From 370ccabf729ea617ba31383d2e24dbae232efd86 Mon Sep 17 00:00:00 2001 From: thelamer Date: Wed, 8 Mar 2023 15:36:29 -0800 Subject: [PATCH] updating arch to new format and adding dri3 support --- Dockerfile | 53 +++++++++++++---- Dockerfile.aarch64 | 58 +++++++++++++++---- .../nginx/conf.d => defaults}/default.conf | 4 ++ .../{init-keygen => init-nginx} | 0 root/etc/s6-overlay/s6-rc.d/init-keygen/run | 12 ---- root/etc/s6-overlay/s6-rc.d/init-keygen/up | 1 - .../dependencies.d/init-os-end | 0 root/etc/s6-overlay/s6-rc.d/init-nginx/run | 30 ++++++++++ .../s6-rc.d/{init-keygen => init-nginx}/type | 0 root/etc/s6-overlay/s6-rc.d/init-nginx/up | 1 + root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/run | 10 ++++ .../contents.d/{init-keygen => init-nginx} | 0 12 files changed, 134 insertions(+), 35 deletions(-) rename root/{etc/nginx/conf.d => defaults}/default.conf (96%) rename root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/dependencies.d/{init-keygen => init-nginx} (100%) delete mode 100755 root/etc/s6-overlay/s6-rc.d/init-keygen/run delete mode 100644 root/etc/s6-overlay/s6-rc.d/init-keygen/up rename root/etc/s6-overlay/s6-rc.d/{init-keygen => init-nginx}/dependencies.d/init-os-end (100%) create mode 100755 root/etc/s6-overlay/s6-rc.d/init-nginx/run rename root/etc/s6-overlay/s6-rc.d/{init-keygen => init-nginx}/type (100%) create mode 100644 root/etc/s6-overlay/s6-rc.d/init-nginx/up rename root/etc/s6-overlay/s6-rc.d/user/contents.d/{init-keygen => init-nginx} (100%) diff --git a/Dockerfile b/Dockerfile index a2c13ff..8c37f92 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,36 @@ # syntax=docker/dockerfile:1 +FROM node:12-buster as wwwstage + +ARG KASMWEB_RELEASE="master" + +RUN \ + echo "**** build clientside ****" && \ + export QT_QPA_PLATFORM=offscreen && \ + export QT_QPA_FONTDIR=/usr/share/fonts && \ + mkdir /src && \ + cd /src && \ + wget https://github.com/kasmtech/noVNC/tarball/${KASMWEB_RELEASE} -O - \ + | tar --strip-components=1 -xz && \ + npm install && \ + npm run-script build + +RUN \ + echo "**** organize output ****" && \ + mkdir /build-out && \ + cd /src && \ + rm -rf node_modules/ && \ + cp -R ./* /build-out/ && \ + cd /build-out && \ + rm *.md && \ + rm AUTHORS && \ + cp index.html vnc.html + FROM ghcr.io/linuxserver/baseimage-arch:latest as buildstage -ARG KASMVNC_RELEASE="1.0.1" -ARG KASMWEB_RELEASE="develop" +ARG KASMVNC_RELEASE="master" + +COPY --from=wwwstage /build-out /www RUN \ echo "**** install build deps ****" && \ @@ -31,6 +58,7 @@ RUN \ libxrandr \ libxshmfence \ libxtst \ + mesa \ mesa-libgl \ meson \ patch \ @@ -64,14 +92,14 @@ RUN \ . && \ make -j4 && \ echo "**** build xorg ****" && \ - XORG_VER="1.20.7" && \ + XORG_VER="1.20.14" && \ XORG_PATCH=$(echo "$XORG_VER" | grep -Po '^\d.\d+' | sed 's#\.##') && \ wget --no-check-certificate \ - -O /tmp/xorg-server-${XORG_VER}.tar.bz2 \ - "https://www.x.org/archive/individual/xserver/xorg-server-${XORG_VER}.tar.bz2" && \ + -O /tmp/xorg-server-${XORG_VER}.tar.gz \ + "https://www.x.org/archive/individual/xserver/xorg-server-${XORG_VER}.tar.gz" && \ tar --strip-components=1 \ -C unix/xserver \ - -xf /tmp/xorg-server-${XORG_VER}.tar.bz2 && \ + -xf /tmp/xorg-server-${XORG_VER}.tar.gz && \ cd unix/xserver && \ patch -Np1 -i ../xserver${XORG_PATCH}.patch && \ patch -s -p0 < ../CVE-2022-2320-v1.20.patch && \ @@ -98,7 +126,7 @@ RUN \ --disable-dri2 \ --enable-glx \ --disable-xwayland \ - --disable-dri3 && \ + --enable-dri3 && \ find . -name "Makefile" -exec sed -i 's/-Werror=array-bounds//g' {} \; && \ make -j4 && \ echo "**** generate final output ****" && \ @@ -115,8 +143,7 @@ RUN \ ln -s /usr/lib64/dri dri && \ cd /src && \ mkdir -p builder/www && \ - curl -s https://kasm-ci.s3.amazonaws.com/kasmweb-${KASMWEB_RELEASE}.tar.gz \ - | tar xzf - -C builder/www && \ + cp -ax /www/* builder/www/ && \ cp builder/www/index.html builder/www/vnc.html && \ make servertarball && \ mkdir /build-out && \ @@ -138,12 +165,11 @@ RUN \ nodejs \ npm \ python3 - RUN \ echo "**** grab source ****" && \ mkdir -p /kclient && \ - if [ -z ${GCLIENT_RELEASE+x} ]; then \ + if [ -z ${KCLIENT_RELEASE+x} ]; then \ KCLIENT_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/kclient/releases/latest" \ | awk '/tag_name/{print $4;exit}' FS='[""]'); \ fi && \ @@ -194,6 +220,8 @@ RUN \ libva-mesa-driver \ libwebp \ libxfont2 \ + libxshmfence \ + mesa \ mesa-libgl \ nginx \ nodejs \ @@ -215,6 +243,8 @@ RUN \ xf86-video-amdgpu \ xf86-video-ati \ xf86-video-intel \ + xf86-video-nouveau \ + xf86-video-qxl \ xkeyboard-config \ xorg-setxkbmap \ xorg-xauth \ @@ -261,6 +291,7 @@ RUN \ locale-gen && \ sed -i '$d' /etc/nginx/nginx.conf && \ echo "include /etc/nginx/conf.d/*;}" >> /etc/nginx/nginx.conf && \ + mkdir -p /etc/nginx/conf.d && \ echo "**** cleanup ****" && \ pacman -Rsn --noconfirm \ git \ diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 8afd15d..e28aa9b 100644 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -1,9 +1,41 @@ # syntax=docker/dockerfile:1 +FROM node:12-buster as wwwstage + +ARG KASMWEB_RELEASE="master" + +RUN \ + echo "**** install build deps ****" && \ + apt-get update && \ + apt-get install -y phantomjs + +RUN \ + echo "**** build clientside ****" && \ + export QT_QPA_PLATFORM=offscreen && \ + export QT_QPA_FONTDIR=/usr/share/fonts && \ + mkdir /src && \ + cd /src && \ + wget https://github.com/kasmtech/noVNC/tarball/${KASMWEB_RELEASE} -O - \ + | tar --strip-components=1 -xz && \ + npm install && \ + npm run-script build + +RUN \ + echo "**** organize output ****" && \ + mkdir /build-out && \ + cd /src && \ + rm -rf node_modules/ && \ + cp -R ./* /build-out/ && \ + cd /build-out && \ + rm *.md && \ + rm AUTHORS && \ + cp index.html vnc.html + FROM ghcr.io/linuxserver/baseimage-arch:arm64v8-latest as buildstage -ARG KASMVNC_RELEASE="1.0.1" -ARG KASMWEB_RELEASE="develop" +ARG KASMVNC_RELEASE="master" + +COPY --from=wwwstage /build-out /www RUN \ echo "**** install build deps ****" && \ @@ -31,6 +63,7 @@ RUN \ libxrandr \ libxshmfence \ libxtst \ + mesa \ mesa-libgl \ meson \ patch \ @@ -64,14 +97,14 @@ RUN \ . && \ make -j4 && \ echo "**** build xorg ****" && \ - XORG_VER="1.20.7" && \ + XORG_VER="1.20.14" && \ XORG_PATCH=$(echo "$XORG_VER" | grep -Po '^\d.\d+' | sed 's#\.##') && \ wget --no-check-certificate \ - -O /tmp/xorg-server-${XORG_VER}.tar.bz2 \ - "https://www.x.org/archive/individual/xserver/xorg-server-${XORG_VER}.tar.bz2" && \ + -O /tmp/xorg-server-${XORG_VER}.tar.gz \ + "https://www.x.org/archive/individual/xserver/xorg-server-${XORG_VER}.tar.gz" && \ tar --strip-components=1 \ -C unix/xserver \ - -xf /tmp/xorg-server-${XORG_VER}.tar.bz2 && \ + -xf /tmp/xorg-server-${XORG_VER}.tar.gz && \ cd unix/xserver && \ patch -Np1 -i ../xserver${XORG_PATCH}.patch && \ patch -s -p0 < ../CVE-2022-2320-v1.20.patch && \ @@ -98,7 +131,7 @@ RUN \ --disable-dri2 \ --enable-glx \ --disable-xwayland \ - --disable-dri3 && \ + --enable-dri3 && \ find . -name "Makefile" -exec sed -i 's/-Werror=array-bounds//g' {} \; && \ make -j4 && \ echo "**** generate final output ****" && \ @@ -115,8 +148,7 @@ RUN \ ln -s /usr/lib/dri dri && \ cd /src && \ mkdir -p builder/www && \ - curl -s https://kasm-ci.s3.amazonaws.com/kasmweb-${KASMWEB_RELEASE}.tar.gz \ - | tar xzf - -C builder/www && \ + cp -ax /www/* builder/www/ && \ cp builder/www/index.html builder/www/vnc.html && \ make servertarball && \ mkdir /build-out && \ @@ -138,12 +170,11 @@ RUN \ nodejs \ npm \ python3 - RUN \ echo "**** grab source ****" && \ mkdir -p /kclient && \ - if [ -z ${GCLIENT_RELEASE+x} ]; then \ + if [ -z ${KCLIENT_RELEASE+x} ]; then \ KCLIENT_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/kclient/releases/latest" \ | awk '/tag_name/{print $4;exit}' FS='[""]'); \ fi && \ @@ -193,6 +224,8 @@ RUN \ libva-mesa-driver \ libwebp \ libxfont2 \ + libxshmfence \ + mesa \ mesa-libgl \ nginx \ nodejs \ @@ -211,6 +244,8 @@ RUN \ sudo \ vulkan-radeon \ xf86-video-amdgpu \ + xf86-video-nouveau \ + xf86-video-qxl \ xkeyboard-config \ xorg-setxkbmap \ xorg-xauth \ @@ -257,6 +292,7 @@ RUN \ locale-gen && \ sed -i '$d' /etc/nginx/nginx.conf && \ echo "include /etc/nginx/conf.d/*;}" >> /etc/nginx/nginx.conf && \ + mkdir -p /etc/nginx/conf.d && \ echo "**** cleanup ****" && \ pacman -Rsn --noconfirm \ git \ diff --git a/root/etc/nginx/conf.d/default.conf b/root/defaults/default.conf similarity index 96% rename from root/etc/nginx/conf.d/default.conf rename to root/defaults/default.conf index 32e6762..2dfebc4 100644 --- a/root/etc/nginx/conf.d/default.conf +++ b/root/defaults/default.conf @@ -1,4 +1,6 @@ server { + #auth_basic "Login"; + #auth_basic_user_file /etc/nginx/.htpasswd; listen 3000 default_server; listen [::]:3000 default_server; location / { @@ -47,6 +49,8 @@ server { } server { + #auth_basic "Login"; + #auth_basic_user_file /etc/nginx/.htpasswd; listen 3001 ssl; listen [::]:3001 ssl; ssl_certificate /config/ssl/cert.pem; diff --git a/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/dependencies.d/init-keygen b/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/dependencies.d/init-nginx similarity index 100% rename from root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/dependencies.d/init-keygen rename to root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/dependencies.d/init-nginx diff --git a/root/etc/s6-overlay/s6-rc.d/init-keygen/run b/root/etc/s6-overlay/s6-rc.d/init-keygen/run deleted file mode 100755 index c645f22..0000000 --- a/root/etc/s6-overlay/s6-rc.d/init-keygen/run +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/with-contenv bash - -if [ ! -f "/config/ssl/cert.pem" ]; then - mkdir -p /config/ssl - openssl req -new -x509 \ - -days 3650 -nodes \ - -out /config/ssl/cert.pem \ - -keyout /config/ssl/cert.key \ - -subj "/C=US/ST=CA/L=Carlsbad/O=Linuxserver.io/OU=LSIO Server/CN=*" - chmod 600 /config/ssl/cert.key - chown -R abc:abc /config/ssl -fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-keygen/up b/root/etc/s6-overlay/s6-rc.d/init-keygen/up deleted file mode 100644 index cacd3ec..0000000 --- a/root/etc/s6-overlay/s6-rc.d/init-keygen/up +++ /dev/null @@ -1 +0,0 @@ -/etc/s6-overlay/s6-rc.d/init-keygen/run diff --git a/root/etc/s6-overlay/s6-rc.d/init-keygen/dependencies.d/init-os-end b/root/etc/s6-overlay/s6-rc.d/init-nginx/dependencies.d/init-os-end similarity index 100% rename from root/etc/s6-overlay/s6-rc.d/init-keygen/dependencies.d/init-os-end rename to root/etc/s6-overlay/s6-rc.d/init-nginx/dependencies.d/init-os-end diff --git a/root/etc/s6-overlay/s6-rc.d/init-nginx/run b/root/etc/s6-overlay/s6-rc.d/init-nginx/run new file mode 100755 index 0000000..035bae8 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-nginx/run @@ -0,0 +1,30 @@ +#!/usr/bin/with-contenv bash + +# nginx Path +NGINX_CONFIG=/etc/nginx/conf.d/default.conf + +# user passed env vars +CPORT="${CUSTOM_PORT:-3000}" +CHPORT="${CUSTOM_HTTPS_PORT:-3001}" +CUSER="${CUSTOM_USER:-abc}" + +# create self signed cert +if [ ! -f "/config/ssl/cert.pem" ]; then + mkdir -p /config/ssl + openssl req -new -x509 \ + -days 3650 -nodes \ + -out /config/ssl/cert.pem \ + -keyout /config/ssl/cert.key \ + -subj "/C=US/ST=CA/L=Carlsbad/O=Linuxserver.io/OU=LSIO Server/CN=*" + chmod 600 /config/ssl/cert.key + chown -R abc:abc /config/ssl +fi + +# modify nginx config +cp /defaults/default.conf ${NGINX_CONFIG} +sed -i "s/3000/$CPORT/g" ${NGINX_CONFIG} +sed -i "s/3001/$CHPORT/g" ${NGINX_CONFIG} +if [ ! -z ${PASSWORD+x} ]; then + printf "${CUSER}:$(openssl passwd -apr1 ${PASSWORD})\n" > /etc/nginx/.htpasswd + sed -i 's/#//g' ${NGINX_CONFIG} +fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-keygen/type b/root/etc/s6-overlay/s6-rc.d/init-nginx/type similarity index 100% rename from root/etc/s6-overlay/s6-rc.d/init-keygen/type rename to root/etc/s6-overlay/s6-rc.d/init-nginx/type diff --git a/root/etc/s6-overlay/s6-rc.d/init-nginx/up b/root/etc/s6-overlay/s6-rc.d/init-nginx/up new file mode 100644 index 0000000..b3b5b49 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-nginx/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-nginx/run diff --git a/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/run b/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/run index c18e901..245820d 100755 --- a/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/run +++ b/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/run @@ -1,7 +1,17 @@ #!/usr/bin/with-contenv bash +# Pass gpu flags if mounted +if [ -e /dev/dri/renderD* ]; then + HW3D="-hw3d" +fi +if [ -z ${DRINODE+x} ]; then + DRINODE="/dev/dri/renderD128" +fi + s6-setuidgid abc \ /usr/local/bin/Xvnc $DISPLAY \ + ${HW3D} \ + -drinode ${DRINODE} \ -disableBasicAuth \ -SecurityTypes None \ -AlwaysShared \ diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-keygen b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-nginx similarity index 100% rename from root/etc/s6-overlay/s6-rc.d/user/contents.d/init-keygen rename to root/etc/s6-overlay/s6-rc.d/user/contents.d/init-nginx