diff --git a/Dockerfile b/Dockerfile
index 117b992..1558774 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,6 @@
-FROM ghcr.io/linuxserver/baseimage-selkies:debianbookworm
+# syntax=docker/dockerfile:1
+
+FROM ghcr.io/linuxserver/baseimage-selkies:debiantrixie
# set version label
ARG BUILD_DATE
@@ -18,11 +20,11 @@ RUN \
echo "**** install packages ****" && \
apt-get update && \
apt-get install --no-install-recommends -y \
+ caja \
chromium \
chromium-l10n \
git \
ssh-askpass \
- thunar \
xfce4-terminal && \
echo "**** install github-desktop ****" && \
if [ -z ${GHDESKTOP_VERSION+x} ]; then \
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index 2789f79..b9082fa 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -1,4 +1,6 @@
-FROM ghcr.io/linuxserver/baseimage-selkies:arm64v8-debianbookworm
+# syntax=docker/dockerfile:1
+
+FROM ghcr.io/linuxserver/baseimage-selkies:arm64v8-debiantrixie
# set version label
ARG BUILD_DATE
@@ -18,11 +20,11 @@ RUN \
echo "**** install packages ****" && \
apt-get update && \
apt-get install --no-install-recommends -y \
+ caja \
chromium \
chromium-l10n \
git \
ssh-askpass \
- thunar \
xfce4-terminal && \
echo "**** install github-desktop ****" && \
if [ -z ${GHDESKTOP_VERSION+x} ]; then \
diff --git a/README.md b/README.md
index 29f93c0..5c5ebd0 100644
--- a/README.md
+++ b/README.md
@@ -222,8 +222,6 @@ services:
container_name: github-desktop
cap_add:
- IPC_LOCK
- security_opt:
- - seccomp:unconfined #optional
environment:
- PUID=1000
- PGID=1000
@@ -243,7 +241,6 @@ services:
docker run -d \
--name=github-desktop \
--cap-add=IPC_LOCK \
- --security-opt seccomp=unconfined `#optional` \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
@@ -268,7 +265,6 @@ Containers are configured using parameters passed at runtime (such as those abov
| `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). |
| `-v /config` | Users home directory in the container, stores local files and settings |
| `--shm-size=` | This is needed for electron applications to function properly. |
-| `--security-opt seccomp=unconfined` | For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker. Github Desktop runs in no-sandbox mode without it. |
| `--cap-add=IPC_LOCK` | Required for keyring functionality. |
### Portainer notice
@@ -437,6 +433,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
+* **22.09.25:** - Rebase to Debian Trixie.
* **12.07.25:** - Rebase to Selkies, HTTPS IS NOW REQUIRED.
* **10.02.24:** - Update Readme with new env vars and ingest proper PWA icon.
* **03.08.23:** - Rebase to Bookworm and multi arch.
diff --git a/readme-vars.yml b/readme-vars.yml
index aa4618d..9c2f42a 100644
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -26,9 +26,6 @@ custom_params:
cap_add_param: true
cap_add_param_vars:
- {cap_add_var: "IPC_LOCK", desc: "Required for keyring functionality."}
-opt_security_opt_param: true
-opt_security_opt_param_vars:
- - {run_var: "seccomp=unconfined", compose_var: "seccomp:unconfined", desc: "For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker. Github Desktop runs in no-sandbox mode without it."}
# Selkies blurb settings
selkies_blurb: true
show_nvidia: true
@@ -108,6 +105,7 @@ init_diagram: |
"github-desktop:latest" <- Base Images
# changelog
changelogs:
+ - {date: "22.09.25:", desc: "Rebase to Debian Trixie."}
- {date: "12.07.25:", desc: "Rebase to Selkies, HTTPS IS NOW REQUIRED."}
- {date: "10.02.24:", desc: "Update Readme with new env vars and ingest proper PWA icon."}
- {date: "03.08.23:", desc: "Rebase to Bookworm and multi arch."}
diff --git a/root/defaults/autostart b/root/defaults/autostart
index 1eb5091..bfd0006 100644
--- a/root/defaults/autostart
+++ b/root/defaults/autostart
@@ -1,3 +1,3 @@
#! /bin/bash
-xdg-mime default thunar.desktop inode/directory
+xdg-mime default caja.desktop inode/directory
dbus-launch github-desktop
diff --git a/root/defaults/menu.xml b/root/defaults/menu.xml
index 4de45a0..b8369b0 100644
--- a/root/defaults/menu.xml
+++ b/root/defaults/menu.xml
@@ -5,6 +5,6 @@
- /usr/bin/github-desktop
- /usr/bin/chromium
- /usr/bin/codium
-- /usr/bin/thunar
+- /usr/bin/caja
diff --git a/root/usr/bin/chromium b/root/usr/bin/chromium
index 58df5ef..4af2c92 100755
--- a/root/usr/bin/chromium
+++ b/root/usr/bin/chromium
@@ -7,9 +7,4 @@ if ! pgrep chromium > /dev/null;then
rm -f $HOME/.config/chromium/Singleton*
fi
-# Run normally on privved containers or modified un non priv
-if grep -q 'Seccomp:.0' /proc/1/status; then
- ${BIN} --password-store=basic "$@"
-else
- ${BIN} --password-store=basic --no-sandbox --test-type "$@"
-fi
+${BIN} --password-store=basic --no-sandbox --test-type "$@"
diff --git a/root/usr/bin/codium b/root/usr/bin/codium
index bb98a6f..bad2e3d 100755
--- a/root/usr/bin/codium
+++ b/root/usr/bin/codium
@@ -2,12 +2,6 @@
BIN=/usr/share/codium/bin/codium
-# Run normally on privved containers or modified un non priv
-if grep -q 'Seccomp:.0' /proc/1/status; then
- ${BIN} \
- "$@"
-else
- ${BIN} \
+${BIN} \
--no-sandbox \
"$@"
-fi
diff --git a/root/usr/bin/github-desktop b/root/usr/bin/github-desktop
index 3904715..704b19e 100755
--- a/root/usr/bin/github-desktop
+++ b/root/usr/bin/github-desktop
@@ -2,9 +2,4 @@
BIN=/usr/lib/github-desktop/github-desktop
-# Run normally on privved containers or modified un non priv
-if grep -q 'Seccomp:.0' /proc/1/status; then
- dbus-launch ${BIN} --password-store=basic "$@"
-else
- dbus-launch ${BIN} --password-store=basic --no-sandbox --test-type "$@"
-fi
+dbus-launch ${BIN} --password-store=basic --no-sandbox --test-type "$@"