forked from jlesage/docker-firefox
-
Notifications
You must be signed in to change notification settings - Fork 0
/
appdefs.xml
312 lines (299 loc) · 12.7 KB
/
appdefs.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
<!--
Definitions for Firefox docker container.
This file is used as data source to generate README.md and unRAID template files
from Jinja2 templates.
-->
<defs>
<app>
<id>14</id>
<gui_type>x11</gui_type>
<friendly_name>Firefox</friendly_name>
<name>{{ defs.app.friendly_name|lower|replace(' ', '-') }}</name>
<project>
<description>Mozilla Firefox is a free and open-source web browser developed by Mozilla Foundation and its subsidiary, Mozilla Corporation.</description>
<url>https://www.mozilla.org/en-US/firefox/</url>
</project>
<unraid>
<support_url>https://forums.unraid.net/topic/69440-support-firefox/</support_url>
<category>Tools:</category>
</unraid>
<container>
<rough_download_size>150MB</rough_download_size>
<unsupported_volume>/storage</unsupported_volume>
</container>
<!-- Extra stuff to be added to the documentation. -->
<documentation>
<section>
<title level="2">Increasing Shared Memory Size</title>
<content>
To prevent crashes from happening when running {{ defs.app.friendly_name }}
inside a Docker container, the size of the shared memory located at `/dev/shm`
must be increased. The issue is documented [here].
By default, the size is 64MB, which is not enough. It is recommended to use a
size of 2GB. This value is arbitrary, but known to work well. Setting the
size of `/dev/shm` can be done via two method:
- By adding the `--shm-size 2g` parameter to the `docker run` command. See
the [Usage](#usage) section for more details.
- By using shared memory of the host, by mapping `/dev/shm` via the parameter
`-v /dev/shm:/dev/shm` of the `docker run` command.
</content>
</section>
<section>
<title level="2">Allowing the membarrier System Call</title>
<content>
To properly work, recent versions of {{ defs.app.friendly_name }} need the
`membarrier` system call. Without it, tabs would frequently crash.
Docker uses [seccomp profile] to restrict system calls available to the
container. Before Docker version `20.03.0`, the `membarrier` system call was
not allowed in the default profile. If you run a such version, you can use one
of the following solutions, from the most to the least secure, to provide the
container permission to use this sytem call:
1. Run the container with a custom seccomp profile allowing the `membarrier`
system call. The [latest official seccomp profile] can be used. Download
the file and then add the following parameter when creating the container:
`--security-opt seccomp=/path/to/seccomp_profile.json`.
2. Run the container without the default seccomp profile (thus allowing all
system calls). Use the following parameter when creating the container:
`--security-opt seccomp=unconfined`.
3. Run the container in privileged mode. This effectively disables usage of
seccomp. Add the `--privileged` parameter when creating the container.
</content>
</section>
<section>
<title level="2">Sound Support</title>
<content>
For {{ defs.app.friendly_name }} to be able to use the audio device available on
the host, `/dev/snd` must be exposed to the container by adding the
`--device /dev/snd` parameter to the `docker run` command.
</content>
</section>
<section>
<title level="2">Setting {{ defs.app.friendly_name }} Preferences Via Environment Variables</title>
<content>
{{ defs.app.friendly_name }} preferences can be set via environment variables
passed to the container. During the startup, a script process all these
variables and modify the preference file accordingly.
The name of the environment variable must start with `FF_PREF_`, followed by a
string of your choice. For example, `FF_PREF_MY_PREF` is a valid name.
The content of the variable should be in the format `NAME=VAL`, where `NAME` is
the name of the preference (as found in the `about:config` page) and `VAL` is
its value. A value can be one of the following types:
- string
- integer
- boolean
It is important to note that a value of type `string` should be surrounded by
double quotes. Other types don't need them.
For example, to set the `network.proxy.http` preference, one would pass the
environment variable to the container by adding the following argument to the
`docker run` command:
```
-e "FF_PREF_HTTP_PROXY=network.proxy.http=\"proxy.example.com\""
```
If a preference needs to be *removed*, its value should be set to `UNSET`. For
example:
```
-e "FF_PREF_HTTP_PROXY=network.proxy.http=UNSET"
```
**NOTE**: This is an advanced usage and it is recommended to set preferences
via {{ defs.app.friendly_name }} directly.
</content>
</section>
<section>
<title level="2">Troubleshooting</title>
<content/>
</section>
<section>
<title level="3">Crashes</title>
<content>
If {{ defs.app.friendly_name }} is crashing frequently, make sure that:
- The size of the shared memory located at `/dev/shm` has been increased. See
the [Increasing Shared Memory Size](#increasing-shared-memory-size) section
for more details.
- The `membarrier` system call is not blocked by Docker. See the
[Allowing the membarrier System Call](#allowing-the-membarrier-system-call)
for more details.
</content>
</section>
<link>
<name>here</name>
<url>https://bugzilla.mozilla.org/show_bug.cgi?id=1338771#c10</url>
</link>
<link>
<name>seccomp profile</name>
<url>https://docs.docker.com/engine/security/seccomp/</url>
</link>
<link>
<name>latest official seccomp profile</name>
<url>https://github.com/moby/moby/blob/master/profiles/seccomp/default.json</url>
</link>
</documentation>
<!-- Changelog of the application. -->
<history>
<release>
<version>1.15.0</version>
<date>2020-10-01</date>
<change>Updated Firefox to version 81.0-r0</change>
</release>
<release>
<version>1.14.0</version>
<date>2020-08-05</date>
<change>Upgraded Firefox to version 79.0-r0.</change>
<change>Now using baseimage to version 3.5.6, which brings the following changes:</change>
<change level="2">Other small adjustments for the YAD log monitor target.</change>
</release>
<release>
<version>1.13.0</version>
<date>2020-07-19</date>
<change>Upgraded Firefox to version 78.0.2-r1.</change>
<change>Added check for missing `membarrier` system call support.</change>
<change>Now using baseimage v3.5.5, based on Alpine 3.12, which brings the following changes:</change>
<change level="2">Upgraded glibc to version 2.31 on Alpine Linux images with glibc integrated.</change>
<change level="2">Updated installed packages to get latest security fixes.</change>
<change level="2">Adjusted the log monitor target for recent versions of YAD.</change>
</release>
<release>
<version>1.12.0</version>
<date>2020-06-24</date>
<change>Upgraded Firefox to version 77.0.1-r2.</change>
</release>
<release>
<version>1.11.0</version>
<date>2020-04-25</date>
<change>Upgraded Firefox to version 75.0-r2.</change>
</release>
<release>
<version>1.10.0</version>
<date>2020-03-15</date>
<change>Upgraded Firefox to version 74.0-r0.</change>
</release>
<release>
<version>1.9.1</version>
<date>2020-02-10</date>
<change>Upgraded Firefox to version 72.0.2-r0.</change>
</release>
<release>
<version>1.9.0</version>
<date>2020-01-14</date>
<change>Upgraded Firefox to version 72.0.1-r0.</change>
</release>
<release>
<version>1.8.0</version>
<date>2019-12-25</date>
<change>Upgraded Firefox to version 71.0-r0.</change>
<change>Now using baseimage v3.5.3, which brings the following changes:</change>
<change level="2">Updated installed packages to get latest security fixes.</change>
<change level="2">Make sure the tzdata is installed.</change>
<change>Use baseimage based on Alpine Linux 3.10.</change>
</release>
<release>
<version>1.7.1</version>
<date>2019-08-26</date>
<change>Upgraded Firefox to version 68.0.2-r0.</change>
</release>
<release>
<version>1.7.0</version>
<date>2019-08-05</date>
<change>Upgraded Firefox to version 68.0.r0.</change>
</release>
<release>
<version>1.6.0</version>
<date>2019-07-17</date>
<change>Upgraded Firefox to version 67.0.4-r0.</change>
</release>
<release>
<version>1.5.1</version>
<date>2019-05-12</date>
<change>Upgraded Firefox to version 66.0.5-r1.</change>
</release>
<release>
<version>1.5.0</version>
<date>2019-05-09</date>
<change>Upgraded Firefox to version 66.0.4-r0.</change>
<change>Print the Firefox version during the container startup.</change>
</release>
<release>
<version>1.4.1</version>
<date>2019-04-24</date>
<change>Upgraded Firefox to version 62.0.3-r4.</change>
<change>Now using baseimage v3.5.2, which brings the following changes:</change>
<change level="2">Updated installed packages to get latest security fixes.</change>
<change level="2">Fixed issue where the container could have a zombie process.</change>
<change level="2">Fixed issue where the password would not be submitted when pressing the enter key in the password modal.</change>
<change level="2">Use relative path for favicon ressources to be more friendly with reverse proxy senarios.</change>
</release>
<release>
<version>1.4.0</version>
<date>2019-02-24</date>
<change>Upgraded Firefox to version 62.0.3-r2.</change>
<change>Preferences can now be set via environment variables.</change>
<change>Use baseimage based on Alpine Linux 3.9.</change>
</release>
<release>
<version>1.3.1</version>
<date>2018-09-18</date>
<change>Now using baseimage v3.5.1, which brings the following changes:</change>
<change level="2">Updated installed packages to get latest security fixes.</change>
</release>
<release>
<version>1.3.0</version>
<date>2018-07-27</date>
<change>Added support for more playable video formats.</change>
<change>Added support for sound in Firefox.</change>
</release>
<release>
<version>1.2.0</version>
<date>2018-07-12</date>
<change>Now using baseimage v3.4.0, which is based on Alpine Linux 3.8.</change>
<change>Upgraded Firefox to version 61.0.1-r0.</change>
</release>
<release>
<version>1.1.0</version>
<date>2018-05-31</date>
<change>Upgraded Firefox to version 60.0.1-r0.</change>
</release>
<release>
<version>1.0.2</version>
<date>2018-03-15</date>
<change>Fixed issue where Firefox would not gracefully terminate.</change>
<change>Fixed an issue where restoring session would resize window to the wrong dimensions.</change>
</release>
<release>
<version>1.0.1</version>
<date>2018-03-02</date>
<change>Now using baseimage v3.3.4, which brings the following changes:</change>
<change level="2">Fixed issue where log monitor states were not cleared during container startup.</change>
<change>Updated Firefox to version 58.0.1-r2.</change>
</release>
<release>
<version>1.0.0</version>
<date>2018-02-16</date>
<change>Initial release.</change>
</release>
</history>
</app>
<container>
<!-- Environment variables -->
<environment_variables/>
<!-- Volumes -->
<volumes/>
<!-- Network ports -->
<ports/>
<!-- Devices -->
<devices>
<device>
<path>/dev/snd</path>
<description>Optional Linux device to expose to have sound.</description>
<include_in_quick_start>false</include_in_quick_start>
</device>
</devices>
<!-- Extra parameters -->
<extra_params>
<extra_param>
<name>shm-size</name>
<value>2g</value>
<description>Set the size of `/dev/shm` to `VALUE`. The format of `VALUE` is `<number><unit>`, where `number` must be greater than `0` and `unit` can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). **NOTE**: To avoid crashes, it is recommended to set this value to `2g`.</description>
<include_in_quick_start>true</include_in_quick_start>
</extra_param>
</extra_params>
</container>
</defs>