Merge pull request #12 from linuxserver/trixie

rebase to trixie

Dockerfile

@@ -1,4 +1,6 @@
-FROM ghcr.io/linuxserver/baseimage-selkies:debianbookworm
+# syntax=docker/dockerfile:1
+
+FROM ghcr.io/linuxserver/baseimage-selkies:debiantrixie
 
 # set version label
 ARG BUILD_DATE
@@ -18,11 +20,11 @@ RUN \
   echo "**** install packages ****" && \
   apt-get update && \
   apt-get install --no-install-recommends -y \
+    caja \
     chromium \
     chromium-l10n \
     git \
     ssh-askpass \
-    thunar \
     xfce4-terminal && \
   echo "**** install github-desktop ****" && \
   if [ -z ${GHDESKTOP_VERSION+x} ]; then \

Dockerfile.aarch64

@@ -1,4 +1,6 @@
-FROM ghcr.io/linuxserver/baseimage-selkies:arm64v8-debianbookworm
+# syntax=docker/dockerfile:1
+
+FROM ghcr.io/linuxserver/baseimage-selkies:arm64v8-debiantrixie
 
 # set version label
 ARG BUILD_DATE
@@ -18,11 +20,11 @@ RUN \
   echo "**** install packages ****" && \
   apt-get update && \
   apt-get install --no-install-recommends -y \
+    caja \
     chromium \
     chromium-l10n \
     git \
     ssh-askpass \
-    thunar \
     xfce4-terminal && \
   echo "**** install github-desktop ****" && \
   if [ -z ${GHDESKTOP_VERSION+x} ]; then \

README.md

@@ -222,8 +222,6 @@ services:
     container_name: github-desktop
     cap_add:
       - IPC_LOCK
-    security_opt:
-      - seccomp:unconfined #optional
     environment:
       - PUID=1000
       - PGID=1000
@@ -243,7 +241,6 @@ services:
 docker run -d \
   --name=github-desktop \
   --cap-add=IPC_LOCK \
-  --security-opt seccomp=unconfined `#optional` \
   -e PUID=1000 \
   -e PGID=1000 \
   -e TZ=Etc/UTC \
@@ -268,7 +265,6 @@ Containers are configured using parameters passed at runtime (such as those abov
 | `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). |
 | `-v /config` | Users home directory in the container, stores local files and settings |
 | `--shm-size=` | This is needed for electron applications to function properly. |
-| `--security-opt seccomp=unconfined` | For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker. Github Desktop runs in no-sandbox mode without it. |
 | `--cap-add=IPC_LOCK` | Required for keyring functionality. |
 
 ### Portainer notice
@@ -437,6 +433,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **22.09.25:** - Rebase to Debian Trixie.
 * **12.07.25:** - Rebase to Selkies, HTTPS IS NOW REQUIRED.
 * **10.02.24:** - Update Readme with new env vars and ingest proper PWA icon.
 * **03.08.23:** - Rebase to Bookworm and multi arch.

readme-vars.yml

@@ -26,9 +26,6 @@ custom_params:
 cap_add_param: true
 cap_add_param_vars:
   - {cap_add_var: "IPC_LOCK", desc: "Required for keyring functionality."}
-opt_security_opt_param: true
-opt_security_opt_param_vars:
-  - {run_var: "seccomp=unconfined", compose_var: "seccomp:unconfined", desc: "For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker. Github Desktop runs in no-sandbox mode without it."}
 # Selkies blurb settings
 selkies_blurb: true
 show_nvidia: true
@@ -108,6 +105,7 @@ init_diagram: |
   "github-desktop:latest" <- Base Images
 # changelog
 changelogs:
+  - {date: "22.09.25:", desc: "Rebase to Debian Trixie."}
   - {date: "12.07.25:", desc: "Rebase to Selkies, HTTPS IS NOW REQUIRED."}
   - {date: "10.02.24:", desc: "Update Readme with new env vars and ingest proper PWA icon."}
   - {date: "03.08.23:", desc: "Rebase to Bookworm and multi arch."}

root/defaults/autostart

@@ -1,3 +1,3 @@
 #! /bin/bash
-xdg-mime default thunar.desktop inode/directory
+xdg-mime default caja.desktop inode/directory
 dbus-launch github-desktop

root/defaults/menu.xml

@@ -5,6 +5,6 @@
 <item label="Github Desktop" icon="/usr/share/icons/hicolor/64x64/apps/github-desktop.png"><action name="Execute"><command>/usr/bin/github-desktop</command></action></item>
 <item label="Chromium" icon="/usr/share/icons/hicolor/48x48/apps/chromium.png"><action name="Execute"><command>/usr/bin/chromium</command></action></item>
 <item label="VSCodium" icon="/usr/share/pixmaps/vscodium.png"><action name="Execute"><command>/usr/bin/codium</command></action></item>
-<item label="File Manager" icon="/usr/share/icons/hicolor/scalable/apps/org.xfce.thunar.svg"><action name="Execute"><command>/usr/bin/thunar</command></action></item>
+<item label="File Manager" icon="/usr/share/icons/Adwaita/symbolic/legacy/system-file-manager-symbolic.svg"><action name="Execute"><command>/usr/bin/caja</command></action></item>
 </menu>
 </openbox_menu>

root/usr/bin/chromium

@@ -7,9 +7,4 @@ if ! pgrep chromium > /dev/null;then
   rm -f $HOME/.config/chromium/Singleton*
 fi
 
-# Run normally on privved containers or modified un non priv
-if grep -q 'Seccomp:.0' /proc/1/status; then
-  ${BIN} --password-store=basic "$@"
-else
-  ${BIN} --password-store=basic --no-sandbox --test-type "$@"
-fi
+${BIN} --password-store=basic --no-sandbox --test-type "$@"

root/usr/bin/codium

@@ -2,12 +2,6 @@
 
 BIN=/usr/share/codium/bin/codium
 
-# Run normally on privved containers or modified un non priv
-if grep -q 'Seccomp:.0' /proc/1/status; then
-  ${BIN} \
-   "$@"
-else
-  ${BIN} \
+${BIN} \
   --no-sandbox \
    "$@"
-fi

root/usr/bin/github-desktop

@@ -2,9 +2,4 @@
 
 BIN=/usr/lib/github-desktop/github-desktop
 
-# Run normally on privved containers or modified un non priv
-if grep -q 'Seccomp:.0' /proc/1/status; then
-  dbus-launch ${BIN} --password-store=basic "$@"
-else
-  dbus-launch ${BIN} --password-store=basic --no-sandbox --test-type "$@"
-fi
+dbus-launch ${BIN} --password-store=basic --no-sandbox --test-type "$@"