#!/bin/bash PATH=/usr/sbin:/usr/bin:/sbin:/bin # TODO: ensure this gets updated by entrypoint script on install BROWSER_BOX_USER=${BROWSER_BOX_USER:-browser} BROWSER_BOX_REPO=${BROWSER_BOX_REPO:-sameersbn} BROWSERS=(chromium-browser firefox google-chrome google-chrome-stable tor-browser) # Persistant data directories CHROME_USERDATA="" FIREFOX_USERDATA="" # do we need to use sudo to start docker containers? ( id -Gn | grep -q docker ) || SUDO=sudo USER_UID=$(id -u) USER_GID=$(id -g) XSOCK=/tmp/.X11-unix XAUTH=/tmp/.docker.xauth list_browsers() { echo "" echo "Launch a browser using:" echo " chromium-browser - Launch Chromium" echo " firefox - Launch Firefox" echo " google-chrome|google-chrome-stable - Launch Google Chrome" echo " tor-browser - Launch Tor Browser" echo "" exit 1 } cleanup_stopped_browser_box_instances() { echo "Cleaning up stopped browser-box instances..." for c in $(${SUDO} docker ps -a -q) do image=$(${SUDO} docker inspect -f {{.Config.Image}} ${c}) if [[ ${image} == "${BROWSER_BOX_REPO}/browser-box:latest" ]]; then running=$(${SUDO} docker inspect -f {{.State.Running}} ${c}) if [[ ${running} != true ]]; then ${SUDO} docker rm -v "${c}" >/dev/null fi fi done } prepare_docker_caps_parameters() { case ${1} in google-chrome|google-chrome-stable|chromium-browser) CAPABILITIES+="--cap-add=SYS_ADMIN" # passing gpu for SANDBOXED support [ -d /dev/dri ] && CAPABILITIES+=" --device /dev/dri" ;; esac } prepare_docker_env_parameters() { ENV_VARS+=" --env=USER_UID=${USER_UID}" ENV_VARS+=" --env=USER_GID=${USER_GID}" ENV_VARS+=" --env=DISPLAY" ENV_VARS+=" --env=XAUTHORITY=${XAUTH}" ENV_VARS+=" --env=BROWSER_BOX_USER=${BROWSER_BOX_USER}" if [ -f /etc/timezone ]; then ENV_VARS+=" --env=TZ=$(cat /etc/timezone)" else [ ! -z "${TIMEZONE}" ] && ENV_VARS+=" --env=TZ=${TIMEZONE}" fi } prepare_docker_volume_parameters() { touch ${XAUTH} xauth nlist ${DISPLAY} | sed -e 's/^..../ffff/' | xauth -f ${XAUTH} nmerge - VOLUMES+=" --volume=${XSOCK}:${XSOCK}" VOLUMES+=" --volume=${XAUTH}:${XAUTH}" VOLUMES+=" --volume=/run/user/${USER_UID}/pulse:/run/pulse" } # TODO: Need to add tor and chromium userdata dirs # if wanted by the user, maybe use env variables prepare_docker_userdata_volumes() { [ ! -z ${CHROME_USERDATA} ] && VOLUMES+=" --volume=${CHROME_USERDATA}:/home/${BROWSER_BOX_USER}/.config/google-chrome" [ ! -z ${FIREFOX_USERDATA} ] && VOLUMES+=" --volume=${FIREFOX_USERDATA}:/home/${BROWSER_BOX_USER}/.mozilla" } prepare_docker_device_parameters() { # enumerate video devices for webcam support VIDEO_DEVICES= for device in /dev/video* do if [[ -c $device ]]; then VIDEO_DEVICES="${VIDEO_DEVICES} --device $device:$device" fi done } browser_exec () { # check state of default $BROWSER browser_state=$(docker inspect --format "{{.State.Running}}" ${BROWSER} 2>/dev/null) if [[ "${browser_state}" == "true" ]]; then ${SUDO} docker exec -i entrypoint.sh ${BROWSER} "$@" 2>/dev/null exit $? else # checke if any other browser's are open to open link for browser in ${BROWSERS[@]}; do browser_state= \ $(docker inspect --format "{{.State.Running}}" ${browser} 2>/dev/null) if [[ "${browser_state}" == "true" ]]; then ${SUDO} docker exec -i entrypoint.sh ${browser} "$@" 2>/dev/null exit $? else # no browser is currently running, let's start the default one default_browser=$(which ${BROWSER}) exec ${default_browser} $@ fi done fi } prog=$(basename $0) exec=$(which $prog) if [[ ${prog} == "browser-box" ]]; then case ${1} in google-chrome|google-chrome-stable|tor-browser|chromium-browser|firefox) prog=${1} shift ;; browser-exec) browser_exec $@ ;; *|help) list_browsers exit 1 ;; esac elif [[ -n ${exec} ]]; then # launch host binary if it exists exec ${exec} $@ fi cleanup_stopped_browser_box_instances prepare_docker_caps_parameters $prog prepare_docker_env_parameters prepare_docker_volume_parameters prepare_docker_userdata_volumes prepare_docker_device_parameters echo "Starting ${prog}..." ${SUDO} docker run -d \ ${BROWSER_BOX_PARMS} \ ${CAPABILITIES} \ ${ENV_VARS} \ ${VIDEO_DEVICES} \ ${VOLUMES} \ --name="${prog}" \ ${BROWSER_BOX_REPO}/browser-box:2018.07.21 ${prog} $@ >/dev/null