diff --git a/.github/workflows/external_trigger.yml b/.github/workflows/external_trigger.yml
index e46cec4..727b6e2 100755
--- a/.github/workflows/external_trigger.yml
+++ b/.github/workflows/external_trigger.yml
@@ -18,7 +18,7 @@ jobs:
fi
echo "**** External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_SQLITEBROWSER_MASTER\". ****"
echo "**** Retrieving external version ****"
- EXT_RELEASE=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.15/community/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
+ EXT_RELEASE=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.16/community/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
&& awk '/^P:'"sqlitebrowser"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://')
if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then
echo "**** Can't retrieve external version, exiting ****"
diff --git a/Dockerfile b/Dockerfile
index 3669a54..e14cf8c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM ghcr.io/linuxserver/baseimage-rdesktop-web:alpine
+FROM ghcr.io/linuxserver/baseimage-rdesktop-web:3.16
# set version label
ARG BUILD_DATE
@@ -12,8 +12,13 @@ ENV TITLE=SQLiteBrowser
RUN \
echo "**** install packages ****" && \
+ if [ -z ${SQLITEB_VERSION+x} ]; then \
+ SQLITEB_VERSION=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.16/community/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
+ && awk '/^P:sqlitebrowser$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://'); \
+ fi && \
apk add --no-cache \
- sqlitebrowser && \
+ sqlitebrowser==${SQLITEB_VERSION} && \
+ sed -i 's|| \n yes\n \n|' /etc/xdg/openbox/rc.xml && \
echo "**** cleanup ****" && \
rm -rf \
/tmp/*
@@ -23,4 +28,5 @@ COPY /root /
# ports and volumes
EXPOSE 3000
+
VOLUME /config
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index d54ede5..1f1ff5e 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -1,4 +1,4 @@
-FROM ghcr.io/linuxserver/baseimage-rdesktop-web:arm64v8-alpine
+FROM ghcr.io/linuxserver/baseimage-rdesktop-web:arm64v8-3.16
# set version label
ARG BUILD_DATE
@@ -12,8 +12,13 @@ ENV TITLE=SQLiteBrowser
RUN \
echo "**** install packages ****" && \
+ if [ -z ${SQLITEB_VERSION+x} ]; then \
+ SQLITEB_VERSION=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.16/community/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
+ && awk '/^P:sqlitebrowser$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://'); \
+ fi && \
apk add --no-cache \
- sqlitebrowser && \
+ sqlitebrowser==${SQLITEB_VERSION} && \
+ sed -i 's|| \n yes\n \n|' /etc/xdg/openbox/rc.xml && \
echo "**** cleanup ****" && \
rm -rf \
/tmp/*
@@ -23,4 +28,5 @@ COPY /root /
# ports and volumes
EXPOSE 3000
+
VOLUME /config
diff --git a/Dockerfile.armhf b/Dockerfile.armhf
index 7dcf9d2..0a566ce 100644
--- a/Dockerfile.armhf
+++ b/Dockerfile.armhf
@@ -1,4 +1,4 @@
-FROM ghcr.io/linuxserver/baseimage-rdesktop-web:arm32v7-alpine
+FROM ghcr.io/linuxserver/baseimage-rdesktop-web:arm32v7-3.16
# set version label
ARG BUILD_DATE
@@ -12,8 +12,13 @@ ENV TITLE=SQLiteBrowser
RUN \
echo "**** install packages ****" && \
+ if [ -z ${SQLITEB_VERSION+x} ]; then \
+ SQLITEB_VERSION=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.16/community/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
+ && awk '/^P:sqlitebrowser$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://'); \
+ fi && \
apk add --no-cache \
- sqlitebrowser && \
+ sqlitebrowser==${SQLITEB_VERSION} && \
+ sed -i 's|| \n yes\n \n|' /etc/xdg/openbox/rc.xml && \
echo "**** cleanup ****" && \
rm -rf \
/tmp/*
@@ -23,4 +28,5 @@ COPY /root /
# ports and volumes
EXPOSE 3000
+
VOLUME /config
diff --git a/Jenkinsfile b/Jenkinsfile
index ae8d390..bf033ae 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -25,8 +25,8 @@ pipeline {
DEV_DOCKERHUB_IMAGE = 'lsiodev/sqlitebrowser'
PR_DOCKERHUB_IMAGE = 'lspipepr/sqlitebrowser'
DIST_IMAGE = 'alpine'
- DIST_TAG = '3.15'
- DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.15/community/'
+ DIST_TAG = '3.16'
+ DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.16/community/'
DIST_REPO_PACKAGES = 'sqlitebrowser'
MULTIARCH='true'
CI='true'
diff --git a/README.md b/README.md
index 7ee3d93..72bf58d 100644
--- a/README.md
+++ b/README.md
@@ -77,6 +77,8 @@ services:
sqlitebrowser:
image: lscr.io/linuxserver/sqlitebrowser:latest
container_name: sqlitebrowser
+ security_opt:
+ - seccomp:unconfined #optional
environment:
- PUID=1000
- PGID=1000
@@ -93,6 +95,7 @@ services:
```bash
docker run -d \
--name=sqlitebrowser \
+ --security-opt seccomp=unconfined `#optional` \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Europe/London \
@@ -113,6 +116,7 @@ Container images are configured using parameters passed at runtime (such as thos
| `-e PGID=1000` | for GroupID - see below for explanation |
| `-e TZ=Europe/London` | Specify a timezone to use EG Europe/London. |
| `-v /config` | Users home directory in the container, stores program settings and potentially dump files. |
+| `--security-opt seccomp=unconfined` | For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker. |
## Environment variables from files (Docker secrets)
@@ -223,6 +227,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
+* **23.10.22:** - Rebase to Alpine 3.16, migrate to s6v3.
* **16.02.22:** - Rebase to Alpine.
* **20.01.21:** - Remove Wireshark reference.
* **29.07.20:** - Initial release.
diff --git a/jenkins-vars.yml b/jenkins-vars.yml
index a0ae331..60eca85 100644
--- a/jenkins-vars.yml
+++ b/jenkins-vars.yml
@@ -15,8 +15,8 @@ repo_vars:
- DEV_DOCKERHUB_IMAGE = 'lsiodev/sqlitebrowser'
- PR_DOCKERHUB_IMAGE = 'lspipepr/sqlitebrowser'
- DIST_IMAGE = 'alpine'
- - DIST_TAG = '3.15'
- - DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.15/community/'
+ - DIST_TAG = '3.16'
+ - DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.16/community/'
- DIST_REPO_PACKAGES = 'sqlitebrowser'
- MULTIARCH='true'
- CI='true'
diff --git a/readme-vars.yml b/readme-vars.yml
index b9b76b9..9c50be5 100644
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -29,6 +29,9 @@ param_volumes:
param_usage_include_ports: true
param_ports:
- { external_port: "3000", internal_port: "3000", port_desc: "Sqlitebrowser desktop gui." }
+opt_security_opt_param: true
+opt_security_opt_param_vars:
+ - { run_var: "seccomp=unconfined", compose_var: "seccomp:unconfined", desc: "For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker." }
# application setup block
app_setup_block_enabled: true
@@ -40,6 +43,7 @@ app_setup_block: |
# changelog
changelogs:
+ - { date: "23.10.22:", desc: "Rebase to Alpine 3.16, migrate to s6v3." }
- { date: "16.02.22:", desc: "Rebase to Alpine." }
- { date: "20.01.21:", desc: "Remove Wireshark reference." }
- { date: "29.07.20:", desc: "Initial release." }
diff --git a/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-openboxcopy b/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-openboxcopy
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/s6-overlay/s6-rc.d/init-openboxcopy/dependencies.d/init-config b/root/etc/s6-overlay/s6-rc.d/init-openboxcopy/dependencies.d/init-config
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/cont-init.d/56-openboxcopy b/root/etc/s6-overlay/s6-rc.d/init-openboxcopy/run
old mode 100644
new mode 100755
similarity index 78%
rename from root/etc/cont-init.d/56-openboxcopy
rename to root/etc/s6-overlay/s6-rc.d/init-openboxcopy/run
index f22df65..e7504d5
--- a/root/etc/cont-init.d/56-openboxcopy
+++ b/root/etc/s6-overlay/s6-rc.d/init-openboxcopy/run
@@ -1,7 +1,8 @@
#!/usr/bin/with-contenv bash
# default file copies first run
-[[ ! -f /config/.config/openbox/menu.xml ]] && \
+if [[ ! -f /config/.config/openbox/menu.xml ]]; then
mkdir -p /config/.config/openbox && \
cp /defaults/menu.xml /config/.config/openbox/menu.xml && \
chown -R abc:abc /config/.config
+fi
diff --git a/root/etc/s6-overlay/s6-rc.d/init-openboxcopy/type b/root/etc/s6-overlay/s6-rc.d/init-openboxcopy/type
new file mode 100644
index 0000000..3d92b15
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/init-openboxcopy/type
@@ -0,0 +1 @@
+oneshot
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/init-openboxcopy/up b/root/etc/s6-overlay/s6-rc.d/init-openboxcopy/up
new file mode 100644
index 0000000..c5a506f
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/init-openboxcopy/up
@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-openboxcopy/run
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-openboxcopy b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-openboxcopy
new file mode 100644
index 0000000..e69de29