Dockerized Firefox with Podman

famadorian · December 15, 2022, 6:40am

Trying to get a docker image of Firefox up and running and found that I should be using Podman?

https://docs.linuxserver.io/images/docker-firefox

This seems to start, but not able to VNC into it. Just get Permission Denied.

  virtualisation = {
    podman = {
      enable = true;
      dockerCompat = true;
    };
    oci-containers = {
      backend = "podman";

      containers.firehird = {
        image = "lscr.io/linuxserver/firefox:latest";
        autoStart = false;
        ports = [ "3000:3000" ];
        environment = {
          TZ = "Europe/Oslo";
          PUID = "1000";
          PGID = "1000";
        };
        volumes = [ "/home/b0ef/.pkg/docker-conf1:/config:rw" ];
      };
    };
  };

nixinator · December 15, 2022, 10:49pm

I’m interested why you want to run firefox in docker?

Whats the plan, stan?

famadorian · December 16, 2022, 6:42am

I want a containerized browser and the Multi Account Container for Firefox doesn’t cut it; I need to be able to script it. Unless there’s other options, I’m not sure what I can do?

nixinator · December 17, 2022, 11:48am

depends on what you feel containers actually do.

They are essentially just processes in high level nutshell.

Add a new unix user, lock that user down using unix primitives. Write your custom derivation for firefox, add it to that user profile.

It’s quite possible to use use process accounting, to keep an eye on what it’s doing too.

for scripting , you might be able to use nixos tests to do that believe it or not.

nixos will spawn a VM for you, make your Firefox derivation and run it. On my machine it’s quick.

the python driver you’ll be able to script it.

give it a try, you may like it, however you may not.

https://nix.dev/tutorials/integration-testing-using-virtual-machines

if you need more power than nixos tests give you, then bring your tool into the VM too. :-).

github.com

NixOS/nixpkgs/blob/2b534fee3d5bbee6944de149b312dbf3b4b71052/nixos/tests/chromium.nix

{ system ? builtins.currentSystem
, config ? {}
, pkgs ? import ../.. { inherit system config; }
, channelMap ? { # Maps "channels" to packages
    stable        = pkgs.chromium;
    beta          = pkgs.chromiumBeta;
    dev           = pkgs.chromiumDev;
    ungoogled     = pkgs.ungoogled-chromium;
    chrome-stable = pkgs.google-chrome;
    chrome-beta   = pkgs.google-chrome-beta;
    chrome-dev    = pkgs.google-chrome-dev;
  }
}:

with import ../lib/testing-python.nix { inherit system pkgs; };
with pkgs.lib;

let
  user = "alice";

This file has been truncated. show original

is pretty full featured.

If you do something, than perhaps you can improve nixos firefox tests too, and make a pull request on the git hub.

no podman, no docker. just a full integration test, using as close to bare metal as you can be, using abstractions that are pretty standard.

Happy XMas.

famadorian · December 21, 2022, 7:57pm

Sounds great, but how do I run it?

Running nix-build chromium.nix just fails

nixinator · December 24, 2022, 8:13pm

you don’t really give me much to go on, but if i want to build it then…

git clone https://github.com/Nixos/nixpkgs
cd nixpkgs
nix-build -A chromium

or you can do
git clone https://github.com/Nixos/nixpkgs
cd nixpkgs/pkgs/applications/networking/browsers/chromium
nix-build -E "with import <nixpkgs> {}; callPackage ./default.nix {}"

which the callPackage abstraction…

this may help you, then again, it may not.