baseimagedefs.yml

---

#
# Definitions for docker-baseimage-gui.
#
# This file is used as data source to generate README.md and unRAID template
# files from Jinja2 templates.
#

baseimage:
  name: baseimage-gui
  title: >-
    A minimal docker baseimage to ease creation of X graphical application
    containers
  description: |-
    This Docker baseimage simplifies creating containers to run any X graphical
    application on a headless server. The application's full graphical interface
    directly from any modern web browser - no downloads, installs, or setup required
    on the client side - or connect with any VNC client.

    The web interface also offers audio playback, seamless clipboard sharing, an
    integrated file manager and terminal for accessing the container's files and
    shell, desktop notifications, and more.
  gui: true
  history:
    - version: 4.11.3
      date: 2026-03-14
      changed:
        - 'Enable xcompmgr output only when debug is enabled.'
        - 'Enhanced self-signed certificates by including the Subject Alternative Name (SAN) and using the container hostname instead of a dummy domain name.'
    - version: 4.11.2
      date: 2026-02-22
      fixed:
        - 'X server failing to find the appropriate Mesa driver on some setups.'
    - version: 4.11.1
      date: 2026-02-18
      fixed:
        - 'Fixed by the update of jlesage/baseimage to version 3.10.5:'
        - '2:`take-ownership helper` failure when multiple users/groups share the same id.'
    - version: 4.11.0
      date: 2026-02-14
      changes:
        added:
          - 'Web terminal providing shell access to the container.'
          - 'Added by the update of jlesage/baseimage to version 3.10.4:'
          - '2:Script helper to verify whether a package is installed.'
        changed:
          - 'Updated TigerVNC to version 1.16.0.'
          - 'Updated X server to version 21.1.21.'
          - 'Web services server enhancements:'
          - '2:Graceful shutdown behavior improved.'
          - '2:Limit on simultaneous WebSocket connections.'
          - '2:Harmonized logging across modules.'
          - 'Web file manager is now displayed in a modal.'
          - 'Web file manager WebSocket connection is now used only when opened.'
          - 'Changed by the update of jlesage/baseimage to version 3.10.4:'
          - '2:Updated scripts to remove dependencies on certain OS tools.'
        fixed:
          - 'Web file manager issues:'
          - '2:Uploading zero-byte files would fail.'
          - '2:Interrupted uploads would interfere with other uploads.'
          - '2:Some errors were reported incorrectly.'
    - version: 4.10.7
      date: 2026-01-20
      changes:
        added:
          - 'Image based on Debian 13.'
        fixed:
          - 'Fixed by the update of jlesage/baseimage to version 3.8.3:'
          - '2:Internal environment variables being appended to the persistent file on each container start instead of overwriting it.'
          - 'Audio being paused when changing to another tab in the host browser.'
    - version: 4.10.6
      date: 2025-12-31
      changes:
        fixed:
            'On Mac devices, conversion of Command+<Key> shortcuts to the proper Alt+<Key> shortcuts for Linux applications.'
    - version: 4.10.5
      date: 2025-12-21
      changes:
        fixed:
          - 'Key combinations in some Linux applications broken by the Command key remapping.'
    - version: 4.10.4
      date: 2025-12-19
      changes:
        changed:
          - 'Web audio is now automatically re-enabled upon first user interaction.'
          - 'Improved robustness of GPU devices detection.'
          - 'Command key on Mac devices has been remapped to better match Linux application interactions.'
    - version: 4.10.3
      date: 2025-12-06
      changes:
        added:
          - 'Image based on Alpine 3.23.'
    - version: 4.10.2
      date: 2025-12-05
      changes:
        fixed:
          - 'Desktop notification forwarding service issues related to clients and WebSocket management.'
          - 'Fixed by the update of jlesage/baseimage to version 3.8.1:'
          - '2:Support for underscores in `SUP_GROUP_IDS_INTERNAL_*` internal variables.'
    - version: 4.10.1
      date: 2025-12-02
      changes:
        fixed:
          - 'Due to the inclusion of D-Bus, the application may report missing accessibility support.'
    - version: 4.10.0
      date: 2025-11-22
      changes:
        added:
          - 'Hardware acceleration support for the GLX extension using open-source drivers.'
          - 'DRI3 X extension for improved hardware acceleration in client applications.'
          - 'Seamless clipboard synchronization for Chromium-based browsers.'
          - 'Web notification service to forward desktop notifications to browser.'
          - 'Desktop notifications as a logmonitor target.'
          - 'D-Bus daemon for desktop notification integration and broader desktop environment support.'
          - 'Ability to allow web and VNC connections from localhost only.'
          - 'Added by the update of jlesage/baseimage to version 3.10.0:'
          - '2:Support for SUP_GROUP_IDS_INTERNAL_* internal variables.'
          - '2:Ability to restrict a logmonitor notification to specific target(s).'
        changed:
          - 'Updated Xorg server to version 21.1.18.'
          - 'NGINX configuration now enables TLS 1.3.'
        removed:
          - 'Static Diffie-Hellman parameters file (no longer needed in modern TLS configurations and ECDHE).'
    - version: 4.9.0
      date: 2025-07-17
      changes:
        added:
          - 'Internal environment variable to disable the OpenGL Extension of the X Window System.'
          - 'Added by the update of jlesage/baseimage to version 3.8.0:'
          - '2:Ability to define users and groups to be added to Linux system files (`/etc/passwd`, `/etc/group` and `/etc/shadow`).'
        removed:
          - 'Image based on Debian 10 (reached end of support on 2024-06-30).'
    - version: 4.8.2
      date: 2025-07-02
      changes:
        changed:
          - 'Changed by the update of jlesage/baseimage to version 3.7.2:'
          - '2:Allow the `take-ownership` helper to set ownership only if the user does not already have write permission on the folder.'
        fixed:
          - 'Automatic reconnect of the web interface when web authentication is enabled.'
          - 'Some resources could not be accessed behind a reverse proxy based on URL path.'
    - version: 4.8.1
      date: 2025-06-25
      changes:
        fixed:
          - 'Crash with some binaries on systems using old kernel.'
    - version: 4.8.0
      date: 2025-06-20
      changes:
        added:
          - 'Automatic reconnect of the web interface.'
          - 'Web file manager.'
          - 'Support for GLX X extension, backed by the Mesa llvmpipe driver.'
          - 'Load Xresources via xrdb during startup.'
          - 'Image based on Alpine 3.22.'
          - 'Added by the update of jlesage/baseimage to version 3.7.1:'
          - '2:Generation of a container instance unique ID.'
          - '2:Simple mechanism to send commands to the process supervisor, enabling restart of services.'
        changed:
          - 'Updated noVNC to version 1.6.0.'
          - 'Updated web UI components (Bootstrap).'
          - 'Do not ask VNC password when accessing the web interface and web authentication is enabled.'
          - 'Changed by the update of jlesage/baseimage to version 3.7.1:'
          - 'Folders are created with explicit permissions.'
          - 'Ensured that no programs or shell scripts run directly from /tmp, enabling the use of no-exec mounted temporary directory.'
    - version: 4.7.1
      date: 2025-02-07
      changes:
        changed:
          - 'Changed by the update of jlesage/baseimage to version 3.6.5:'
          - '2:Increased the default service ready timeout from 5 seconds to 10 seconds and allow runtime adjustment via environment variable.'
        fixed:
          - 'Generation of favicons on Ubuntu.'
          - 'Compatibility issues that were introduced with support of GTK4 applications.'
    - version: 4.7.0
      date: 2025-01-19
      changes:
        added:
          - 'Environment variable that allows configuring the web authentication token lifetime.'
        changed:
          - 'Rebuild against latest distro images to get security fixes.'
    - version: 4.6.7
      date: 2024-12-06
      changes:
        added:
          - 'Image based on Alpine 3.21.'
        changed:
          - 'Rebuild against latest distro images to get security fixes.'
    - version: 4.6.6
      date: 2024-12-04
      changes:
        fixed:
          - 'Generation of favicons, by using an offline method instead of relying on online service.'
    - version: 4.6.5
      date: 2024-12-01
      changes:
        changed:
          - 'Updated TigerVNC to version 1.14.1.'
        fixed:
          - 'Web audio feature with URL path-based reverse proxy.'
          - 'TLS secure connection method for VNC was preventing web access.'
          - 'CJK font installation on Alpine Linux.'
    - version: 4.6.4
      date: 2024-08-31
      changes:
        added:
          - 'Image based on Debian 12.'
          - 'Image based on Ubuntu 24.04.'
        changed:
          - 'Updated jlesage/baseimage to version 3.6.3.'
          - 'Rebuild against latest distro images to get security fixes.'
        fixed:
          - 'Web authentication feature with URL path-based reverse proxy.'
    - version: 4.6.3
      date: 2024-07-29
      changes:
        fixed:
          - 'Fixed by the update of jlesage/baseimage to version 3.6.2:'
          - '2:Some logged messages related to environment variable loading were not properly prefixed.'
    - version: 4.6.2
      date: 2024-07-28
      changes:
        fixed:
          - 'A Window compositor is required to prevent display issues with GTK4 applications.'
    - version: 4.6.1
      date: 2024-07-27
      changes:
        fixed:
          - 'Fixed by the update of jlesage/baseimage to version 3.6.1:'
          - '2:Return code of environment variable loading script was not handled properly.'
    - version: 4.6.0
      date: 2024-07-26
      changes:
        added:
          - 'Audio support through web browser.'
          - 'Web authentication support.'
          - 'Better support of GTK4 applications.'
          - 'Added by the update of jlesage/baseimage to version 3.6.0:'
          - '2:The amount of time allowed to services to gracefully terminate is configurable via the `SERVICES_GRACETIME` environment variable.'
          - '2:Variables can be added to environment of a service via the `environment_extra` parameter.'
          - 'Image based on Alpine Linux 3.20.'
        changed:
          - 'Updated noVNC to version 1.5.0.'
          - 'Updated web UI components (Bootstrap, Font Awesome).'
          - 'When connecting, the control bar is now temporarily shown only once.'
        removed:
          - 'Helper script to install glibc on Alpine Linux based images.'
          - 'Image based on Alpine 3.14 (reached end of support on 2023-05-01).'
          - 'Image based on Alpine 3.15 (reached end of support on 2023-11-01).'
        fixed:
          - 'Fixed by the update of jlesage/baseimage to version 3.6.0:'
          - '2:During package mirror setup, make sure to keep permissions of copied files.'
    - version: 4.5.3
      date: 2023-12-20
      changes:
        added:
          - 'Image based on Alpine Linux 3.19.'
        changed:
          - 'Fullscreen should not be supported when page is loaded into an iFrame.'
          - 'Changed by the update of jlesage/baseimage to version 3.5.3:'
          - '2:Rebuild against latest distro images to get security fixes.'
    - version: 4.5.2
      date: 2023-11-17
      changes:
        fixed:
          - 'Fixed by the update of jlesage/baseimage to version 3.5.2:'
          - '2:When using a very high user or group ID, the helper that takes ownership of a directory would fail.'
    - version: 4.5.1
      date: 2023-11-10
      changes:
        fixed:
          - 'Fixed by the update of jlesage/baseimage to version 3.5.1:'
          - '2:Packages installation at runtime could fail on Ubuntu/Debian due to missing user/group.'
          - 'Make sure setup of packages mirror is done before installation of CJK font.'
    - version: 4.5.0
      date: 2023-11-09
      changes:
        added:
          - 'Added by the update of jlesage/baseimage to version 3.5.0:'
          - '2:Mirror for packages installation can be set via the `PACKAGES_MIRROR` environment variable.'
        changed:
          - 'Changed by the update of jlesage/baseimage to version 3.5.0:'
          - '2:Improved the way the `take-ownership` script is working.'
        fixed:
          - 'Fixed by the update of jlesage/baseimage to version 3.5.0:'
          - '2:Readiness and minimum running time checks should not be done for a service defined with an interval.'
          - '2:Raise an error when a synched service fails to start.'
          - '2:Minimum running time check of a service was using an incorrect way to verify if process is still alive.'
          - 'Installation of CJK font.'
    - version: 4.4.2
      date: 2023-05-16
      changes:
        added:
          - 'Image based on Alpine Linux 3.18.'
          - 'Image based on Ubuntu 22.04.'
        changed:
          - 'Changed by the update of jlesage/baseimage to version 3.4.7:'
          - '2:Rebuild against latest distro images to get security fixes.'
          - 'Updated X server to version 1.20.14.'
        removed:
          - 'Image based on Alpine 3.13 (reached end of support on 2022-11-01).'
          - 'Image based on Debian 9 (reached end of life on 2022-07-01).'
    - version: 4.4.1
      date: 2023-04-16
      changes:
        changed:
          - 'Updated TigerVNC to version 1.13.1.'
    - version: 4.4.0
      date: 2023-03-04
      changes:
        added:
          - 'Support for generating icons from local file.'
          - 'Dark mode support for GTK2 applications.'
        changed:
          - 'Updated TigerVNC to version 1.13.0.'
          - 'Updated noVNC to version 1.4.0.'
          - 'Updated YAD to version 0.42.43.'
        fixed:
          - 'Disabled automatic focus on clipboard on touch devices.'
          - 'Keep virtual keyboard when closing control menu.'
          - 'Fixed by the update of `jlesage/baseimage` to version 3.4.6:'
          - '2:Issue during initialization of Linux users and groups when the `GROUP_ID` is also part of `SUP_GROUP_IDS`.'
    - version: 4.3.6
      date: 2023-02-13
      changes:
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.4.5:'
          - '2:Limit the maximum number of opened files on system having a very large, unlimited value. This prevents unnecessary waste of CPU resources and time for applications trying to close all possible file descriptors.'
    - version: 4.3.5
      date: 2023-02-09
      changes:
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.4.4:'
          - '2:Issue handling internal supplementary group IDs by the default `sgid` service file.'
    - version: 4.3.4
      date: 2023-02-07
      changes:
        fixed:
          - 'Error message from openbox about missing Fontconfig cache directory.'
    - version: 4.3.3
      date: 2023-02-04
      changes:
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.4.3:'
          - '2:Helper that takes ownership of a directory not handling correctly names with end-of-line character.'
          - '2:The logrotate status file permissions was not set automatically during startup.'
          - '2:Strings `y` and `n` were not considered as valid boolean values.'
          - 'CJK font installation not being detected correctly.'
    - version: 4.3.2
      date: 2023-01-06
      changes:
        changed:
          - 'Changed by the update of `jlesage/baseimage` to version 3.4.2:'
          - '2:Recursivity can be disabled when using the helper taking ownership of a directory.'
          - '2:Supplementary group IDs can also be provided by the container itself via `SUP_GROUP_IDS_INTERNAL` environment variable.'
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.4.2:'
          - 'Validation of supplementary group IDs.'
    - version: 4.3.1
      date: 2023-01-04
      changes:
        fixed:
          - 'Allows the YAD logmonitor target to be killed properly.'
    - version: 4.3.0
      date: 2023-01-03
      changes:
        added:
          - 'Added by the update of `jlesage/baseimage` to version 3.4.1:'
          - '2:Service for logrotate.'
          - 'Control menu can be moved to the right side of the screen.'
          - 'Automatic focus of the clipboard text box when opening the control menu.'
          - 'Automatic close of the control menu when clicking into the application.'
          - 'Rotation of the web server log files.'
        changed:
          - 'Changed by the update of `jlesage/baseimage` to version 3.4.1:'
          - '2:Declaration of files to be monitored by the logmonitor has been moved to the notification''s definitions.'
          - 'Window manager changed back to Openbox. Unfortunately, a lot of applications don''t display correctly with JWM. Note that the way to define the main window remains backward compatible. See documentation for more details.'
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.4.1:'
          - '2:Conversion of a service''s interval non-numeric value.'
          - '2:Prevent the logmonitor to be blocked by a notification backend by running it asynchronously.'
          - 'Init script error that was occurring when a custom VNC listening port was configured with secure connection enabled.'
    - version: 4.2.2
      date: 2022-12-11
      changes:
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.3.3:'
          - '2:Force the value of the `PATH` environment variable. Any value configured during creation of the container should not affect operation of the container.'
    - version: 4.2.1
      date: 2022-12-01
      changes:
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.3.2:'
          - '2:Helper that takes ownership of a directory not handling correctly names with spaces.'
          - '2:Handling of a service''s `workdir` ending with an end-of-line character.'
    - version: 4.2.0
      date: 2022-11-27
      changes:
        added:
          - 'Image based on Alpine 3.17.'
          - 'Added by the update of `jlesage/baseimage` to version 3.2.0:'
          - '2:Helper to take ownership of a directory.'
          - '2:Helper to determine if a boolean value is true or false.'
          - '2:Internal environment variables are automatically loaded when logging in to the container.'
          - '2:Init script to set permissions on `/tmp`.'
        changed:
          - 'Changed by the update of `jlesage/baseimage` to version 3.2.0:'
          - '2:Baseimage''s binaries have been relocated to `/opt/base/bin`.'
          - '2:Adjusted `PATH` environment variable to include `/opt/base/bin`.'
        removed:
          - 'Baseimage based on Debian 8 (reached its end of life on June 30 2020).'
    - version: 4.1.5
      date: 2022-11-07
      changes:
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.1.6:'
          - '2:logmonitor: do not re-process status files that didn''t change.'
          - '2:logmonitor: fixed handling of debouncing value 0 (infinite).'
    - version: 4.1.4
      date: 2022-11-03
      changes:
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.1.5:'
          - '2:Crash that occurs when no monotonic clock is available.'
    - version: 4.1.3
      date: 2022-11-01
      changes:
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.1.4:'
          - '2:Re-added `LANG` Docker environment variable that was present in previous versions.'
    - version: 4.1.2
      date: 2022-10-29
      changes:
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.1.3:'
          - '2:Truncation of long application name in informational box.'
    - version: 4.1.1
      date: 2022-10-23
      changes:
        changed:
          - 'Changed by the update of `jlesage/baseimage` to version 3.1.2:'
          - '2:Include the Docker image platform in informational box printed during container startup.'
          - 'Internal baseimage programs have been moved to `/opt/base/bin`.'
          - 'Make sure JWM is ready before starting the application.'
          - 'Updated JWM to version 2.4.3.'
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.1.2:'
          - '2:Logmonitor crash on arm64 platform.'
          - '2:A umask value of `0000` was not properly applied.'
          - 'JWM configuration may fail to load.'
          - 'Errors from `yad` caused by usage of wrong fontconfig related files.'
    - version: 4.1.0
      date: 2022-10-14
      changes:
        added:
          - 'Added by the update of `jlesage/baseimage` to version 3.1.0:'
          - '2:The `INSTALL_PACKAGES_INTERNAL` internal environment variable.'
        changed:
          - 'Collapse the setting section of the control panel by default on touch devices to accommodate the size taken by the on-screen keyboard.'
          - 'To match against `WM_NAME`, `Title` is now ised instead of `WmName` in JWM configuration.'
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.1.0:'
          - '2:Value of the `UMASK` environment variable defined in the Dockerfile.'
          - 'Implemented workaround for Java applications showing only a blank window.'
    - version: 4.0.4
      date: 2022-10-14
      changes:
        fixed:
          - 'Generation of web data on images using `dash` shell.'
    - version: 4.0.3
      date: 2022-10-13
      changes:
        fixed:
          - 'Websockify and favicons paths for compatibility with scenario where a reverse proxy with routing based un URL path is used.'
    - version: 4.0.2
      date: 2022-10-10
      changes:
        fixed:
          - 'Handling of VNC password.'
          - 'Fixed by the update of `jlesage/baseimage` to version 3.0.3:'
          - '2:Issue taking ownership of `/config` when one of its subfolder is mapped to a network share.'
          - '2:Make sure to always set supplementary groups of services, even if the list is empty.'
    - version: 4.0.1
      date: 2022-10-07
      changes:
        fixed:
          - 'Fixed by the update of `jlesage/baseimage` to version 3.0.1:'
          - '2:Defined parameters for the `app` service were not passed to `startapp.sh`.'
    - version: 4.0.0
      date: 2022-10-06
      changes:
        added:
          - 'Multi-arch support of baseimages.'
          - 'Baseimage based on Alpine Linux 3.16.'
          - 'Support for dark mode.'
          - 'Support for remote window resize.'
          - 'Configurable WEB and VNC ports.'
        changed:
          - 'Size of Docker images has been reduced.'
          - 'S6 overlay has been replaced with a simpler init system and process supervisor.'
          - 'Simplified and improved the container startup and shutdown sequences.'
          - 'Definition of services are more flexible and powerful.'
          - 'Definition of environment variables are more flexible and powerful.'
          - 'Environment variables are automatically passed to init scripts and services.'
          - 'Environment variables can be public or internal ones.'
          - 'Improved management of service dependencies.'
          - 'The log monitor has been rewritten in C.'
          - 'Improved logging to container''s log.'
          - 'Updated the web UI with a new, simplified, less intrusive look.'
          - 'Changed the VNC/X server to TigherVNC.'
          - 'Changed the window manager to JWM.'
          - 'Updated noVNC to version 1.3.0'
          - 'Multiple miscellaneous improvements.'
          - 'Make sure to read the documentation to understand how to adjust applications built with version 3.x of the baseimage.'
        removed:
          - 'Baseimages based on Alpine Linux 3.10, 3.11 and 3.12.'
          - 'Glibc version of Alpine Linux Docker images. Glibc can instead be installed manually with the provided install script.'
          - 'The `with-contenv` script: its usage is no longer needed.'
    - version: 3.5.8
      date: 2021-12-29
      changes:
        - 'Updated installed packages to get latest security fixes.'
        - 'Added images based on Alpine 3.13, 3.14 and 3.15.'
        - 'Added images based on Debian 11.'
        - 'Added images based on Ubuntu 20.04.'
        - 'Removed support for images based on Alpine 3.5, 3.6, 3.7, 3.8 and 3.8.'
    - version: 3.5.7
      date: 2021-04-06
      changes:
        - 'Now using version 2.4.5 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Updated installed packages to get latest security fixes.'
    - version: 3.5.6
      date: 2020-07-19
      changes:
        - 'Other small adjustments for the YAD log monitor target.'
    - version: 3.5.5
      date: 2020-06-29
        - 'Adjusted the log monitor target for recent versions of YAD.'
    - version: 3.5.4
      date: 2020-06-26
      changes:
        - 'Now using version 2.4.4 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Upgraded glibc to version 2.31 on Alpine Linux images with glibc integrated.'
        - '2:Updated installed packages to get latest security fixes.'
    - version: 3.5.3
      date: 2019-10-04
      changes:
        - 'Now using version 2.4.3 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Updated installed packages to get latest security fixes.'
        - '2:Make sure the tzdata is installed.'
    - version: 3.5.2
      date: 2019-04-24
      changes:
        - 'Now using version 2.4.2 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Updated installed packages to get latest security fixes.'
        - 'Fixed issue where the container could have a zombie process.'
        - 'Fixed issue where the password would not be submitted when pressing the enter key in the password modal.'
        - 'Use relative path for favicon ressources to be more friendly with reverse proxy senarios.'
    - version: 3.5.1
      date: 2018-09-18
      changes:
        - 'Now using version 2.4.1 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Updated installed packages to get latest security fixes.'
    - version: 3.5.0
      date: 2018-08-14
      changes:
        - 'Added baseimage based on Ubuntu 18.04.'
    - version: 3.4.0
      date: 2018-07-06
      changes:
        - 'Added images based on Alpine Linux 3.8.'
        - 'Added images based on Debian 9.'
    - version: 3.3.6
      date: 2018-04-12
      changes:
        - 'Now using version 2.2.8 of jlesage/baseimage, which brings the following changes:'
        - '2:Fixed architecture of ubuntu baseimage: it is meant to be 64-bit.'
    - version: 3.3.5
      date: 2018-04-03
      changes:
        - 'Now using version 2.2.7 of jlesage/baseimage, which brings the following changes:'
        - '2:Upgraded s6-overlay to version 1.21.4.0.'
        - '2:Wait for a limited time when terminating a service.'
        - '2:Set and create the XDG_RUNTIME_DIR directory.'
    - version: 3.3.4
      date: 2018-03-02
      changes:
        - 'Now using version 2.2.6 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Fixed issue where log monitor states were not cleared during container startup.'
    - version: 3.3.3
      date: 2018-02-15
      changes:
        - 'Make sure the log monitor is started after the X server.'
        - 'Fixed an issue where the log monitor `yad` target would use XDG folders of the application.'
    - version: 3.3.2
      date: 2018-02-02
      changes:
        - 'Now using version 2.2.5 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Restored timezone support in Alpine Linux images with glibc.'
        - '2:Fixed issue in `add-pkg` helper where a package could be incorrectly detected as installed.'
    - version: 3.3.1
      date: 2018-01-30
      changes:
        - 'Adjusted the way some ressources are accessed to better support reverse proxy to containers.'
    - version: 3.3.0
      date: 2018-01-22
      changes:
        - 'Now using version 2.2.4 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Fixed the LANG environment variable not being set properly.'
        - 'Added the ability to automatically install a CJK (Chinese/Japanese/Korean) font.'
    - version: 3.2.3
      date: 2018-01-12
      changes:
        - 'Now using version 2.2.3 of `jlesage/baseimage`, which brings the following changes:'
        - '2:For Alpine Linux images with glibc, automatically update dynamic linker''s cache after new libraries are installed.'
    - version: 3.2.2
      date: 2018-01-11
      changes:
        - 'Now using version 2.2.2 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Adjusted the way ownership of /config is taken to better support cases where the folder is mapped to a network share.'
    - version: 3.2.1
      date: 2018-01-04
      changes:
        - 'Now using version 2.2.1 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Upgraded S6 overlay to version 1.21.2.2.'
        - '2:Upgraded glibc to version 2.26 (Alpine Linux glibc images).'
    - version: 3.2.0
      date: 2017-12-08
      changes:
        - 'Added images based on Alpine Linux 3.7.'
    - version: 3.1.4
      date: 2017-11-30
      changes:
        - 'Set 2 worker processes for nginx.'
    - version: 3.1.3
      date: 2017-11-19
      changes:
        - 'Now using version 2.1.4 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Upgraded S6 overlay to version 1.21.2.1.'
    - version: 3.1.2
      date: 2017-11-06
      changes:
        - 'Now using version 2.1.3 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Upgraded S6 overlay to version 1.21.2.0.'
        - '2:Use a more efficient way to monitor status files.'
    - version: 3.1.1
      date: 2017-10-31
      changes:
        - 'Now using version 2.1.2 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Fixed an issue where a self-disabled service could be restarted.'
    - version: 3.1.0
      date: 2017-10-28
      changes:
        - 'Now using version 2.1.1 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Upgraded S6 overlay to version 1.21.1.1.'
        - '2:Enhanced integration of service dependencies functionality.'
        - '2:Added a simple log monitor.'
        - '2:Fixed race condition where container''s exit code would not be the expected one.'
        - 'Fixed issue where application''s GUI fails to displayed when accessing it through the web interface via standard ports 80/443.'
    - version: 3.0.2
      date: 2017-10-09
      changes:
        - 'Fixed issue where nginx config change was not applied correctly on systems without IPV6 support and secure connection disabled.'
    - version: 3.0.1
      date: 2017-10-08
      changes:
        - 'Fixed nginx config on systems without IPV6 support.'
    - version: 3.0.0
      date: 2017-10-06
      changes:
        - 'Now using version 2.0.0 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Added better support for service dependencies.'
        - '3:Services startup order is automatically determined.'
        - '3:Services are stopped in reverse order.'
        - '3:The application''s service is always started last.'
        - '3:The following elements are no longer needed and have been removed:'
        - '4:`s6-svrunning` and `s6-waitdeps` programs.'
        - '4:Pre-stage3 with pre-finish scripts support.'
        - 'Added support for secure access to the application''s GUI:'
        - '2:Via HTTPs or VNC over SSL.'
        - '2:Secure connection is enabled via the `SECURE_CONNECTION` environment variable.'
        - 'Note that these changes can break building and/or execution of containers based on v2.x or earlier of this baseimage.'
    - version: 2.0.9
      date: 2017-09-20
      changes:
        - 'Now using version 1.1.6 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Restore default `/etc/shadow` during container startup.'
    - version: 2.0.8
      date: 2017-09-08
      changes:
        - 'Now using version 1.1.5 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Fixed duplicated entries in /etc/passwd and /etc/group that were created after a restart of the container.'
    - version: 2.0.7
      date: 2017-09-06
      changes:
        - 'Now using version 1.1.4 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Fixed timezone support on alpine-glibc images.'
    - version: 2.0.6
      date: 2017-08-13
      changes:
        - 'Now using version 1.1.3 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Upgraded S6 overlay to version 1.20.0.0.'
    - version: 2.0.5
      date: 2017-07-31
      changes:
        - 'Now using version 1.1.2 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Clear the environment of the container during startup.'
        - '2:Clear the `/tmp` folder during startup.'
        - 'Cleanly terminate the X server when container is restarted/stopped.'
        - 'Improved robustness of X server starting process.'
    - version: 2.0.4
      date: 2017-07-28
      changes:
        - 'Now using version 1.1.1 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Make sure to remove the container shutdown indication during startup. This fixes the behavior of `KEEP_APP_RUNNING` variable after a restart of the container.'
        - 'Removed unneeded files from the image.'
    - version: 2.0.3
      date: 2017-07-27
      changes:
        - 'Improved robustness of the X server starting process.'
    - version: 2.0.2
      date: 2017-07-21
      changes:
        - 'Fixed exposed VNC port.'
    - version: 2.0.1
      date: 2017-07-17
      changes:
        - 'Now using version 1.1.0 of `jlesage/baseimage`, which brings the following changes:'
        - '2:Added declaration of XDG environment variables.'
        - 'Thus, declaration of these variables are no longer needed.'
        - 'Clean temporary files left by npm'
    - version: 2.0.0
      date: 2017-07-16
      changes:
        - 'Now using `jlesage/baseimage` as the baseimage.'
        - 'Removed all non-GUI related stuff that has been moved to `jlesage/baseimage`.'
        - '[*] Configuration used by openbox is now located at `/etc/xdg/openboxrc.xml` (instead of `/home/guiapp/.config/openbox/rc.xml`).'
        - '[*] Moved the application''s icon install script from `/opt/install_app_icon.sh` to `/usr/local/bin/install_app_icon.sh`.'
        - '[*] The following XDG environment variables are now set, potentially affecting where the GUI application store its data/config:'
        - '2:XDG_DATA_HOME=/config/xdg/data'
        - '2:XDG_CONFIG_HOME=/config/xdg/config'
        - '2:XDG_CACHE_HOME=/config/xdg/cache'
        - 'Changes brought by the usage of the new baseimage:'
        - '2:Improved the way a service is waiting for another by adding a generic mechanism.'
        - '2:Taking ownership of `/config` can now be controlled via the environment variable `TAKE_CONFIG_OWNERSHIP`.'
        - '2:Added helper to ease installation and removal of packages.'
        - '2:Added helper to ease verification of modifications applied to files using `sed`.'
        - '2:[*] The name of the user running the application changed from `guiapp` to `app`.'
        - '2:[*] The `$HOME` environment variable is no longer set.'
        - '2:[*] The `/home/guiapp` directory has been removed.'
        - 'Changes marked with `[*]` can break building and/or execution of containers based on v1.x of this baseimage.'
    - version: 1.5.0
      date: 2017-07-04
      changes:
        - 'Added the UMASK environment variable to control how file permissions are set for newly created files.'
        - 'Added the X11VNC_EXTRA_OPTS environment variable used to pass additional arguments to the x11vnc server.'
        - 'By default, activate auto-scaling of application''s window.'
        - 'Applied latest Alpine Linux security updates.'
    - version: 1.4.3
      date: 2017-06-22
      changes:
        - 'Updated Alpine Linux to version 3.6.2 for related container images.'
    - version: 1.4.2
      date: 2017-06-15
      changes:
        - 'Associate the application''s icon to a unique version to avoid browser cache issues.'
    - version: 1.4.1
      date: 2017-06-15
      changes:
        - 'Fixed prefix of some service related messages.'
        - 'Added support for supplying supplementary groups of the application.'
    - version: 1.4.0
      date: 2017-06-06
      changes:
        - 'Added images based on Alpine Linux 3.6.'
        - 'Improved process startup and shutdown.'
        - 'When container is stopped or restarted, processes are now terminated gracefully and in proper order. This allow the GUI application to execute its termination routine.'
        - 'No more error messages when container is stopped or restarted.'
    - version: 1.3.2
      date: 2017-05-30
      changes:
        - 'Fixed password modal window not showing up when required.'
        - 'Fixed debian build.'
    - version: 1.3.1
      date: 2017-05-17
      changes:
        - 'Install better font for alpine images.'
    - version: 1.3.0
      date: 2017-05-15
      changes:
        - 'Added support for application''s niceness configuration.'
    - version: 1.2.3
      date: 2017-05-12
      changes:
        - 'Adjusted the default display width to 1280 pixels, as documented.'
    - version: 1.2.2
      date: 2017-05-11
      changes:
        - 'Fixed issue with the web UI, where the remote application''s window was not taking the available height after activating/deactivating the hideable navigation bar.'
    - version: 1.2.1
      date: 2017-05-10
      changes:
        - 'Fixed issue where clipboard content was lost on modal window closure.'
    - version: 1.2.0
      date: 2017-05-09
      changes:
        - 'New UI for web access to the application''s GUI.'
        - '2:Based on Bootstrap and JQuery.'
        - '2:Mobile friendly.'
        - '2:Hideable navigation bar.'
        - '2:Downscaling support.'
        - '2:Clipboard support.'
        - '2:Fullscreen toggle.'
        - '2:Draggable remote screen when it doesn''t fix the client''s window.'
        - '2:Virtual keyboard support on mobile.'
        - '2:Right-click via long touch on mobile.'
    - version: 1.0.1
      date: 2017-05-5
      changes:
        - 'Fixed issue where VNC password was still applied after removal of the VNC password file from `/config`.'
        - 'Fixed mouse handling when accessing the container''s GUI via Microsoft Internet Explorer/Edge.'
        - 'Fixed a crash of the build-in VNC server.'
    - version: 1.0.0
      date: 2017-04-07
      changes:
        - 'Initial release.'

container:
  # Environment variables.
  environment_variables:
    - name: DISABLE_GLX
      description: >-
       When set to `1`, disables the OpenGL Extension of the X Window System.
      type: internal
      default: 0
    - name: DISPLAY_WIDTH
      description: Width (in pixels) of the application's window.
      type: public
      default: 1920
      unraid_template:
        title: Display Width
        display: advanced
        required: false
        mask: false
    - name: DISPLAY_HEIGHT
      description: Height (in pixels) of the application's window.
      type: public
      default: 1080
      unraid_template:
        title: Display Height
        display: advanced
        required: false
        mask: false
    - name: DARK_MODE
      description: >-
        When set to `1`, enables dark mode for the application. See
        Dark Mode](#dark-mode) for details.
      type: public
      default: 0
      unraid_template:
        title: Dark Mode
        description: >-
          When set to `1`, enables dark mode for the application.
        display: advanced
        required: false
        mask: false
    - name: WEB_AUDIO
      description: >-
        When set to `1`, enables audio support, allowing audio produced by
        the application to play through the browser. See [Web Audio](#web-audio)
        for details.
      type: public
      default: 0
      unraid_template:
        title: Web Audio
        description: >-
          When set to `1`, enables audio support, allowing audio produced by
          the application to play through the browser.
        display: advanced
        required: false
        mask: false
    - name: WEB_FILE_MANAGER
      description: >-
        When set to `1`, enables the web file manager, allowing interaction
        with files inside the container through the web browser, supporting
        operations like renaming, deleting, uploading, and downloading. See
        [Web File Manager](#web-file-manager) for details.
      type: public
      default: 0
      unraid_template:
        title: Web File Manager
        description: >-
          When set to `1`, enables the web file manager, allowing interaction
          with files inside the container through a web browser, supporting
          operations like renaming, deleting, uploading, and downloading.
        display: advanced
        required: false
        mask: false
    - name: WEB_FILE_MANAGER_ALLOWED_PATHS
      description: >-
        Comma-separated list of paths within the container that the file
        manager can access. By default, the container's entire filesystem is not
        accessible, and this variable specifies allowed paths. If set to `AUTO`,
        commonly used folders and those mapped to the container are
        automatically allowed. The value `ALL` allows access to all paths (no
        restrictions). See [Web File Manager](#web-file-manager) for details.
      type: public
      default: AUTO
      unraid_template:
        title: Web File Manager Allowed Paths
        description: >-
          Comma-separated list of paths within the container that the file
          manager can access. By default, the container's entire filesystem is not
          accessible, and this variable specifies allowed paths. If set to `AUTO`,
          commonly used folders and those mapped to the container are
          automatically allowed. The value `ALL` allows access to all paths (no
          restrictions).
        display: advanced
        required: false
        mask: false
    - name: WEB_FILE_MANAGER_DENIED_PATHS
      description: >-
        Comma-separated list of paths within the container that the file manager
        cannot access. A denied path takes precedence over an allowed path. See
        [Web File Manager](#web-file-manager) for details.
      type: public
      default:
      unraid_template:
        title: Web File Manager Denied Paths
        description: >-
          Comma-separated list of paths within the container that the file
          manager cannot access. A denied path takes precedence over an allowed
          path.
        display: advanced
        required: false
        mask: false
    - name: WEB_NOTIFICATION
      description: >-
        When set to `1`, enables the web notification service, allowing the
        browser to display desktop notifications from the application. Requires
        the container to be configured with secure web access (HTTPS). See
        [Web Notifications](#web-notifications) for details.
      type: public
      default: 0
      unraid_template:
        title: Web Desktop Notifications
        description: >-
          When set to `1`, enables the web notification service, allowing the
          browser to display desktop notifications from the application.
        display: advanced
        required: false
        mask: false
    - name: WEB_TERMINAL
      description: >-
        When set to `1`, enables access to a terminal from the web interface. It
        is strongly recommended to configure the container with secure web
        access (HTTPS). See [Web Terminal](#web-terminal) for details.
      type: public
      default: 0
      unraid_template:
        title: Web Terminal
        description: >-
          When set to `1`, enables access to a terminal from the web interface.
          It is strongly recommended to configure the container with secure web
          access (HTTPS).
        display: advanced
        required: false
        mask: false
    - name: WEB_TERMINAL_SHELL_PATH
      description: >-
        The shell used by the web terminal.
      type: public
      default: /bin/sh
      unraid_template:
        title: Web Terminal
        display: advanced
        required: false
        mask: false
    - name: WEB_AUTHENTICATION
      description: >-
        When set to `1`, protects the application's GUI with a login page when
        accessed via a web browser. Access is granted only with valid
        credentials. Requires the container to be configured with secure web
        access (HTTPS). See [Web Authentication](#web-authentication) for
        details.
      type: public
      default: 0
      unraid_template:
        title: Web Authentication
        description: >-
          When set to `1`, protects the application's GUI with a login page when
          accessed via a web browser. Access is granted only with valid
          credentials.
        display: advanced
        required: false
        mask: false
    - name: WEB_AUTHENTICATION_TOKEN_VALIDITY_TIME
      description: >-
        Lifetime of a token, in hours. A token is assigned to the user after
        successful login. As long as the token is valid, the user can access the
        application's GUI without logging in again. Once the token expires, the
        login page is displayed again.
      type: public
      default: 24
      unraid_template:
        title: Web Authentication Token Validity Time
        display: advanced
        required: false
        mask: false
    - name: WEB_AUTHENTICATION_USERNAME
      description: >-
        Optional username for web authentication. Provides a quick and easy way
        to configure credentials for a single user. For more secure
        configuration or multiple users, see the
        [Web Authentication](#web-authentication) section.
      type: public
      unraid_template:
        title: Web Authentication Username
        description: >-
          Optional username for web authentication. Provides a quick and easy way
          to configure credentials for a single user. For more secure
          configuration or multiple users, see the documentation.
        display: advanced
        required: false
        mask: false
    - name: WEB_AUTHENTICATION_PASSWORD
      description: >-
        Optional password for web authentication. Provides a quick and easy way
        to configure credentials for a single user. For more secure
        configuration or multiple users, see the
        [Web Authentication](#web-authentication) section.
      type: public
      unraid_template:
        title: Web Authentication Password
        description: >-
          Optional password for web authentication. Provides a quick and easy way
          to configure credentials for a single user. For more secure
          configuration or multiple users, see the documentation.
        display: advanced
        required: false
        mask: false
    - name: SECURE_CONNECTION
      description: >-
        When set to `1`, uses an encrypted connection to access the
        application's GUI (via web browser or VNC client). See
        [Security](#security) for details.
      type: public
      default: 0
      unraid_template:
        title: Secure Connection
        description: >-
          When set to `1`, uses an encrypted connection to access the
          application's GUI (via web browser or VNC client).
        display: advanced
        required: false
        mask: false
    - name: SECURE_CONNECTION_VNC_METHOD
      description: >-
        Method used for encrypted VNC connections. Possible values are `SSL` or
        `TLS`. See [Security](#security) for details.
      type: public
      default: SSL
      unraid_template:
        title: Secure Connection VNC Method
        description: >-
          Method used for encrypted VNC connection. Possible values are `SSL` or
          `TLS`.
        display: advanced
        required: false
        mask: false
    - name: SECURE_CONNECTION_CERTS_CHECK_INTERVAL
      description: >-
        Interval, in seconds, at which the system checks if web or VNC
        certificates have changed. When a change is detected, affected services
        are automatically restarted. A value of `0` disables the check.
      type: public
      default: 60
      unraid_template:
        title: Secure Connection Certificate Check Interval
        display: advanced
        required: false
        mask: false
    - name: WEB_LOCALHOST_ONLY
      description: >-
        When set to `1`, allows web connections only from localhost (127.0.0.1
        and ::1).
      type: public
      default: 0
    - name: VNC_LOCALHOST_ONLY
      description: >-
        When set to `1`, allows VNC connections only from localhost (127.0.0.1
        and ::1).
      type: public
      default: 0
    - name: WEB_LISTENING_PORT
      description: >-
        Port used by the web server to serve the application's GUI. This port is
        internal to the container and typically does not need to be changed. By
        default, a container uses the default bridge network, requiring each
        internal port to be mapped to an external port (using the `-p` or
        `--publish` argument). If another network type is used, changing this
        port may prevent conflicts with other services/containers. **NOTE**: A
        value of `-1` disables HTTP/HTTPS access to the application's GUI.
      type: public
      default: 5800
      unraid_template:
        title: Web Listening Port (Non-Bridge Network Type)
        description: >-
          Port used by the web server to serve the application's GUI. This port
          is internal to the container and typically does not need to be
          changed. NOTE: This setting is relevant only when the Network Type is
          set to something else than Bridge.
        display: advanced
        required: false
        mask: false
    - name: VNC_LISTENING_PORT
      description: >-
        Port used by the VNC server to serve the application's GUI. This port is
        internal to the container and typically does not need to be changed. By
        default, a container uses the default bridge network, requiring each
        internal port to be mapped to an external port (using the `-p` or
        `--publish` argument). If another network type is used, changing this
        port may prevent conflicts with other services/containers. **NOTE**: A
        value of `-1` disables VNC access to the application's GUI.
      type: public
      default: 5900
      unraid_template:
        title: VNC Listening Port (Non-Bridge Network Type)
        description: >-
          Port used by the VNC server to serve the application's GUI. This port
          is internal to the container and typically does not need to be
          changed. NOTE: This setting is relevant only when the Network Type is
          set to something else than Bridge.
        display: advanced
        required: false
        mask: false
    - name: VNC_PASSWORD
      description: >-
        Password required to connect to the application's GUI. See the
        [VNC Password](#vnc-password) section for details.
      type: public
    - name: ENABLE_CJK_FONT
      description: >-
        When set to `1`, installs the open-source font `WenQuanYi Zen Hei`,
        supporting a wide range of Chinese/Japanese/Korean characters.
      type: public
      default: 0

  # Volumes
  volumes: []

  # Network ports
  ports:
    - number: 5800
      protocol: tcp
      description: >-
        Port to access the application's GUI via the web interface. Mapping
        to the host is optional if web access is not needed. For non-default
        bridge networks, the port can be changed with the `WEB_LISTENING_PORT`
        environment variable.
      mandatory: false
      include_in_quick_start: true
      unraid_template:
        title: WEB Port for GUI (Bridge Network Type)
        description: >-
          Port to access the application's GUI via the web interface.
        default: "{{ 7800 + app.id|int }}"
        display: advanced-hide
        required: true
        mask: false
    - number: 5900
      protocol: tcp
      description: >-
        Port to access the application's GUI via the VNC protocol. Mapping
        to the host is optional if VNC access is not needed. For non-default
        bridge networks, the port can be changed with the `VNC_LISTENING_PORT`
        environment variable.
      mandatory: false
      unraid_template:
        title: VNC Port for GUI (Bridge Network Type)
        description: >-
          Port to access the application's GUI via VNC protocol. Optional if no
          VNC client is used.
        default: "{{ 7900 + app.id|int }}"
        display: advanced-hide
        required: false
        mask: false

  # Devices
  devices: []