diff --git a/Dockerfile b/Dockerfile index 7ea296e..7968181 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,6 @@ -FROM ghcr.io/linuxserver/baseimage-selkies:debianbookworm +# syntax=docker/dockerfile:1 + +FROM ghcr.io/linuxserver/baseimage-selkies:debiantrixie # set version label ARG BUILD_DATE diff --git a/README.md b/README.md index 994b350..7ab2cc9 100644 --- a/README.md +++ b/README.md @@ -220,8 +220,6 @@ services: chrome: image: lscr.io/linuxserver/chrome:latest container_name: chrome - security_opt: - - seccomp:unconfined #optional environment: - PUID=1000 - PGID=1000 @@ -241,7 +239,6 @@ services: ```bash docker run -d \ --name=chrome \ - --security-opt seccomp=unconfined `#optional` \ -e PUID=1000 \ -e PGID=1000 \ -e TZ=Etc/UTC \ @@ -268,7 +265,6 @@ Containers are configured using parameters passed at runtime (such as those abov | `-e CHROME_CLI=https://www.linuxserver.io/` | Specify one or multiple Chrome CLI flags, this string will be passed to the application in full. | | `-v /config` | Users home directory in the container, stores local files and settings | | `--shm-size=` | This is needed for any modern website to function like youtube. | -| `--security-opt seccomp=unconfined` | For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker. Chrome runs in no-sandbox test mode without it. | ## Environment variables from files (Docker secrets) @@ -432,6 +428,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64 ## Versions +* **22.09.25:** - Rebase to Debian Trixie. * **02.09.25:** - Revert graceful shutdown script to rely on the baseimage fix. * **29.08.25:** - Attempt graceful shutdown of Chrome. * **12.06.25:** - Initial release. diff --git a/readme-vars.yml b/readme-vars.yml index 6f551ff..3851c5d 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -16,9 +16,6 @@ development_versions: false # container parameters common_param_env_vars_enabled: true param_container_name: "{{ project_name }}" -param_usage_include_env: true -param_env_vars: - - {env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London."} param_usage_include_vols: true param_volumes: - {vol_path: "/config", vol_host_path: "/path/to/config", desc: "Users home directory in the container, stores local files and settings"} @@ -32,9 +29,6 @@ custom_params: opt_param_usage_include_env: true opt_param_env_vars: - {env_var: "CHROME_CLI", env_value: "https://www.linuxserver.io/", desc: "Specify one or multiple Chrome CLI flags, this string will be passed to the application in full."} -opt_security_opt_param: true -opt_security_opt_param_vars: - - {run_var: "seccomp=unconfined", compose_var: "seccomp:unconfined", desc: "For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker. Chrome runs in no-sandbox test mode without it."} # Selkies blurb settings selkies_blurb: true show_nvidia: true @@ -114,6 +108,7 @@ init_diagram: | "chrome:latest" <- Base Images # changelog changelogs: + - {date: "22.09.25:", desc: "Rebase to Debian Trixie."} - {date: "02.09.25:", desc: "Revert graceful shutdown script to rely on the baseimage fix."} - {date: "29.08.25:", desc: "Attempt graceful shutdown of Chrome."} - {date: "12.06.25:", desc: "Initial release."} diff --git a/root/usr/bin/wrapped-chrome b/root/usr/bin/wrapped-chrome index 14603b5..0cdd608 100755 --- a/root/usr/bin/wrapped-chrome +++ b/root/usr/bin/wrapped-chrome @@ -7,17 +7,7 @@ if pgrep chrome > /dev/null;then rm -f $HOME/.config/google-chrome/Singleton* fi -# Run normally on privved containers or modified un non priv -if grep -q 'Seccomp:.0' /proc/1/status; then - ${BIN} \ - --no-first-run \ - --password-store=basic \ - --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' \ - --start-maximized \ - --user-data-dir \ - "$@" > /dev/null 2>&1 -else - ${BIN} \ +${BIN} \ --no-first-run \ --no-sandbox \ --password-store=basic \ @@ -26,4 +16,3 @@ else --test-type \ --user-data-dir \ "$@" > /dev/null 2>&1 -fi