diff --git a/.github/workflows/docker-image-dev.yml b/.github/workflows/docker-image-dev.yml index 99977f9..58f40b9 100644 --- a/.github/workflows/docker-image-dev.yml +++ b/.github/workflows/docker-image-dev.yml @@ -6,12 +6,10 @@ on: - cron: '35 2 * * *' push: branches: [ dev ] - pull_request: - branches: [ dev ] # permissions are needed if pushing to ghcr.io -permissions: +permissions: packages: write jobs: @@ -41,7 +39,9 @@ jobs: key: ${{ runner.os }}-multi-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-multi-buildx - + + + # Push to Docker Hub - name: Login to Docker Hub if: github.event_name != 'pull_request' diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 958fca3..a625b64 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -3,7 +3,6 @@ name: Docker Image CI on: # Controls when the workflow will run push: - branches: [ main ] tags: - 'v*.*.*' @@ -25,6 +24,14 @@ jobs: - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@v3 + - name: Cache Docker layers + uses: actions/cache@v4 + with: + path: /tmp/.buildx-cache + # Key is named differently to avoid collision + key: ${{ runner.os }}-multi-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-multi-buildx # Push to Docker Hub - name: Login to Docker Hub if: github.event_name != 'pull_request' @@ -54,4 +61,14 @@ jobs: platforms: linux/amd64,linux/arm64/v8,linux/ppc64le push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.guac.outputs.tags }} - labels: ${{ steps.guac.outputs.labels }} \ No newline at end of file + labels: ${{ steps.guac.outputs.labels }} + cache-from: type=local,src=/tmp/.buildx-cache + # Note the mode=max here + # More: https://github.com/moby/buildkit#--export-cache-options + # And: https://github.com/docker/buildx#--cache-tonametypetypekeyvalue + cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new + + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index db0ad3d..56a0d62 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,36 +11,35 @@ ENV \ GUAC_VER=${VERSION} # Install build dependencies -RUN apk add --no-cache \ - alsa-lib-dev \ - alsa-tools-dev \ - autoconf \ - automake \ - build-base \ - cairo-dev \ - cjson-dev \ - cmake \ - cups-dev \ - cunit-dev \ - ffmpeg4-dev \ - git \ - grep \ - krb5-dev \ - libjpeg-turbo-dev \ - libpng-dev \ - libtool \ - libusb-dev \ - libwebp-dev \ - libxkbfile-dev \ - make \ - openssl-dev \ - pango-dev \ - pcsc-lite-dev \ - pulseaudio-dev \ - sdl2-dev \ - sdl2_ttf-dev \ - util-linux-dev \ - webkit2gtk-dev +RUN apk add --no-cache \ +alsa-lib-dev \ +alsa-tools-dev \ +autoconf \ +automake \ +build-base \ +cairo-dev \ +cmake \ +cups-dev \ +faac-dev \ +faad2-dev \ +ffmpeg4-dev \ +git \ +grep \ +gsm-dev \ +gstreamer-dev \ +libjpeg-turbo-dev \ +libpng-dev \ +libtool \ +libusb-dev \ +libwebp-dev \ +libxkbfile-dev \ +make \ +openh264-dev \ +openssl-dev \ +pango-dev \ +pcsc-lite-dev \ +pulseaudio-dev \ +util-linux-dev # Copy source to container for sake of build @@ -76,32 +75,28 @@ ARG WITH_LIBWEBSOCKETS='v\d+(\.\d+)+' ARG FREERDP_OPTS_COMMON="\ -DBUILTIN_CHANNELS=OFF \ -DCHANNEL_URBDRC=OFF \ - -DWITH_ALSA=OFF \ + -DWITH_ALSA=ON \ -DWITH_CAIRO=ON \ -DWITH_CHANNELS=ON \ -DWITH_CLIENT=ON \ -DWITH_CUPS=ON \ -DWITH_DIRECTFB=OFF \ -DWITH_FFMPEG=ON \ - -DWITH_FUSE=OFF \ - -DWITH_GSM=OFF \ + -DWITH_GSM=ON \ -DWITH_GSSAPI=OFF \ -DWITH_IPP=OFF \ -DWITH_JPEG=ON \ - -DWITH_KRB5=ON \ -DWITH_LIBSYSTEMD=OFF \ -DWITH_MANPAGES=OFF \ - -DWITH_OPENH264=OFF \ + -DWITH_OPENH264=ON \ -DWITH_OPENSSL=ON \ -DWITH_OSS=OFF \ -DWITH_PCSC=ON \ - -DWITH_PKCS11=OFF \ - -DWITH_PULSE=OFF \ + -DWITH_PULSE=ON \ -DWITH_SERVER=OFF \ -DWITH_SERVER_INTERFACE=OFF \ -DWITH_SHADOW_MAC=OFF \ -DWITH_SHADOW_X11=OFF \ - -DWITH_SWSCALE=OFF \ -DWITH_WAYLAND=OFF \ -DWITH_X11=OFF \ -DWITH_X264=OFF \ @@ -224,9 +219,12 @@ RUN apk add --no-cache \ RUN apk add --no-cache -X https://dl-cdn.alpinelinux.org/alpine/edge/testing gosu -# Add user guacd -RUN groupadd guacd && \ -useradd -s /bin/false -g guacd guacd +# Create a new user guacd +ARG UID=1000 +ARG GID=1000 +RUN groupadd --gid $GID guacd +RUN useradd --system --create-home --shell /sbin/nologin --uid $UID --gid $GID guacd + RUN chown guacd:guacd -R ${PREFIX_DIR} # Install tomcat @@ -305,9 +303,9 @@ RUN chown tomcat:tomcat -R ${GUACAMOLE_HOME} ENV PATH=/usr/lib/postgresql/${PG_MAJOR}/bin:$PATH ENV GUACAMOLE_HOME=/config/guacamole -ENV CATALINA_PID=${CATALINA_HOME}/tomcat.pid +ENV CATALINA_PID=/tmp/tomcat.pid ENV POSTGRES_PID=/config/postgresql/postmaster.pid -ENV GUACD_PID=${PREFIX_DIR}/guacd.pid +ENV GUACD_PID=/tmp/guacd.pid # Copy files COPY filefs / diff --git a/filefs/usr/local/bin/_startup.sh b/filefs/usr/local/bin/_startup.sh index 156d9d3..20f65dc 100644 --- a/filefs/usr/local/bin/_startup.sh +++ b/filefs/usr/local/bin/_startup.sh @@ -24,7 +24,8 @@ if [ -d "/config/guacamole/" ]; then cp -r /app/guacamole/schema /config/guacamole fi cp -rn /app/guacamole /config -mkdir -p /root/.config/freerdp/known_hosts +mkdir -p /home/guacd/.config/freerdp +chown -R guacd:guacd /home/guacd/.config/freerdp chown -R tomcat:tomcat /config/guacamole chown -R tomcat:tomcat /opt/tomcat # Might help to fix issues with bug on tomcat logs diff --git a/scripts/guacd/wrapper_supervisor.sh b/scripts/guacd/wrapper_supervisor.sh index d540a66..2646254 100644 --- a/scripts/guacd/wrapper_supervisor.sh +++ b/scripts/guacd/wrapper_supervisor.sh @@ -9,7 +9,7 @@ function shutdown() date echo "Starting Guacd" - +HOME="/home/guacd" /opt/guacamole/sbin/guacd -b 0.0.0.0 -L $GUACD_LOG_LEVEL -p $GUACD_PID -f sleep 5