mirror of
https://github.com/linuxserver/docker-audacity.git
synced 2025-12-14 13:35:31 +01:00
Compare commits
12 commits
3.7.5-ls23
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
6f4199536e | ||
|
|
002363b7fb | ||
|
|
ae033a1e56 | ||
|
|
575d14f2ea | ||
|
|
c7d1971b57 | ||
|
|
8773e6b5ac | ||
|
|
4113272eac | ||
|
|
aa5a1908c8 | ||
|
|
f02d0e3dff | ||
|
|
04e2e84883 | ||
|
|
6f088b4a13 | ||
|
|
6aa2410fff |
3 changed files with 572 additions and 420 deletions
110
Jenkinsfile
vendored
110
Jenkinsfile
vendored
|
|
@ -208,6 +208,7 @@ pipeline {
|
|||
env.META_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
|
||||
env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
|
||||
env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
|
||||
env.CITEST_IMAGETAG = 'latest'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -233,6 +234,7 @@ pipeline {
|
|||
env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
|
||||
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DEV_DOCKERHUB_IMAGE + '/tags/'
|
||||
env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
|
||||
env.CITEST_IMAGETAG = 'develop'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -258,6 +260,7 @@ pipeline {
|
|||
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST
|
||||
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/'
|
||||
env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
|
||||
env.CITEST_IMAGETAG = 'develop'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -280,7 +283,7 @@ pipeline {
|
|||
-v ${WORKSPACE}:/mnt \
|
||||
-e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
|
||||
-e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
|
||||
ghcr.io/linuxserver/baseimage-alpine:3.20 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
|
||||
ghcr.io/linuxserver/baseimage-alpine:3 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
|
||||
apk add --no-cache python3 && \
|
||||
python3 -m venv /lsiopy && \
|
||||
pip install --no-cache-dir -U pip && \
|
||||
|
|
@ -615,13 +618,16 @@ pipeline {
|
|||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
||||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||
|
||||
if [[ "${PACKAGE_CHECK}" != "true" ]]; then
|
||||
declare -A pids
|
||||
IFS=',' read -ra CACHE <<< "$BUILDCACHE"
|
||||
for i in "${CACHE[@]}"; do
|
||||
docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} &
|
||||
pids[$!]="$i"
|
||||
done
|
||||
for p in $(jobs -p); do
|
||||
wait "$p" || { echo "job $p failed" >&2; exit 1; }
|
||||
for p in "${!pids[@]}"; do
|
||||
wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
|
||||
done
|
||||
fi
|
||||
'''
|
||||
|
|
@ -681,13 +687,16 @@ pipeline {
|
|||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
||||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||
|
||||
if [[ "${PACKAGE_CHECK}" != "true" ]]; then
|
||||
declare -A pids
|
||||
IFS=',' read -ra CACHE <<< "$BUILDCACHE"
|
||||
for i in "${CACHE[@]}"; do
|
||||
docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} &
|
||||
pids[$!]="$i"
|
||||
done
|
||||
for p in $(jobs -p); do
|
||||
wait "$p" || { echo "job $p failed" >&2; exit 1; }
|
||||
for p in "${!pids[@]}"; do
|
||||
wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
|
||||
done
|
||||
fi
|
||||
'''
|
||||
|
|
@ -741,12 +750,14 @@ pipeline {
|
|||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||
if [[ "${PACKAGE_CHECK}" != "true" ]]; then
|
||||
declare -A pids
|
||||
IFS=',' read -ra CACHE <<< "$BUILDCACHE"
|
||||
for i in "${CACHE[@]}"; do
|
||||
docker push ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} &
|
||||
pids[$!]="$i"
|
||||
done
|
||||
for p in $(jobs -p); do
|
||||
wait "$p" || { echo "job $p failed" >&2; exit 1; }
|
||||
for p in "${!pids[@]}"; do
|
||||
wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
|
||||
done
|
||||
fi
|
||||
'''
|
||||
|
|
@ -871,7 +882,7 @@ pipeline {
|
|||
CI_DOCKERENV="LSIO_FIRST_PARTY=true"
|
||||
fi
|
||||
fi
|
||||
docker pull ghcr.io/linuxserver/ci:latest
|
||||
docker pull ghcr.io/linuxserver/ci:${CITEST_IMAGETAG}
|
||||
if [ "${MULTIARCH}" == "true" ]; then
|
||||
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
|
||||
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
|
||||
|
|
@ -895,7 +906,9 @@ pipeline {
|
|||
-e WEB_PATH=\"${CI_WEBPATH}\" \
|
||||
-e NODE_NAME=\"${NODE_NAME}\" \
|
||||
-e SYFT_IMAGE_TAG=\"${CI_SYFT_IMAGE_TAG:-${SYFT_IMAGE_TAG}}\" \
|
||||
-t ghcr.io/linuxserver/ci:latest \
|
||||
-e COMMIT_SHA=\"${COMMIT_SHA}\" \
|
||||
-e BUILD_NUMBER=\"${BUILD_NUMBER}\" \
|
||||
-t ghcr.io/linuxserver/ci:${CITEST_IMAGETAG} \
|
||||
python3 test_build.py'''
|
||||
}
|
||||
}
|
||||
|
|
@ -921,9 +934,11 @@ pipeline {
|
|||
CACHEIMAGE=${i}
|
||||
fi
|
||||
done
|
||||
docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:latest -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:latest -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
if [ -n "${SEMVER}" ]; then
|
||||
docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
fi
|
||||
done
|
||||
'''
|
||||
|
|
@ -948,20 +963,27 @@ pipeline {
|
|||
CACHEIMAGE=${i}
|
||||
fi
|
||||
done
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${META_TAG} -t ${MANIFESTIMAGE}:amd64-latest -t ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-latest -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${META_TAG} -t ${MANIFESTIMAGE}:amd64-latest -t ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-latest -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
if [ -n "${SEMVER}" ]; then
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
fi
|
||||
done
|
||||
for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
||||
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
if [ -n "${SEMVER}" ]; then
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
fi
|
||||
done
|
||||
'''
|
||||
|
|
@ -979,23 +1001,41 @@ pipeline {
|
|||
environment name: 'EXIT_STATUS', value: ''
|
||||
}
|
||||
steps {
|
||||
echo "Pushing New tag for current commit ${META_TAG}"
|
||||
sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \
|
||||
-d '{"tag":"'${META_TAG}'",\
|
||||
"object": "'${COMMIT_SHA}'",\
|
||||
"message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to main",\
|
||||
"type": "commit",\
|
||||
"tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}' '''
|
||||
echo "Pushing New release for Tag"
|
||||
sh '''#! /bin/bash
|
||||
echo "Auto-generating release notes"
|
||||
if [ "$(git tag --points-at HEAD)" != "" ]; then
|
||||
echo "Existing tag points to current commit, suggesting no new LS changes"
|
||||
AUTO_RELEASE_NOTES="No changes"
|
||||
else
|
||||
AUTO_RELEASE_NOTES=$(curl -fsL -H "Authorization: token ${GITHUB_TOKEN}" -H "Accept: application/vnd.github+json" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases/generate-notes \
|
||||
-d '{"tag_name":"'${META_TAG}'",\
|
||||
"target_commitish": "main"}' \
|
||||
| jq -r '.body' | sed 's|## What.s Changed||')
|
||||
fi
|
||||
echo "Pushing New tag for current commit ${META_TAG}"
|
||||
curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \
|
||||
-d '{"tag":"'${META_TAG}'",\
|
||||
"object": "'${COMMIT_SHA}'",\
|
||||
"message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to main",\
|
||||
"type": "commit",\
|
||||
"tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}'
|
||||
echo "Pushing New release for Tag"
|
||||
echo "Updating to ${EXT_RELEASE_CLEAN}" > releasebody.json
|
||||
echo '{"tag_name":"'${META_TAG}'",\
|
||||
"target_commitish": "main",\
|
||||
"name": "'${META_TAG}'",\
|
||||
"body": "**CI Report:**\\n\\n'${CI_URL:-N/A}'\\n\\n**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start
|
||||
printf '","draft": false,"prerelease": false}' >> releasebody.json
|
||||
paste -d'\\0' start releasebody.json > releasebody.json.done
|
||||
curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''
|
||||
jq -n \
|
||||
--arg tag_name "$META_TAG" \
|
||||
--arg target_commitish "main" \
|
||||
--arg ci_url "${CI_URL:-N/A}" \
|
||||
--arg ls_notes "$AUTO_RELEASE_NOTES" \
|
||||
--arg remote_notes "$(cat releasebody.json)" \
|
||||
'{
|
||||
"tag_name": $tag_name,
|
||||
"target_commitish": $target_commitish,
|
||||
"name": $tag_name,
|
||||
"body": ("**CI Report:**\\n\\n" + $ci_url + "\\n\\n**LinuxServer Changes:**\\n\\n" + $ls_notes + "\\n\\n**Remote Changes:**\\n\\n" + $remote_notes),
|
||||
"draft": false,
|
||||
"prerelease": false }' > releasebody.json.done
|
||||
curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done
|
||||
'''
|
||||
}
|
||||
}
|
||||
// Add protection to the release branch
|
||||
|
|
|
|||
171
README.md
171
README.md
|
|
@ -88,22 +88,36 @@ This container is based on [Docker Baseimage Selkies](https://github.com/linuxse
|
|||
|
||||
| Variable | Description |
|
||||
| :----: | --- |
|
||||
| `CUSTOM_PORT` | Internal HTTP port. Defaults to `3000`. |
|
||||
| `CUSTOM_HTTPS_PORT` | Internal HTTPS port. Defaults to `3001`. |
|
||||
| `CUSTOM_WS_PORT` | Internal port the container listens on for websockets if it needs to be swapped from the default 8082. |
|
||||
| `CUSTOM_USER` | Username for HTTP Basic Auth. Defaults to `abc`. |
|
||||
| `PASSWORD` | Password for HTTP Basic Auth. If unset, authentication is disabled. |
|
||||
| `SUBFOLDER` | Application subfolder for reverse proxy configurations. Must include leading and trailing slashes, e.g., `/subfolder/`. |
|
||||
| `TITLE` | Page title displayed in the web browser. Defaults to "Selkies". |
|
||||
| `START_DOCKER` | If set to `false`, the privileged Docker-in-Docker setup will not start automatically. |
|
||||
| `DISABLE_IPV6` | Set to `true` to disable IPv6 support in the container. |
|
||||
| `LC_ALL` | Sets the container's locale, e.g., `fr_FR.UTF-8`. |
|
||||
| `DRINODE` | If mounting in /dev/dri for DRI3 GPU Acceleration allows you to specify the device to use IE `/dev/dri/renderD128` |
|
||||
| `NO_DECOR` | If set, applications will run without window borders, suitable for PWA usage. |
|
||||
| `NO_FULL` | If set, applications will not be automatically fullscreened. |
|
||||
| `DISABLE_ZINK` | If set, Zink-related environment variables will not be configured when a video card is detected. |
|
||||
| `WATERMARK_PNG` | Full path to a watermark PNG file inside the container, e.g., `/usr/share/selkies/www/icon.png`. |
|
||||
| `WATERMARK_LOCATION` | Integer specifying the watermark location: `1` (Top Left), `2` (Top Right), `3` (Bottom Left), `4` (Bottom Right), `5` (Centered), `6` (Animated). |
|
||||
| CUSTOM_PORT | Internal port the container listens on for http if it needs to be swapped from the default `3000` |
|
||||
| CUSTOM_HTTPS_PORT | Internal port the container listens on for https if it needs to be swapped from the default `3001` |
|
||||
| CUSTOM_WS_PORT | Internal port the container listens on for websockets if it needs to be swapped from the default 8082 |
|
||||
| CUSTOM_USER | HTTP Basic auth username, abc is default. |
|
||||
| DRI_NODE | Enable VAAPI stream encoding and use the specified device IE `/dev/dri/renderD128` |
|
||||
| DRINODE | Specify which GPU to use for DRI3 acceleration IE `/dev/dri/renderD129` |
|
||||
| PASSWORD | HTTP Basic auth password, abc is default. If unset there will be no auth |
|
||||
| SUBFOLDER | Subfolder for the application if running a subfolder reverse proxy, need both slashes IE `/subfolder/` |
|
||||
| TITLE | The page title displayed on the web browser, default "Selkies" |
|
||||
| DASHBOARD | Allows the user to set their dashboard. Options: `selkies-dashboard`, `selkies-dashboard-zinc`, `selkies-dashboard-wish` |
|
||||
| FILE_MANAGER_PATH | Modifies the default upload/download file path, path must have proper permissions for abc user |
|
||||
| START_DOCKER | If set to false a container with privilege will not automatically start the DinD Docker setup |
|
||||
| DISABLE_IPV6 | If set to true or any value this will disable IPv6 |
|
||||
| LC_ALL | Set the Language for the container to run as IE `fr_FR.UTF-8` `ar_AE.UTF-8` |
|
||||
| NO_DECOR | If set the application will run without window borders for use as a PWA. (Decor can be enabled and disabled with Ctrl+Shift+d) |
|
||||
| NO_FULL | Do not autmatically fullscreen applications when using openbox. |
|
||||
| NO_GAMEPAD | Disable userspace gamepad interposer injection. |
|
||||
| DISABLE_ZINK | Do not set the Zink environment variables if a video card is detected (userspace applications will use CPU rendering) |
|
||||
| DISABLE_DRI3 | Do not use DRI3 acceleration if a video card is detected (userspace applications will use CPU rendering) |
|
||||
| MAX_RES | Pass a larger maximum resolution for the container default is 16k `15360x8640` |
|
||||
| WATERMARK_PNG | Full path inside the container to a watermark png IE `/usr/share/selkies/www/icon.png` |
|
||||
| WATERMARK_LOCATION | Where to paint the image over the stream integer options below |
|
||||
|
||||
**`WATERMARK_LOCATION` Options:**
|
||||
- **1**: Top Left
|
||||
- **2**: Top Right
|
||||
- **3**: Bottom Left
|
||||
- **4**: Bottom Right
|
||||
- **5**: Centered
|
||||
- **6**: Animated
|
||||
|
||||
#### Optional Run Configurations
|
||||
|
||||
|
|
@ -207,6 +221,131 @@ You can install packages from the system's native repository using the [universa
|
|||
- INSTALL_PACKAGES=libfuse2|git|gdb
|
||||
```
|
||||
|
||||
#### Hardening
|
||||
|
||||
These variables can be used to lock down the desktop environment for single-application use cases or to restrict user capabilities.
|
||||
|
||||
##### Meta Variables
|
||||
|
||||
These variables act as presets, enabling multiple hardening options at once. Individual options can still be set to override the preset.
|
||||
|
||||
| Variable | Description |
|
||||
| :----: | --- |
|
||||
| **`HARDEN_DESKTOP`** | Enables `DISABLE_OPEN_TOOLS`, `DISABLE_SUDO`, and `DISABLE_TERMINALS`. Also sets related Selkies UI settings (`SELKIES_FILE_TRANSFERS`, `SELKIES_COMMAND_ENABLED`, `SELKIES_UI_SIDEBAR_SHOW_FILES`, `SELKIES_UI_SIDEBAR_SHOW_APPS`) if they are not explicitly set by the user. |
|
||||
| **`HARDEN_OPENBOX`** | Enables `DISABLE_CLOSE_BUTTON`, `DISABLE_MOUSE_BUTTONS`, and `HARDEN_KEYBINDS`. It also flags `RESTART_APP` if not set by the user, ensuring the primary application is automatically restarted if closed. |
|
||||
|
||||
##### Individual Hardening Variables
|
||||
|
||||
| Variable | Description |
|
||||
| :--- | --- |
|
||||
| **`DISABLE_OPEN_TOOLS`** | If true, disables `xdg-open` and `exo-open` binaries by removing their execute permissions. |
|
||||
| **`DISABLE_SUDO`** | If true, disables the `sudo` command by removing its execute permissions and invalidating the passwordless sudo configuration. |
|
||||
| **`DISABLE_TERMINALS`** | If true, disables common terminal emulators by removing their execute permissions and hiding them from the Openbox right-click menu. |
|
||||
| **`DISABLE_CLOSE_BUTTON`** | If true, removes the close button from window title bars in the Openbox window manager. |
|
||||
| **`DISABLE_MOUSE_BUTTONS`** | If true, disables the right-click and middle-click context menus and actions within the Openbox window manager. |
|
||||
| **`HARDEN_KEYBINDS`** | If true, disables default Openbox keybinds that can bypass other hardening options (e.g., `Alt+F4` to close windows, `Alt+Escape` to show the root menu). |
|
||||
| **`RESTART_APP`** | If true, enables a watchdog service that automatically restarts the main application if it is closed. The user's autostart script is made read-only and root owned to prevent tampering. |
|
||||
|
||||
#### Selkies application settings
|
||||
|
||||
Using environment variables every facet of the application can be configured.
|
||||
|
||||
##### Booleans and Locking
|
||||
Boolean settings accept `true` or `false`. You can also prevent the user from changing a boolean setting in the UI by appending `|locked`. The UI toggle for this setting will be hidden.
|
||||
|
||||
* **Example**: To force CPU encoding on and prevent the user from disabling it:
|
||||
```bash
|
||||
-e SELKIES_USE_CPU="true|locked"
|
||||
```
|
||||
|
||||
##### Enums and Lists
|
||||
These settings accept a comma-separated list of values. Their behavior depends on the number of items provided:
|
||||
|
||||
* **Multiple Values**: The first item in the list becomes the default selection, and all items in the list become the available options in the UI dropdown.
|
||||
* **Single Value**: The provided value becomes the default, and the UI dropdown is hidden because the choice is locked.
|
||||
|
||||
* **Example**: Force the encoder to be `jpeg` with no other options available to the user:
|
||||
```bash
|
||||
-e SELKIES_ENCODER="jpeg"
|
||||
```
|
||||
|
||||
##### Ranges
|
||||
Range settings define a minimum and maximum for a value (e.g., framerate).
|
||||
|
||||
* **To set a range**: Use a hyphen-separated `min-max` format. The UI will show a slider.
|
||||
* **To set a fixed value**: Provide a single number. This will lock the value and hide the UI slider.
|
||||
|
||||
* **Example**: Lock the framerate to exactly 60 FPS.
|
||||
```bash
|
||||
-e SELKIES_FRAMERATE="60"
|
||||
```
|
||||
|
||||
##### Manual Resolution Mode
|
||||
The server can be forced to use a single, fixed resolution for all connecting clients. This mode is automatically activated if `SELKIES_MANUAL_WIDTH`, `SELKIES_MANUAL_HEIGHT`, or `SELKIES_IS_MANUAL_RESOLUTION_MODE` is set.
|
||||
|
||||
* If `SELKIES_MANUAL_WIDTH` and/or `SELKIES_MANUAL_HEIGHT` are set, the resolution is locked to those values.
|
||||
* If `SELKIES_IS_MANUAL_RESOLUTION_MODE` is set to `true` without specifying width or height, the resolution defaults to **1024x768**.
|
||||
* When this mode is active, the client UI for changing resolution is disabled.
|
||||
|
||||
| Environment Variable | Default Value | Description |
|
||||
| --- | --- | --- |
|
||||
| `SELKIES_UI_TITLE` | `'Selkies'` | Title in top left corner of sidebar. |
|
||||
| `SELKIES_UI_SHOW_LOGO` | `True` | Show the Selkies logo in the sidebar. |
|
||||
| `SELKIES_UI_SHOW_SIDEBAR` | `True` | Show the main sidebar UI. |
|
||||
| `SELKIES_UI_SHOW_CORE_BUTTONS` | `True` | Show the core components buttons display, audio, microphone, and gamepad. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_VIDEO_SETTINGS` | `True` | Show the video settings section in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_SCREEN_SETTINGS` | `True` | Show the screen settings section in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_AUDIO_SETTINGS` | `True` | Show the audio settings section in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_STATS` | `True` | Show the stats section in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_CLIPBOARD` | `True` | Show the clipboard section in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_FILES` | `True` | Show the file transfer section in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_APPS` | `True` | Show the applications section in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_SHARING` | `True` | Show the sharing section in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_GAMEPADS` | `True` | Show the gamepads section in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_FULLSCREEN` | `True` | Show the fullscreen button in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_GAMING_MODE` | `True` | Show the gaming mode button in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_TRACKPAD` | `True` | Show the virtual trackpad button in the sidebar. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_KEYBOARD_BUTTON` | `True` | Show the on-screen keyboard button in the display area. |
|
||||
| `SELKIES_UI_SIDEBAR_SHOW_SOFT_BUTTONS` | `True` | Show the soft buttons section in the sidebar. |
|
||||
| `SELKIES_AUDIO_ENABLED` | `True` | Enable server-to-client audio streaming. |
|
||||
| `SELKIES_MICROPHONE_ENABLED` | `True` | Enable client-to-server microphone forwarding. |
|
||||
| `SELKIES_GAMEPAD_ENABLED` | `True` | Enable gamepad support. |
|
||||
| `SELKIES_CLIPBOARD_ENABLED` | `True` | Enable clipboard synchronization. |
|
||||
| `SELKIES_COMMAND_ENABLED` | `True` | Enable parsing of command websocket messages. |
|
||||
| `SELKIES_FILE_TRANSFERS` | `'upload,download'` | Allowed file transfer directions (comma-separated: "upload,download"). Set to "" or "none" to disable. |
|
||||
| `SELKIES_ENCODER` | `'x264enc,x264enc-striped,jpeg'` | The default video encoders. |
|
||||
| `SELKIES_FRAMERATE` | `'8-120'` | Allowed framerate range or a fixed value. |
|
||||
| `SELKIES_H264_CRF` | `'5-50'` | Allowed H.264 CRF range or a fixed value. |
|
||||
| `SELKIES_JPEG_QUALITY` | `'1-100'` | Allowed JPEG quality range or a fixed value. |
|
||||
| `SELKIES_H264_FULLCOLOR` | `False` | Enable H.264 full color range for pixelflux encoders. |
|
||||
| `SELKIES_H264_STREAMING_MODE` | `False` | Enable H.264 streaming mode for pixelflux encoders. |
|
||||
| `SELKIES_USE_CPU` | `False` | Force CPU-based encoding for pixelflux. |
|
||||
| `SELKIES_USE_PAINT_OVER_QUALITY` | `True` | Enable high-quality paint-over for static scenes. |
|
||||
| `SELKIES_PAINT_OVER_JPEG_QUALITY` | `'1-100'` | Allowed JPEG paint-over quality range or a fixed value. |
|
||||
| `SELKIES_H264_PAINTOVER_CRF` | `'5-50'` | Allowed H.264 paint-over CRF range or a fixed value. |
|
||||
| `SELKIES_H264_PAINTOVER_BURST_FRAMES` | `'1-30'` | Allowed H.264 paint-over burst frames range or a fixed value. |
|
||||
| `SELKIES_SECOND_SCREEN` | `True` | Enable support for a second monitor/display. |
|
||||
| `SELKIES_AUDIO_BITRATE` | `'320000'` | The default audio bitrate. |
|
||||
| `SELKIES_IS_MANUAL_RESOLUTION_MODE` | `False` | Lock the resolution to the manual width/height values. |
|
||||
| `SELKIES_MANUAL_WIDTH` | `0` | Lock width to a fixed value. Setting this forces manual resolution mode. |
|
||||
| `SELKIES_MANUAL_HEIGHT` | `0` | Lock height to a fixed value. Setting this forces manual resolution mode. |
|
||||
| `SELKIES_SCALING_DPI` | `'96'` | The default DPI for UI scaling. |
|
||||
| `SELKIES_ENABLE_BINARY_CLIPBOARD` | `False` | Allow binary data on the clipboard. |
|
||||
| `SELKIES_USE_BROWSER_CURSORS` | `False` | Use browser CSS cursors instead of rendering to canvas. |
|
||||
| `SELKIES_USE_CSS_SCALING` | `False` | HiDPI when false, if true a lower resolution is sent from the client and the canvas is stretched. |
|
||||
| `SELKIES_PORT` (or `CUSTOM_WS_PORT`) | `8082` | Port for the data websocket server. |
|
||||
| `SELKIES_DRI_NODE` (or `DRI_NODE`) | `''` | Path to the DRI render node for VA-API. |
|
||||
| `SELKIES_AUDIO_DEVICE_NAME` | `'output.monitor'` | Audio device name for pcmflux capture. |
|
||||
| `SELKIES_WATERMARK_PATH` (or `WATERMARK_PNG`) | `''` | Absolute path to the watermark PNG file. |
|
||||
| `SELKIES_WATERMARK_LOCATION` (or `WATERMARK_LOCATION`) | `-1` | Watermark location enum (0-6). |
|
||||
| `SELKIES_DEBUG` | `False` | Enable debug logging. |
|
||||
| `SELKIES_ENABLE_SHARING` | `True` | Master toggle for all sharing features. |
|
||||
| `SELKIES_ENABLE_COLLAB` | `True` | Enable collaborative (read-write) sharing link. |
|
||||
| `SELKIES_ENABLE_SHARED` | `True` | Enable view-only sharing links. |
|
||||
| `SELKIES_ENABLE_PLAYER2` | `True` | Enable sharing link for gamepad player 2. |
|
||||
| `SELKIES_ENABLE_PLAYER3` | `True` | Enable sharing link for gamepad player 3. |
|
||||
| `SELKIES_ENABLE_PLAYER4` | `True` | Enable sharing link for gamepad player 4. |
|
||||
|
||||
## Usage
|
||||
|
||||
To help you get started creating a container from this image you can either use docker-compose or the docker cli.
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
Loading…
Add table
Add a link
Reference in a new issue