Add nvidia docker gpu acceleration (#238)
* add nvidia dockerfile.
* add nvidia docker to build.
* remove vaapi.
* add google chrome and brave.
* upgrade to virtualgl 3.1.
* add disable-seccomp-filter-sandbox to chrome.
* use vgl display in vglrun.
* Revert "use vgl display in vglrun."
This reverts commit 0cd556b5d8
.
* update chrome params.
* update changelog.
* update brave.
* update CI.
This commit is contained in:
parent
bc7aae0401
commit
55005a6f8d
195
.docker/base/Dockerfile.nvidia
Normal file
195
.docker/base/Dockerfile.nvidia
Normal file
@ -0,0 +1,195 @@
|
|||||||
|
ARG UBUNTU_RELEASE=20.04
|
||||||
|
ARG CUDA_VERSION=11.2.2
|
||||||
|
|
||||||
|
#
|
||||||
|
# STAGE 1: SERVER
|
||||||
|
#
|
||||||
|
FROM golang:1.18-bullseye as server
|
||||||
|
WORKDIR /src
|
||||||
|
|
||||||
|
#
|
||||||
|
# install dependencies
|
||||||
|
RUN set -eux; apt-get update; \
|
||||||
|
apt-get install -y --no-install-recommends git cmake make libx11-dev libxrandr-dev libxtst-dev \
|
||||||
|
libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly; \
|
||||||
|
#
|
||||||
|
# install libclipboard
|
||||||
|
set -eux; \
|
||||||
|
cd /tmp; \
|
||||||
|
git clone --depth=1 https://github.com/jtanx/libclipboard; \
|
||||||
|
cd libclipboard; \
|
||||||
|
cmake .; \
|
||||||
|
make -j4; \
|
||||||
|
make install; \
|
||||||
|
rm -rf /tmp/libclipboard; \
|
||||||
|
#
|
||||||
|
# clean up
|
||||||
|
apt-get clean -y; \
|
||||||
|
rm -rf /var/lib/apt/lists/* /var/cache/apt/*
|
||||||
|
|
||||||
|
#
|
||||||
|
# build server
|
||||||
|
COPY server/ .
|
||||||
|
RUN go get -v -t -d . && go build -o bin/neko cmd/neko/main.go
|
||||||
|
|
||||||
|
#
|
||||||
|
# STAGE 2: CLIENT
|
||||||
|
#
|
||||||
|
FROM node:14-bullseye-slim as client
|
||||||
|
WORKDIR /src
|
||||||
|
|
||||||
|
#
|
||||||
|
# install dependencies
|
||||||
|
COPY client/package*.json ./
|
||||||
|
RUN npm install
|
||||||
|
|
||||||
|
#
|
||||||
|
# build client
|
||||||
|
COPY client/ .
|
||||||
|
RUN npm run build
|
||||||
|
|
||||||
|
#
|
||||||
|
# STAGE 3: RUNTIME
|
||||||
|
#
|
||||||
|
FROM nvcr.io/nvidia/cudagl:${CUDA_VERSION}-runtime-ubuntu${UBUNTU_RELEASE} as runtime
|
||||||
|
|
||||||
|
ARG UBUNTU_RELEASE
|
||||||
|
ARG CUDA_VERSION
|
||||||
|
|
||||||
|
# Make all NVIDIA GPUs visible by default
|
||||||
|
ENV NVIDIA_VISIBLE_DEVICES=all
|
||||||
|
# All NVIDIA driver capabilities should preferably be used, check `NVIDIA_DRIVER_CAPABILITIES` inside the container if things do not work
|
||||||
|
ENV NVIDIA_DRIVER_CAPABILITIES all
|
||||||
|
|
||||||
|
#
|
||||||
|
# set vgl-display to headless 3d gpu card/// correct values are egl[n] or /dev/dri/card0:if this is passed into container
|
||||||
|
ENV VGL_DISPLAY egl
|
||||||
|
|
||||||
|
#
|
||||||
|
# avoid warnings by switching to noninteractive
|
||||||
|
ENV DEBIAN_FRONTEND=noninteractive
|
||||||
|
|
||||||
|
#
|
||||||
|
# set custom user
|
||||||
|
ARG USERNAME=neko
|
||||||
|
ARG USER_UID=1000
|
||||||
|
ARG USER_GID=$USER_UID
|
||||||
|
|
||||||
|
RUN set -eux; \
|
||||||
|
apt-get update; \
|
||||||
|
#
|
||||||
|
# install dependencies
|
||||||
|
apt-get install -y --no-install-recommends wget ca-certificates supervisor; \
|
||||||
|
apt-get install -y --no-install-recommends pulseaudio dbus-x11 xserver-xorg-video-dummy; \
|
||||||
|
apt-get install -y --no-install-recommends libcairo2 libxcb1 libxrandr2 libxv1 libopus0 libvpx6; \
|
||||||
|
#
|
||||||
|
# hardware acclerations utilities
|
||||||
|
apt-get install -y --no-install-recommends libgtk-3-bin mesa-utils mesa-utils-extra mesa-va-drivers mesa-vulkan-drivers libvulkan-dev libvulkan-dev:i386 vdpauinfo; \
|
||||||
|
#
|
||||||
|
# gst
|
||||||
|
apt-get install -y --no-install-recommends libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev \
|
||||||
|
gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly gstreamer1.0-pulseaudio; \
|
||||||
|
#
|
||||||
|
# install fonts
|
||||||
|
apt-get install -y --no-install-recommends \
|
||||||
|
# Google emojis
|
||||||
|
fonts-noto-color-emoji \
|
||||||
|
# Japanese fonts
|
||||||
|
fonts-takao-mincho \
|
||||||
|
# Chinese fonts
|
||||||
|
fonts-wqy-zenhei; \
|
||||||
|
#
|
||||||
|
# create a non-root user
|
||||||
|
groupadd --gid $USER_GID $USERNAME; \
|
||||||
|
useradd --uid $USER_UID --gid $USERNAME --shell /bin/bash --create-home $USERNAME; \
|
||||||
|
adduser $USERNAME audio; \
|
||||||
|
adduser $USERNAME video; \
|
||||||
|
adduser $USERNAME pulse; \
|
||||||
|
#
|
||||||
|
# setup pulseaudio
|
||||||
|
mkdir -p /home/$USERNAME/.config/pulse/; \
|
||||||
|
echo "default-server=unix:/tmp/pulseaudio.socket" > /home/$USERNAME/.config/pulse/client.conf; \
|
||||||
|
#
|
||||||
|
# workaround for an X11 problem: http://blog.tigerteufel.de/?p=476
|
||||||
|
mkdir /tmp/.X11-unix; \
|
||||||
|
chmod 1777 /tmp/.X11-unix; \
|
||||||
|
chown $USERNAME /tmp/.X11-unix/; \
|
||||||
|
#
|
||||||
|
# make directories for neko
|
||||||
|
mkdir -p /etc/neko /var/www /var/log/neko; \
|
||||||
|
chmod 1777 /var/log/neko; \
|
||||||
|
chown $USERNAME /var/log/neko/; \
|
||||||
|
chown -R $USERNAME:$USERNAME /home/$USERNAME; \
|
||||||
|
#
|
||||||
|
# clean up
|
||||||
|
apt-get clean -y; \
|
||||||
|
rm -rf /var/lib/apt/lists/* /var/cache/apt/*
|
||||||
|
|
||||||
|
#
|
||||||
|
# install and configure Vulkan manually
|
||||||
|
RUN set -eux; \
|
||||||
|
apt-get update; \
|
||||||
|
if [ "${UBUNTU_RELEASE}" = "18.04" ]; then apt-get install -y --no-install-recommends vulkan-utils; else apt-get install -y --no-install-recommends vulkan-tools; fi; \
|
||||||
|
#
|
||||||
|
# clean up
|
||||||
|
apt-get clean -y; \
|
||||||
|
rm -rf /var/lib/apt/lists/* /var/cache/apt/*; \
|
||||||
|
#
|
||||||
|
# configure vulkan
|
||||||
|
VULKAN_API_VERSION=$(dpkg -s libvulkan1 | grep -oP 'Version: [0-9|\.]+' | grep -oP '[0-9]+(\.[0-9]+)(\.[0-9]+)'); \
|
||||||
|
mkdir -p /etc/vulkan/icd.d/; \
|
||||||
|
echo "{\n\
|
||||||
|
\"file_format_version\" : \"1.0.0\",\n\
|
||||||
|
\"ICD\": {\n\
|
||||||
|
\"library_path\": \"libGLX_nvidia.so.0\",\n\
|
||||||
|
\"api_version\" : \"${VULKAN_API_VERSION}\"\n\
|
||||||
|
}\n\
|
||||||
|
}" > /etc/vulkan/icd.d/nvidia_icd.json
|
||||||
|
|
||||||
|
#
|
||||||
|
# install VirtualGL and make libraries available for preload
|
||||||
|
ARG VIRTUALGL_VERSION=3.1
|
||||||
|
RUN set -eux; \
|
||||||
|
apt-get update; \
|
||||||
|
wget "https://sourceforge.net/projects/virtualgl/files/virtualgl_${VIRTUALGL_VERSION}_amd64.deb"; \
|
||||||
|
wget "https://sourceforge.net/projects/virtualgl/files/virtualgl32_${VIRTUALGL_VERSION}_amd64.deb"; \
|
||||||
|
apt-get install -y --no-install-recommends ./virtualgl_${VIRTUALGL_VERSION}_amd64.deb ./virtualgl32_${VIRTUALGL_VERSION}_amd64.deb; \
|
||||||
|
rm -f "virtualgl_${VIRTUALGL_VERSION}_amd64.deb" "virtualgl32_${VIRTUALGL_VERSION}_amd64.deb"; \
|
||||||
|
chmod u+s /usr/lib/libvglfaker.so; \
|
||||||
|
chmod u+s /usr/lib/libdlfaker.so; \
|
||||||
|
chmod u+s /usr/lib32/libvglfaker.so; \
|
||||||
|
chmod u+s /usr/lib32/libdlfaker.so; \
|
||||||
|
chmod u+s /usr/lib/i386-linux-gnu/libvglfaker.so; \
|
||||||
|
chmod u+s /usr/lib/i386-linux-gnu/libdlfaker.so; \
|
||||||
|
#
|
||||||
|
# clean up
|
||||||
|
apt-get clean -y; \
|
||||||
|
rm -rf /var/lib/apt/lists/* /var/cache/apt/*;
|
||||||
|
|
||||||
|
#
|
||||||
|
# copy config files
|
||||||
|
COPY .docker/base/dbus /usr/bin/dbus
|
||||||
|
COPY .docker/base/default.pa /etc/pulse/default.pa
|
||||||
|
COPY .docker/base/supervisord.conf /etc/neko/supervisord.conf
|
||||||
|
COPY .docker/base/xorg.conf /etc/neko/xorg.conf
|
||||||
|
COPY .docker/base/nvidia/entrypoint.sh /bin/entrypoint.sh
|
||||||
|
|
||||||
|
#
|
||||||
|
# set default envs
|
||||||
|
ENV USER=$USERNAME
|
||||||
|
ENV DISPLAY=:99.0
|
||||||
|
ENV NEKO_PASSWORD=neko
|
||||||
|
ENV NEKO_PASSWORD_ADMIN=admin
|
||||||
|
ENV NEKO_BIND=:8080
|
||||||
|
|
||||||
|
#
|
||||||
|
# copy static files from previous stages
|
||||||
|
COPY --from=server /src/bin/neko /usr/bin/neko
|
||||||
|
COPY --from=client /src/dist/ /var/www
|
||||||
|
|
||||||
|
HEALTHCHECK --interval=10s --timeout=5s --retries=8 \
|
||||||
|
CMD wget -O - http://localhost:${NEKO_BIND#*:}/health || exit 1
|
||||||
|
|
||||||
|
#
|
||||||
|
# run neko
|
||||||
|
CMD ["/usr/bin/supervisord", "-c", "/etc/neko/supervisord.conf"]
|
12
.docker/base/nvidia/entrypoint.sh
Executable file
12
.docker/base/nvidia/entrypoint.sh
Executable file
@ -0,0 +1,12 @@
|
|||||||
|
#!/bin/bash -e
|
||||||
|
|
||||||
|
# Add VirtualGL directories to path
|
||||||
|
export PATH="${PATH}:/opt/VirtualGL/bin"
|
||||||
|
|
||||||
|
# Use VirtualGL to run wine with OpenGL if the GPU is available, otherwise use barebone wine
|
||||||
|
if [ -n "$(nvidia-smi --query-gpu=uuid --format=csv | sed -n 2p)" ]; then
|
||||||
|
exec vglrun "$@"
|
||||||
|
else
|
||||||
|
echo "No GPU detected"
|
||||||
|
exec "$@"
|
||||||
|
fi
|
23
.docker/brave/Dockerfile.nvidia
Normal file
23
.docker/brave/Dockerfile.nvidia
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
ARG BASE_IMAGE=m1k1o/neko:nvidia-base
|
||||||
|
FROM $BASE_IMAGE
|
||||||
|
|
||||||
|
RUN set -eux; apt-get update; \
|
||||||
|
apt-get install -y --no-install-recommends apt-transport-https curl openbox; \
|
||||||
|
#
|
||||||
|
# install brave browser
|
||||||
|
curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg; \
|
||||||
|
echo "deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg arch=amd64] https://brave-browser-apt-release.s3.brave.com/ stable main" \
|
||||||
|
| tee /etc/apt/sources.list.d/brave-browser-release.list; \
|
||||||
|
apt-get update; \
|
||||||
|
apt-get install -y --no-install-recommends brave-browser; \
|
||||||
|
#
|
||||||
|
# clean up
|
||||||
|
apt-get clean -y; \
|
||||||
|
rm -rf /var/lib/apt/lists/* /var/cache/apt/*
|
||||||
|
|
||||||
|
#
|
||||||
|
# copy configuation files
|
||||||
|
COPY supervisord.nvidia.conf /etc/neko/supervisord/brave.conf
|
||||||
|
COPY --chown=neko preferences.json /home/neko/.config/brave/Default/Preferences
|
||||||
|
COPY policies.json /etc/brave/policies/managed/policies.json
|
||||||
|
COPY openbox.xml /etc/neko/openbox.xml
|
@ -1,6 +1,17 @@
|
|||||||
[program:brave]
|
[program:brave]
|
||||||
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
command=/usr/bin/brave-browser --window-position=0,0 --display=%(ENV_DISPLAY)s --user-data-dir=/home/neko/.config/brave --no-first-run --start-maximized --bwsi --force-dark-mode --disable-file-system --disable-gpu --disable-software-rasterizer --disable-dev-shm-usage
|
command=/usr/bin/brave-browser
|
||||||
|
--window-position=0,0
|
||||||
|
--display=%(ENV_DISPLAY)s
|
||||||
|
--user-data-dir=/home/neko/.config/brave
|
||||||
|
--no-first-run
|
||||||
|
--start-maximized
|
||||||
|
--bwsi
|
||||||
|
--force-dark-mode
|
||||||
|
--disable-file-system
|
||||||
|
--disable-gpu
|
||||||
|
--disable-software-rasterizer
|
||||||
|
--disable-dev-shm-usage
|
||||||
stopsignal=INT
|
stopsignal=INT
|
||||||
autorestart=true
|
autorestart=true
|
||||||
priority=800
|
priority=800
|
||||||
|
36
.docker/brave/supervisord.nvidia.conf
Normal file
36
.docker/brave/supervisord.nvidia.conf
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
[program:brave]
|
||||||
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
|
command=/bin/entrypoint.sh /usr/bin/brave-browser
|
||||||
|
--window-position=0,0
|
||||||
|
--display=%(ENV_DISPLAY)s
|
||||||
|
--user-data-dir=/home/neko/.config/brave
|
||||||
|
--no-first-run
|
||||||
|
--start-maximized
|
||||||
|
--bwsi
|
||||||
|
--force-dark-mode
|
||||||
|
--disable-file-system
|
||||||
|
--enable-features=Vulkan,UseSkiaRenderer,VaapiVideoEncoder,VaapiVideoDecoder,CanvasOopRasterization
|
||||||
|
--ignore-gpu-blocklist
|
||||||
|
--disable-seccomp-filter-sandbox
|
||||||
|
--use-gl=egl
|
||||||
|
--disable-software-rasterizer
|
||||||
|
--disable-dev-shm-usage
|
||||||
|
stopsignal=INT
|
||||||
|
autorestart=true
|
||||||
|
priority=800
|
||||||
|
user=%(ENV_USER)s
|
||||||
|
stdout_logfile=/var/log/neko/brave.log
|
||||||
|
stdout_logfile_maxbytes=100MB
|
||||||
|
stdout_logfile_backups=10
|
||||||
|
redirect_stderr=true
|
||||||
|
|
||||||
|
[program:openbox]
|
||||||
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
|
command=/usr/bin/openbox --config-file /etc/neko/openbox.xml
|
||||||
|
autorestart=true
|
||||||
|
priority=300
|
||||||
|
user=%(ENV_USER)s
|
||||||
|
stdout_logfile=/var/log/neko/openbox.log
|
||||||
|
stdout_logfile_maxbytes=100MB
|
||||||
|
stdout_logfile_backups=10
|
||||||
|
redirect_stderr=true
|
@ -92,6 +92,21 @@ build_intel() {
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
build_nvidia() {
|
||||||
|
if [ "$1" = "base" ]
|
||||||
|
then
|
||||||
|
# build nvidia base
|
||||||
|
docker build -t "${BUILD_IMAGE}:nvidia-base" -f base/Dockerfile.nvidia "${BASE}"
|
||||||
|
elif [ -f "$1/Dockerfile.nvidia" ]
|
||||||
|
then
|
||||||
|
# build dedicated nvidia image
|
||||||
|
docker build -t "${BUILD_IMAGE}:nvidia-$1" --build-arg="BASE_IMAGE=${BUILD_IMAGE}:nvidia-base" -f "$1/Dockerfile.nvidia" "$1/"
|
||||||
|
else
|
||||||
|
# try to build nvidia image with common Dockerfile
|
||||||
|
docker build -t "${BUILD_IMAGE}:nvidia-$1" --build-arg="BASE_IMAGE=${BUILD_IMAGE}:nvidia-base" -f "$1/Dockerfile" "$1/"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
case $1 in
|
case $1 in
|
||||||
client) build_client;;
|
client) build_client;;
|
||||||
server) build_server;;
|
server) build_server;;
|
||||||
@ -102,6 +117,9 @@ case $1 in
|
|||||||
# build intel- images
|
# build intel- images
|
||||||
intel-*) build_intel "${1#intel-}";;
|
intel-*) build_intel "${1#intel-}";;
|
||||||
|
|
||||||
|
# build nvidia- images
|
||||||
|
nvidia-*) build_nvidia "${1#nvidia-}";;
|
||||||
|
|
||||||
# build images
|
# build images
|
||||||
*) build "$1";;
|
*) build "$1";;
|
||||||
esac
|
esac
|
||||||
|
33
.docker/chromium/Dockerfile.nvidia
Normal file
33
.docker/chromium/Dockerfile.nvidia
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
ARG BASE_IMAGE=m1k1o/neko:base
|
||||||
|
FROM $BASE_IMAGE
|
||||||
|
|
||||||
|
#
|
||||||
|
# install neko chromium
|
||||||
|
RUN set -eux; \
|
||||||
|
echo "deb http://ftp.de.debian.org/debian bookworm main" >> /etc/apt/sources.list; \
|
||||||
|
apt-get update; \
|
||||||
|
apt-get install -y --no-install-recommends unzip chromium chromium-common chromium-sandbox openbox; \
|
||||||
|
#
|
||||||
|
# install widevine module
|
||||||
|
CHROMIUM_DIR="/usr/lib/chromium"; \
|
||||||
|
WIDEVINE_VERSION=$(wget --quiet -O - https://dl.google.com/widevine-cdm/versions.txt | tail -n 1); \
|
||||||
|
wget -O /tmp/widevine.zip "https://dl.google.com/widevine-cdm/${WIDEVINE_VERSION}-linux-x64.zip"; \
|
||||||
|
mkdir -p "${CHROMIUM_DIR}/WidevineCdm/_platform_specific/linux_x64"; \
|
||||||
|
unzip -p /tmp/widevine.zip LICENSE.txt > "${CHROMIUM_DIR}/WidevineCdm/LICENSE"; \
|
||||||
|
unzip -p /tmp/widevine.zip manifest.json > "${CHROMIUM_DIR}/WidevineCdm/manifest.json"; \
|
||||||
|
unzip -p /tmp/widevine.zip libwidevinecdm.so > "${CHROMIUM_DIR}/WidevineCdm/_platform_specific/linux_x64/libwidevinecdm.so"; \
|
||||||
|
find "${CHROMIUM_DIR}/WidevineCdm" -type d -exec chmod 0755 '{}' \;; \
|
||||||
|
find "${CHROMIUM_DIR}/WidevineCdm" -type f -exec chmod 0644 '{}' \;; \
|
||||||
|
rm /tmp/widevine.zip; \
|
||||||
|
#
|
||||||
|
# clean up
|
||||||
|
apt-get --purge autoremove -y unzip; \
|
||||||
|
apt-get clean -y; \
|
||||||
|
rm -rf /var/lib/apt/lists/* /var/cache/apt/*
|
||||||
|
|
||||||
|
#
|
||||||
|
# copy configuation files
|
||||||
|
COPY supervisord.nvidia.conf /etc/neko/supervisord/chromium.conf
|
||||||
|
COPY --chown=neko preferences.json /home/neko/.config/chromium/Default/Preferences
|
||||||
|
COPY policies.json /etc/chromium/policies/managed/policies.json
|
||||||
|
COPY openbox.xml /etc/neko/openbox.xml
|
@ -1,6 +1,17 @@
|
|||||||
[program:chromium]
|
[program:chromium]
|
||||||
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
command=/usr/bin/chromium --window-position=0,0 --display=%(ENV_DISPLAY)s --user-data-dir=/home/neko/.config/chromium --no-first-run --start-maximized --bwsi --force-dark-mode --disable-file-system --disable-gpu --disable-software-rasterizer --disable-dev-shm-usage
|
command=/usr/bin/chromium
|
||||||
|
--window-position=0,0
|
||||||
|
--display=%(ENV_DISPLAY)s
|
||||||
|
--user-data-dir=/home/neko/.config/chromium
|
||||||
|
--no-first-run
|
||||||
|
--start-maximized
|
||||||
|
--bwsi
|
||||||
|
--force-dark-mode
|
||||||
|
--disable-file-system
|
||||||
|
--disable-gpu
|
||||||
|
--disable-software-rasterizer
|
||||||
|
--disable-dev-shm-usage
|
||||||
stopsignal=INT
|
stopsignal=INT
|
||||||
autorestart=true
|
autorestart=true
|
||||||
priority=800
|
priority=800
|
||||||
|
36
.docker/chromium/supervisord.nvidia.conf
Normal file
36
.docker/chromium/supervisord.nvidia.conf
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
[program:chromium]
|
||||||
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
|
command=/bin/entrypoint.sh /usr/bin/chromium
|
||||||
|
--window-position=0,0
|
||||||
|
--display=%(ENV_DISPLAY)s
|
||||||
|
--user-data-dir=/home/neko/.config/chromium
|
||||||
|
--no-first-run
|
||||||
|
--start-maximized
|
||||||
|
--bwsi
|
||||||
|
--force-dark-mode
|
||||||
|
--disable-file-system
|
||||||
|
--enable-features=Vulkan,UseSkiaRenderer,VaapiVideoEncoder,VaapiVideoDecoder,CanvasOopRasterization
|
||||||
|
--ignore-gpu-blocklist
|
||||||
|
--disable-seccomp-filter-sandbox
|
||||||
|
--use-gl=egl
|
||||||
|
--disable-software-rasterizer
|
||||||
|
--disable-dev-shm-usage
|
||||||
|
stopsignal=INT
|
||||||
|
autorestart=true
|
||||||
|
priority=800
|
||||||
|
user=%(ENV_USER)s
|
||||||
|
stdout_logfile=/var/log/neko/chromium.log
|
||||||
|
stdout_logfile_maxbytes=100MB
|
||||||
|
stdout_logfile_backups=10
|
||||||
|
redirect_stderr=true
|
||||||
|
|
||||||
|
[program:openbox]
|
||||||
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
|
command=/usr/bin/openbox --config-file /etc/neko/openbox.xml
|
||||||
|
autorestart=true
|
||||||
|
priority=300
|
||||||
|
user=%(ENV_USER)s
|
||||||
|
stdout_logfile=/var/log/neko/openbox.log
|
||||||
|
stdout_logfile_maxbytes=100MB
|
||||||
|
stdout_logfile_backups=10
|
||||||
|
redirect_stderr=true
|
21
.docker/google-chrome/Dockerfile.nvidia
Normal file
21
.docker/google-chrome/Dockerfile.nvidia
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
ARG BASE_IMAGE=m1k1o/neko:nvidia-base
|
||||||
|
FROM $BASE_IMAGE
|
||||||
|
|
||||||
|
ARG SRC_URL="https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb"
|
||||||
|
|
||||||
|
#
|
||||||
|
# install google chrome
|
||||||
|
RUN set -eux; apt-get update; \
|
||||||
|
wget -O /tmp/google-chrome.deb "${SRC_URL}"; \
|
||||||
|
apt-get install -y --no-install-recommends openbox /tmp/google-chrome.deb; \
|
||||||
|
#
|
||||||
|
# clean up
|
||||||
|
apt-get clean -y; \
|
||||||
|
rm -rf /var/lib/apt/lists/* /var/cache/apt/*
|
||||||
|
|
||||||
|
#
|
||||||
|
# copy configuation files
|
||||||
|
COPY supervisord.nvidia.conf /etc/neko/supervisord/google-chrome.conf
|
||||||
|
COPY --chown=neko preferences.json /home/neko/.config/google-chrome/Default/Preferences
|
||||||
|
COPY policies.json /etc/opt/chrome/policies/managed/policies.json
|
||||||
|
COPY openbox.xml /etc/neko/openbox.xml
|
@ -1,6 +1,17 @@
|
|||||||
[program:google-chrome]
|
[program:google-chrome]
|
||||||
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
command=/usr/bin/google-chrome --window-position=0,0 --display=%(ENV_DISPLAY)s --user-data-dir=/home/neko/.config/google-chrome --no-first-run --start-maximized --bwsi --force-dark-mode --disable-file-system --disable-gpu --disable-software-rasterizer --disable-dev-shm-usage
|
command=/usr/bin/google-chrome
|
||||||
|
--window-position=0,0
|
||||||
|
--display=%(ENV_DISPLAY)s
|
||||||
|
--user-data-dir=/home/neko/.config/google-chrome
|
||||||
|
--no-first-run
|
||||||
|
--start-maximized
|
||||||
|
--bwsi
|
||||||
|
--force-dark-mode
|
||||||
|
--disable-file-system
|
||||||
|
--disable-gpu
|
||||||
|
--disable-software-rasterizer
|
||||||
|
--disable-dev-shm-usage
|
||||||
stopsignal=INT
|
stopsignal=INT
|
||||||
autorestart=true
|
autorestart=true
|
||||||
priority=800
|
priority=800
|
||||||
|
36
.docker/google-chrome/supervisord.nvidia.conf
Normal file
36
.docker/google-chrome/supervisord.nvidia.conf
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
[program:google-chrome]
|
||||||
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
|
command=/bin/entrypoint.sh /usr/bin/google-chrome
|
||||||
|
--window-position=0,0
|
||||||
|
--display=%(ENV_DISPLAY)s
|
||||||
|
--user-data-dir=/home/neko/.config/chromium
|
||||||
|
--no-first-run
|
||||||
|
--start-maximized
|
||||||
|
--bwsi
|
||||||
|
--force-dark-mode
|
||||||
|
--disable-file-system
|
||||||
|
--enable-features=Vulkan,UseSkiaRenderer,VaapiVideoEncoder,VaapiVideoDecoder,CanvasOopRasterization
|
||||||
|
--ignore-gpu-blocklist
|
||||||
|
--disable-seccomp-filter-sandbox
|
||||||
|
--use-gl=egl
|
||||||
|
--disable-software-rasterizer
|
||||||
|
--disable-dev-shm-usage
|
||||||
|
stopsignal=INT
|
||||||
|
autorestart=true
|
||||||
|
priority=800
|
||||||
|
user=%(ENV_USER)s
|
||||||
|
stdout_logfile=/var/log/neko/google-chrome.log
|
||||||
|
stdout_logfile_maxbytes=100MB
|
||||||
|
stdout_logfile_backups=10
|
||||||
|
redirect_stderr=true
|
||||||
|
|
||||||
|
[program:openbox]
|
||||||
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
|
command=/usr/bin/openbox --config-file /etc/neko/openbox.xml
|
||||||
|
autorestart=true
|
||||||
|
priority=300
|
||||||
|
user=%(ENV_USER)s
|
||||||
|
stdout_logfile=/var/log/neko/openbox.log
|
||||||
|
stdout_logfile_maxbytes=100MB
|
||||||
|
stdout_logfile_backups=10
|
||||||
|
redirect_stderr=true
|
24
.docker/microsoft-edge/Dockerfile.nvidia
Normal file
24
.docker/microsoft-edge/Dockerfile.nvidia
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
ARG BASE_IMAGE=m1k1o/neko:base
|
||||||
|
FROM $BASE_IMAGE
|
||||||
|
|
||||||
|
ARG API_URL="https://packages.microsoft.com/repos/edge/pool/main/m/microsoft-edge-stable/"
|
||||||
|
|
||||||
|
#
|
||||||
|
# install microsoft edge
|
||||||
|
RUN set -eux; apt-get update; \
|
||||||
|
#
|
||||||
|
# fetch latest release
|
||||||
|
SRC_URL="${API_URL}$(wget -O - "${API_URL}" 2>/dev/null | sed -n 's/.*href="\([^"]*\).*/\1/p' | tail -1)"; \
|
||||||
|
wget -O /tmp/microsoft-edge.deb "${SRC_URL}"; \
|
||||||
|
apt-get install -y --no-install-recommends openbox /tmp/microsoft-edge.deb; \
|
||||||
|
#
|
||||||
|
# clean up
|
||||||
|
apt-get clean -y; \
|
||||||
|
rm -rf /var/lib/apt/lists/* /var/cache/apt/*
|
||||||
|
|
||||||
|
#
|
||||||
|
# copy configuation files
|
||||||
|
COPY supervisord.nvidia.conf /etc/neko/supervisord/microsoft-edge.conf
|
||||||
|
COPY --chown=neko preferences.json /home/neko/.config/microsoft-edge/Default/Preferences
|
||||||
|
COPY policies.json /etc/opt/edge/policies/managed/policies.json
|
||||||
|
COPY openbox.xml /etc/neko/openbox.xml
|
@ -1,6 +1,17 @@
|
|||||||
[program:microsoft-edge]
|
[program:microsoft-edge]
|
||||||
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
command=/usr/bin/microsoft-edge --window-position=0,0 --display=%(ENV_DISPLAY)s --user-data-dir=/home/neko/.config/microsoft-edge --no-first-run --start-maximized --bwsi --force-dark-mode --disable-file-system --disable-gpu --disable-software-rasterizer --disable-dev-shm-usage
|
command=/usr/bin/microsoft-edge
|
||||||
|
--window-position=0,0
|
||||||
|
--display=%(ENV_DISPLAY)s
|
||||||
|
--user-data-dir=/home/neko/.config/microsoft-edge
|
||||||
|
--no-first-run
|
||||||
|
--start-maximized
|
||||||
|
--bwsi
|
||||||
|
--force-dark-mode
|
||||||
|
--disable-file-system
|
||||||
|
--disable-gpu
|
||||||
|
--disable-software-rasterizer
|
||||||
|
--disable-dev-shm-usage
|
||||||
stopsignal=INT
|
stopsignal=INT
|
||||||
autorestart=true
|
autorestart=true
|
||||||
priority=800
|
priority=800
|
||||||
|
36
.docker/microsoft-edge/supervisord.nvidia.conf
Normal file
36
.docker/microsoft-edge/supervisord.nvidia.conf
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
[program:microsoft-edge]
|
||||||
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
|
command=/bin/entrypoint.sh /usr/bin/microsoft-edge
|
||||||
|
--window-position=0,0
|
||||||
|
--display=%(ENV_DISPLAY)s
|
||||||
|
--user-data-dir=/home/neko/.config/microsoft-edge
|
||||||
|
--no-first-run
|
||||||
|
--start-maximized
|
||||||
|
--bwsi
|
||||||
|
--force-dark-mode
|
||||||
|
--disable-file-system
|
||||||
|
--enable-features=Vulkan,UseSkiaRenderer,VaapiVideoEncoder,VaapiVideoDecoder,CanvasOopRasterization
|
||||||
|
--ignore-gpu-blocklist
|
||||||
|
--disable-seccomp-filter-sandbox
|
||||||
|
--use-gl=egl
|
||||||
|
--disable-software-rasterizer
|
||||||
|
--disable-dev-shm-usage
|
||||||
|
stopsignal=INT
|
||||||
|
autorestart=true
|
||||||
|
priority=800
|
||||||
|
user=%(ENV_USER)s
|
||||||
|
stdout_logfile=/var/log/neko/microsoft-edge.log
|
||||||
|
stdout_logfile_maxbytes=100MB
|
||||||
|
stdout_logfile_backups=10
|
||||||
|
redirect_stderr=true
|
||||||
|
|
||||||
|
[program:openbox]
|
||||||
|
environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
|
||||||
|
command=/usr/bin/openbox --config-file /etc/neko/openbox.xml
|
||||||
|
autorestart=true
|
||||||
|
priority=300
|
||||||
|
user=%(ENV_USER)s
|
||||||
|
stdout_logfile=/var/log/neko/openbox.log
|
||||||
|
stdout_logfile_maxbytes=100MB
|
||||||
|
stdout_logfile_backups=10
|
||||||
|
redirect_stderr=true
|
@ -17,6 +17,7 @@ if [ ! -f "${BINARY_PATH}" ] || [ "$1" == "-r" ]; then
|
|||||||
./rebuild-server
|
./rebuild-server
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# use --gpus all to enable GPU acceleration
|
||||||
docker run --rm -it \
|
docker run --rm -it \
|
||||||
--name "neko_dev" \
|
--name "neko_dev" \
|
||||||
-p "${SERVER_PORT}:8080" \
|
-p "${SERVER_PORT}:8080" \
|
||||||
|
122
.github/workflows/ghcr-nvidia.yml
vendored
Normal file
122
.github/workflows/ghcr-nvidia.yml
vendored
Normal file
@ -0,0 +1,122 @@
|
|||||||
|
name: "nvidia gpu supported images"
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
tags:
|
||||||
|
- 'v*'
|
||||||
|
|
||||||
|
env:
|
||||||
|
REGISTRY: ghcr.io
|
||||||
|
IMAGE_NAME: m1k1o/neko
|
||||||
|
TAG_PREFIX: nvidia-
|
||||||
|
BASE_DOCKERFILE: Dockerfile.nvidia
|
||||||
|
PLATFORMS: linux/amd64
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build-base:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
#
|
||||||
|
# do not run on forks
|
||||||
|
#
|
||||||
|
if: github.repository_owner == 'm1k1o'
|
||||||
|
steps:
|
||||||
|
-
|
||||||
|
name: Checkout
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
-
|
||||||
|
name: Set up QEMU
|
||||||
|
uses: docker/setup-qemu-action@v1
|
||||||
|
-
|
||||||
|
name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v1
|
||||||
|
-
|
||||||
|
name: Extract metadata (tags, labels) for Docker
|
||||||
|
uses: docker/metadata-action@v3
|
||||||
|
id: meta
|
||||||
|
with:
|
||||||
|
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base
|
||||||
|
tags: |
|
||||||
|
type=semver,pattern={{version}}
|
||||||
|
type=semver,pattern={{major}}.{{minor}}
|
||||||
|
type=semver,pattern={{major}}
|
||||||
|
type=sha,format=long
|
||||||
|
-
|
||||||
|
name: Log in to the Container registry
|
||||||
|
uses: docker/login-action@v1
|
||||||
|
with:
|
||||||
|
registry: ${{ env.REGISTRY }}
|
||||||
|
username: ${{ github.actor }}
|
||||||
|
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
|
||||||
|
-
|
||||||
|
name: Build and push
|
||||||
|
uses: docker/build-push-action@v2
|
||||||
|
with:
|
||||||
|
context: ./
|
||||||
|
file: .docker/base/${{ env.BASE_DOCKERFILE }}
|
||||||
|
platforms: ${{ env.PLATFORMS }}
|
||||||
|
push: true
|
||||||
|
tags: ${{ steps.meta.outputs.tags }}
|
||||||
|
labels: ${{ steps.meta.outputs.labels }}
|
||||||
|
|
||||||
|
build:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
#
|
||||||
|
# do not run on forks
|
||||||
|
#
|
||||||
|
if: github.repository_owner == 'm1k1o'
|
||||||
|
needs: [ build-base ]
|
||||||
|
strategy:
|
||||||
|
# Will build all images even if some fail.
|
||||||
|
matrix:
|
||||||
|
include:
|
||||||
|
- tag: brave
|
||||||
|
dockerfile: Dockerfile.nvidia
|
||||||
|
- tag: chromium
|
||||||
|
dockerfile: Dockerfile.nvidia
|
||||||
|
- tag: google-chrome
|
||||||
|
dockerfile: Dockerfile.nvidia
|
||||||
|
- tag: microsoft-edge
|
||||||
|
dockerfile: Dockerfile.nvidia
|
||||||
|
env:
|
||||||
|
TAG_NAME: ${{ matrix.tag }}
|
||||||
|
DOCKERFILE: ${{ matrix.dockerfile }}
|
||||||
|
steps:
|
||||||
|
-
|
||||||
|
name: Checkout
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
-
|
||||||
|
name: Set up QEMU
|
||||||
|
uses: docker/setup-qemu-action@v1
|
||||||
|
-
|
||||||
|
name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v1
|
||||||
|
-
|
||||||
|
name: Extract metadata (tags, labels) for Docker
|
||||||
|
uses: docker/metadata-action@v3
|
||||||
|
id: meta
|
||||||
|
with:
|
||||||
|
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}${{ env.TAG_NAME }}
|
||||||
|
tags: |
|
||||||
|
type=semver,pattern={{version}}
|
||||||
|
type=semver,pattern={{major}}.{{minor}}
|
||||||
|
type=semver,pattern={{major}}
|
||||||
|
type=sha,format=long
|
||||||
|
-
|
||||||
|
name: Log in to the Container registry
|
||||||
|
uses: docker/login-action@v1
|
||||||
|
with:
|
||||||
|
registry: ${{ env.REGISTRY }}
|
||||||
|
username: ${{ github.actor }}
|
||||||
|
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
|
||||||
|
-
|
||||||
|
name: Build and push
|
||||||
|
uses: docker/build-push-action@v2
|
||||||
|
with:
|
||||||
|
context: .docker/${{ env.TAG_NAME }}
|
||||||
|
file: .docker/${{ env.TAG_NAME }}/${{ env.DOCKERFILE }}
|
||||||
|
platforms: ${{ env.PLATFORMS }}
|
||||||
|
push: true
|
||||||
|
tags: ${{ steps.meta.outputs.tags }}
|
||||||
|
labels: ${{ steps.meta.outputs.labels }}
|
||||||
|
build-args: |
|
||||||
|
BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base:sha-${{ github.sha }}
|
@ -5,6 +5,7 @@
|
|||||||
### New Features
|
### New Features
|
||||||
- Added AV1 tag, metadata and pipeline. Unfortunately does not work yet, since the encoding is way too slow (by @mbattista).
|
- Added AV1 tag, metadata and pipeline. Unfortunately does not work yet, since the encoding is way too slow (by @mbattista).
|
||||||
- Added `m1k1o/neko:kde` tag as an alternative to `m1k1o/neko:xfce`.
|
- Added `m1k1o/neko:kde` tag as an alternative to `m1k1o/neko:xfce`.
|
||||||
|
- New VirtualGL version 3.1 was released, adding support for Chromium browsers to use Nvidia GPU acceleration!
|
||||||
|
|
||||||
### Bugs
|
### Bugs
|
||||||
- Fixed TCP mux occasional freeze by adding write buffer to it.
|
- Fixed TCP mux occasional freeze by adding write buffer to it.
|
||||||
|
@ -74,6 +74,13 @@ For images with VAAPI GPU hardware acceleration using intel drivers use:
|
|||||||
- `ghcr.io/m1k1o/neko/intel-xfce:latest`
|
- `ghcr.io/m1k1o/neko/intel-xfce:latest`
|
||||||
- `ghcr.io/m1k1o/neko/intel-kde:latest`
|
- `ghcr.io/m1k1o/neko/intel-kde:latest`
|
||||||
|
|
||||||
|
For images with Nvidia GPU hardware acceleration using EGL use:
|
||||||
|
|
||||||
|
- `ghcr.io/m1k1o/neko/nvidia-chromium:latest`
|
||||||
|
- `ghcr.io/m1k1o/neko/nvidia-google-chrome:latest`
|
||||||
|
- `ghcr.io/m1k1o/neko/nvidia-microsoft-edge:latest`
|
||||||
|
- `ghcr.io/m1k1o/neko/nvidia-brave:latest`
|
||||||
|
|
||||||
GHCR images are built using GitHub actions for every tag.
|
GHCR images are built using GitHub actions for every tag.
|
||||||
|
|
||||||
### Networking:
|
### Networking:
|
||||||
|
Reference in New Issue
Block a user