Upload 32 files
Browse files- Dockerfile +0 -12
- src/reset.sh +15 -1
- src/start.sh +40 -0
Dockerfile
CHANGED
|
@@ -8,9 +8,6 @@ ARG VERSION_VNC="1.6.0"
|
|
| 8 |
ARG VERSION_UTK="1.2.0"
|
| 9 |
ARG VERSION_PASST="2025_09_19"
|
| 10 |
|
| 11 |
-
# Set working dir
|
| 12 |
-
|
| 13 |
-
|
| 14 |
ARG DEBCONF_NOWARNINGS="yes"
|
| 15 |
ARG DEBIAN_FRONTEND="noninteractive"
|
| 16 |
ARG DEBCONF_NONINTERACTIVE_SEEN="true"
|
|
@@ -69,15 +66,6 @@ COPY --chmod=744 ./web/conf/nginx.conf /etc/nginx/default.conf
|
|
| 69 |
|
| 70 |
ADD --chmod=755 "https://github.com/qemus/fiano/releases/download/v${VERSION_UTK}/utk_${VERSION_UTK}_${TARGETARCH}.bin" /run/utk.bin
|
| 71 |
|
| 72 |
-
WORKDIR /.
|
| 73 |
-
|
| 74 |
-
|
| 75 |
-
# Make the entire /app directory fully writeable for all users
|
| 76 |
-
|
| 77 |
-
|
| 78 |
-
|
| 79 |
-
USER root
|
| 80 |
-
|
| 81 |
VOLUME /storage
|
| 82 |
EXPOSE 22 5900 8006
|
| 83 |
|
|
|
|
| 8 |
ARG VERSION_UTK="1.2.0"
|
| 9 |
ARG VERSION_PASST="2025_09_19"
|
| 10 |
|
|
|
|
|
|
|
|
|
|
| 11 |
ARG DEBCONF_NOWARNINGS="yes"
|
| 12 |
ARG DEBIAN_FRONTEND="noninteractive"
|
| 13 |
ARG DEBCONF_NONINTERACTIVE_SEEN="true"
|
|
|
|
| 66 |
|
| 67 |
ADD --chmod=755 "https://github.com/qemus/fiano/releases/download/v${VERSION_UTK}/utk_${VERSION_UTK}_${TARGETARCH}.bin" /run/utk.bin
|
| 68 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 69 |
VOLUME /storage
|
| 70 |
EXPOSE 22 5900 8006
|
| 71 |
|
src/reset.sh
CHANGED
|
@@ -5,7 +5,21 @@ trap 'error "Status $? while: $BASH_COMMAND (line $LINENO/$BASH_LINENO)"' ERR
|
|
| 5 |
[[ "${TRACE:-}" == [Yy1]* ]] && set -o functrace && trap 'echo "# $BASH_COMMAND" >&2' DEBUG
|
| 6 |
|
| 7 |
[ ! -f "/run/entry.sh" ] && error "Script must be run inside the container!" && exit 11
|
| 8 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 9 |
|
| 10 |
# Docker environment variables
|
| 11 |
|
|
|
|
| 5 |
[[ "${TRACE:-}" == [Yy1]* ]] && set -o functrace && trap 'echo "# $BASH_COMMAND" >&2' DEBUG
|
| 6 |
|
| 7 |
[ ! -f "/run/entry.sh" ] && error "Script must be run inside the container!" && exit 11
|
| 8 |
+
|
| 9 |
+
# If not running as root, don't hard-exit. Some restricted environments (like
|
| 10 |
+
# Hugging Face Spaces) run containers without root privileges. Fall back to a
|
| 11 |
+
# degraded non-root mode: warn, set NONROOT, and disable KVM and network
|
| 12 |
+
# features that require capabilities.
|
| 13 |
+
NONROOT="N"
|
| 14 |
+
if [ "$(id -u)" -ne "0" ]; then
|
| 15 |
+
warn "Script is not running as root. Entering non-root degraded mode. Some features (KVM, TAP/VHOST) will be disabled."
|
| 16 |
+
NONROOT="Y"
|
| 17 |
+
# Disable privileged features
|
| 18 |
+
KVM="N"
|
| 19 |
+
NETWORK="N"
|
| 20 |
+
else
|
| 21 |
+
NONROOT="N"
|
| 22 |
+
fi
|
| 23 |
|
| 24 |
# Docker environment variables
|
| 25 |
|
src/start.sh
CHANGED
|
@@ -1,6 +1,46 @@
|
|
| 1 |
#!/usr/bin/env bash
|
| 2 |
set -Eeuo pipefail
|
| 3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 4 |
# You can override this hook to execute a script before startup!
|
| 5 |
|
| 6 |
return 0
|
|
|
|
| 1 |
#!/usr/bin/env bash
|
| 2 |
set -Eeuo pipefail
|
| 3 |
|
| 4 |
+
# Diagnostics: when DEBUG=Y or DIAG=Y, print environment info useful for
|
| 5 |
+
# debugging why KVM or networking may not be available in restricted hosts
|
| 6 |
+
# (e.g. Hugging Face Spaces).
|
| 7 |
+
if [[ "${DEBUG:-N}" == [Yy1]* || "${DIAG:-N}" == [Yy1]* ]]; then
|
| 8 |
+
echo "--- startup diagnostics ---"
|
| 9 |
+
echo "User UID: $(id -u) ($(id -un 2>/dev/null || echo unknown))"
|
| 10 |
+
if [ -e /dev/kvm ]; then
|
| 11 |
+
ls -l /dev/kvm || true
|
| 12 |
+
if [ -w /dev/kvm ] 2>/dev/null; then
|
| 13 |
+
echo "/dev/kvm: present and writable"
|
| 14 |
+
else
|
| 15 |
+
echo "/dev/kvm: present but not writable"
|
| 16 |
+
fi
|
| 17 |
+
else
|
| 18 |
+
echo "/dev/kvm: missing"
|
| 19 |
+
fi
|
| 20 |
+
|
| 21 |
+
if [ -e /dev/net/tun ]; then
|
| 22 |
+
ls -l /dev/net/tun || true
|
| 23 |
+
echo "/dev/net/tun: present"
|
| 24 |
+
else
|
| 25 |
+
echo "/dev/net/tun: missing"
|
| 26 |
+
fi
|
| 27 |
+
|
| 28 |
+
if [ -e /dev/vhost-net ]; then
|
| 29 |
+
ls -l /dev/vhost-net || true
|
| 30 |
+
echo "/dev/vhost-net: present"
|
| 31 |
+
else
|
| 32 |
+
echo "/dev/vhost-net: missing"
|
| 33 |
+
fi
|
| 34 |
+
|
| 35 |
+
echo "Kernel accel availability (qemu):"
|
| 36 |
+
if command -v qemu-system-x86_64 &>/dev/null; then
|
| 37 |
+
qemu-system-x86_64 -accel help 2>/dev/null || true
|
| 38 |
+
else
|
| 39 |
+
echo "qemu-system-x86_64: not installed"
|
| 40 |
+
fi
|
| 41 |
+
echo "--- end diagnostics ---"
|
| 42 |
+
fi
|
| 43 |
+
|
| 44 |
# You can override this hook to execute a script before startup!
|
| 45 |
|
| 46 |
return 0
|