More features and added bug fixes and issues.

* tor install binary is now gpg verified
    * README.md includes information about making settings for firefox and
    chrome survive after each the browser is closed and opened.
    * nvidia-346 drivers are installed in container in order to fix some glx
    errors.
    * if browsers are launched with wrapper script then username within the
    container will be the username of the user executing
    * add fonts conf file, fixing font error, file copied from jfrazelle

Dockerfile

@@ -1,28 +1,35 @@
 FROM sameersbn/ubuntu:14.04.20150825
 
-ENV TOR_BROWSER_VERSION=4.5.3 \
-    WEB_BROWSER_USER=browser
+ENV TOR_VERSION=5.0.3 \
+	TOR_FINGERPRINT=0x4E2C6E8793298290
 
 RUN wget -q -O - "https://dl-ssl.google.com/linux/linux_signing_key.pub" | sudo apt-key add - \
  && echo "deb http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \
  && apt-get update \
- && apt-get install -y xz-utils file locales dbus-x11 pulseaudio dmz-cursor-theme \
+ && apt-get install -y xz-utils file locales dbus-x11 pulseaudio dmz-cursor-theme curl \
       fonts-dejavu fonts-liberation hicolor-icon-theme \
       libcanberra-gtk3-0 libcanberra-gtk-module libcanberra-gtk3-module \
       libasound2 libglib2.0 libgtk2.0-0 libdbus-glib-1-2 libxt6 libexif12 \
-      libgl1-mesa-glx libgl1-mesa-dri \
+      libgl1-mesa-glx libgl1-mesa-dri libstdc++6 nvidia-346 \
       google-chrome-stable chromium-browser firefox \
- && update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX \
+ && update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX
+# Install tor browser
+RUN cd /tmp \
  && mkdir -p /usr/lib/tor-browser \
- && wget -O /tmp/tor-browser-linux64-${TOR_BROWSER_VERSION}_en-US.tar.xz \
-      https://www.torproject.org/dist/torbrowser/${TOR_BROWSER_VERSION}/tor-browser-linux64-${TOR_BROWSER_VERSION}_en-US.tar.xz \
- && tar -Jvxf /tmp/tor-browser-linux64-${TOR_BROWSER_VERSION}_en-US.tar.xz --strip=1 -C /usr/lib/tor-browser \
+ && curl -sSOL "https://www.torproject.org/dist/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz" \
+ && curl -sSOL "https://www.torproject.org/dist/torbrowser/${TOR_VERSION}/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz.asc" \
+ && mkdir ~/.gnupg \
+ && gpg --keyserver hkp://hkps.pool.sks-keyservers.net:80 --recv-keys ${TOR_FINGERPRINT} \
+ && gpg --fingerprint ${TOR_FINGERPRINT} | grep "Key fingerprint = EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290" \
+ && gpg tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz.asc \
+ && tar -Jvxf /tmp/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz --strip=1 -C /usr/lib/tor-browser \
  && ln -sf /usr/lib/tor-browser/Browser/start-tor-browser /usr/bin/tor-browser \
- && rm -rf /tmp/tor-browser-linux64-${TOR_BROWSER_VERSION}_en-US.tar.xz \
- && rm -rf /var/lib/apt/lists/*
+ && rm -rf /tmp/tor-browser-linux64-${TOR_VERSION}_en-US.tar.xz \
+ && rm -rf ~/.gnupg
 
 COPY scripts/ /var/cache/browser-box/
 COPY entrypoint.sh /sbin/entrypoint.sh
+COPY confs/local.conf /etc/fonts/local.conf
 RUN chmod 755 /sbin/entrypoint.sh
 
 ENTRYPOINT ["/sbin/entrypoint.sh"]

Makefile

@@ -6,7 +6,7 @@ XAUTH=/tmp/.docker.xauth
 CAPABILITIES = \
 	--cap-add=SYS_ADMIN
 
-ENV_VARS= \
+ENV_VARS = \
 	--env="USER_UID=$(shell id -u)" \
 	--env="USER_GID=$(shell id -g)" \
 	--env="DISPLAY" \
@@ -17,6 +17,19 @@ VOLUMES = \
 	--volume=${XAUTH}:${XAUTH} \
 	--volume=/run/user/$(shell id -u)/pulse:/run/pulse
 
+ENV_INSTL_USER = \
+	--env="BROWSER_BOX_USER=${USER}"
+
+ifdef CHROME_USERDATA
+ENV_CHROME_USERDATA = \
+    --env="CHROME_USERDATA=${CHROME_USERDATA}"
+endif
+
+ifdef FIREFOX_USERDATA
+ENV_FIREFOX_USERDATA = \
+    --env="FIREFOX_USERDATA=${FIREFOX_USERDATA}"
+endif
+
 help:
 	@echo ""
 	@echo "-- Help Menu"
@@ -33,12 +46,15 @@ clean:
 	@docker rmi `docker images  | grep "${USER}/browser-box" | awk '{print $$3}'` > /dev/null 2>&1 || exit 0
 
 
-build: clean
+build:
 	@docker build --rm=true --tag=${USER}/browser-box .
 
-install uninstall: clean build
+install uninstall: build
 	@docker run -it --rm \
 		--volume=/usr/local/bin:/target \
+		${ENV_CHROME_USERDATA} \
+		${ENV_FIREFOX_USERDATA} \
+		${ENV_INSTL_USER} \
 		${USER}/browser-box:latest $@
 
 google-chrome tor-browser chromium-browser firefox bash:

README.md

@@ -72,6 +72,18 @@ docker run -it --rm \
   sameersbn/browser-box:latest install
 ```
 
+If you would the settings for chrome and firfox to persist
+afer each time the browser is launched then you will need to add additional environment variable to the install command. In the example below "username" needs to get replace with your loggin user name.
+
+```bash
+docker run -it --rm \
+  --volume /usr/local/bin:/target \
+  --env CHROME_USERDATA=/home/username/.chrome
+  --env FIREFOX_USERDATA=/home/username/.mozillia
+  sameersbn/browser-box:latest install
+```
+
+
 This will install wrapper scripts to launch:
 
 - `chromium-browser`

confs/local.conf

@@ -0,0 +1,29 @@
+<?xml version='1.0'?>
+<!DOCTYPE fontconfig SYSTEM 'fonts.dtd'>
+<fontconfig>
+<match target="font">
+<edit mode="assign" name="rgba">
+<const>rgb</const>
+</edit>
+</match>
+<match target="font">
+<edit mode="assign" name="hinting">
+<bool>true</bool>
+</edit>
+</match>
+<match target="font">
+<edit mode="assign" name="hintstyle">
+<const>hintslight</const>
+</edit>
+</match>
+<match target="font">
+<edit mode="assign" name="antialias">
+<bool>true</bool>
+</edit>
+</match>
+<match target="font">
+<edit mode="assign" name="lcdfilter">
+<const>lcddefault</const>
+</edit>
+</match>
+</fontconfig>

entrypoint.sh

@@ -3,6 +3,7 @@ set -e
 
 USER_UID=${USER_UID:-1000}
 USER_GID=${USER_GID:-1000}
+BROWSER_BOX_USER=${BROWSER_BOX_USER:-browser}
 
 install_browser_box() {
   echo "Installing browser-box..."
@@ -19,6 +20,19 @@ install_browser_box() {
   ln -sf browser-box /target/firefox
   echo "Installing url luancher..."
   ln -sf browser-box /target/browser-exec
+  if [ "${BROWSER_BOX_USER}" != "browser" ] && [ -n "${BROWSER_BOX_USER}" ]; then
+    echo "Updating user to ${BROWSER_BOX_USER}..."
+    sed -i -e s%"BROWSER_BOX_USER:-browser"%"BROWSER_BOX_USER:-${BROWSER_BOX_USER}"%1 /target/browser-box
+  fi
+  if [[ -n "${CHROME_USERDATA}" ]]; then
+    echo "Updating Chrome user volume..."
+    sed -i -e s%"CHROME_USERDATA=.*$"%"CHROME_USERDATA\=${CHROME_USERDATA}"%1 /target/browser-box
+  fi
+  if [[ -n "${FIREFOX_USERDATA}" ]]; then
+    echo "Updating FireFox user volume..."
+    sed -i -e s%"FIREFOX_USERDATA=.*$"%"FIREFOX_USERDATA\=${FIREFOX_USERDATA}"%1 /target/browser-box
+  fi
+
 }
 
 uninstall_browser_box() {
@@ -34,31 +48,33 @@ uninstall_browser_box() {
   rm -rf /target/chromium-browser
   echo "Uninstalling firefox..."
   rm -rf /target/firefox
+  echo "Uninstalling url launcher..."
+  rm -rf /target/browser-exec
 }
 
 create_user() {
   # ensure home directory is owned by browser
   # and that profile files exist
-  if [[ -d /home/${WEB_BROWSER_USER} ]]; then
-    chown ${USER_UID}:${USER_GID} /home/browser
+  if [[ -d /home/${BROWSER_BOX_USER} ]]; then
+    chown ${USER_UID}:${USER_GID} /home/${BROWSER_BOX_USER}
     # copy user files from /etc/skel
-    cp /etc/skel/.bashrc /home/${WEB_BROWSER_USER}
-    cp /etc/skel/.bash_logout /home/${WEB_BROWSER_USER}
-    cp /etc/skel/.profile /home/${WEB_BROWSER_USER}
+    cp /etc/skel/.bashrc /home/${BROWSER_BOX_USER}
+    cp /etc/skel/.bash_logout /home/${BROWSER_BOX_USER}
+    cp /etc/skel/.profile /home/${BROWSER_BOX_USER}
     chown ${USER_UID}:${USER_GID} \
-		/home/${WEB_BROWSER_USER}/.bashrc \
-		/home/${WEB_BROWSER_USER}/.profile \
-		/home/${WEB_BROWSER_USER}/.bash_logout
+		/home/${BROWSER_BOX_USER}/.bashrc \
+		/home/${BROWSER_BOX_USER}/.profile \
+		/home/${BROWSER_BOX_USER}/.bash_logout
   fi
   # create group with USER_GID
-  if ! getent group ${WEB_BROWSER_USER} >/dev/null; then
-    groupadd -f -g ${USER_GID} ${WEB_BROWSER_USER} 2> /dev/null
+  if ! getent group ${BROWSER_BOX_USER} >/dev/null; then
+    groupadd -f -g ${USER_GID} ${BROWSER_BOX_USER} 2> /dev/null
   fi
 
   # create user with USER_UID
-  if ! getent passwd ${WEB_BROWSER_USER} >/dev/null; then
+  if ! getent passwd ${BROWSER_BOX_USER} >/dev/null; then
     adduser --disabled-login --uid ${USER_UID} --gid ${USER_GID} \
-      --gecos 'Browser Box' ${WEB_BROWSER_USER}
+      --gecos 'Browser Box' ${BROWSER_BOX_USER}
   fi
 }
 
@@ -72,13 +88,13 @@ grant_access_to_video_devices() {
   done
 
   if [[ -n $VIDEO_GID ]]; then
-    usermod -a -G $VIDEO_GID ${WEB_BROWSER_USER}
+    usermod -a -G $VIDEO_GID ${BROWSER_BOX_USER}
   fi
 }
 
 launch_browser() {
-  cd /home/${WEB_BROWSER_USER}
-  exec sudo -u ${WEB_BROWSER_USER} -H PULSE_SERVER=/run/pulse/native $@ ${extra_opts}
+  cd /home/${BROWSER_BOX_USER}
+  exec sudo -u ${BROWSER_BOX_USER} -H LD_PRELOAD='/usr/$LIB/libstdc++.so.6' PULSE_SERVER=/run/pulse/native $@ ${extra_opts}
 }
 
 case "$1" in

scripts/browser-box

@@ -2,9 +2,11 @@
 
 PATH=/usr/sbin:/usr/bin:/sbin:/bin
 # TODO: ensure this gets updated by entrypoint script on install
-WEB_BROWSER_USER=browser
-BROWSERS=(chromium-browser firefox google-chrome google-chrome-stable tor-browser)
+BROWSER_BOX_USER=${BROWSER_BOX_USER:-browser}
+BROWSER_BOX_REPO=${BROWSER_BOX_REPO:-$USER}
 USER_REPO=${BROWSER_BOX_REPO:-"sameersbn"}
+BROWSERS=(chromium-browser firefox google-chrome google-chrome-stable tor-browser)
+# Persistant data directories CHROME_USERDATA="" FIREFOX_USERDATA=""
 # do we need to use sudo to start docker containers?
 ( id -Gn | grep -q docker ) || SUDO=sudo
 
@@ -30,7 +32,7 @@ cleanup_stopped_browser_box_instances() {
   for c in $(${SUDO} docker ps -a -q)
   do
     image=$(${SUDO} docker inspect -f {{.Config.Image}} ${c})
-    if [[ ${image} == "sameersbn/browser-box:latest" ]]; then
+    if [[ ${image} == "${USER_REPO}/browser-box:latest" ]]; then
       running=$(${SUDO} docker inspect -f {{.State.Running}} ${c})
       if [[ ${running} != true ]]; then
         ${SUDO} docker rm -v "${c}" >/dev/null
@@ -55,6 +57,7 @@ prepare_docker_env_parameters() {
   ENV_VARS+=" --env=DISPLAY"
   ENV_VARS+=" --env=XAUTHORITY=${XAUTH}"
   ENV_VARS+=" --env=TZ=$(cat /etc/timezone)"
+  ENV_VARS+=" --env=BROWSER_BOX_USER=${BROWSER_BOX_USER}"
 }
 
 prepare_docker_volume_parameters() {
@@ -69,11 +72,8 @@ prepare_docker_volume_parameters() {
 # TODO: Need to add tor and chromium userdata dirs
 #       if wanted by the user, maybe use env variables
 prepare_docker_userdata_volumes() {
-  if [[ -n ${CHROME_USERDATA} ]]; then
-    echo " --volume=${CHROME_USERDATA}:/home/${WEB_BROWSER_USER}/.config/google-chrome"
-  fi
-  [ -n ${CHROME_USERDATA} ] && VOLUMES+=" --volume=${CHROME_USERDATA}:/home/${WEB_BROWSER_USER}/.config/google-chrome"
-  [ -n ${FIREFOX_USERDATA} ] && VOLUMES+=" --volume=${FIREFOX_USERDATA}:/home/${WEB_BROWSER_USER}/.mozilla"
+  [ -n ${CHROME_USERDATA} ] && VOLUMES+=" --volume=${CHROME_USERDATA}:/home/${BROWSER_BOX_USER}/.config/google-chrome"
+  [ -n ${FIREFOX_USERDATA} ] && VOLUMES+=" --volume=${FIREFOX_USERDATA}:/home/${BROWSER_BOX_USER}/.mozilla"
 }
 
 prepare_docker_device_parameters() {