diff --git a/.editorconfig b/.editorconfig old mode 100755 new mode 100644 diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md old mode 100755 new mode 100644 index 3cdbfe7f..c6b15771 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -27,7 +27,7 @@ If you would like to change our readme, please __**do not**__ directly edit the Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-rdesktop/edit/ubuntu-xfce/readme-vars.yml). These variables are used in a template for our [Jenkins Builder](https://github.com/linuxserver/docker-jenkins-builder) as part of an ansible play. -Most of these variables are also carried over to [docs.linuxserver.io](https://docs.linuxserver.io) +Most of these variables are also carried over to [docs.linuxserver.io](https://docs.linuxserver.io/images/docker-rdesktop) ### Fixing typos or clarify the text in the readme diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml old mode 100755 new mode 100644 index dada5509..fe9dbaee --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -9,5 +9,5 @@ contact_links: about: Post on our community forum. - name: Documentation - url: https://docs.linuxserver.io + url: https://docs.linuxserver.io/images/docker-rdesktop about: Documentation - information about all of our containers. diff --git a/.github/ISSUE_TEMPLATE/issue.bug.yml b/.github/ISSUE_TEMPLATE/issue.bug.yml old mode 100755 new mode 100644 index c6e3bed2..1f14234b --- a/.github/ISSUE_TEMPLATE/issue.bug.yml +++ b/.github/ISSUE_TEMPLATE/issue.bug.yml @@ -47,6 +47,14 @@ body: render: markdown validations: required: false + - type: dropdown + attributes: + label: CPU architecture + options: + - x86-64 + - arm64 + validations: + required: true - type: textarea attributes: label: Docker creation diff --git a/.github/ISSUE_TEMPLATE/issue.feature.yml b/.github/ISSUE_TEMPLATE/issue.feature.yml old mode 100755 new mode 100644 diff --git a/.github/workflows/call_issue_pr_tracker.yml b/.github/workflows/call_issue_pr_tracker.yml old mode 100755 new mode 100644 index 2c307843..d07cf121 --- a/.github/workflows/call_issue_pr_tracker.yml +++ b/.github/workflows/call_issue_pr_tracker.yml @@ -8,6 +8,9 @@ on: pull_request_review: types: [submitted,edited,dismissed] +permissions: + contents: read + jobs: manage-project: permissions: diff --git a/.github/workflows/call_issues_cron.yml b/.github/workflows/call_issues_cron.yml old mode 100755 new mode 100644 index fd9434ca..5033f110 --- a/.github/workflows/call_issues_cron.yml +++ b/.github/workflows/call_issues_cron.yml @@ -4,6 +4,9 @@ on: - cron: '10 17 * * *' workflow_dispatch: +permissions: + contents: read + jobs: stale: permissions: diff --git a/.github/workflows/external_trigger.yml b/.github/workflows/external_trigger.yml old mode 100755 new mode 100644 index 66f8cd2a..a8b25042 --- a/.github/workflows/external_trigger.yml +++ b/.github/workflows/external_trigger.yml @@ -3,6 +3,9 @@ name: External Trigger Main on: workflow_dispatch: +permissions: + contents: read + jobs: external-trigger-ubuntu-xfce: runs-on: ubuntu-latest diff --git a/.github/workflows/external_trigger_scheduler.yml b/.github/workflows/external_trigger_scheduler.yml old mode 100755 new mode 100644 index d46c9a49..83789a13 --- a/.github/workflows/external_trigger_scheduler.yml +++ b/.github/workflows/external_trigger_scheduler.yml @@ -5,6 +5,9 @@ on: - cron: '58 * * * *' workflow_dispatch: +permissions: + contents: read + jobs: external-trigger-scheduler: runs-on: ubuntu-latest diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml old mode 100755 new mode 100644 index 65de7ec9..a1e19347 --- a/.github/workflows/greetings.yml +++ b/.github/workflows/greetings.yml @@ -2,8 +2,14 @@ name: Greetings on: [pull_request_target, issues] +permissions: + contents: read + jobs: greeting: + permissions: + issues: write + pull-requests: write runs-on: ubuntu-latest steps: - uses: actions/first-interaction@v1 diff --git a/.github/workflows/package_trigger_scheduler.yml b/.github/workflows/package_trigger_scheduler.yml old mode 100755 new mode 100644 index 672e2594..de54f02e --- a/.github/workflows/package_trigger_scheduler.yml +++ b/.github/workflows/package_trigger_scheduler.yml @@ -5,6 +5,9 @@ on: - cron: '9 23 * * 0' workflow_dispatch: +permissions: + contents: read + jobs: package-trigger-scheduler: runs-on: ubuntu-latest diff --git a/.github/workflows/permissions.yml b/.github/workflows/permissions.yml old mode 100755 new mode 100644 diff --git a/Jenkinsfile b/Jenkinsfile index 273404e0..73680b3e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -32,8 +32,8 @@ pipeline { CI_WEB='false' CI_PORT='3000' CI_SSL='false' - CI_DELAY='30' - CI_DOCKERENV='TZ=US/Pacific' + CI_DELAY='60' + CI_DOCKERENV='TZ=Etc/UTC' CI_AUTH='user:password' CI_WEBPATH='' } @@ -94,7 +94,11 @@ pipeline { env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/' env.PULL_REQUEST = env.CHANGE_ID env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml' + if ( env.SYFT_IMAGE_TAG == null ) { + env.SYFT_IMAGE_TAG = 'latest' + } } + echo "Using syft image tag ${SYFT_IMAGE_TAG}" sh '''#! /bin/bash echo "The default github branch detected as ${GH_DEFAULT_BRANCH}" ''' script{ @@ -348,6 +352,35 @@ pipeline { else echo "No templates to delete" fi + echo "Starting Stage 2.5 - Update init diagram" + if ! grep -q 'init_diagram:' readme-vars.yml; then + echo "Adding the key 'init_diagram' to readme-vars.yml" + sed -i '\\|^#.*changelog.*$|d' readme-vars.yml + sed -i 's|^changelogs:|# init diagram\\ninit_diagram:\\n\\n# changelog\\nchangelogs:|' readme-vars.yml + fi + mkdir -p ${TEMPDIR}/d2 + docker run --rm -v ${TEMPDIR}/d2:/output -e PUID=$(id -u) -e PGID=$(id -g) -e RAW="true" ghcr.io/linuxserver/d2-builder:latest ${CONTAINER_NAME}:ubuntu-xfce + ls -al ${TEMPDIR}/d2 + yq -ei ".init_diagram |= load_str(\\"${TEMPDIR}/d2/${CONTAINER_NAME}-ubuntu-xfce.d2\\")" readme-vars.yml + if [[ $(md5sum readme-vars.yml | cut -c1-8) != $(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/readme-vars.yml | cut -c1-8) ]]; then + echo "'init_diagram' has been updated. Updating repo and exiting build, new one will trigger based on commit." + mkdir -p ${TEMPDIR}/repo + git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} + cd ${TEMPDIR}/repo/${LS_REPO} + git checkout -f ubuntu-xfce + cp ${WORKSPACE}/readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/readme-vars.yml + git add readme-vars.yml + git commit -m 'Bot Updating Templated Files' + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git ubuntu-xfce + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git ubuntu-xfce + echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Updating templates and exiting build, new one will trigger based on commit" + rm -Rf ${TEMPDIR} + exit 0 + else + echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Init diagram is unchanged" + fi echo "Starting Stage 3 - Update templates" CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) cd ${TEMPDIR}/docker-${CONTAINER_NAME} @@ -398,6 +431,40 @@ pipeline { else echo "Docs update not needed, skipping" fi + mkdir -p ${TEMPDIR}/unraid + git clone --depth=1 https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates + git clone --depth=1 https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates + if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then + sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml + elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then + sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml + fi + if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then + echo "Updating Unraid template" + cd ${TEMPDIR}/unraid/templates/ + GH_TEMPLATES_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||') + if grep -wq "^${CONTAINER_NAME}$" ${TEMPDIR}/unraid/templates/unraid/ignore.list && [[ -f ${TEMPDIR}/unraid/templates/unraid/deprecated/${CONTAINER_NAME}.xml ]]; then + echo "Image is on the ignore list, and already in the deprecation folder." + elif grep -wq "^${CONTAINER_NAME}$" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then + echo "Image is on the ignore list, marking Unraid template as deprecated" + cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/ + git add -u unraid/${CONTAINER_NAME}.xml + git mv unraid/${CONTAINER_NAME}.xml unraid/deprecated/${CONTAINER_NAME}.xml || : + git commit -m 'Bot Moving Deprecated Unraid Template' || : + else + cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/ + git add unraid/${CONTAINER_NAME}.xml + git commit -m 'Bot Updating Unraid Template' + fi + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} || \ + (MAXWAIT="10" && echo "Push to unraid templates failed, trying again in ${MAXWAIT} seconds" && \ + sleep $((RANDOM % MAXWAIT)) && \ + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase && \ + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH}) + else + echo "No updates to Unraid template needed, skipping" + fi if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]]; then if [[ $(cat ${TEMPDIR}/docker-${CONTAINER_NAME}/README.md | wc -m) -gt 25000 ]]; then echo "Readme is longer than 25,000 characters. Syncing the lite version to Docker Hub" @@ -520,7 +587,7 @@ pipeline { --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ --label \"org.opencontainers.image.title=Rdesktop\" \ - --label \"org.opencontainers.image.description=rdesktop image by linuxserver.io\" \ + --label \"org.opencontainers.image.description=[Rdesktop](http://xrdp.org/) - Containers containing full desktop environments in many popular flavors for Ubuntu accessible via RDP. \" \ --no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \ --provenance=true --sbom=true --builder=container --load \ --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." @@ -586,7 +653,7 @@ pipeline { --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ --label \"org.opencontainers.image.title=Rdesktop\" \ - --label \"org.opencontainers.image.description=rdesktop image by linuxserver.io\" \ + --label \"org.opencontainers.image.description=[Rdesktop](http://xrdp.org/) - Containers containing full desktop environments in many popular flavors for Ubuntu accessible via RDP. \" \ --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \ --provenance=true --sbom=true --builder=container --load \ --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." @@ -645,7 +712,7 @@ pipeline { --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ --label \"org.opencontainers.image.title=Rdesktop\" \ - --label \"org.opencontainers.image.description=rdesktop image by linuxserver.io\" \ + --label \"org.opencontainers.image.description=[Rdesktop](http://xrdp.org/) - Containers containing full desktop environments in many popular flavors for Ubuntu accessible via RDP. \" \ --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \ --provenance=true --sbom=true --builder=container --load \ --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." @@ -715,7 +782,7 @@ pipeline { docker run --rm \ -v /var/run/docker.sock:/var/run/docker.sock:ro \ -v ${TEMPDIR}:/tmp \ - ghcr.io/anchore/syft:latest \ + ghcr.io/anchore/syft:${SYFT_IMAGE_TAG} \ ${LOCAL_CONTAINER} -o table=/tmp/package_versions.txt NEW_PACKAGE_TAG=$(md5sum ${TEMPDIR}/package_versions.txt | cut -c1-8 ) echo "Package tag sha from current packages in buit container is ${NEW_PACKAGE_TAG} comparing to old ${PACKAGE_TAG} from github" @@ -825,6 +892,7 @@ pipeline { -e WEB_AUTH=\"${CI_AUTH}\" \ -e WEB_PATH=\"${CI_WEBPATH}\" \ -e NODE_NAME=\"${NODE_NAME}\" \ + -e SYFT_IMAGE_TAG=\"${CI_SYFT_IMAGE_TAG:-${SYFT_IMAGE_TAG}}\" \ -t ghcr.io/linuxserver/ci:latest \ python3 test_build.py''' } @@ -923,7 +991,7 @@ pipeline { "target_commitish": "ubuntu-xfce",\ "name": "'${META_TAG}'",\ "body": "**CI Report:**\\n\\n'${CI_URL:-N/A}'\\n\\n**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start - printf '","draft": false,"prerelease": true}' >> releasebody.json + printf '","draft": false,"prerelease": false}' >> releasebody.json paste -d'\\0' start releasebody.json > releasebody.json.done curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done''' } diff --git a/README.md b/README.md index 7b893c17..a14a65d7 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,403 @@ -Up to date documentation is available [here](https://github.com/linuxserver/docker-rdesktop/blob/master/README.md). +[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)](https://linuxserver.io) + +[![Blog](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Blog)](https://blog.linuxserver.io "all the things you can do with our containers including How-To guides, opinions and much more!") +[![Discord](https://img.shields.io/discord/354974912613449730.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Discord&logo=discord)](https://linuxserver.io/discord "realtime support / chat with the community and the team.") +[![Discourse](https://img.shields.io/discourse/https/discourse.linuxserver.io/topics.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=discourse)](https://discourse.linuxserver.io "post on our community forum.") +[![GitHub](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitHub&logo=github)](https://github.com/linuxserver "view the source for all of our repositories.") +[![Open Collective](https://img.shields.io/opencollective/all/linuxserver.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Supporters&logo=open%20collective)](https://opencollective.com/linuxserver "please consider helping us by either donating or contributing to our budget") + +The [LinuxServer.io](https://linuxserver.io) team brings you another container release featuring: + +* regular and timely application updates +* easy user mappings (PGID, PUID) +* custom base image with s6 overlay +* weekly base OS updates with common layers across the entire LinuxServer.io ecosystem to minimise space usage, down time and bandwidth +* regular security updates + +Find us at: + +* [Blog](https://blog.linuxserver.io) - all the things you can do with our containers including How-To guides, opinions and much more! +* [Discord](https://linuxserver.io/discord) - realtime support / chat with the community and the team. +* [Discourse](https://discourse.linuxserver.io) - post on our community forum. +* [GitHub](https://github.com/linuxserver) - view the source for all of our repositories. +* [Open Collective](https://opencollective.com/linuxserver) - please consider helping us by either donating or contributing to our budget + +# [linuxserver/rdesktop](https://github.com/linuxserver/docker-rdesktop) + +[![Scarf.io pulls](https://scarf.sh/installs-badge/linuxserver-ci/linuxserver%2Frdesktop?color=94398d&label-color=555555&logo-color=ffffff&style=for-the-badge&package-type=docker)](https://scarf.sh) +[![GitHub Stars](https://img.shields.io/github/stars/linuxserver/docker-rdesktop.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=github)](https://github.com/linuxserver/docker-rdesktop) +[![GitHub Release](https://img.shields.io/github/release/linuxserver/docker-rdesktop.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=github&include_prereleases)](https://github.com/linuxserver/docker-rdesktop/releases) +[![GitHub Package Repository](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitHub%20Package&logo=github)](https://github.com/linuxserver/docker-rdesktop/packages) +[![GitLab Container Registry](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitLab%20Registry&logo=gitlab)](https://gitlab.com/linuxserver.io/docker-rdesktop/container_registry) +[![Quay.io](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Quay.io)](https://quay.io/repository/linuxserver.io/rdesktop) +[![Docker Pulls](https://img.shields.io/docker/pulls/linuxserver/rdesktop.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=pulls&logo=docker)](https://hub.docker.com/r/linuxserver/rdesktop) +[![Docker Stars](https://img.shields.io/docker/stars/linuxserver/rdesktop.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=stars&logo=docker)](https://hub.docker.com/r/linuxserver/rdesktop) +[![Jenkins Build](https://img.shields.io/jenkins/build?labelColor=555555&logoColor=ffffff&style=for-the-badge&jobUrl=https%3A%2F%2Fci.linuxserver.io%2Fjob%2FDocker-Pipeline-Builders%2Fjob%2Fdocker-rdesktop%2Fjob%2Fubuntu-xfce%2F&logo=jenkins)](https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-rdesktop/job/ubuntu-xfce/) +[![LSIO CI](https://img.shields.io/badge/dynamic/yaml?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=CI&query=CI&url=https%3A%2F%2Fci-tests.linuxserver.io%2Flinuxserver%2Frdesktop%2Fubuntu-xfce%2Fci-status.yml)](https://ci-tests.linuxserver.io/linuxserver/rdesktop/ubuntu-xfce/index.html) + +[Rdesktop](http://xrdp.org/) - Containers containing full desktop environments in many popular flavors for Ubuntu accessible via RDP. + +[![rdesktop](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/rdesktop.png)](http://xrdp.org/) + +## Supported Architectures + +We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://distribution.github.io/distribution/spec/manifest-v2-2/#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/). + +Simply pulling `lscr.io/linuxserver/rdesktop:ubuntu-xfce` should retrieve the correct image for your arch, but you can also pull specific arch images via tags. + +The architectures supported by this image are: + +| Architecture | Available | Tag | +| :----: | :----: | ---- | +| x86-64 | ✅ | amd64-\ | +| arm64 | ✅ | arm64v8-\ | + +## Version Tags + +This image provides various versions that are available via tags. Please read the descriptions carefully and exercise caution when using unstable or development tags. + +| Tag | Available | Description | +| :----: | :----: |--- | +| latest | ❌ | | +| ubuntu-xfce | ✅ | XFCE Ubuntu | +| ubuntu-kde | ✅ | KDE Ubuntu | +| ubuntu-mate | ✅ | MATE Ubuntu | +| ubuntu-i3 | ✅ | i3 Ubuntu | +| ubuntu-openbox | ✅ | Openbox Ubuntu | +| ubuntu-icewm | ✅ | IceWM Ubuntu | + +## Application Setup + +**The Default USERNAME and PASSWORD is: abc/abc** + +**Unlike our other containers these Desktops are not designed to be upgraded by Docker, you will keep your home directory but anything you installed system level will be lost if you upgrade an existing container. To keep packages up to date instead use Ubuntu's own apt, Alpine's apk, Fedora's dnf, or Arch's pacman program** + +You will need a Remote Desktop client to access this container [Wikipedia List](https://en.wikipedia.org/wiki/Comparison_of_remote_desktop_software), by default it listens on 3389, but you can change that port to whatever you wish on the host side IE `3390:3389`. +The first thing you should do when you login to the container is to change the abc users password by issuing the `passwd` command. + +**Modern GUI desktop apps (including some flavors terminals) have issues with the latest Docker and syscall compatibility, you can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls or try [podman](https://podman.io/) as they have updated their codebase to support them** + +If you ever lose your password you can always reset it by execing into the container as root: + +```bash +docker exec -it rdesktop passwd abc +``` + +By default we perform all logic for the abc user and we recommend using that user only in the container, but new users can be added as long as there is a `startwm.sh` executable script in their home directory. +All of these containers are configured with passwordless sudo, we make no efforts to secure or harden these containers and we do not recommend ever publishing their ports to the public Internet. + +## Options + +All application settings are passed via environment variables: + +| Variable | Description | +| :----: | --- | +| LC_ALL | Set the Language for the container to run as IE `fr_FR.UTF-8` `ar_AE.UTF-8` | +| NO_DECOR | If set the application will run without window borders. (Decor can be enabled and disabled with Ctrl+Shift+d) | +| NO_FULL | Do not autmatically fullscreen applications when using openbox. | + +### Language Support - Internationalization + +The environment variable `LC_ALL` can be used to start this image in a different language than English simply pass for example to launch the Desktop session in French `LC_ALL=fr_FR.UTF-8`. Some languages like Chinese, Japanese, or Korean will be missing fonts needed to render properly known as cjk fonts, but others may exist and not be installed. We only ensure fonts for Latin characters are present. Fonts can be installed with a mod on startup. + +To install cjk fonts on startup as an example pass the environment variables(Debian): + +``` +-e DOCKER_MODS=linuxserver/mods:universal-package-install +-e INSTALL_PACKAGES=fonts-noto-cjk +-e LC_ALL=zh_CN.UTF-8 +``` + +## PRoot Apps + +All images include [proot-apps](https://github.com/linuxserver/proot-apps) which allow portable applications to be installed to persistent storage in the user's `$HOME` directory. These applications and their settings will persist upgrades of the base container and can be mounted into different flavors of rdesktop containers. IE if you are running an Alpine based container you will be able to use the same `/config` directory mounted into an Ubuntu based container and retain the same applications and settings as long as they were installed with `proot-apps install`. + +A list of linuxserver.io supported applications is located [HERE](https://github.com/linuxserver/proot-apps?tab=readme-ov-file#supported-apps). + +## Open Source GPU Acceleration + +For accelerated apps or games, render devices can be mounted into the container and leveraged by applications using: + +`--device /dev/dri:/dev/dri` + +This feature only supports **Open Source** GPU drivers: + +| Driver | Description | +| :----: | --- | +| Intel | i965 and i915 drivers for Intel iGPU chipsets | +| AMD | AMDGPU, Radeon, and ATI drivers for AMD dedicated or APU chipsets | +| NVIDIA | nouveau2 drivers only, closed source NVIDIA drivers lack DRI3 support | + +## Nvidia GPU Support + +Nvidia support is available by leveraging Zink for OpenGL support. This can be enabled with the following run flags: + +| Variable | Description | +| :----: | --- | +| --gpus all | This can be filtered down but for most setups this will pass the one Nvidia GPU on the system | +| --runtime nvidia | Specify the Nvidia runtime which mounts drivers and tools in from the host | + +The compose syntax is slightly different for this as you will need to set nvidia as the default runtime: + +``` +sudo nvidia-ctk runtime configure --runtime=docker --set-as-default +sudo service docker restart +``` + +And to assign the GPU in compose: + +``` +services: + myimage: + image: myname/myimage:mytag + deploy: + resources: + reservations: + devices: + - driver: nvidia + count: 1 + capabilities: [compute,video,graphics,utility] +``` + +## Usage + +To help you get started creating a container from this image you can either use docker-compose or the docker cli. + +>[!NOTE] +>Unless a parameter is flaged as 'optional', it is *mandatory* and a value must be provided. + +### docker-compose (recommended, [click here for more info](https://docs.linuxserver.io/general/docker-compose)) + +```yaml +--- +services: + rdesktop: + image: lscr.io/linuxserver/rdesktop:ubuntu-xfce + container_name: rdesktop + security_opt: + - seccomp:unconfined #optional + environment: + - PUID=1000 + - PGID=1000 + - TZ=Etc/UTC + volumes: + - /var/run/docker.sock:/var/run/docker.sock #optional + - /path/to/rdesktop/data:/config #optional + ports: + - 3389:3389 + devices: + - /dev/dri:/dev/dri #optional + shm_size: "1gb" #optional + restart: unless-stopped +``` + +### docker cli ([click here for more info](https://docs.docker.com/engine/reference/commandline/cli/)) + +```bash +docker run -d \ + --name=rdesktop \ + --security-opt seccomp=unconfined `#optional` \ + -e PUID=1000 \ + -e PGID=1000 \ + -e TZ=Etc/UTC \ + -p 3389:3389 \ + -v /var/run/docker.sock:/var/run/docker.sock `#optional` \ + -v /path/to/rdesktop/data:/config `#optional` \ + --device /dev/dri:/dev/dri `#optional` \ + --shm-size="1gb" `#optional` \ + --restart unless-stopped \ + lscr.io/linuxserver/rdesktop:ubuntu-xfce +``` + +## Parameters + +Containers are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `:` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container. + +| Parameter | Function | +| :----: | --- | +| `-p 3389:3389` | RDP access port | +| `-e PUID=1000` | for UserID - see below for explanation | +| `-e PGID=1000` | for GroupID - see below for explanation | +| `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). | +| `-v /var/run/docker.sock` | Docker Socket on the system, if you want to use Docker in the container | +| `-v /config` | abc users home directory | +| `--device /dev/dri` | Add this for GL support (Linux hosts only) | +| `--shm-size=` | We set this to 1 gig to prevent modern web browsers from crashing | +| `--security-opt seccomp=unconfined` | For Docker Engine only, many modern gui apps need this to function as syscalls are unknown to Docker | + +## Environment variables from files (Docker secrets) + +You can set any environment variable from a file by using a special prepend `FILE__`. + +As an example: + +```bash +-e FILE__MYVAR=/run/secrets/mysecretvariable +``` + +Will set the environment variable `MYVAR` based on the contents of the `/run/secrets/mysecretvariable` file. + +## Umask for running applications + +For all of our images we provide the ability to override the default umask settings for services started within the containers using the optional `-e UMASK=022` setting. +Keep in mind umask is not chmod it subtracts from permissions based on it's value it does not add. Please read up [here](https://en.wikipedia.org/wiki/Umask) before asking for support. + +## User / Group Identifiers + +When using volumes (`-v` flags), permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`. + +Ensure any volume directories on the host are owned by the same user you specify and any permissions issues will vanish like magic. + +In this instance `PUID=1000` and `PGID=1000`, to find yours use `id your_user` as below: + +```bash +id your_user +``` + +Example output: + +```text +uid=1000(your_user) gid=1000(your_user) groups=1000(your_user) +``` + +## Docker Mods + +[![Docker Mods](https://img.shields.io/badge/dynamic/yaml?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=rdesktop&query=%24.mods%5B%27rdesktop%27%5D.mod_count&url=https%3A%2F%2Fraw.githubusercontent.com%2Flinuxserver%2Fdocker-mods%2Fmaster%2Fmod-list.yml)](https://mods.linuxserver.io/?mod=rdesktop "view available mods for this container.") [![Docker Universal Mods](https://img.shields.io/badge/dynamic/yaml?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=universal&query=%24.mods%5B%27universal%27%5D.mod_count&url=https%3A%2F%2Fraw.githubusercontent.com%2Flinuxserver%2Fdocker-mods%2Fmaster%2Fmod-list.yml)](https://mods.linuxserver.io/?mod=universal "view available universal mods.") + +We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to enable additional functionality within the containers. The list of Mods available for this image (if any) as well as universal mods that can be applied to any one of our images can be accessed via the dynamic badges above. + +## Support Info + +* Shell access whilst the container is running: + + ```bash + docker exec -it rdesktop /bin/bash + ``` + +* To monitor the logs of the container in realtime: + + ```bash + docker logs -f rdesktop + ``` + +* Container version number: + + ```bash + docker inspect -f '{{ index .Config.Labels "build_version" }}' rdesktop + ``` + +* Image version number: + + ```bash + docker inspect -f '{{ index .Config.Labels "build_version" }}' lscr.io/linuxserver/rdesktop:ubuntu-xfce + ``` + +## Updating Info + +Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (noted in the relevant readme.md), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image. + +Below are the instructions for updating containers: + +### Via Docker Compose + +* Update images: + * All images: + + ```bash + docker-compose pull + ``` + + * Single image: + + ```bash + docker-compose pull rdesktop + ``` + +* Update containers: + * All containers: + + ```bash + docker-compose up -d + ``` + + * Single container: + + ```bash + docker-compose up -d rdesktop + ``` + +* You can also remove the old dangling images: + + ```bash + docker image prune + ``` + +### Via Docker Run + +* Update the image: + + ```bash + docker pull lscr.io/linuxserver/rdesktop:ubuntu-xfce + ``` + +* Stop the running container: + + ```bash + docker stop rdesktop + ``` + +* Delete the container: + + ```bash + docker rm rdesktop + ``` + +* Recreate a new container with the same docker run parameters as instructed above (if mapped correctly to a host folder, your `/config` folder and settings will be preserved) +* You can also remove the old dangling images: + + ```bash + docker image prune + ``` + +### Image Update Notifications - Diun (Docker Image Update Notifier) + +>[!TIP] +>We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported. + +## Building locally + +If you want to make local modifications to these images for development purposes or just to customize the logic: + +```bash +git clone https://github.com/linuxserver/docker-rdesktop.git +cd docker-rdesktop +docker build \ + --no-cache \ + --pull \ + -t lscr.io/linuxserver/rdesktop:ubuntu-xfce . +``` + +The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static` + +```bash +docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset +``` + +Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`. + +## Versions + +* **30.09.25:** - Deprecate all non-Ubuntu versions. +* **06.08.24:** - Refresh all images using new bases, add Debian, bump Ubuntu to Noble. +* **27.05.24:** - Rebase to Alpine 3.20 and Fedora 40. +* **17.01.24:** - Sync webtop logic changes rebase to Alpine 3.19 and Fedora 39. +* **18.05.23:** - Rebase all Alpine images to 3.18, deprecate armhf. +* **27.10.22:** - Rebase all Ubuntu images to Jammy 22.04. +* **26.10.22:** - Rebase Alpine xfce to 3.16, migrate to s6v3. +* **05.03.22:** - Organize tags differently to run Ubuntu at latest LTS, make Alpine latest, add docs about GPU accel. +* **05.05.21:** - Reduce default packages to their flavour specific basics. +* **05.04.21:** - Add Alpine flavour. +* **06.04.20:** - Start PulseAudio in images to support audio +* **28.02.20:** - Initial Releases diff --git a/jenkins-vars.yml b/jenkins-vars.yml index 53610b07..d4ed0071 100644 --- a/jenkins-vars.yml +++ b/jenkins-vars.yml @@ -3,10 +3,9 @@ # jenkins variables project_name: docker-rdesktop external_type: os -release_type: prerelease +release_type: stable release_tag: ubuntu-xfce ls_branch: ubuntu-xfce -build_armhf: false repo_vars: - BUILD_VERSION_ARG = 'OS_VERSION' - LS_USER = 'linuxserver' @@ -21,7 +20,7 @@ repo_vars: - CI_WEB='false' - CI_PORT='3000' - CI_SSL='false' - - CI_DELAY='30' - - CI_DOCKERENV='TZ=US/Pacific' + - CI_DELAY='60' + - CI_DOCKERENV='TZ=Etc/UTC' - CI_AUTH='user:password' - CI_WEBPATH='' diff --git a/readme-vars.yml b/readme-vars.yml index ef3a0d42..61bdd5e9 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -2,8 +2,200 @@ # project information project_name: rdesktop +project_url: "http://xrdp.org/" +project_logo: "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/rdesktop.png" +project_blurb: | + [{{ project_name|capitalize }}]({{ project_url }}) - Containers containing full desktop environments in many popular flavors for Ubuntu accessible via RDP. project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_name }}" -full_custom_readme: | - {% raw -%} - Up to date documentation is available [here](https://github.com/linuxserver/docker-rdesktop/blob/master/README.md). - {%- endraw %} +project_categories: "Remote Desktop" +# supported architectures +available_architectures: + - {arch: "{{ arch_x86_64 }}", tag: "amd64-latest"} + - {arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"} +# development version +development_versions: true +development_versions_items: + - {tag: "ubuntu-xfce", desc: "XFCE Ubuntu"} + - {tag: "ubuntu-kde", desc: "KDE Ubuntu"} + - {tag: "ubuntu-mate", desc: "MATE Ubuntu"} + - {tag: "ubuntu-i3", desc: "i3 Ubuntu"} + - {tag: "ubuntu-openbox", desc: "Openbox Ubuntu"} + - {tag: "ubuntu-icewm", desc: "IceWM Ubuntu"} +# container parameters +param_container_name: "{{ project_name }}" +param_usage_include_ports: true +param_ports: + - {external_port: "3389", internal_port: "3389", port_desc: "RDP access port"} +# optional variables +opt_param_usage_include_vols: true +opt_param_volumes: + - {vol_path: "/var/run/docker.sock", vol_host_path: "/var/run/docker.sock", desc: "Docker Socket on the system, if you want to use Docker in the container"} + - {vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/data", desc: "abc users home directory"} +opt_custom_params: + - {name: "shm-size", name_compose: "shm_size", value: "1gb", desc: "We set this to 1 gig to prevent modern web browsers from crashing"} +opt_security_opt_param: true +opt_security_opt_param_vars: + - {run_var: "seccomp=unconfined", compose_var: "seccomp:unconfined", desc: "For Docker Engine only, many modern gui apps need this to function as syscalls are unknown to Docker"} +opt_param_device_map: true +opt_param_devices: + - {device_path: "/dev/dri", device_host_path: "/dev/dri", desc: "Add this for GL support (Linux hosts only)"} +# application setup block +app_setup_block_enabled: true +app_setup_block: | + **The Default USERNAME and PASSWORD is: abc/abc** + + **Unlike our other containers these Desktops are not designed to be upgraded by Docker, you will keep your home directory but anything you installed system level will be lost if you upgrade an existing container. To keep packages up to date instead use Ubuntu's own apt, Alpine's apk, Fedora's dnf, or Arch's pacman program** + + You will need a Remote Desktop client to access this container [Wikipedia List](https://en.wikipedia.org/wiki/Comparison_of_remote_desktop_software), by default it listens on 3389, but you can change that port to whatever you wish on the host side IE `3390:3389`. + The first thing you should do when you login to the container is to change the abc users password by issuing the `passwd` command. + + **Modern GUI desktop apps (including some flavors terminals) have issues with the latest Docker and syscall compatibility, you can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls or try [podman](https://podman.io/) as they have updated their codebase to support them** + + If you ever lose your password you can always reset it by execing into the container as root: + + ```bash + docker exec -it rdesktop passwd abc + ``` + + By default we perform all logic for the abc user and we recommend using that user only in the container, but new users can be added as long as there is a `startwm.sh` executable script in their home directory. + All of these containers are configured with passwordless sudo, we make no efforts to secure or harden these containers and we do not recommend ever publishing their ports to the public Internet. + + ## Options + + All application settings are passed via environment variables: + + | Variable | Description | + | :----: | --- | + | LC_ALL | Set the Language for the container to run as IE `fr_FR.UTF-8` `ar_AE.UTF-8` | + | NO_DECOR | If set the application will run without window borders. (Decor can be enabled and disabled with Ctrl+Shift+d) | + | NO_FULL | Do not autmatically fullscreen applications when using openbox. | + + ### Language Support - Internationalization + + The environment variable `LC_ALL` can be used to start this image in a different language than English simply pass for example to launch the Desktop session in French `LC_ALL=fr_FR.UTF-8`. Some languages like Chinese, Japanese, or Korean will be missing fonts needed to render properly known as cjk fonts, but others may exist and not be installed. We only ensure fonts for Latin characters are present. Fonts can be installed with a mod on startup. + + To install cjk fonts on startup as an example pass the environment variables(Debian): + + ``` + -e DOCKER_MODS=linuxserver/mods:universal-package-install + -e INSTALL_PACKAGES=fonts-noto-cjk + -e LC_ALL=zh_CN.UTF-8 + ``` + + ## PRoot Apps + + All images include [proot-apps](https://github.com/linuxserver/proot-apps) which allow portable applications to be installed to persistent storage in the user's `$HOME` directory. These applications and their settings will persist upgrades of the base container and can be mounted into different flavors of rdesktop containers. IE if you are running an Alpine based container you will be able to use the same `/config` directory mounted into an Ubuntu based container and retain the same applications and settings as long as they were installed with `proot-apps install`. + + A list of linuxserver.io supported applications is located [HERE](https://github.com/linuxserver/proot-apps?tab=readme-ov-file#supported-apps). + + ## Open Source GPU Acceleration + + For accelerated apps or games, render devices can be mounted into the container and leveraged by applications using: + + `--device /dev/dri:/dev/dri` + + This feature only supports **Open Source** GPU drivers: + + | Driver | Description | + | :----: | --- | + | Intel | i965 and i915 drivers for Intel iGPU chipsets | + | AMD | AMDGPU, Radeon, and ATI drivers for AMD dedicated or APU chipsets | + | NVIDIA | nouveau2 drivers only, closed source NVIDIA drivers lack DRI3 support | + + ## Nvidia GPU Support + + Nvidia support is available by leveraging Zink for OpenGL support. This can be enabled with the following run flags: + + | Variable | Description | + | :----: | --- | + | --gpus all | This can be filtered down but for most setups this will pass the one Nvidia GPU on the system | + | --runtime nvidia | Specify the Nvidia runtime which mounts drivers and tools in from the host | + + The compose syntax is slightly different for this as you will need to set nvidia as the default runtime: + + ``` + sudo nvidia-ctk runtime configure --runtime=docker --set-as-default + sudo service docker restart + ``` + + And to assign the GPU in compose: + + ``` + services: + myimage: + image: myname/myimage:mytag + deploy: + resources: + reservations: + devices: + - driver: nvidia + count: 1 + capabilities: [compute,video,graphics,utility] + ``` +# init diagram +init_diagram: | + "rdesktop:latest": { + docker-mods + base { + fix-attr +\nlegacy cont-init + } + docker-mods -> base + legacy-services + custom services + init-services -> legacy-services + init-services -> custom services + custom services -> legacy-services + legacy-services -> ci-service-check + init-migrations -> init-adduser + init-os-end -> init-config + init-rdesktop-end -> init-config + init-config -> init-config-end + init-os-end -> init-crontab-config + init-mods-end -> init-custom-files + init-adduser -> init-device-perms + base -> init-envfile + init-os-end -> init-keygen + base -> init-migrations + base -> init-mods + init-config-end -> init-mods + init-mods -> init-mods-end + init-mods-package-install -> init-mods-end + init-mods -> init-mods-package-install + base -> init-os-end + init-adduser -> init-os-end + init-device-perms -> init-os-end + init-envfile -> init-os-end + init-migrations -> init-os-end + init-keygen -> init-rdesktop + init-keygen -> init-rdesktop-config + init-video -> init-rdesktop-end + init-custom-files -> init-services + init-mods-end -> init-services + init-rdesktop -> init-video + init-rdesktop-config -> init-video + init-services -> svc-cron + svc-cron -> legacy-services + init-services -> svc-xrdp + svc-xrdp-sesman -> svc-xrdp + svc-xrdp -> legacy-services + init-services -> svc-xrdp-sesman + svc-xrdp-sesman -> legacy-services + } + Base Images: { + "baseimage-rdesktop:alpine320" <- "baseimage-alpine:3.20" + } + "rdesktop:latest" <- Base Images +# changelog +changelogs: + - {date: "30.09.25:", desc: "Deprecate all non-Ubuntu versions."} + - {date: "06.08.24:", desc: "Refresh all images using new bases, add Debian, bump Ubuntu to Noble."} + - {date: "27.05.24:", desc: "Rebase to Alpine 3.20 and Fedora 40."} + - {date: "17.01.24:", desc: "Sync webtop logic changes rebase to Alpine 3.19 and Fedora 39."} + - {date: "18.05.23:", desc: "Rebase all Alpine images to 3.18, deprecate armhf."} + - {date: "27.10.22:", desc: "Rebase all Ubuntu images to Jammy 22.04."} + - {date: "26.10.22:", desc: "Rebase Alpine xfce to 3.16, migrate to s6v3."} + - {date: "05.03.22:", desc: "Organize tags differently to run Ubuntu at latest LTS, make Alpine latest, add docs about GPU accel."} + - {date: "05.05.21:", desc: "Reduce default packages to their flavour specific basics."} + - {date: "05.04.21:", desc: "Add Alpine flavour."} + - {date: "06.04.20:", desc: "Start PulseAudio in images to support audio"} + - {date: "28.02.20:", desc: "Initial Releases"}