linuxserver/webtop
Webtop - Alpine, Ubuntu, Fedora, and Arch based containers containing full desktop environments in officially supported flavors accessible via any modern web browser.
Simply pulling
lscr.io/linuxserver/webtop:latest should retrieve the correct image for your arch, but you can also pull specific arch images via tags.The architectures supported by this image are:
Architecture | Available | Tag |
|---|---|---|
x86-64 | ✅ | amd64-<version tag> |
arm64 | ✅ | arm64v8-<version tag> |
armhf | ❌ | |
This image provides various versions that are available via tags. Please read the descriptions carefully and exercise caution when using unstable or development tags.
Tag | Available | Description |
|---|---|---|
latest | ✅ | XFCE Alpine |
ubuntu-xfce | ✅ | XFCE Ubuntu |
fedora-xfce | ✅ | XFCE Fedora |
arch-xfce | ✅ | XFCE Arch |
debian-xfce | ✅ | XFCE Debian |
alpine-kde | ✅ | KDE Alpine |
ubuntu-kde | ✅ | KDE Ubuntu |
fedora-kde | ✅ | KDE Fedora |
arch-kde | ✅ | KDE Arch |
debian-kde | ✅ | KDE Debian |
alpine-mate | ✅ | MATE Alpine |
ubuntu-mate | ✅ | MATE Ubuntu |
fedora-mate | ✅ | MATE Fedora |
arch-mate | ✅ | MATE Arch |
debian-mate | ✅ | MATE Debian |
alpine-i3 | ✅ | i3 Alpine |
ubuntu-i3 | ✅ | i3 Ubuntu |
fedora-i3 | ✅ | i3 Fedora |
arch-i3 | ✅ | i3 Arch |
debian-i3 | ✅ | i3 Debian |
alpine-openbox | ✅ | Openbox Alpine |
ubuntu-openbox | ✅ | Openbox Ubuntu |
fedora-openbox | ✅ | Openbox Fedora |
arch-openbox | ✅ | Openbox Arch |
debian-openbox | ✅ | Openbox Debian |
alpine-icewm | ✅ | IceWM Alpine |
ubuntu-icewm | ✅ | IceWM Ubuntu |
fedora-icewm | ✅ | IceWM Fedora |
arch-icewm | ✅ | IceWM Arch |
debian-icewm | ✅ | IceWM Debian |
## Application Setup | | |
The Webtop can be accessed at:
- http://yourhost:3000/
- https://yourhost:3001/
Modern GUI desktop apps (including some flavors terminals) have issues with the latest Docker and syscall compatibility, you can use Docker with the
--security-opt seccomp=unconfined setting to allow these syscallsUnlike our other containers these Desktops are not designed to be upgraded by Docker, you will keep your home directoy but anything you installed system level will be lost if you upgrade an existing container. To keep packages up to date instead use Ubuntu/Debians's own apt, Alpine's apk, Fedora's dnf, or Arch's pacman program
This container is based on Docker Baseimage KasmVNC which means there are additional environment variables and run configurations to enable or disable specific functionality.
Variable | Description |
|---|---|
CUSTOM_PORT | Internal port the container listens on for http if it needs to be swapped from the default 3000. |
CUSTOM_HTTPS_PORT | Internal port the container listens on for https if it needs to be swapped from the default 3001. |
CUSTOM_USER | HTTP Basic auth username, abc is default. |
PASSWORD | HTTP Basic auth password, abc is default. If unset there will be no auth |
SUBFOLDER | Subfolder for the application if running a subfolder reverse proxy, need both slashes IE /subfolder/ |
TITLE | The page title displayed on the web browser, default "KasmVNC Client". |
FM_HOME | This is the home directory (landing) for the file manager, default "/config". |
START_DOCKER | If set to false a container with privilege will not automatically start the DinD Docker setup. |
DRINODE | If mounting in /dev/dri for DRI3 GPU Acceleration allows you to specify the device to use IE /dev/dri/renderD128 |
Variable | Description |
|---|---|
--privileged | Will start a Docker in Docker (DinD) setup inside the container to use docker in an isolated environment. For increased performance mount the Docker directory inside the container to the host IE -v /home/user/docker-data:/var/lib/docker. |
-v /var/run/docker.sock:/var/run/docker.sock | Mount in the host level Docker socket to either interact with it via CLI or use Docker enabled applications. |
--device /dev/dri:/dev/dri | Mount a GPU into the container, this can be used in conjunction with the DRINODE environment variable to leverage a host video card for GPU accelerated appplications. Only Open Source drivers are supported IE (Intel,AMDGPU,Radeon,ATI,Nouveau) |
The universal internationalization docker mod can be used with any of these variants to provide non english language support. All you need to know is your specific iso-639 code for your your desired language. For example German is
de_DE.UTF-8 Chinese zh_CN.UTF-8 a full list is here:To enable this pass the environment variables:
-e DOCKER_MODS=linuxserver/mods:universal-internationalization
-e LC_ALL=zh_CN.UTF-8
The web interface has the option for "IME Input Mode" in Settings which will allow non english characters to be used from a non en_US keyboard on the client. Once enabled in conjunction with the mod it will perform the same as a local Linux installation set to your locale.
This container is capable of delivering a true lossless image at a high framerate to your web browser by changing the Stream Quality preset to "Lossless", more information here. In order to use this mode from a non localhost endpoint the HTTPS port on 3001 needs to be used. If using a reverse proxy to port 3000 specific headers will need to be set as outlined here.
To help you get started creating a container from this image you can either use docker-compose or the docker cli.
---
version: "2.1"
services:
webtop:
image: lscr.io/linuxserver/webtop:latest
container_name: webtop
security_opt:
- seccomp:unconfined #optional
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- SUBFOLDER=/ #optional
- TITLE=Webtop #optional
volumes:
- /path/to/data:/config
- /var/run/docker.sock:/var/run/docker.sock #optional
ports:
- 3000:3000
- 3001:3001
devices:
- /dev/dri:/dev/dri #optional
shm_size: "1gb" #optional
restart: unless-stopped
docker run -d \
--name=webtop \
--security-opt seccomp=unconfined `#optional` \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
-e SUBFOLDER=/ `#optional` \
-e TITLE=Webtop `#optional` \
-p 3000:3000 \
-p 3001:3001 \
-v /path/to/data:/config \
-v /var/run/docker.sock:/var/run/docker.sock `#optional` \
--device /dev/dri:/dev/dri `#optional` \
--shm-size="1gb" `#optional` \
--restart unless-stopped \
lscr.io/linuxserver/webtop:latest
Docker images are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate
<external>:<internal> respectively. For example, -p 8080:80 would expose port 80 from inside the container to be accessible from the host's IP on port 8080 outside the container.Parameter | Function |
|---|---|
3000 | Web Desktop GUI |
3001 | Web Desktop GUI HTTPS |
Env | Function |
|---|---|
PUID=1000 | for UserID - see below for explanation |
PGID=1000 | for GroupID - see below for explanation |
TZ=Etc/UTC | |
SUBFOLDER=/ | Specify a subfolder to use with reverse proxies, IE /subfolder/ |
TITLE=Webtop | String which will be used as page/tab title in the web browser. |
Volume | Function |
|---|---|
/config | abc users home directory |
/var/run/docker.sock | Docker Socket on the system, if you want to use Docker in the container |
Parameter | Function |
|---|---|
/dev/dri | Add this for GL support (Linux hosts only) |
Parameter | Function |
|---|---|
--shm-size= | We set this to 1 gig to prevent modern web browsers from crashing |
--security-opt seccomp=unconfined | For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker. |
You can set any environment variable from a file by using a special prepend
FILE__.As an example:
-e FILE__PASSWORD=/run/secrets/mysecretpassword
Will set the environment variable
PASSWORD based on the contents of the /run/secrets/mysecretpassword file.For all of our images we provide the ability to override the default umask settings for services started within the containers using the optional
-e UMASK=022 setting. Keep in mind umask is not chmod it subtracts from permissions based on it's value it does not add. Please read up here before asking for support.When using volumes (
-v flags), permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user PUID and group PGID.Ensure any volume directories on the host are owned by the same user you specify and any permissions issues will vanish like magic.
In this instance
PUID=1000 and PGID=1000, to find yours use id user as below: $ id username
uid=1000(dockeruser) gid=1000(dockergroup) groups=1000(dockergroup)
We publish various Docker Mods to enable additional functionality within the containers. The list of Mods available for this image (if any) as well as universal mods that can be applied to any one of our images can be accessed via the dynamic badges above.
- Shell access whilst the container is running:
docker exec -it webtop /bin/bash
- To monitor the logs of the container in realtime:
docker logs -f webtop
- Container version number
docker inspect -f '{{ index .Config.Labels "build_version" }}' webtop
- Image version number
docker inspect -f '{{ index .Config.Labels "build_version" }}' lscr.io/linuxserver/webtop:latest
- 14.06.23: - Rebase to Debian Bookworm.
- 13.05.23: - Rebase to Alpine 3.18 and Fedora 38.
- 23.03.23: - Rebase all Webtops to KasmVNC base image.
- 21.10.22: - Rebase xfce to Alpine 3.16, migrate to s6v3.
- 12.03.22: - Add documentation for mounting in a GPU.
- 05.02.22: - Rebase KDE Ubuntu to Jammy, add new documentation for updated gclient, stop recommending priv mode.
- 21.09.21: - Add Fedora and Arch images, show seccomp settings in readme.
- 26.09.21: - Rebase to Alpine versions to 3.14.
- 20.04.21: - Initial release.
Last modified 3mo ago