From: Mike Brady <4265913+mikebrady@users.noreply.github.com> Date: Sun, 23 Oct 2022 15:00:41 +0000 (+0100) Subject: Extra command-line arguments passed when the Docker image is launched are passed... X-Git-Tag: 4.1-rc4~3^2~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a4da36b4045e1acce5e603b76fc5185e73826df5;p=thirdparty%2Fshairport-sync.git Extra command-line arguments passed when the Docker image is launched are passed to the shairport-sync instance. The shairport-sync instance runs as user and group shairport-sync which has reduced privileges. The "classic" docker image now uses the s6-overlay to manage processes. --- diff --git a/docker/Dockerfile b/docker/Dockerfile index a34d2c50..11647acd 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -16,21 +16,18 @@ RUN apk -U add \ dbus \ alsa-lib-dev \ popt-dev \ - mbedtls-dev \ soxr-dev \ avahi-dev \ libconfig-dev \ libsndfile-dev \ mosquitto-dev \ - xmltoman \ - openssh-client \ libsodium-dev \ + libgcrypt-dev \ ffmpeg-dev \ xxd \ libressl-dev \ openssl-dev \ - libplist-dev \ - libgcrypt-dev + libplist-dev ##### ALAC ##### RUN git clone https://github.com/mikebrady/alac @@ -76,7 +73,6 @@ RUN apk -U add \ dbus \ popt \ glib \ - mbedtls \ soxr \ avahi \ avahi-tools \ @@ -86,8 +82,8 @@ RUN apk -U add \ libuuid \ ffmpeg \ libsodium \ - libplist \ - libgcrypt + libgcrypt \ + libplist # Copy build files. COPY --from=builder /shairport-sync/build/install/usr/local/bin/shairport-sync /usr/local/bin/shairport-sync @@ -111,6 +107,4 @@ RUN addgroup -g 29 docker_audio && addgroup shairport-sync docker_audio && addgr # Remove anything we don't need. RUN rm -rf /lib/apk/db/* -ENTRYPOINT [ "/init" ] - -CMD [ "/usr/local/bin/shairport-sync", "-v", "--statistics" ] \ No newline at end of file +ENTRYPOINT [ "/init", "s6-setuidgid", "shairport-sync", "/usr/local/bin/shairport-sync" ] diff --git a/docker/README.md b/docker/README.md index 2b27e77f..8c31a84d 100644 --- a/docker/README.md +++ b/docker/README.md @@ -2,43 +2,32 @@ Available at: https://hub.docker.com/r/mikebrady/shairport-sync -The following docker tags are available: +Please note if you want the development version of the image including Airplay 2 support, please pull the image with the `development` tag using the following command: ``` -[tag] -[tag]-classic - -(build from newest tag) -stable -stable-classic - -(latest build from master) -latest -latest-classic - -(latest build from development) -development -development-classic +docker pull mikebrady/shairport-sync:development ``` +When using the below commands, you should replace `mikebrady/shairport-sync` with `mikbrady/shairport-sync:development`. + ## Example Docker Compose File See the `docker-compose.yaml` file in this folder for an example. -## Example Docker Run +## Docker Run ``` $ docker run -d --restart unless-stopped --net host --device /dev/snd \ - mikebrady/shairport-sync: + mikebrady/shairport-sync ``` ### Options -You can change the default commands passed to Shairport Sync. Here is an example: +Command line options will be passed to Shairport Sync. Here is an example: ``` $ docker run -d --restart unless-stopped --net host --device /dev/snd \ - mikebrady/shairport-sync: shairport-sync -v \ - --statistics -a DenSystem -d hw:0 -c PCM + mikebrady/shairport-sync:development \ + -v --statistics -a DenSystem -d hw:0 -c PCM ``` -This will sent audio to alsa hardware device `hw:0` and make use of the that device's mixer control called `PCM`. The service will be visible as `DenSystem` on the network. +This will send audio to alsa hardware device `hw:0` and make use of the that device's mixer control called `PCM`. The service will be visible as `DenSystem` on the network. ## Configuration File @@ -54,9 +43,9 @@ docker buildx build --platform linux/arm/v7 -f ./docker/Dockerfile --build-arg S `SHAIRPORT_SYNC_BRANCH` and `NQPTP_BRANCH` are required to ensure the image is built using the expected branch. `--no-cache` needs to be used to force buildx to pull the NQPTP branch for new updates. This slows down the build time though so can be removed when it is not beneficial during testing. -### AirPlay 1 Only +### "Classic" AirPlay -The AirPlay 1 only dockerfile is in the `classic` folder. This also includes the `start.sh` script used by the container. Please note that the AirPlay 1 image built via the AirPlay 2 branch has missing functionality, e.g. it does not work with multiple instances on the same hardware; does not support iTunes for Windows etc. +The "Classic" AirPlay only dockerfile is in the `classic` folder. This also includes the `start.sh` script used by the container. ### GitHub Action Builds @@ -64,4 +53,4 @@ Requires the following secrets to be set in the repo: - `DOCKER_REGISTRY` - docker.io if using Docker Hub, else set to your registry URL. - `DOCKER_REGISTRY_TOKEN` - Access token for your registry. - `DOCKER_REGISTRY_USER` - Login user for your registry. -- `DOCKER_IMAGE_NAME` - The name of the image, for example `your-registry.com/shairport-sync` or just `your-username/shairport-sync` if using Docker Hub. \ No newline at end of file +- `DOCKER_IMAGE_NAME` - The name of the image, for example `your-registry.com/shairport-sync` or just `your-username/shairport-sync` if using Docker Hub. diff --git a/docker/classic/Dockerfile b/docker/classic/Dockerfile index 0556cd94..3010ca11 100644 --- a/docker/classic/Dockerfile +++ b/docker/classic/Dockerfile @@ -1,5 +1,12 @@ -FROM alpine AS builder-base -# General Build System: +FROM alpine:3.12 AS builder + +# Classic (aka AirPlay 1) Build + +# Check required arguments exist. These will be provided by the Github Action +# Workflow and are required to ensure the correct branches are being used. +ARG SHAIRPORT_SYNC_BRANCH +RUN test -n "$SHAIRPORT_SYNC_BRANCH" + RUN apk -U add \ git \ build-base \ @@ -7,63 +14,42 @@ RUN apk -U add \ automake \ libtool \ dbus \ - su-exec \ alsa-lib-dev \ - libdaemon-dev \ popt-dev \ mbedtls-dev \ soxr-dev \ avahi-dev \ libconfig-dev \ - libsndfile-dev \ mosquitto-dev \ - xmltoman - -# ALAC Build System: -FROM builder-base AS builder-alac + libsndfile-dev +##### ALAC ##### RUN git clone https://github.com/mikebrady/alac -WORKDIR alac -RUN autoreconf -fi +WORKDIR /alac +RUN autoreconf -i RUN ./configure RUN make RUN make install +WORKDIR / +##### ALAC END ##### -# Shairport Sync Build System: -FROM builder-base AS builder-sps - -# This will be modified by the Github Action Workflow and is required -# to ensure the correct branch is being used. -ARG SHAIRPORT_SYNC_BRANCH -RUN test -n "$SHAIRPORT_SYNC_BRANCH" - -COPY --from=builder-alac /usr/local/lib/libalac.* /usr/local/lib/ -COPY --from=builder-alac /usr/local/lib/pkgconfig/alac.pc /usr/local/lib/pkgconfig/alac.pc -COPY --from=builder-alac /usr/local/include /usr/local/include - +##### SPS ##### WORKDIR /shairport-sync COPY . . RUN git checkout "$SHAIRPORT_SYNC_BRANCH" -RUN autoreconf -fi -RUN ./configure \ - --with-alsa \ - --with-dummy \ - --with-pipe \ - --with-stdout \ - --with-avahi \ - --with-ssl=mbedtls \ - --with-soxr \ - --sysconfdir=/etc \ - --with-dbus-interface \ - --with-mpris-interface \ - --with-mqtt-client \ - --with-apple-alac \ - --with-convolution +WORKDIR /shairport-sync/build +RUN autoreconf -i ../ +RUN ../configure --sysconfdir=/etc --with-alsa --with-soxr --with-avahi --with-ssl=mbedtls \ + --with-metadata --with-dummy --with-pipe --with-dbus-interface \ + --with-stdout --with-mpris-interface --with-mqtt-client \ + --with-apple-alac --with-convolution RUN make -j $(nproc) -RUN make install +RUN DESTDIR=install make install +WORKDIR / +##### SPS END ##### -# Shairport Sync Runtime System: -FROM alpine +# Shairport Sync Runtime System +FROM crazymax/alpine-s6:3.12-3.1.1.2 RUN apk -U add \ alsa-lib \ @@ -75,30 +61,29 @@ RUN apk -U add \ avahi \ avahi-tools \ libconfig \ - libsndfile \ - mosquitto-libs \ - su-exec \ - libgcc \ - libgc++ + mosquitto \ + libsndfile-dev -RUN rm -rf /lib/apk/db/* -COPY --from=builder-alac /usr/local/lib/libalac.* /usr/local/lib/ -COPY --from=builder-sps /etc/shairport-sync* /etc/ -COPY --from=builder-sps /etc/dbus-1/system.d/shairport-sync-dbus.conf /etc/dbus-1/system.d/ -COPY --from=builder-sps /etc/dbus-1/system.d/shairport-sync-mpris.conf /etc/dbus-1/system.d/ -COPY --from=builder-sps /usr/local/bin/shairport-sync /usr/local/bin/shairport-sync +# Copy build files. +COPY --from=builder /shairport-sync/build/install/usr/local/bin/shairport-sync /usr/local/bin/shairport-sync +COPY --from=builder /usr/local/lib/libalac.* /usr/local/lib/ +COPY --from=builder /shairport-sync/build/install/etc/dbus-1/system.d/shairport-sync-dbus.conf /etc/dbus-1/system.d/ +COPY --from=builder /shairport-sync/build/install/etc/dbus-1/system.d/shairport-sync-mpris.conf /etc/dbus-1/system.d/ + +COPY ./docker/classic/etc/s6-overlay/s6-rc.d /etc/s6-overlay/s6-rc.d +RUN chmod +x /etc/s6-overlay/s6-rc.d/startup/script.sh # Create non-root user for running the container -- running as the user 'shairport-sync' also allows # Shairport Sync to provide the D-Bus and MPRIS interfaces within the container -RUN addgroup shairport-sync +RUN addgroup shairport-sync RUN adduser -D shairport-sync -G shairport-sync # Add the shairport-sync user to the pre-existing audio group, which has ID 29, for access to the ALSA stuff -RUN addgroup -g 29 docker_audio && addgroup shairport-sync docker_audio +RUN addgroup -g 29 docker_audio && addgroup shairport-sync docker_audio && addgroup shairport-sync audio -COPY ./docker/classic/start.sh / -RUN chmod +x /start.sh +# Remove anything we don't need. +RUN rm -rf /lib/apk/db/* -ENTRYPOINT [ "/start.sh" ] +ENTRYPOINT [ "/init", "s6-setuidgid", "shairport-sync", "/usr/local/bin/shairport-sync" ] diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/01-dbus/finish b/docker/classic/etc/s6-overlay/s6-rc.d/01-dbus/finish new file mode 100644 index 00000000..a8222fb0 --- /dev/null +++ b/docker/classic/etc/s6-overlay/s6-rc.d/01-dbus/finish @@ -0,0 +1,2 @@ +#!/command/execlineb -S0 +/run/s6/basedir/bin/halt \ No newline at end of file diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/01-dbus/run b/docker/classic/etc/s6-overlay/s6-rc.d/01-dbus/run new file mode 100644 index 00000000..8757e5d5 --- /dev/null +++ b/docker/classic/etc/s6-overlay/s6-rc.d/01-dbus/run @@ -0,0 +1,4 @@ +#!/command/with-contenv sh +rm -rf /var/run/dbus.pid +echo "Starting dbus" +exec dbus-daemon --system --nofork \ No newline at end of file diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/01-dbus/type b/docker/classic/etc/s6-overlay/s6-rc.d/01-dbus/type new file mode 100644 index 00000000..1780f9f4 --- /dev/null +++ b/docker/classic/etc/s6-overlay/s6-rc.d/01-dbus/type @@ -0,0 +1 @@ +longrun \ No newline at end of file diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/02-avahi/finish b/docker/classic/etc/s6-overlay/s6-rc.d/02-avahi/finish new file mode 100644 index 00000000..a8222fb0 --- /dev/null +++ b/docker/classic/etc/s6-overlay/s6-rc.d/02-avahi/finish @@ -0,0 +1,2 @@ +#!/command/execlineb -S0 +/run/s6/basedir/bin/halt \ No newline at end of file diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/02-avahi/run b/docker/classic/etc/s6-overlay/s6-rc.d/02-avahi/run new file mode 100644 index 00000000..fc509297 --- /dev/null +++ b/docker/classic/etc/s6-overlay/s6-rc.d/02-avahi/run @@ -0,0 +1,8 @@ +#!/command/with-contenv sh +sleep 5 +while [ ! -f /var/run/dbus.pid ]; do + "dbus is not running, sleeping for 5 seconds before trying to start avahi" + sleep 5 +done +echo "Starting avahi" +exec avahi-daemon --no-chroot \ No newline at end of file diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/02-avahi/type b/docker/classic/etc/s6-overlay/s6-rc.d/02-avahi/type new file mode 100644 index 00000000..1780f9f4 --- /dev/null +++ b/docker/classic/etc/s6-overlay/s6-rc.d/02-avahi/type @@ -0,0 +1 @@ +longrun \ No newline at end of file diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/startup/script.sh b/docker/classic/etc/s6-overlay/s6-rc.d/startup/script.sh new file mode 100644 index 00000000..c975a403 --- /dev/null +++ b/docker/classic/etc/s6-overlay/s6-rc.d/startup/script.sh @@ -0,0 +1,2 @@ +#!/bin/sh +echo "STARTING - $(date)" \ No newline at end of file diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/startup/type b/docker/classic/etc/s6-overlay/s6-rc.d/startup/type new file mode 100644 index 00000000..3d92b15f --- /dev/null +++ b/docker/classic/etc/s6-overlay/s6-rc.d/startup/type @@ -0,0 +1 @@ +oneshot \ No newline at end of file diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/startup/up b/docker/classic/etc/s6-overlay/s6-rc.d/startup/up new file mode 100644 index 00000000..0c609ec6 --- /dev/null +++ b/docker/classic/etc/s6-overlay/s6-rc.d/startup/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/startup/script.sh \ No newline at end of file diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/user/contents.d/01-dbus b/docker/classic/etc/s6-overlay/s6-rc.d/user/contents.d/01-dbus new file mode 100644 index 00000000..e69de29b diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/user/contents.d/02-avahi b/docker/classic/etc/s6-overlay/s6-rc.d/user/contents.d/02-avahi new file mode 100644 index 00000000..e69de29b diff --git a/docker/classic/etc/s6-overlay/s6-rc.d/user/contents.d/startup b/docker/classic/etc/s6-overlay/s6-rc.d/user/contents.d/startup new file mode 100644 index 00000000..e69de29b diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml index 6b2394a1..1bd66168 100644 --- a/docker/docker-compose.yaml +++ b/docker/docker-compose.yaml @@ -2,7 +2,7 @@ services: shairport-sync: - image: mikebrady/shairport-sync: + image: mikebrady/shairport-sync:development network_mode: host restart: unless-stopped devices: diff --git a/docker/etc/s6-overlay/s6-rc.d/03-nqptp/run b/docker/etc/s6-overlay/s6-rc.d/03-nqptp/run index 7af2c601..e8b59b2e 100644 --- a/docker/etc/s6-overlay/s6-rc.d/03-nqptp/run +++ b/docker/etc/s6-overlay/s6-rc.d/03-nqptp/run @@ -1,3 +1,3 @@ #!/command/with-contenv sh echo "Starting nqptp" -exec /usr/local/bin/nqptp -v \ No newline at end of file +exec /usr/local/bin/nqptp \ No newline at end of file