra \ vlc-plugin-notify \ vlc-plugin-samba \ vlc-plugin-skins2 \ vlc-plugin-video-splitter \ vlc-plugin-visualization \ xdg-desktop-portal-kde \ xdg-user-dirs \ firefox \ pavucontrol-qt \ transmission-qt && \ apt-get install --install-recommends -y \ libreoffice \ libreoffice-kf5 \ libreoffice-plasma \ libreoffice-style-breeze && \ rm -rf /var/lib/apt/lists/* && \ # Ensure Firefox is the default web browser update-alternatives --set x-www-browser /usr/bin/firefox && \ # Fix KDE startup permissions issues in containers cp -f /usr/lib/x86_64-linux-gnu/libexec/kf5/start_kdeinit /tmp/ && \ rm -f /usr/lib/x86_64-linux-gnu/libexec/kf5/start_kdeinit && \ cp -r /tmp/start_kdeinit /usr/lib/x86_64-linux-gnu/libexec/kf5/start_kdeinit && \ rm -f /tmp/start_kdeinit && \ # KDE disable screen lock, double-click to open instead of single-click echo "[Daemon]\n\ Autolock=false\n\ LockOnResume=false" > /etc/xdg/kscreenlockerrc && \ echo "[KDE]\n\ SingleClick=false\n\ \n\ [KDE Action Restrictions]\n\ action/lock_screen=false\n\ logout=false" > /etc/xdg/kdeglobals # Wine, Winetricks, Lutris, and PlayOnLinux, this process must be consistent with https://wiki.winehq.org/Ubuntu ARG WINE_BRANCH=staging RUN mkdir -pm755 /etc/apt/keyrings && curl -fsSL -o /etc/apt/keyrings/winehq-archive.key "https://dl.winehq.org/wine-builds/winehq.key" && \ curl -fsSL -o "/etc/apt/sources.list.d/winehq-$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2 | tr -d '\"').sources" "https://dl.winehq.org/wine-builds/ubuntu/dists/$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2 | tr -d '\"')/winehq-$(grep UBUNTU_CODENAME= /etc/os-release | cut -d= -f2 | tr -d '\"').sources" && \ apt-get update && apt-get install --install-recommends -y \ winehq-${WINE_BRANCH} && \ apt-get install --no-install-recommends -y \ q4wine \ playonlinux && \ LUTRIS_VERSION="$(curl -fsSL "https://api.github.com/repos/lutris/lutris/releases/latest" | jq -r '.tag_name' | sed 's/[^0-9\.\-]*//g')" && \ curl -fsSL -O "https://github.com/lutris/lutris/releases/download/v${LUTRIS_VERSION}/lutris_${LUTRIS_VERSION}_all.deb" && \ apt-get install --no-install-recommends -y ./lutris_${LUTRIS_VERSION}_all.deb && rm -f "./lutris_${LUTRIS_VERSION}_all.deb" && \ rm -rf /var/lib/apt/lists/* && \ curl -fsSL -o /usr/bin/winetricks "https://raw.githubusercontent.com/Winetricks/winetricks/master/src/winetricks" && \ chmod 755 /usr/bin/winetricks && \ curl -fsSL -o /usr/share/bash-completion/completions/winetricks "https://raw.githubusercontent.com/Winetricks/winetricks/master/src/winetricks.bash-completion" # Install latest Selkies-GStreamer (https://github.com/selkies-project/selkies-gstreamer) build, Python application, and web application, should be consistent with selkies-gstreamer documentation RUN apt-get update && apt-get install --no-install-recommends -y \ # GStreamer dependencies python3-pip \ python3-dev \ python3-gi \ python3-setuptools \ python3-wheel \ udev \ wmctrl \ jq \ gdebi-core \ libgdk-pixbuf2.0-0 \ libgtk2.0-bin \ libgl-dev \ libgles-dev \ libglvnd-dev \ libgudev-1.0-0 \ xclip \ x11-utils \ xdotool \ x11-xserver-utils \ xserver-xorg-core \ wayland-protocols \ libwayland-dev \ libwayland-egl1 \ libx11-xcb1 \ libxkbcommon0 \ libxdamage1 \ libsoup2.4-1 \ libsoup-gnome2.4-1 \ libsrtp2-1 \ lame \ libopus0 \ libwebrtc-audio-processing1 \ pulseaudio \ libpulse0 \ libcairo-gobject2 \ libpangocairo-1.0-0 \ libgirepository-1.0-1 \ libopenjp2-7 \ libjpeg-dev \ libwebp-dev \ libvpx-dev \ zlib1g-dev \ x264 \ # AMD/Intel graphics driver dependencies va-driver-all \ i965-va-driver-shaders \ intel-media-va-driver-non-free \ libva2 \ vainfo \ intel-gpu-tools \ radeontop && \ if [ "$(grep VERSION_ID= /etc/os-release | cut -d= -f2 | tr -d '\"')" \> "20.04" ]; then apt-get install --no-install-recommends -y xcvt; fi && \ rm -rf /var/lib/apt/lists/* && \ # Automatically fetch the latest selkies-gstreamer version and install the components SELKIES_VERSION="$(curl -fsSL "https://api.github.com/repos/selkies-project/selkies-gstreamer/releases/latest" | jq -r '.tag_name' | sed 's/[^0-9\.\-]*//g')" && \ cd /opt && curl -fsSL "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies-gstreamer-v${SELKIES_VERSION}-ubuntu$(grep VERSION_ID= /etc/os-release | cut -d= -f2 | tr -d '\"').tgz" | tar -zxf - && \ # Extract NVRTC dependency, https://developer.download.nvidia.com/compute/cuda/redist/cuda_nvrtc/LICENSE.txt cd /tmp && curl -fsSL -o nvidia_cuda_nvrtc_linux_x86_64.whl "https://developer.download.nvidia.com/compute/redist/nvidia-cuda-nvrtc/nvidia_cuda_nvrtc-11.0.221-cp36-cp36m-linux_x86_64.whl" && unzip -joq -d ./nvrtc nvidia_cuda_nvrtc_linux_x86_64.whl && cd nvrtc && chmod 755 libnvrtc* && find . -maxdepth 1 -type f -name "*libnvrtc.so.*" -exec sh -c 'ln -snf $(basename {}) libnvrtc.so' \; && mv -f libnvrtc* /opt/gstreamer/lib/x86_64-linux-gnu/ && cd /tmp && rm -rf /tmp/* && \ cd /tmp && curl -fsSL -O "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies_gstreamer-${SELKIES_VERSION}-py3-none-any.whl" && pip3 install "selkies_gstreamer-${SELKIES_VERSION}-py3-none-any.whl" && rm -f "selkies_gstreamer-${SELKIES_VERSION}-py3-none-any.whl" && \ cd /opt && curl -fsSL "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies-gstreamer-web-v${SELKIES_VERSION}.tgz" | tar -zxf - && \ cd /tmp && curl -fsSL -o selkies-js-interposer.deb "https://github.com/selkies-project/selkies-gstreamer/releases/download/v${SELKIES_VERSION}/selkies-js-interposer-v${SELKIES_VERSION}-ubuntu$(grep VERSION_ID= /etc/os-release | cut -d= -f2 | tr -d '\"').deb" && apt-get update && apt-get install --no-install-recommends -y ./selkies-js-interposer.deb && rm -f ./selkies-js-interposer.deb && rm -rf /var/lib/apt/lists/* /tmp/* # Add configuration for Selkies-GStreamer Joystick interposer ENV LD_PRELOAD /usr/local/lib/selkies-js-interposer/joystick_interposer.so${LD_PRELOAD:+:${LD_PRELOAD}} ENV SDL_JOYSTICK_DEVICE /dev/input/js0 # Install the noVNC web interface and the latest x11vnc for fallback RUN apt-get update && apt-get install --no-install-recommends -y \ autoconf \ automake \ autotools-dev \ chrpath \ debhelper \ git \ jq \ python3 \ python3-numpy \ libc6-dev \ libcairo2-dev \ libjpeg-turbo8-dev \ libssl-dev \ libv4l-dev \ libvncserver-dev \ libtool-bin \ libxdamage-dev \ libxinerama-dev \ libxrandr-dev \ libxss-dev \ libxtst-dev \ libavahi-client-dev && \ rm -rf /var/lib/apt/lists/* && \ # Build the latest x11vnc source to avoid various errors git clone "https://github.com/LibVNC/x11vnc.git" /tmp/x11vnc && \ cd /tmp/x11vnc && autoreconf -fi && ./configure && make install && cd / && rm -rf /tmp/* && \ curl -fsSL "https://github.com/novnc/noVNC/archive/v${NOVNC_VERSION}.tar.gz" | tar -xzf - -C /opt && \ mv -f "/opt/noVNC-${NOVNC_VERSION}" /opt/noVNC && \ cd /opt/noVNC && ln -snf vnc.html index.html && \ # Use the latest Websockify source to expose noVNC git clone "https://github.com/novnc/websockify.git" /opt/noVNC/utils/websockify # Add custom packages right below this comment, or use FROM in a new container and replace entrypoint.sh or supervisord.conf, and set ENTRYPOINT to /usr/bin/supervisord # Create user with password ${PASSWD} and assign adequate groups RUN apt-get update && apt-get install --no-install-recommends -y \ sudo \ tzdata && \ rm -rf /var/lib/apt/lists/* && \ groupadd -g 1000 user && \ useradd -ms /bin/bash user -u 1000 -g 1000 && \ usermod -a -G adm,audio,cdrom,dialout,dip,fax,floppy,input,lp,lpadmin,plugdev,pulse-access,scanner,ssl-cert,sudo,tape,tty,video,voice user && \ echo "user ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \ chown user:user /home/user && \ echo "user:${PASSWD}" | chpasswd && \ ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime && echo "$TZ" > /etc/timezone # Copy scripts and configurations used to start the container COPY entrypoint.sh /etc/entrypoint.sh RUN chmod 755 /etc/entrypoint.sh COPY selkies-gstreamer-entrypoint.sh /etc/selkies-gstreamer-entrypoint.sh RUN chmod 755 /etc/selkies-gstreamer-entrypoint.sh COPY supervisord.conf /etc/supervisord.conf RUN chmod 755 /etc/supervisord.conf EXPOSE 8080 USER 1000 ENV SHELL /bin/bash ENV USER user WORKDIR /home/user ENTRYPOINT ["/usr/bin/supervisord"]