bump firefox to 45.0.2; mount data volume as HOME; container is now read_only

This commit is contained in:
Andy 2016-04-12 12:01:25 +02:00
parent de1d8a67a5
commit 9a4213eced
Signed by: arno
GPG Key ID: 368DDA2E9A471EAC
2 changed files with 6 additions and 18 deletions

View File

@ -19,7 +19,7 @@ RUN sed -i.bak 's/jessie main/jessie main contrib/g' /etc/apt/sources.list \
&& rm -rf /var/lib/apt/lists
# -- The Firefox
ENV FIREFOX_VER 45.0.1
ENV FIREFOX_VER 45.0.2
ADD https://download-installer.cdn.mozilla.net/pub/firefox/releases/$FIREFOX_VER/linux-x86_64/en-US/firefox-$FIREFOX_VER.tar.bz2 /tmp/firefox.tar.bz2
RUN mkdir /opt/mozilla \
&& tar xf /tmp/firefox.tar.bz2 -C /opt/mozilla/ \
@ -82,4 +82,5 @@ RUN useradd -u $UID -m -d $HOME -s /usr/sbin/nologin $USER \
WORKDIR $HOME
USER $USER
VOLUME [ "/tmp" ]
ENTRYPOINT [ "/opt/mozilla/firefox/firefox" ]

View File

@ -9,26 +9,16 @@ networks:
name: isolated
services:
preseed:
# host2docker
# this will create a data volume and then copy user's firefox profile data
# when the data volume is empty
image: busybox
network_mode: bridge
volumes:
- $HOME/.mozilla:/source
- data:/target
command: /bin/sh -c "[ -d "firefox" ] || (( cd /source && tar cf - . ) | ( cd /target; tar xfp - ))"
firefox:
build: ./
read_only: true
image: andrey01/firefox
networks:
- isolated
devices:
- /dev/dri
- /dev/video0
volumes:
- /tmp/.X11-unix:/tmp/.X11-unix
- /tmp/.X11-unix:/tmp/.X11-unix:ro
- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines:/usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines:ro
- /usr/share/themes:/usr/share/themes:ro
- /usr/share/icons:/usr/share/icons:ro
@ -38,11 +28,8 @@ services:
- /run/user/1000/pulse:/run/user/1000/pulse
- /dev/shm:/dev/shm:ro
# - /tmp/krb5cc_1000:/tmp/krb5cc_1000:ro
# - $HOME/.mozilla:/home/firefox/.mozilla
- data:/home/user/.mozilla
- data:/home/user
- $HOME/Downloads:/home/user/Downloads
environment:
- DISPLAY=unix$DISPLAY
- PULSE_SERVER=unix:/run/user/1000/pulse/native
depends_on:
- preseed