App Request: Firefox

[edrock200]

Browser in a vnc style window but accessible remotely from another browser

https://hub.docker.com/r/linuxserver/firefox

[keldian]

You'll have to provide some argumentation as to what purpose this would serve in a media box context, because it's far from obvious.

[edrock200]

You'll have to provide some argumentation as to what purpose this would serve in a media box context, because it's far from obvious.

No worries. I was able to hack together an yml that works. My use case was to access many of the apps using the short name and local port so I don't need to expose the apps directly to the net. Also useful to have a browser with all your apps/links/favorites configured and consistently available from anywhere. It also allows accessing sites from public/other networks (e.g. traveling) without the need for a vpn while still "proxying" the traffic. Last, some trackers don't like login from multiple ips. The browser allows login from the same ip as the feeder (assuming you run feeder from same box.)

It's a browser running in a vnc remote session served over http/https. I'm sure there are other benefits I'm not thinking of but a remotely accessible browser can have lots of utility I'm sure. :)

[keldian]

To that first point at least, you could use a layer 4 proxy. But yeah, fair points I suppose.

If you have a working yml it sounds like you've already done most of the work for submitting the role yourself.

[edrock200]

To that first point at least, you could use a layer 4 proxy. But yeah, fair points I suppose.

If you have a working yml it sounds like you've already done most of the work for submitting the role yourself.

I am completely github dumb, just fork and submit a change request?

[chazlarson]

Step by step here: https://docs.saltbox.dev/sandbox/basics/#contributing-to-sandbox-apps

[keldian]

I've begun work on this role btw. Not a problem if you still want to give it a stab though—just let us know. If not, consider sharing your yml so I see if I'm missing anything.

[edrock200]

I've begun work on this role btw. Not a problem if you still want to give it a stab though—just let us know. If not, consider sharing your yml so I see if I'm missing anything.

Here is tasks yml:

# Title:         Saltbox: firefox Role                                  #
# Author(s):                                          #
# URL:           https://github.com/saltyorg/Saltbox                    #
# --                                                                    #
#########################################################################
#                   GNU General Public License v3.0                     #
#########################################################################
---
- name: Add DNS record
  ansible.builtin.include_tasks: "{{ resources_tasks_path }}/dns/tasker.yml"
  vars:
    dns_record: "{{ lookup('vars', role_name + '_dns_record') }}"
    dns_zone: "{{ lookup('vars', role_name + '_dns_zone') }}"
    dns_proxy: "{{ lookup('vars', role_name + '_dns_proxy') }}"

- name: Remove existing Docker container
  ansible.builtin.include_tasks: "{{ resources_tasks_path }}/docker/remove_docker_container.yml"

- name: Create directories
  ansible.builtin.include_tasks: "{{ resources_tasks_path }}/directories/create_directories.yml"

- name: Create Docker container
  ansible.builtin.include_tasks: "{{ resources_tasks_path }}/docker/create_docker_container.yml"

[edrock200]

Here is defaults yml:

# Title:         Saltbox: firefox | Default Variables                    #
# Author(s):                                            #
# URL:           https://github.com/saltyorg/Saltbox                     #
# --                                                                     #
##########################################################################
#                   GNU General Public License v3.0                      #
##########################################################################
---
################################
# Basics
################################

firefox_name: firefox

################################
# Paths
################################

firefox_paths_folder: "{{ firefox_name }}"
firefox_paths_location: "{{ server_appdata_path }}/{{ firefox_paths_folder }}"
firefox_paths_folders_list:
  - "{{ firefox_paths_location }}"

################################
# Web
################################

firefox_web_subdomain: "{{ firefox_name }}"
firefox_web_domain: "{{ user.domain }}"
firefox_web_port: "5800"
firefox_web_url: "{{ 'https://' + firefox_web_subdomain + '.' + firefox_web_domain }}"

################################
# DNS
################################

firefox_dns_record: "{{ firefox_web_subdomain }}"
firefox_dns_zone: "{{ firefox_web_domain }}"
firefox_dns_proxy: "{{ dns.proxied }}"

################################
# Traefik
################################

firefox_traefik_sso_middleware: "{{ traefik_default_sso_middleware }}"

firefox_traefik_middleware_default: "{{ traefik_default_middleware + ','
                                        + lookup('vars', firefox_name + '_traefik_sso_middleware', default=firefox_traefik_sso_middleware)
                                     if (lookup('vars', firefox_name + '_traefik_sso_middleware', default=firefox_traefik_sso_middleware) | length > 0)
                                     else traefik_default_middleware }}"
firefox_traefik_middleware_custom: ""
firefox_traefik_middleware: "{{ firefox_traefik_middleware_default + ','
                                + firefox_traefik_middleware_custom
                             if (not firefox_traefik_middleware_custom.startswith(',') and firefox_traefik_middleware_custom | length > 0)
                             else firefox_traefik_middleware_default
                                + firefox_traefik_middleware_custom }}"
firefox_traefik_certresolver: "{{ traefik_default_certresolver }}"
firefox_traefik_enabled: true
firefox_traefik_api_enabled: false
firefox_traefik_api_endpoint: "`/api`,`/dl`"

################################
# THEME
################################

# Options can be found at https://github.com/gilbN/theme.park
firefox_themepark_enabled: false
firefox_themepark_theme: "{{ global_themepark_theme }}"
firefox_themepark_domain: "{{ global_themepark_domain }}"

################################
# Docker
################################

# Container
firefox_docker_container: "{{ firefox_name }}"

# Image
firefox_docker_image_pull: true
firefox_docker_image_tag: "release"
firefox_docker_image: "jlesage/firefox"

# Ports
firefox_docker_ports_defaults: []
firefox_docker_ports_custom: []
firefox_docker_ports: "{{ firefox_docker_ports_defaults
                          + firefox_docker_ports_custom }}"

# Envs
firefox_docker_envs_default:
  PUID: "{{ uid }}"
  PGID: "{{ gid }}"
  UMASK: "002"
  TZ: "{{ tz }}"
  VNC_PASSWORD: "true"
  TP_DOMAIN: "{{ firefox_themepark_domain }}"
  TP_THEME: "{{ firefox_themepark_theme }}"
  TP_HOTIO: "true"
firefox_docker_envs_custom: {}
firefox_docker_envs: "{{ firefox_docker_envs_default
                         | combine(firefox_docker_envs_custom) }}"

# Commands
firefox_docker_commands_default: []
firefox_docker_commands_custom: []
firefox_docker_commands: "{{ firefox_docker_commands_default
                             + firefox_docker_commands_custom }}"

# Volumes
firefox_docker_volumes_default:
  - "{{ firefox_paths_location }}:/config"
firefox_docker_volumes_custom: []
firefox_docker_volumes_theme:
  - "{{ firefox_paths_location }}/98-themepark:/etc/cont-init.d/98-themepark"
firefox_docker_volumes: "{{ firefox_docker_volumes_default
                            + firefox_docker_volumes_custom
                         if not (firefox_themepark_enabled)
                         else firefox_docker_volumes_default
                            + firefox_docker_volumes_custom
                            + firefox_docker_volumes_theme }}"

# Devices
firefox_docker_devices_default: []
firefox_docker_devices_custom: []
firefox_docker_devices: "{{ firefox_docker_devices_default
                            + firefox_docker_devices_custom }}"

# Hosts
firefox_docker_hosts_default: []
firefox_docker_hosts_custom: []
firefox_docker_hosts: "{{ docker_hosts_common
                          | combine(firefox_docker_hosts_default)
                          | combine(firefox_docker_hosts_custom) }}"

# Labels
firefox_docker_labels_default: {}
firefox_docker_labels_custom: {}
firefox_docker_labels: "{{ docker_labels_common
                           | combine(firefox_docker_labels_default)
                           | combine(firefox_docker_labels_custom) }}"

# Hostname
firefox_docker_hostname: "{{ firefox_name }}"

# Networks
firefox_docker_networks_alias: "{{ firefox_name }}"
firefox_docker_networks_default: []
firefox_docker_networks_custom: []
firefox_docker_networks: "{{ docker_networks_common
                             + firefox_docker_networks_default
                             + firefox_docker_networks_custom }}"

# Capabilities
firefox_docker_capabilities_default: []
firefox_docker_capabilities_custom: []
firefox_docker_capabilities: "{{ firefox_docker_capabilities_default
                                 + firefox_docker_capabilities_custom }}"

# Security Opts
firefox_docker_security_opts_default: []
firefox_docker_security_opts_custom: []
firefox_docker_security_opts: "{{ firefox_docker_security_opts_default
                                  + firefox_docker_security_opts_custom }}"

# Restart Policy
firefox_docker_restart_policy: unless-stopped

# State
firefox_docker_state: started

[edrock200]

I should have noted I just copied from another app and hacked it up, so there could be extra stuff in there that isn't needed, but it works :)

[edrock200]

Step by step here: https://docs.saltbox.dev/sandbox/basics/#contributing-to-sandbox-apps

Oh this is awesome, thanks for the pointer!

[keldian]

I should have noted I just copied from another app and hacked it up

That's how I do it and how it's usually done. :wink:

[keldian]

Rationale for using jlesage/firefox rather than linuxserver/firefox?

[edrock200]

Rationale for using jlesage/firefox rather than linuxserver/firefox?

For whatever reason, I couldn't get the linuxserver one to work without --priveleged or - seccomp:unconfined flags even though they are optional. Also, if bypassing authelia, the way jlesage/firefox does the vnc password is much cleaner imo. Linuxserver container requires you to create a password/hash file. jlessage you put a password in a cleartext file in the config dir, on boot it will digest the pw, hash it, write that out to a new file and delete the cleartext file. Changing the pw is as easy as creating the file again and restarting container.

Last, the jlesage container gives you the option to pass port 5900 through, which is the vnc protocol. Using firefox via web browser on mobile is painful and pretty much unusable, but using a vnc client on mobile is tolerable.

One thing I missed, is apparently these containers can use /dev/dri for hw acceleration. That is not mapped in mine.

[maximuskowalski]

It seems like you have already started work on this? Is that correct?

[keldian]

Yes. Got a lot on my plate right now but I do have it planned.

[maximuskowalski]

Cool, it's marked WIP so shouldn't be picked up randomly by anyone else without realising it's underway.

[owine]

284