Archived
2
0

Merge branch 'master' of github.com:m1k1o/neko into docker-nvidia

This commit is contained in:
Miroslav Šedivý 2023-01-15 22:28:22 +01:00
commit 054300e4e2
17 changed files with 15247 additions and 154 deletions

View File

@ -61,11 +61,6 @@ ARG USER_UID=1000
ARG USER_GID=$USER_UID ARG USER_GID=$USER_UID
RUN set -eux; \ RUN set -eux; \
#
# add non-free repo for intel drivers
echo deb http://deb.debian.org/debian bullseye main contrib non-free > /etc/apt/sources.list; \
echo deb http://deb.debian.org/debian-security/ bullseye-security main contrib non-free >> /etc/apt/sources.list; \
echo deb http://deb.debian.org/debian bullseye-updates main contrib non-free >> /etc/apt/sources.list; \
apt-get update; \ apt-get update; \
# #
# install dependencies # install dependencies
@ -73,13 +68,9 @@ RUN set -eux; \
apt-get install -y --no-install-recommends pulseaudio dbus-x11 xserver-xorg-video-dummy; \ apt-get install -y --no-install-recommends pulseaudio dbus-x11 xserver-xorg-video-dummy; \
apt-get install -y --no-install-recommends libcairo2 libxcb1 libxrandr2 libxv1 libopus0 libvpx6; \ apt-get install -y --no-install-recommends libcairo2 libxcb1 libxrandr2 libxv1 libopus0 libvpx6; \
# #
# intel driver + vaapi # gst
apt-get install -y --no-install-recommends intel-media-va-driver-non-free libva2 vainfo; \
#
# gst + vaapi plugin
apt-get install -y --no-install-recommends libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev \ apt-get install -y --no-install-recommends libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev \
gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly gstreamer1.0-pulseaudio \ gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly gstreamer1.0-pulseaudio; \
gstreamer1.0-vaapi ;\
# #
# install fonts # install fonts
apt-get install -y --no-install-recommends \ apt-get install -y --no-install-recommends \
@ -122,7 +113,6 @@ COPY .docker/base/dbus /usr/bin/dbus
COPY .docker/base/default.pa /etc/pulse/default.pa COPY .docker/base/default.pa /etc/pulse/default.pa
COPY .docker/base/supervisord.conf /etc/neko/supervisord.conf COPY .docker/base/supervisord.conf /etc/neko/supervisord.conf
COPY .docker/base/xorg.conf /etc/neko/xorg.conf COPY .docker/base/xorg.conf /etc/neko/xorg.conf
COPY .docker/base/add-render-group.sh /usr/bin/add-render-group.sh
# #
# set default envs # set default envs
@ -131,7 +121,6 @@ ENV DISPLAY=:99.0
ENV NEKO_PASSWORD=neko ENV NEKO_PASSWORD=neko
ENV NEKO_PASSWORD_ADMIN=admin ENV NEKO_PASSWORD_ADMIN=admin
ENV NEKO_BIND=:8080 ENV NEKO_BIND=:8080
ENV RENDER_GID=
# #
# copy static files from previous stages # copy static files from previous stages

View File

@ -1,7 +1,7 @@
# #
# STAGE 1: SERVER # STAGE 1: SERVER
# #
FROM arm32v7/golang:1.18-buster as server FROM golang:1.18-bullseye as server
WORKDIR /src WORKDIR /src
# #
@ -13,7 +13,7 @@ RUN set -eux; apt-get update; \
# install libclipboard # install libclipboard
set -eux; \ set -eux; \
cd /tmp; \ cd /tmp; \
git clone https://github.com/jtanx/libclipboard; \ git clone --depth=1 https://github.com/jtanx/libclipboard; \
cd libclipboard; \ cd libclipboard; \
cmake .; \ cmake .; \
make -j4; \ make -j4; \
@ -32,7 +32,7 @@ RUN go get -v -t -d . && go build -o bin/neko cmd/neko/main.go
# #
# STAGE 2: CLIENT # STAGE 2: CLIENT
# #
FROM node:14-buster-slim as client FROM node:14-bullseye-slim as client
# install dependencies # install dependencies
RUN set -eux; apt-get update; \ RUN set -eux; apt-get update; \
@ -53,7 +53,7 @@ RUN npm run build
# #
# STAGE 3: RUNTIME # STAGE 3: RUNTIME
# #
FROM arm32v7/debian:buster-slim FROM debian:bullseye-slim
# #
# avoid warnings by switching to noninteractive # avoid warnings by switching to noninteractive
@ -65,19 +65,27 @@ ARG USERNAME=neko
ARG USER_UID=1000 ARG USER_UID=1000
ARG USER_GID=$USER_UID ARG USER_GID=$USER_UID
RUN set -eux; \
apt-get update; \
# #
# install dependencies # install dependencies
RUN set -eux; apt-get update; \
apt-get install -y --no-install-recommends wget ca-certificates supervisor; \ apt-get install -y --no-install-recommends wget ca-certificates supervisor; \
apt-get install -y --no-install-recommends pulseaudio dbus-x11 xserver-xorg-video-dummy; \ apt-get install -y --no-install-recommends pulseaudio dbus-x11 xserver-xorg-video-dummy; \
apt-get install -y --no-install-recommends libcairo2 libxcb1 libxrandr2 libxv1 libopus0 libvpx5; \ apt-get install -y --no-install-recommends libcairo2 libxcb1 libxrandr2 libxv1 libopus0 libvpx6; \
# #
# gst # gst
apt-get install -y --no-install-recommends libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev \ apt-get install -y --no-install-recommends libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev \
gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly gstreamer1.0-pulseaudio gstreamer1.0-omx; \ gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly gstreamer1.0-pulseaudio \
gstreamer1.0-omx; \
# #
# fonts # install fonts
apt-get install -y --no-install-recommends fonts-takao-mincho fonts-wqy-zenhei; \ apt-get install -y --no-install-recommends \
# Google emojis
fonts-noto-color-emoji \
# Japanese fonts
fonts-takao-mincho \
# Chinese fonts
fonts-wqy-zenhei; \
# #
# create a non-root user # create a non-root user
groupadd --gid $USER_GID $USERNAME; \ groupadd --gid $USER_GID $USERNAME; \
@ -131,4 +139,3 @@ HEALTHCHECK --interval=10s --timeout=5s --retries=8 \
# #
# run neko # run neko
CMD ["/usr/bin/supervisord", "-c", "/etc/neko/supervisord.conf"] CMD ["/usr/bin/supervisord", "-c", "/etc/neko/supervisord.conf"]

View File

@ -0,0 +1,146 @@
#
# STAGE 1: SERVER
#
FROM golang:1.18-bullseye as server
WORKDIR /src
#
# install dependencies
RUN set -eux; apt-get update; \
apt-get install -y --no-install-recommends git cmake make libx11-dev libxrandr-dev libxtst-dev \
libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly; \
#
# install libclipboard
set -eux; \
cd /tmp; \
git clone --depth=1 https://github.com/jtanx/libclipboard; \
cd libclipboard; \
cmake .; \
make -j4; \
make install; \
rm -rf /tmp/libclipboard; \
#
# clean up
apt-get clean -y; \
rm -rf /var/lib/apt/lists/* /var/cache/apt/*
#
# build server
COPY server/ .
RUN go get -v -t -d . && go build -o bin/neko cmd/neko/main.go
#
# STAGE 2: CLIENT
#
FROM node:14-bullseye-slim as client
WORKDIR /src
#
# install dependencies
COPY client/package*.json ./
RUN npm install
#
# build client
COPY client/ .
RUN npm run build
#
# STAGE 3: RUNTIME
#
FROM debian:bullseye-slim
#
# avoid warnings by switching to noninteractive
ENV DEBIAN_FRONTEND=noninteractive
#
# set custom user
ARG USERNAME=neko
ARG USER_UID=1000
ARG USER_GID=$USER_UID
RUN set -eux; \
#
# add non-free repo for intel drivers
echo deb http://deb.debian.org/debian bullseye main contrib non-free > /etc/apt/sources.list; \
echo deb http://deb.debian.org/debian-security/ bullseye-security main contrib non-free >> /etc/apt/sources.list; \
echo deb http://deb.debian.org/debian bullseye-updates main contrib non-free >> /etc/apt/sources.list; \
apt-get update; \
#
# install dependencies
apt-get install -y --no-install-recommends wget ca-certificates supervisor; \
apt-get install -y --no-install-recommends pulseaudio dbus-x11 xserver-xorg-video-dummy; \
apt-get install -y --no-install-recommends libcairo2 libxcb1 libxrandr2 libxv1 libopus0 libvpx6; \
#
# intel driver + vaapi
apt-get install -y --no-install-recommends intel-media-va-driver-non-free libva2 vainfo; \
#
# gst + vaapi plugin
apt-get install -y --no-install-recommends libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev \
gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly gstreamer1.0-pulseaudio \
gstreamer1.0-vaapi; \
#
# install fonts
apt-get install -y --no-install-recommends \
# Google emojis
fonts-noto-color-emoji \
# Japanese fonts
fonts-takao-mincho \
# Chinese fonts
fonts-wqy-zenhei; \
#
# create a non-root user
groupadd --gid $USER_GID $USERNAME; \
useradd --uid $USER_UID --gid $USERNAME --shell /bin/bash --create-home $USERNAME; \
adduser $USERNAME audio; \
adduser $USERNAME video; \
adduser $USERNAME pulse; \
#
# setup pulseaudio
mkdir -p /home/$USERNAME/.config/pulse/; \
echo "default-server=unix:/tmp/pulseaudio.socket" > /home/$USERNAME/.config/pulse/client.conf; \
#
# workaround for an X11 problem: http://blog.tigerteufel.de/?p=476
mkdir /tmp/.X11-unix; \
chmod 1777 /tmp/.X11-unix; \
chown $USERNAME /tmp/.X11-unix/; \
#
# make directories for neko
mkdir -p /etc/neko /var/www /var/log/neko; \
chmod 1777 /var/log/neko; \
chown $USERNAME /var/log/neko/; \
chown -R $USERNAME:$USERNAME /home/$USERNAME; \
#
# clean up
apt-get clean -y; \
rm -rf /var/lib/apt/lists/* /var/cache/apt/*
#
# copy config files
COPY .docker/base/dbus /usr/bin/dbus
COPY .docker/base/default.pa /etc/pulse/default.pa
COPY .docker/base/intel/supervisord.conf /etc/neko/supervisord.conf
COPY .docker/base/xorg.conf /etc/neko/xorg.conf
COPY .docker/base/intel/add-render-group.sh /usr/bin/add-render-group.sh
#
# set default envs
ENV USER=$USERNAME
ENV DISPLAY=:99.0
ENV NEKO_PASSWORD=neko
ENV NEKO_PASSWORD_ADMIN=admin
ENV NEKO_BIND=:8080
ENV RENDER_GID=
#
# copy static files from previous stages
COPY --from=server /src/bin/neko /usr/bin/neko
COPY --from=client /src/dist/ /var/www
HEALTHCHECK --interval=10s --timeout=5s --retries=8 \
CMD wget -O - http://localhost:${NEKO_BIND#*:}/health || exit 1
#
# run neko
CMD ["/usr/bin/supervisord", "-c", "/etc/neko/supervisord.conf"]

View File

@ -0,0 +1,69 @@
[supervisord]
nodaemon=true
user=root
pidfile=/var/run/supervisord.pid
logfile=/dev/null
logfile_maxbytes=0
loglevel=debug
[include]
files=/etc/neko/supervisord/*.conf
[program:rendergroup-init]
environment=RENDER_GID="%(ENV_RENDER_GID)s",USER="%(ENV_USER)s"
command=/usr/bin/add-render-group.sh
startsecs=0
startretries=0
autorestart=false
priority=10
user=root
stdout_logfile=/var/log/neko/rendergroup.log
stdout_logfile_maxbytes=1MB
stdout_logfile_backups=10
redirect_stderr=true
[program:dbus]
environment=HOME="/root",USER="root"
command=/usr/bin/dbus
autorestart=true
priority=100
user=root
stdout_logfile=/var/log/neko/dbus.log
stdout_logfile_maxbytes=100MB
stdout_logfile_backups=10
redirect_stderr=true
[program:x-server]
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s"
command=/usr/bin/X -config /etc/neko/xorg.conf %(ENV_DISPLAY)s
autorestart=true
priority=300
user=%(ENV_USER)s
stdout_logfile=/var/log/neko/xorg.log
stdout_logfile_maxbytes=100MB
stdout_logfile_backups=10
redirect_stderr=true
[program:pulseaudio]
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
command=/usr/bin/pulseaudio --log-level=info --disallow-module-loading --disallow-exit --exit-idle-time=-1
autorestart=true
priority=300
user=%(ENV_USER)s
stdout_logfile=/var/log/neko/pulseaudio.log
stdout_logfile_maxbytes=100MB
stdout_logfile_backups=10
redirect_stderr=true
[program:neko]
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
command=/usr/bin/neko serve --static "/var/www"
stopsignal=INT
stopwaitsecs=5
autorestart=true
priority=800
user=%(ENV_USER)s
stdout_logfile=/var/log/neko/neko.log
stdout_logfile_maxbytes=100MB
stdout_logfile_backups=10
redirect_stderr=true

View File

@ -9,19 +9,6 @@ loglevel=debug
[include] [include]
files=/etc/neko/supervisord/*.conf files=/etc/neko/supervisord/*.conf
[program:rendergroup-init]
environment=RENDER_GID="%(ENV_RENDER_GID)s",USER="%(ENV_USER)s"
command=/usr/bin/add-render-group.sh
startsecs=0
startretries=0
autorestart=false
priority=10
user=root
stdout_logfile=/var/log/neko/rendergroup.log
stdout_logfile_maxbytes=1MB
stdout_logfile_backups=10
redirect_stderr=true
[program:dbus] [program:dbus]
environment=HOME="/root",USER="root" environment=HOME="/root",USER="root"
command=/usr/bin/dbus command=/usr/bin/dbus

View File

@ -77,6 +77,21 @@ build_arm() {
fi fi
} }
build_intel() {
if [ "$1" = "base" ]
then
# build intel base
docker build -t "${BUILD_IMAGE}:intel-base" -f base/Dockerfile.intel "${BASE}"
elif [ -f "$1/Dockerfile.intel" ]
then
# build dedicated intel image
docker build -t "${BUILD_IMAGE}:intel-$1" --build-arg="BASE_IMAGE=${BUILD_IMAGE}:intel-base" -f "$1/Dockerfile.intel" "$1/"
else
# try to build intel image with common Dockerfile
docker build -t "${BUILD_IMAGE}:intel-$1" --build-arg="BASE_IMAGE=${BUILD_IMAGE}:intel-base" -f "$1/Dockerfile" "$1/"
fi
}
build_nvidia() { build_nvidia() {
if [ "$1" = "base" ] if [ "$1" = "base" ]
then then
@ -99,6 +114,9 @@ case $1 in
# build arm- images # build arm- images
arm-*) build_arm "${1#arm-}";; arm-*) build_arm "${1#arm-}";;
# build intel- images
intel-*) build_intel "${1#intel-}";;
# build nvidia- images # build nvidia- images
nvidia-*) build_nvidia "${1#nvidia-}";; nvidia-*) build_nvidia "${1#nvidia-}";;

View File

@ -4,7 +4,7 @@ FROM $BASE_IMAGE
# #
# install neko chromium # install neko chromium
RUN set -eux; apt-get update; \ RUN set -eux; apt-get update; \
# TODO: Bring back DRM support with arm32v7/debian:buster-slim image. # TODO: Bring back DRM support.
apt-get install -y --no-install-recommends chromium openbox; \ apt-get install -y --no-install-recommends chromium openbox; \
# #
# clean up # clean up

View File

@ -1,4 +1,4 @@
name: "CI for builds" name: "build and push amd64 images to Docker Hub"
on: on:
push: push:

View File

@ -1,4 +1,4 @@
name: "CI for version tags" name: "amd64 images"
on: on:
push: push:
@ -8,6 +8,9 @@ on:
env: env:
REGISTRY: ghcr.io REGISTRY: ghcr.io
IMAGE_NAME: m1k1o/neko IMAGE_NAME: m1k1o/neko
TAG_PREFIX: ""
BASE_DOCKERFILE: Dockerfile
PLATFORMS: linux/amd64
jobs: jobs:
build-base: build-base:
@ -31,7 +34,7 @@ jobs:
uses: docker/metadata-action@v3 uses: docker/metadata-action@v3
id: meta id: meta
with: with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/base images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base
tags: | tags: |
type=semver,pattern={{version}} type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}}.{{minor}}
@ -49,8 +52,8 @@ jobs:
uses: docker/build-push-action@v2 uses: docker/build-push-action@v2
with: with:
context: ./ context: ./
file: .docker/base/Dockerfile file: .docker/base/${{ env.BASE_DOCKERFILE }}
platforms: linux/amd64,linux/arm64 platforms: ${{ env.PLATFORMS }}
push: true push: true
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
@ -67,32 +70,19 @@ jobs:
matrix: matrix:
include: include:
- tag: firefox - tag: firefox
platforms: linux/amd64,linux/arm64
- tag: chromium - tag: chromium
platforms: linux/amd64,linux/arm64
- tag: google-chrome - tag: google-chrome
platforms: linux/amd64
- tag: ungoogled-chromium - tag: ungoogled-chromium
platforms: linux/amd64,linux/arm64
- tag: microsoft-edge - tag: microsoft-edge
platforms: linux/amd64
- tag: brave - tag: brave
platforms: linux/amd64
- tag: vivaldi - tag: vivaldi
platforms: linux/amd64
- tag: opera - tag: opera
platforms: linux/amd64
- tag: tor-browser - tag: tor-browser
platforms: linux/amd64,linux/arm64
- tag: remmina - tag: remmina
platforms: linux/amd64
- tag: vlc - tag: vlc
platforms: linux/amd64,linux/arm64
- tag: xfce - tag: xfce
platforms: linux/amd64,linux/arm64
env: env:
TAG_NAME: ${{ matrix.tag }} TAG_NAME: ${{ matrix.tag }}
PLATFORMS: ${{ matrix.platforms }}
steps: steps:
- -
name: Checkout name: Checkout
@ -108,11 +98,12 @@ jobs:
uses: docker/metadata-action@v3 uses: docker/metadata-action@v3
id: meta id: meta
with: with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_NAME }} images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}${{ env.TAG_NAME }}
tags: | tags: |
type=semver,pattern={{version}} type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}} type=semver,pattern={{major}}
type=sha,format=long
- -
name: Log in to the Container registry name: Log in to the Container registry
uses: docker/login-action@v1 uses: docker/login-action@v1
@ -130,4 +121,4 @@ jobs:
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
build-args: | build-args: |
BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/base:sha-${{ github.sha }} BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base:sha-${{ github.sha }}

126
.github/workflows/ghcr-arm.yml vendored Normal file
View File

@ -0,0 +1,126 @@
name: "arm64v8 and arm32v7 images"
on:
push:
tags:
- 'v*'
env:
REGISTRY: ghcr.io
IMAGE_NAME: m1k1o/neko
TAG_PREFIX: arm-
BASE_DOCKERFILE: Dockerfile.arm
PLATFORMS: linux/arm64,linux/arm/v7
jobs:
build-base:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: ./
file: .docker/base/${{ env.BASE_DOCKERFILE }}
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
needs: [ build-base ]
strategy:
# Will build all images even if some fail.
matrix:
include:
- tag: firefox
dockerfile: Dockerfile.arm
- tag: chromium
dockerfile: Dockerfile.arm
- tag: ungoogled-chromium
dockerfile: Dockerfile
- tag: tor-browser
dockerfile: Dockerfile
- tag: vlc
dockerfile: Dockerfile
- tag: xfce
dockerfile: Dockerfile
env:
TAG_NAME: ${{ matrix.tag }}
DOCKERFILE: ${{ matrix.dockerfile }}
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}${{ env.TAG_NAME }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: .docker/${{ env.TAG_NAME }}
file: .docker/${{ env.TAG_NAME }}/${{ env.DOCKERFILE }}
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base:sha-${{ github.sha }}

125
.github/workflows/ghcr-intel.yml vendored Normal file
View File

@ -0,0 +1,125 @@
name: "intel gpu supported images"
on:
push:
tags:
- 'v*'
env:
REGISTRY: ghcr.io
IMAGE_NAME: m1k1o/neko
TAG_PREFIX: intel-
BASE_DOCKERFILE: Dockerfile.intel
PLATFORMS: linux/amd64
jobs:
build-base:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: ./
file: .docker/base/${{ env.BASE_DOCKERFILE }}
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
needs: [ build-base ]
strategy:
# Will build all images even if some fail.
matrix:
include:
- tag: firefox
- tag: chromium
- tag: google-chrome
- tag: ungoogled-chromium
- tag: microsoft-edge
- tag: brave
- tag: vivaldi
- tag: opera
- tag: tor-browser
- tag: remmina
- tag: vlc
- tag: xfce
env:
TAG_NAME: ${{ matrix.tag }}
DOCKERFILE: ${{ matrix.dockerfile }}
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}${{ env.TAG_NAME }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: .docker/${{ env.TAG_NAME }}
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base:sha-${{ github.sha }}

4
.gitignore vendored
View File

@ -23,10 +23,6 @@ pids
*.seed *.seed
*.pid.lock *.pid.lock
# Lock files
yarn.lock
package-lock.json
# TypeScript incremental compilation cache # TypeScript incremental compilation cache
*.tsbuildinfo *.tsbuildinfo

View File

@ -22,7 +22,7 @@
<img src="https://discordapp.com/api/guilds/665851821906067466/widget.png" alt="Chat on discord"> <img src="https://discordapp.com/api/guilds/665851821906067466/widget.png" alt="Chat on discord">
</a> </a>
<a href="https://github.com/m1k1o/neko/actions"> <a href="https://github.com/m1k1o/neko/actions">
<img src="https://github.com/m1k1o/neko/actions/workflows/build.yml/badge.svg" alt="build"> <img src="https://github.com/m1k1o/neko/actions/workflows/ghcr-amd.yml/badge.svg" alt="build">
</a> </a>
</p> </p>
<img src="https://raw.githubusercontent.com/m1k1o/neko/master/docs/_media/intro.gif" width="650" height="auto"/> <img src="https://raw.githubusercontent.com/m1k1o/neko/master/docs/_media/intro.gif" width="650" height="auto"/>

14643
client/package-lock.json generated Normal file

File diff suppressed because it is too large Load Diff

View File

@ -14,7 +14,7 @@
<img src="../_media/icons/xfce.svg" title="m1k1o/neko:xfce" width="60" height="auto"/> <img src="../_media/icons/xfce.svg" title="m1k1o/neko:xfce" width="60" height="auto"/>
</div> </div>
Use the following docker images: Use the following docker images from [Docker Hub](https://hub.docker.com/r/m1k1o/neko) for x86_64:
- `m1k1o/neko:latest` or `m1k1o/neko:firefox` - for Firefox. - `m1k1o/neko:latest` or `m1k1o/neko:firefox` - for Firefox.
- `m1k1o/neko:chromium` - for Chromium (needs `--cap-add=SYS_ADMIN`, see the [security implications](https://www.redhat.com/en/blog/container-tidbits-adding-capabilities-container)). - `m1k1o/neko:chromium` - for Chromium (needs `--cap-add=SYS_ADMIN`, see the [security implications](https://www.redhat.com/en/blog/container-tidbits-adding-capabilities-container)).
- `m1k1o/neko:google-chrome` - for Google Chrome (needs `--cap-add=SYS_ADMIN`, see the [security implications](https://www.redhat.com/en/blog/container-tidbits-adding-capabilities-container)). - `m1k1o/neko:google-chrome` - for Google Chrome (needs `--cap-add=SYS_ADMIN`, see the [security implications](https://www.redhat.com/en/blog/container-tidbits-adding-capabilities-container)).
@ -31,12 +31,47 @@ Use the following docker images:
- `m1k1o/neko:xfce` - for a shared desktop / installing shared software. - `m1k1o/neko:xfce` - for a shared desktop / installing shared software.
- `m1k1o/neko:base` - for custom base. - `m1k1o/neko:base` - for custom base.
For ARM-based devices (like Raspberry Pi, with GPU hardware acceleration): Dockerhub images are built using GitHub actions on every push and on weekly basis to keep all browsers up-to-date.
- `m1k1o/neko:arm-firefox` - for Firefox.
- `m1k1o/neko:arm-chromium` - for Chromium.
- `m1k1o/neko:arm-base` - for custom arm based.
Images (except `arm-`) are built using GitHub actions on every push and on weekly basis to keep all browsers up-to-date, All images are also available on [GitHub Container Registry](https://github.com/m1k1o?tab=packages&repo_name=neko) for faster pulls:
- `ghcr.io/m1k1o/neko/firefox:latest`
- `ghcr.io/m1k1o/neko/chromium:latest`
- `ghcr.io/m1k1o/neko/google-chrome:latest`
- `ghcr.io/m1k1o/neko/ungoogled-chromium:latest`
- `ghcr.io/m1k1o/neko/microsoft-edge:latest`
- `ghcr.io/m1k1o/neko/brave:latest`
- `ghcr.io/m1k1o/neko/vivaldi:latest`
- `ghcr.io/m1k1o/neko/opera:latest`
- `ghcr.io/m1k1o/neko/tor-browser:latest`
- `ghcr.io/m1k1o/neko/remmina:latest`
- `ghcr.io/m1k1o/neko/vlc:latest`
- `ghcr.io/m1k1o/neko/xfce:latest`
For ARM-based images (like Raspberry Pi - with GPU hardware acceleration, Oracle Cloud ARM tier). Currently not all images are available for ARM, because not all applications are available for ARM.
- `ghcr.io/m1k1o/neko/arm-firefox:latest`
- `ghcr.io/m1k1o/neko/arm-chromium:latest`
- `ghcr.io/m1k1o/neko/arm-ungoogled-chromium:latest`
- `ghcr.io/m1k1o/neko/arm-vlc:latest`
- `ghcr.io/m1k1o/neko/arm-xfce:latest`
For images with VAAPI GPU hardware acceleration using intel drivers use:
- `ghcr.io/m1k1o/neko/intel-firefox:latest`
- `ghcr.io/m1k1o/neko/intel-chromium:latest`
- `ghcr.io/m1k1o/neko/intel-google-chrome:latest`
- `ghcr.io/m1k1o/neko/intel-ungoogled-chromium:latest`
- `ghcr.io/m1k1o/neko/intel-microsoft-edge:latest`
- `ghcr.io/m1k1o/neko/intel-brave:latest`
- `ghcr.io/m1k1o/neko/intel-vivaldi:latest`
- `ghcr.io/m1k1o/neko/intel-opera:latest`
- `ghcr.io/m1k1o/neko/intel-tor-browser:latest`
- `ghcr.io/m1k1o/neko/intel-remmina:latest`
- `ghcr.io/m1k1o/neko/intel-vlc:latest`
- `ghcr.io/m1k1o/neko/intel-xfce:latest`
GHCR images are built using GitHub actions for every tag.
### Networking: ### Networking:
- If you want to use n.eko in **external** network, you can omit `NEKO_NAT1TO1`. It will automatically get your Public IP. - If you want to use n.eko in **external** network, you can omit `NEKO_NAT1TO1`. It will automatically get your Public IP.

View File

@ -149,98 +149,59 @@ KeyCode XkbKeysymToKeycode(Display* dpy, KeySym keysym) {
return keycode; return keycode;
} }
static xkeycode_t *xFreeKeycodesHead = NULL; // From https://github.com/TigerVNC/tigervnc/blob/a434ef3377943e89165ac13c537cd0f28be97f84/unix/x0vncserver/XDesktop.cxx#L401-L453
int xNumcodes = 0; KeyCode XkbAddKeyKeysym(Display* dpy, KeySym keysym) {
int types[1];
unsigned int key;
XkbDescPtr xkb;
XkbMapChangesRec changes;
KeySym *syms;
KeySym upper, lower;
void XFreeKeycodesInit(Display* dpy) { xkb = XkbGetMap(dpy, XkbAllComponentsMask, XkbUseCoreKbd);
if (xFreeKeycodesHead != NULL)
return;
KeyCode keycode; if (!xkb)
KeySym *keysyms;
int min, max, numcodes;
// get full keyboard mapping
XDisplayKeycodes(dpy, &min, &max);
keysyms = XGetKeyboardMapping(dpy, min, max-min, &numcodes);
xNumcodes = numcodes;
// loop through all keycodes
xkeycode_t *last = NULL;
for (int i = min; i <= max; ++i) {
// check if keycode is empty
int isEmpty = 1;
for (int j = 0; j < numcodes; ++j) {
int symindex = ((i - min) * numcodes) + j;
if (keysyms[symindex] != 0) {
isEmpty = 0;
break;
}
}
if (!isEmpty) continue;
xkeycode_t *entry = (xkeycode_t *) malloc(sizeof(xkeycode_t));
if (entry == NULL) return;
entry->keycode = i;
if (last == NULL) {
xFreeKeycodesHead = entry;
} else {
last->next = entry;
}
last = entry;
}
// no free keycodes, pick last two keycodes anyway
if (last == NULL) {
xkeycode_t *entry1 = (xkeycode_t *) malloc(sizeof(xkeycode_t));
if (entry1 == NULL) return;
entry1->keycode = max-1;
xkeycode_t *entry2 = (xkeycode_t *) malloc(sizeof(xkeycode_t));
if (entry2 == NULL) return;
entry2->keycode = max-2;
xFreeKeycodesHead = entry1;
entry1->next = entry2;
last = entry2;
}
// make as circular list
last->next = xFreeKeycodesHead;
XFree(keysyms);
}
// get free keycode from list
KeyCode XFreeKeycodeGet() {
if (xFreeKeycodesHead == NULL)
return 0; return 0;
// move head to next entry for (key = xkb->max_key_code; key >= xkb->min_key_code; key--) {
xkeycode_t *entry = xFreeKeycodesHead; if (XkbKeyNumGroups(xkb, key) == 0)
xFreeKeycodesHead = entry->next; break;
return entry->keycode;
} }
// map keysym to new keycode // no free keycodes
KeyCode XKeysymMapNew(Display* dpy, KeySym keysym) { if (key < xkb->min_key_code)
// initialize free keycodes list return 0;
if (xFreeKeycodesHead == NULL) {
XFreeKeycodesInit(dpy); // assign empty structure
changes = *(XkbMapChangesRec *) malloc(sizeof(XkbMapChangesRec));
for (int i = 0; i < sizeof(changes); i++) ((char *) &changes)[i] = 0;
XConvertCase(keysym, &lower, &upper);
if (upper == lower)
types[XkbGroup1Index] = XkbOneLevelIndex;
else
types[XkbGroup1Index] = XkbAlphabeticIndex;
XkbChangeTypesOfKey(xkb, key, 1, XkbGroup1Mask, types, &changes);
syms = XkbKeySymsPtr(xkb,key);
if (upper == lower)
syms[0] = keysym;
else {
syms[0] = lower;
syms[1] = upper;
} }
KeyCode keycode = XFreeKeycodeGet(); changes.changed |= XkbKeySymsMask;
changes.first_key_sym = key;
changes.num_key_syms = 1;
// no free keycodes, cannot map keysym if (XkbChangeMap(dpy, xkb, &changes)) {
if (keycode != 0) { return key;
KeySym keysym_list[xNumcodes];
for(int i=0;i<xNumcodes;i++) keysym_list[i] = keysym;
XChangeKeyboardMapping(dpy, keycode, xNumcodes, keysym_list, 1);
} }
return keycode; return 0;
} }
void XKey(KeySym keysym, int down) { void XKey(KeySym keysym, int down) {
@ -259,7 +220,7 @@ void XKey(KeySym keysym, int down) {
// Map non-existing keysyms to new keycodes // Map non-existing keysyms to new keycodes
if (keycode == 0) if (keycode == 0)
keycode = XKeysymMapNew(display, keysym); keycode = XkbAddKeyKeysym(display, keysym);
if (down) if (down)
XKeyEntryAdd(keysym, keycode); XKeyEntryAdd(keysym, keycode);