From ac7dc533e748c4663fd126c45435375e6222e7ee Mon Sep 17 00:00:00 2001 From: "Josh.5" Date: Tue, 22 Aug 2023 14:45:00 +1200 Subject: [PATCH] Remove support for DinD --- Dockerfile.arch | 9 ++-- Dockerfile.debian | 45 ---------------- docs/troubleshooting.md | 2 +- .../cont-init.d/60-configure_gpu_driver.sh | 2 +- overlay/etc/cont-init.d/80-configure_dind.sh | 24 --------- .../etc/cont-init.d/95-configure_secondary.sh | 6 --- overlay/etc/supervisor.d/dind.ini | 14 ----- overlay/usr/bin/start-dind.sh | 52 ------------------- 8 files changed, 6 insertions(+), 148 deletions(-) delete mode 100644 overlay/etc/cont-init.d/80-configure_dind.sh delete mode 100644 overlay/etc/supervisor.d/dind.ini delete mode 100755 overlay/usr/bin/start-dind.sh diff --git a/Dockerfile.arch b/Dockerfile.arch index b8130a1..48dfb9c 100644 --- a/Dockerfile.arch +++ b/Dockerfile.arch @@ -277,17 +277,16 @@ RUN \ # && make \ # && make install #&& \ + echo "**** Configure flatpak ****" \ + && chmod u-s /usr/bin/bwrap \ + && flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo \ + && \ echo "**** Section cleanup ****" \ && pacman -Scc --noconfirm \ && rm -fr /var/lib/pacman/sync/* \ && \ echo -# TODO: Add support for dind -# Ref: -# - https://github.com/docker-library/docker/blob/master/20.10/dind/Dockerfile -# - https://docs.nvidia.com/ai-enterprise/deployment-guide/dg-docker.html - # Install noVNC # TODO: Add nginx or remove the whole proxy setup and just connect directly for audio (I think that is the better option) ARG NOVNC_VERSION=1.2.0 diff --git a/Dockerfile.debian b/Dockerfile.debian index c29ffc0..0a5b8de 100644 --- a/Dockerfile.debian +++ b/Dockerfile.debian @@ -316,7 +316,6 @@ RUN \ gnome-software-plugin-flatpak \ && \ echo "**** Configure flatpak ****" \ - && chmod u+s /usr/bin/bwrap \ && flatpak remote-add flathub https://flathub.org/repo/flathub.flatpakrepo \ && dpkg-statoverride --update --add root root 0755 /usr/bin/bwrap \ && \ @@ -330,50 +329,6 @@ RUN \ && \ echo -# Setup dind -# Ref: -# - https://github.com/docker-library/docker/blob/master/20.10/dind/Dockerfile -# - https://docs.nvidia.com/ai-enterprise/deployment-guide/dg-docker.html -ARG DOCKER_VERSION=20.10.18 -ARG DOCKER_COMPOSE_VERSION=v2.11.2 -RUN \ - echo "**** Fetch Docker static binary package ****" \ - && cd /tmp \ - && wget -O /tmp/docker-${DOCKER_VERSION}.tgz \ - https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VERSION}.tgz \ - && \ - echo "**** Extract static binaries ****" \ - && mkdir -p /usr/local/bin \ - && tar --extract \ - --file /tmp/docker-${DOCKER_VERSION}.tgz \ - --strip-components 1 \ - --directory /usr/local/bin/ \ - --no-same-owner \ - && \ - echo "**** Install docker-compose ****" \ - && wget -O /usr/local/bin/docker-compose "https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-Linux-x86_64" \ - && chmod +x /usr/local/bin/docker-compose \ - && \ - # TODO: Fix nvidia-container-toolkit. This is not yet offically supported in Bookworm. If we really need it, we can install it with debian11 - #echo "**** Install nvidia runtime ****" \ - # && distribution=$(. /etc/os-release;echo $ID$VERSION_ID) \ - # && curl -s -L https://nvidia.github.io/nvidia-docker/gpgkey | apt-key add - \ - # && curl -s -L https://nvidia.github.io/nvidia-docker/$distribution/nvidia-docker.list | tee /etc/apt/sources.list.d/nvidia-docker.list \ - # && apt-get update \ - # && apt-get install -y \ - # nvidia-container-toolkit \ - #&& \ - echo "**** Section cleanup ****" \ - && apt-get clean autoclean -y \ - && apt-get autoremove -y \ - && rm -rf \ - /var/lib/apt/lists/* \ - /var/tmp/* \ - /tmp/* \ - && \ - echo -VOLUME /var/lib/docker - # TODO: Deprecate neko and noVNC for KasmVNC # Install Neko server COPY --from=m1k1o/neko:base /usr/bin/neko /usr/bin/neko diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md index da2f090..e368545 100644 --- a/docs/troubleshooting.md +++ b/docs/troubleshooting.md @@ -3,7 +3,7 @@ Steam runs with Flatpak. These Flatpaks are instlled into the `default` user's home directory so they persist between container updates. Sometimes Flatpaks can get into a knot between major Steam Headless updates. In such cases, it may not work correctly. To fix this, just delete the Flatpak runtime in your `default` user's home directory a restart the container. 1) Stop the container. -2) Delete the directory `~/.local/share/flatpak` +2) Delete the directory `/.local/share/flatpak` 3) Re-create the container. Don't just restart it. This will trigger an update of the required Flatpak runtimes in the home directory. 4) Reinstall any missing Flatpaks from the Software app. diff --git a/overlay/etc/cont-init.d/60-configure_gpu_driver.sh b/overlay/etc/cont-init.d/60-configure_gpu_driver.sh index 30d0948..1d4a843 100644 --- a/overlay/etc/cont-init.d/60-configure_gpu_driver.sh +++ b/overlay/etc/cont-init.d/60-configure_gpu_driver.sh @@ -80,7 +80,7 @@ function install_nvidia_driver { --no-libglx-indirect \ --no-install-libglvnd \ > ${USER_HOME}/Downloads/nvidia_gpu_install.log 2>&1 - else + else echo "Installing Legacy NVIDIA driver v${nvidia_host_driver_version} to match what is running on the host" chmod +x ${USER_HOME}/Downloads/NVIDIA_${nvidia_host_driver_version}.run ${USER_HOME}/Downloads/NVIDIA_${nvidia_host_driver_version}.run \ diff --git a/overlay/etc/cont-init.d/80-configure_dind.sh b/overlay/etc/cont-init.d/80-configure_dind.sh deleted file mode 100644 index 6cf30e9..0000000 --- a/overlay/etc/cont-init.d/80-configure_dind.sh +++ /dev/null @@ -1,24 +0,0 @@ - -echo "**** Configure Dockerd ****" - -if ([ "${MODE}" != "s" ] && [ "${MODE}" != "secondary" ]); then - if [ ! -S /var/run/docker.sock ]; then - echo "Enable Dockerd daemon" - sed -i 's|^autostart.*=.*$|autostart=true|' /etc/supervisor.d/dind.ini - else - echo "Docker socket has been passed in from host. Using that instead" - fi - # Configure 'default' user to run docker commands without sudo - if ! getent group docker &> /dev/null; then - echo "Add user '${USER}' to docker group for sudoless execution" - groupadd docker - usermod -aG docker ${USER} - mkdir -p ${USER_HOME:?}/.docker - chown -R ${PUID}:${PGID} ${USER_HOME:?}/.docker - chmod -R g+rwx ${USER_HOME:?}/.docker - fi -else - echo "Dockerd daemon not available when container is run in 'secondary' mode" -fi - -echo "DONE" diff --git a/overlay/etc/cont-init.d/95-configure_secondary.sh b/overlay/etc/cont-init.d/95-configure_secondary.sh index 2adc94c..d4cd334 100644 --- a/overlay/etc/cont-init.d/95-configure_secondary.sh +++ b/overlay/etc/cont-init.d/95-configure_secondary.sh @@ -31,10 +31,4 @@ if [ "${MODE}" == "s" ] | [ "${MODE}" == "secondary" ]; then sed -i 's|^autostart.*=.*$|autostart=true|' /etc/supervisor.d/udev.ini fi -# TODO: Disabled some stuff for development... re-enable it after Arch is working -echo " - DISABLEING dind" -sed -i 's|^autostart.*=.*$|autostart=false|' /etc/supervisor.d/dind.ini -#echo " - DISABLEING desktop" -#sed -i 's|^autostart.*=.*$|autostart=false|' /etc/supervisor.d/desktop.ini - echo "DONE" diff --git a/overlay/etc/supervisor.d/dind.ini b/overlay/etc/supervisor.d/dind.ini deleted file mode 100644 index 3b0cf10..0000000 --- a/overlay/etc/supervisor.d/dind.ini +++ /dev/null @@ -1,14 +0,0 @@ - -[program:dind] -priority=20 -autostart=false -autorestart=true -user=root -command=/usr/bin/start-dind.sh -stopsignal=INT -stdout_logfile=/home/%(ENV_USER)s/.cache/log/dind.log -stdout_logfile_maxbytes=10MB -stdout_logfile_backups=7 -stderr_logfile=/home/%(ENV_USER)s/.cache/log/dind.err.log -stderr_logfile_maxbytes=10MB -stderr_logfile_backups=7 diff --git a/overlay/usr/bin/start-dind.sh b/overlay/usr/bin/start-dind.sh deleted file mode 100755 index 322ab1c..0000000 --- a/overlay/usr/bin/start-dind.sh +++ /dev/null @@ -1,52 +0,0 @@ -#!/usr/bin/env bash -### -# File: start-dind.sh -# Project: bin -# File Created: Saturday, 8th October 2022 1:49:45 pm -# Author: Josh.5 (jsunnex@gmail.com) -# ----- -# Last Modified: Saturday, 8th October 2022 1:49:45 pm -# Modified By: Josh.5 (jsunnex@gmail.com) -### -set -e - - -# CATCH TERM SIGNAL: -_term() { - kill -TERM "$docker_pid" 2>/dev/null -} -trap _term SIGTERM SIGINT - - -# CONFIGURE: -# Refrences: -# - https://raw.githubusercontent.com/docker/docker/42b1175eda071c0e9121e1d64345928384a93df1/hack/dind -# -# apparmor sucks and Docker needs to know that it's in a container (c) @tianon -export container=docker -if [ -d /sys/kernel/security ] && ! mountpoint -q /sys/kernel/security; then - mount -t securityfs none /sys/kernel/security || { - echo >&2 'Could not mount /sys/kernel/security.' - echo >&2 'AppArmor detection and --privileged mode might break.' - } -fi -# cgroup v2: enable nesting -if [ -f /sys/fs/cgroup/cgroup.controllers ]; then - # move the processes from the root group to the /init group, - # otherwise writing subtree_control fails with EBUSY. - # An error during moving non-existent process (i.e., "cat") is ignored. - mkdir -p /sys/fs/cgroup/init - xargs -rn1 < /sys/fs/cgroup/cgroup.procs > /sys/fs/cgroup/init/cgroup.procs || : - # enable controllers - sed -e 's/ / +/g' -e 's/^/+/' < /sys/fs/cgroup/cgroup.controllers \ - > /sys/fs/cgroup/cgroup.subtree_control -fi - - -# EXECUTE PROCESS: -/usr/local/bin/dockerd & -docker_pid=$! - - -# WAIT FOR CHILD PROCESS: -wait "$docker_pid"