From b6bbe77178219bc890b1b2f733a3760f7fc78b48 Mon Sep 17 00:00:00 2001 From: Elmer Miroslav Mosher Golovin Date: Tue, 25 Apr 2023 15:58:30 +0300 Subject: [PATCH 1/3] Sample docker-compose for the recording server Signed-off-by: Elmer Miroslav Mosher Golovin --- recording/docker-compose/Dockerfile | 36 +++++++++++++++++++++ recording/docker-compose/docker-compose.yml | 21 ++++++++++++ 2 files changed, 57 insertions(+) create mode 100644 recording/docker-compose/Dockerfile create mode 100644 recording/docker-compose/docker-compose.yml diff --git a/recording/docker-compose/Dockerfile b/recording/docker-compose/Dockerfile new file mode 100644 index 00000000000..1e330aa4dd2 --- /dev/null +++ b/recording/docker-compose/Dockerfile @@ -0,0 +1,36 @@ +FROM ubuntu:20.04 + +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get --assume-yes update +RUN apt-get --assume-yes upgrade + +# Common dependencies +RUN apt-get --assume-yes install software-properties-common + +# spreed-recording dependencies +RUN apt-get --assume-yes install ffmpeg pulseaudio python3-pip xvfb +RUN pip3 install --upgrade requests + +# firefox +RUN apt-get --assume-yes install firefox firefox-geckodriver + +# spreed-recording config +RUN useradd --create-home recording +COPY server.conf.in /etc/nextcloud-talk-recording/server.conf +RUN sed --in-place 's/#listen =.*/listen = 0.0.0.0:8000/' /etc/nextcloud-talk-recording/server.conf + +# Deploy recording server +RUN mkdir --parents /tmp/recording +COPY src /tmp/recording/ +COPY pyproject.toml /tmp/recording/ +RUN python3 -m pip install /tmp/recording/ + +# Cleanup +RUN apt-get clean && rm --recursive --force /var/lib/apt/lists/* /tmp/* /var/tmp/* +RUN rm --recursive --force /tmp/recording + +# Switch user and start the recording server +WORKDIR "/home/recording/" +USER "recording" +CMD ["python3", "-m", "nextcloud.talk.recording", "--config", "/etc/nextcloud-talk-recording/server.conf"] diff --git a/recording/docker-compose/docker-compose.yml b/recording/docker-compose/docker-compose.yml new file mode 100644 index 00000000000..7b9cd07247d --- /dev/null +++ b/recording/docker-compose/docker-compose.yml @@ -0,0 +1,21 @@ +version: "3.9" + +services: + + nextcloud-talk-recording: + build: + context: .. + dockerfile: ./docker-compose/Dockerfile + init: true + shm_size: '2gb' + restart: on-failure + # By default the recording server is reachable through the network "nextcloud-talk-recording" + # Depending on your setup (if you need to reach the recording server externally for example) you might need + # to expose the used ports to the host machine, e.g.: + #ports: + # - "8000:8000" + networks: + - nextcloud-talk-recording + +networks: + nextcloud-talk-recording: From ce8f2e61c8e5351bd3c44e40d549045b3452832b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= Date: Tue, 1 Aug 2023 13:56:05 +0200 Subject: [PATCH 2/3] Add support for Chromium browser MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit By default Chromium runs in sandboxed mode, which do not seem to work inside Docker containers (Chromium fails with "Failed to move to new namespace"); it may work depending on the configuration (for example, with seccomp profiles), but it does not with the default configuration. To work around that Chromium is started with "--no-sandbox" by wrapping the real executable with a script to add that argument. "wrap_chromium_binary" was adjusted from "NodeChrome/wrap_chrome_binary" of repository "https://github.com/SeleniumHQ/docker-selenium" at commit "c6df1ab8dc6a5aca05c163c429a062ada1d79c51". Docker images for Selenium are licensed under the Apache license 2.0 (see LICENSE.md at above commit). Besides that, in Selenium 4.6 the Selenium Manager was introduced, which is a tool that takes care of downloading the browser and its driver if needed when running Selenium. Unfortunately, when using the "chrome" driver the Selenium Manager assumes that the executable will be called "chrome", and if it does not find it, it downloads it to a cache directory of the current user. However, as the crome driver is found it will use the one in the path, which may not be compatible with the latest Chromium version just downloaded, and in the end the version mismatch causes Chromium to not be launched. Given that Chromium needs to be launched with "--no-sandbox" and that the Selenium Manager downloads the executable to its own directory and launches it directly from there it is not possible either to just leave the Selenium Manager to install both the browser and its driver. To work around that the Chromium wrapper is also linked as "/ur/bin/chrome" to ensure that Selenium Manager will find and use it. Signed-off-by: Daniel Calviño Sánchez --- recording/docker-compose/Dockerfile | 10 ++++++ recording/docker-compose/wrap_chromium_binary | 33 +++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100755 recording/docker-compose/wrap_chromium_binary diff --git a/recording/docker-compose/Dockerfile b/recording/docker-compose/Dockerfile index 1e330aa4dd2..3eff8a4b4f1 100644 --- a/recording/docker-compose/Dockerfile +++ b/recording/docker-compose/Dockerfile @@ -15,6 +15,16 @@ RUN pip3 install --upgrade requests # firefox RUN apt-get --assume-yes install firefox firefox-geckodriver +# chromium +# The phd/chromium-browser PPA is used because since Ubuntu 20.04 Chromium is +# provided as a snap package +RUN add-apt-repository --yes ppa:phd/chromium-browser +RUN printf "Package: *\nPin: release o=LP-PPA-phd-chromium-browser\nPin-Priority: 1001" > /etc/apt/preferences.d/phd-chromium-browser +RUN apt-get --assume-yes install chromium-browser chromium-chromedriver + +COPY ./docker-compose/wrap_chromium_binary /opt/bin/wrap_chromium_binary +RUN /opt/bin/wrap_chromium_binary + # spreed-recording config RUN useradd --create-home recording COPY server.conf.in /etc/nextcloud-talk-recording/server.conf diff --git a/recording/docker-compose/wrap_chromium_binary b/recording/docker-compose/wrap_chromium_binary new file mode 100755 index 00000000000..b88b522059f --- /dev/null +++ b/recording/docker-compose/wrap_chromium_binary @@ -0,0 +1,33 @@ +#!/bin/bash + +# Originally adjusted from https://github.com/SeleniumHQ/docker-selenium/blob/c6df1ab8dc6a5aca05c163c429a062ada1d79c51/NodeChrome/wrap_chrome_binary +# which is licensed under the Apache license 2.0 (https://github.com/SeleniumHQ/docker-selenium/blob/c6df1ab8dc6a5aca05c163c429a062ada1d79c51/LICENSE.md) + +WRAPPER_PATH=$(readlink -f /usr/bin/chromium-browser) +BASE_PATH="$WRAPPER_PATH-base" +mv "$WRAPPER_PATH" "$BASE_PATH" + +cat > "$WRAPPER_PATH" <<_EOF +#!/bin/bash + +# umask 002 ensures default permissions of files are 664 (rw-rw-r--) and directories are 775 (rwxrwxr-x). +umask 002 + +# Debian/Ubuntu seems to not respect --lang, it instead needs to be a LANGUAGE environment var +# See: https://stackoverflow.com/a/41893197/359999 +for var in "\$@"; do + if [[ \$var == --lang=* ]]; then + LANGUAGE=\${var//--lang=} + fi +done + +# Set language environment variable +export LANGUAGE="\$LANGUAGE" + +# Note: exec -a below is a bashism. +exec -a "\$0" "$BASE_PATH" --no-sandbox "\$@" +_EOF +chmod +x "$WRAPPER_PATH" + +# Also add the executable name expected by Selenium Manager +ln --symbolic "$WRAPPER_PATH" /usr/bin/chrome From dc6535eeaa42d52cbe01a3bfb696b02cc265b594 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= Date: Mon, 7 Aug 2023 13:03:59 +0200 Subject: [PATCH 3/3] Replace Chromium PPA with equivalent repository MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The phd/chromium PPA is discontinued and no longer updated, so it was replaced with its equivalent repository also for Ubuntu but with packages from Linux Mint. Signed-off-by: Daniel Calviño Sánchez --- recording/docker-compose/Dockerfile | 12 +++++++----- recording/docker-compose/wrap_chromium_binary | 2 +- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/recording/docker-compose/Dockerfile b/recording/docker-compose/Dockerfile index 3eff8a4b4f1..1f680e0f72f 100644 --- a/recording/docker-compose/Dockerfile +++ b/recording/docker-compose/Dockerfile @@ -16,11 +16,13 @@ RUN pip3 install --upgrade requests RUN apt-get --assume-yes install firefox firefox-geckodriver # chromium -# The phd/chromium-browser PPA is used because since Ubuntu 20.04 Chromium is -# provided as a snap package -RUN add-apt-repository --yes ppa:phd/chromium-browser -RUN printf "Package: *\nPin: release o=LP-PPA-phd-chromium-browser\nPin-Priority: 1001" > /etc/apt/preferences.d/phd-chromium-browser -RUN apt-get --assume-yes install chromium-browser chromium-chromedriver +# The phd/chromium repository for Ubuntu is used because since Ubuntu 20.04 +# Chromium is provided as a snap package, and the equivalent PPA has been +# discontinued. +RUN echo "deb https://freeshell.de/phd/chromium/focal /" > /etc/apt/sources.list.d/phd-chromium.list +RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 869689FE09306074 +RUN apt-get update +RUN apt-get --assume-yes install chromium COPY ./docker-compose/wrap_chromium_binary /opt/bin/wrap_chromium_binary RUN /opt/bin/wrap_chromium_binary diff --git a/recording/docker-compose/wrap_chromium_binary b/recording/docker-compose/wrap_chromium_binary index b88b522059f..ab6338d9e01 100755 --- a/recording/docker-compose/wrap_chromium_binary +++ b/recording/docker-compose/wrap_chromium_binary @@ -3,7 +3,7 @@ # Originally adjusted from https://github.com/SeleniumHQ/docker-selenium/blob/c6df1ab8dc6a5aca05c163c429a062ada1d79c51/NodeChrome/wrap_chrome_binary # which is licensed under the Apache license 2.0 (https://github.com/SeleniumHQ/docker-selenium/blob/c6df1ab8dc6a5aca05c163c429a062ada1d79c51/LICENSE.md) -WRAPPER_PATH=$(readlink -f /usr/bin/chromium-browser) +WRAPPER_PATH=$(readlink -f /usr/bin/chromium) BASE_PATH="$WRAPPER_PATH-base" mv "$WRAPPER_PATH" "$BASE_PATH"