LAB-linuxserver/docker-documentation
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-documentation.git synced 2026-02-19 18:14:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Bot Updating Documentation

Browse Source
This commit is contained in:
LinuxServer-CI 2025-09-23 13:49:21 +00:00
parent 7168c24055
commit b129628b83
No known key found for this signature in database
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/images/docker-zotero.md
View File

@ -40,7 +40,6 @@ The architectures supported by this image are:
The application can be accessed at:
* http://yourhost:3000/
* https://yourhost:3001/
### Strict reverse proxies
@ -62,6 +61,8 @@ By default, this container has no authentication. The optional `CUSTOM_USER` and
The web interface includes a terminal with passwordless `sudo` access. Any user with access to the GUI can gain root control within the container, install arbitrary software, and probe your local network.
While not generally recommended, certain legacy environments specifically those with older hardware or outdated Linux distributions may require the deactivation of the standard seccomp profile to get containerized desktop software to run. This can be achieved by utilizing the `--security-opt seccomp=unconfined` parameter. It is critical to use this option only when absolutely necessary as it disables a key security layer of Docker, elevating the potential for container escape vulnerabilities.
### Options in all Selkies-based GUI containers
This container is based on [Docker Baseimage Selkies](https://github.com/linuxserver/docker-baseimage-selkies), which provides the following environment variables and run configurations to customize its functionality.
@ -206,8 +207,6 @@ services:
zotero:
image: lscr.io/linuxserver/zotero:latest
container_name: zotero
security_opt:
- seccomp:unconfined #optional
environment:
- PUID=1000
- PGID=1000
@ -226,7 +225,6 @@ services:
```bash
docker run -d \
--name=zotero \
--security-opt seccomp=unconfined `#optional` \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
@ -268,7 +266,6 @@ Containers are configured using parameters passed at runtime (such as those abov
| Parameter | Function |
| :-----: | --- |
| `--shm-size=` | This is needed for Chromium to function properly. |
| `--security-opt seccomp=unconfined` | For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker. Chromium runs in no-sandbox mode without it. |
## Environment variables from files (Docker secrets)
@ -499,13 +496,14 @@ To help with development, we generate this dependency graph.
svc-xsettingsd -> legacy-services
}
Base Images: {
"baseimage-selkies:debianbookworm" <- "baseimage-debian:bookworm"
"baseimage-selkies:debiantrixie" <- "baseimage-debian:trixie"
}
"zotero:latest" <- Base Images
```
## Versions
* **22.09.25:** - Rebase to Debian Trixie.
* **12.07.25:** - Rebase to Selkies, HTTPS IS NOW REQUIRED.
* **03.04.25:** - Update chromium launch options to improve performance.
* **10.02.24:** - Update Readme with new env vars and ingest proper PWA icon.