updates

2018-12-25 19:06:31 +01:00 · 2018-12-25 19:06:31 +01:00 · 8a13d4fe76
commit 8a13d4fe76
parent 2e88a4c716
8 changed files with 15 additions and 35 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
 data/
--- a/8
+++ b/8
@ -1,6 +1,5 @@
 # Run Chrome in a container
-FROM ubuntu:zesty
+FROM ubuntu:bionic
 MAINTAINER Andrey Arapov <andrey.arapov@nixaid.com>
 # To avoid problems with Dialog and curses wizards
 ENV DEBIAN_FRONTEND noninteractive
@ -49,10 +48,9 @@ ENV GROUPS video,audio
 ENV UID 1000
 ENV HOME /home/$USER
-RUN useradd -u $UID -m -d $HOME -s /usr/sbin/nologin -G $GROUPS $USER && \
+RUN useradd -u $UID -m -d $HOME -s /usr/sbin/nologin -G $GROUPS $USER
    su -s /bin/sh -l $USER -c 'mkdir -p $HOME/.pki/nssdb $HOME/.local'
 WORKDIR $HOME
 COPY launch /launch
 ENTRYPOINT [ "sh", "/launch" ]
 LABEL maintainer="Andrey Arapov <andrey.arapov@nixaid.com>"
--- a/2
+++ b/2
@ -1,4 +1,4 @@
-Copyright (c) 2016, Andrey Arapov
+Copyright (c) 2016,2017,2018, Andrey Arapov
 Permission to use, copy, modify, and/or distribute this software for any
 purpose with or without fee is hereby granted, provided that the above
--- a/README.md
+++ b/README.md
@ -2,16 +2,9 @@
 ### versions
- google-chrome-stable (50.0.2661.102-1)
+- google-chrome-stable (71.0.3578.98-1)
 - google-talkplugin (5.41.0.0-1)
 First initialize the data volume
 ```
 docker run --rm -ti -v chrome_data:/data busybox /bin/sh -c "chown 1000:1000 /data"
 ```
 Launch the Chrome
 ```
--- a/TODO.md
+++ b/TODO.md
@ -0,0 +1,3 @@
 ## TODO
 - enable hardware acceleration
--- a/data/.keep
+++ b/data/.keep
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,12 +1,8 @@
-version: '2'
+version: '3.7'
 volumes:
  data: {}
  certs: {}
 services:
  chrome:
-    image: andrey01/chrome
+    init: true
    build: .
    network_mode: bridge
    devices:
@ -15,25 +11,20 @@ services:
    volumes:
      - /tmp/.X11-unix:/tmp/.X11-unix:ro
      - $XDG_RUNTIME_DIR/pulse:/run/user/1000/pulse
-      - data:/data
+      - ./data:/home/user
      - certs:/home/user/.pki/nssdb
      - $HOME/Downloads:/home/user/Downloads
      - /var/run/cups:/var/run/cups:ro
      - /tmp/krb5cc_1000:/tmp/krb5cc_1000:ro
      - /etc/localtime:/etc/localtime:ro
      - /etc/machine-id:/etc/machine-id:ro
    environment:
      - DISPLAY=unix$DISPLAY
      - PULSE_SERVER=unix:$XDG_RUNTIME_DIR/pulse/native
      # some webapps won't work when the timezone is not properly set, e.g.
      # the ownCloud's (v9.0.0) calendar (v1.0.0.0) does not work correctly
      # the same could happen with Icinga2 web interface
      - TZ=Europe/Amsterdam
    # SYS_ADMIN is NOT required if you run chrome with `--no-sandbox` flag
    # more on CAP_SYS_ADMIN https://lwn.net/Articles/486306/
    cap_add:
      - SYS_ADMIN
      - IPC_LOCK # lock memory to prevent sensitive values from being swapped to disk.
    # Turns off anonymous page swapping
    mem_swappiness: 0
    shm_size: 4G
    # mem_limit: 4G
    # security_opt:
--- a/8
+++ b/8
@ -1,9 +1,3 @@
 #!/usr/bin/env sh
-mkdir /data $HOME/.pki/nssdb $HOME/.local 2>/dev/null
+su -s /bin/sh -c "/usr/bin/google-chrome $@" $USER
 chown -Rh $USER:$USER /data $HOME/.pki/nssdb $HOME/.local
 # Befriend with grsecurity patched kernel
 setfattr -n user.pax.flags -v m /opt/google/chrome/chrome
 su -s /bin/sh -c "/usr/bin/google-chrome --user-data-dir=/data $@" $USER