github-mirrors/netris-nestri
1
0
Fork 0
mirror of https://github.com/nestriness/nestri.git synced 2025-12-11 08:15:38 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
0d0b1f4b14a42829a095bff6482ea1b54430a67b
netris-nestri/containers/master.Containerfile
Wanjohi 8d6b7f744b feat: Add CI for container (#141) 
This creates a CI job for building `containers/runner.Containerfile` on
PR or on merge to main.

This helps in checking whether it can build and work as expected
2024-12-09 20:20:41 +03:00

206 lines
5.9 KiB
Docker
Raw Blame History

#! Runs the docker server that handles everything else
#******************************************************************************
# base
#******************************************************************************
FROM archlinux:base-20241027.0.273886 AS base
# How to run - docker run -it --rm --device /dev/dri nestri /bin/bash - DO NOT forget the ports
# TODO: Migrate XDG_RUNTIME_DIR to /run/user/1000
# TODO: Add nestri-server to pulseaudio.conf
# TODO: Add our own entrypoint, with our very own zombie ripper 🧟🏾‍♀️
# FIXME: Add user root to `pulse-access` group as well :D
# TODO: Test the whole damn thing
# Update the pacman repo
RUN \
pacman -Syu --noconfirm
#******************************************************************************
# builder
#******************************************************************************
FROM base AS builder
RUN \
pacman -Su --noconfirm \
base-devel \
git \
sudo \
vim
WORKDIR /scratch
# Allow nobody user to invoke pacman to install packages (as part of makepkg) and modify the system.
# This should never exist in a running image, just used by *-build Docker stages.
RUN \
echo "nobody ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers;
ENV ARTIFACTS=/artifacts \
CARGO_TARGET_DIR=/build
RUN \
mkdir -p /artifacts \
&& mkdir -p /build
RUN \
chgrp nobody /scratch /artifacts /build \
&& chmod g+ws /scratch /artifacts /build
#******************************************************************************
# rust-builder
#******************************************************************************
FROM builder AS rust-builder
RUN \
pacman -Su --noconfirm \
rustup
RUN \
rustup default stable
#******************************************************************************
# nestri-server-builder
#******************************************************************************
# Builds nestri server binary
FROM rust-builder AS nestri-server-builder
RUN \
pacman -Su --noconfirm \
wayland \
vpl-gpu-rt \
gstreamer \
gst-plugin-va \
gst-plugins-base \
gst-plugins-good \
mesa-utils \
weston \
xorg-xwayland
#******************************************************************************
# nestri-server-build
#******************************************************************************
FROM nestri-server-builder AS nestri-server-build
#Allow makepkg to be run as nobody.
RUN chgrp -R nobody /scratch && chmod -R g+ws /scratch
# USER nobody
# Perform the server build.
WORKDIR /scratch/server
RUN \
git clone https://github.com/nestriness/nestri
WORKDIR /scratch/server/nestri
RUN \
git checkout feat/stream \
&& cargo build -j$(nproc) --release
# COPY packages/server/build/ /scratch/server/
# RUN makepkg && cp *.zst "$ARTIFACTS"
#******************************************************************************
# runtime_base_pkgs
#******************************************************************************
FROM base AS runtime_base_pkgs
COPY --from=nestri-server-build /build/release/nestri-server /usr/bin/
#******************************************************************************
# runtime_base
#******************************************************************************
FROM runtime_base_pkgs AS runtime_base
RUN \
pacman -Su --noconfirm \
weston \
sudo \
xorg-xwayland \
gstreamer \
gst-plugins-base \
gst-plugins-good \
gst-plugin-qsv \
gst-plugin-va \
gst-plugin-fmp4 \
mesa \
# Grab GPU encoding packages
# Intel (modern VPL + VA-API)
vpl-gpu-rt \
intel-media-driver \
# AMD/ATI (VA-API)
libva-mesa-driver \
# NVIDIA (proprietary)
nvidia-utils \
# Audio
pulseaudio \
# Supervisor
supervisor
RUN \
# Set up our non-root user $(nestri)
groupadd -g 1000 nestri \
&& useradd -ms /bin/bash nestri -u 1000 -g 1000 \
&& passwd -d nestri \
# Setup Pulseaudio
&& useradd -d /var/run/pulse -s /usr/bin/nologin -G audio pulse \
&& groupadd pulse-access \
&& usermod -aG audio,input,render,video,pulse-access nestri \
&& echo "nestri ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers \
&& echo "Users created" \
# Create an empty machine-id file
&& touch /etc/machine-id
ENV \
XDG_RUNTIME_DIR=/tmp
#******************************************************************************
# runtime
#******************************************************************************
FROM runtime_base AS runtime
# Setup supervisor #
RUN <<-EOF
echo -e "
[supervisord]
user=root
nodaemon=true
loglevel=info
logfile=/tmp/supervisord.log
pidfile=/tmp/supervisord.pid
[program:dbus]
user=root
command=dbus-daemon --system --nofork
logfile=/tmp/dbus.log
pidfile=/tmp/dbus.pid
stopsignal=INT
autostart=true
autorestart=true
priority=1
[program:pulseaudio]
user=root
command=pulseaudio --daemonize=no --system --disallow-module-loading --disallow-exit --exit-idle-time=-1
logfile=/tmp/pulseaudio.log
pidfile=/tmp/pulseaudio.pid
stopsignal=INT
autostart=true
autorestart=true
priority=10
" | tee /etc/supervisord.conf
EOF
RUN \
chown -R nestri:nestri /tmp /etc/supervisord.conf
ENV USER=nestri
USER 1000
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
# Debug - pactl list
Reference in New Issue View Git Blame Copy Permalink