dockerfiles/chromium/Dockerfile
Alex Haydock 7e3eee7125 Bring Chromium container in line with Chrome (#240)
* No need for testing repo on Stretch

* Run as unprivileged user

* Bring documentation in line with Chrome container

* Tweak Chrome docs (-O defines output file, -o is for logging)

* Point to seccomp profile where the wget command suggests we download it

* Fix CI build failure on Chromium
2017-03-05 17:30:51 -08:00

55 lines
1.9 KiB
Docker

# Run Chromium in a container
#
# docker run -it \
# --net host \ # may as well YOLO
# --cpuset-cpus 0 \ # control the cpu
# --memory 512mb \ # max memory it can use
# -v /tmp/.X11-unix:/tmp/.X11-unix \ # mount the X11 socket
# -e DISPLAY=unix$DISPLAY \
# -v $HOME/Downloads:/home/chromium/Downloads \
# -v $HOME/.config/chromium/:/data \ # if you want to save state
# --security-opt seccomp=$HOME/chrome.json \
# --device /dev/snd \ # so we have sound
# -v /dev/shm:/dev/shm \
# --name chromium \
# jess/chromium
#
# You will want the custom seccomp profile:
# wget https://raw.githubusercontent.com/jfrazelle/dotfiles/master/etc/docker/seccomp/chrome.json -O ~/chrome.json
# Base docker image
FROM debian:stretch
MAINTAINER Jessie Frazelle <jess@linux.com>
ADD https://dl.google.com/linux/direct/google-talkplugin_current_amd64.deb /src/google-talkplugin_current_amd64.deb
# Install Chromium
RUN apt-get update && apt-get install -y \
chromium \
chromium-l10n \
fonts-liberation \
fonts-roboto \
hicolor-icon-theme \
libcanberra-gtk-module \
libexif-dev \
libgl1-mesa-dri \
libgl1-mesa-glx \
libpango1.0-0 \
libv4l-0 \
fonts-symbola \
--no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir -p /etc/chromium.d/ \
&& /bin/echo -e 'export GOOGLE_API_KEY="AIzaSyCkfPOPZXDKNn8hhgu3JrA62wIgC93d44k"\nexport GOOGLE_DEFAULT_CLIENT_ID="811574891467.apps.googleusercontent.com"\nexport GOOGLE_DEFAULT_CLIENT_SECRET="kdloedMFGdGla2P1zacGjAQh"' > /etc/chromium.d/googleapikeys \
&& dpkg -i '/src/google-talkplugin_current_amd64.deb'
# Add chromium user
RUN groupadd -r chromium && useradd -r -g chromium -G audio,video chromium \
&& mkdir -p /home/chromium/Downloads && chown -R chromium:chromium /home/chromium
# Run as non privileged user
USER chromium
ENTRYPOINT [ "/usr/bin/chromium" ]
CMD [ "--user-data-dir=/data" ]