allow to add the /dev/dri device into the container and refactor devices

Signed-off-by: Simon L <szaimen@e.mail.de>
2025-12-20 06:26:57 +00:00 · 2023-01-03 02:01:03 +01:00 · 2023-01-03 02:01:03 +01:00 · 92b271c3e5
commit 92b271c3e5
parent 7237433548
11 changed files with 72 additions and 2 deletions
--- a/php/src/Container/Container.php
+++ b/php/src/Container/Container.php
@ -21,6 +21,8 @@ class Container {
    private array $dependsOn;
    /** @var string[] */
    private array $secrets;
+    /** @var string[] */
+    private array $devices;
    private DockerActionManager $dockerActionManager;

    public function __construct(
@ -35,6 +37,7 @@ class Container {
        ContainerEnvironmentVariables $containerEnvironmentVariables,
        array $dependsOn,
        array $secrets,
+        array $devices,
        DockerActionManager $dockerActionManager
    ) {
        $this->identifier = $identifier;
@ -48,6 +51,7 @@ class Container {
        $this->containerEnvironmentVariables = $containerEnvironmentVariables;
        $this->dependsOn = $dependsOn;
        $this->secrets = $secrets;
+        $this->devices = $devices;
        $this->dockerActionManager = $dockerActionManager;
    }

@ -75,6 +79,10 @@ class Container {
        return $this->secrets;
    }

+    public function GetDevices() : array {
+        return $this->devices;
+    }
+
    public function GetPorts() : ContainerPorts {
        return $this->ports;
    }
--- a/php/src/ContainerDefinitionFetcher.php
+++ b/php/src/ContainerDefinitionFetcher.php
@ -208,6 +208,11 @@ class ContainerDefinitionFetcher
                $secrets = $entry['secrets'];
            }

+            $devices = [];
+            if (isset($entry['devices'])) {
+                $devices = $entry['devices'];
+            }
+
            $containers[] = new Container(
                $entry['container_name'],
                $displayName,
@ -220,6 +225,7 @@ class ContainerDefinitionFetcher
                $variables,
                $dependsOn,
                $secrets,
+                $devices,
                $this->container->get(DockerActionManager::class)
            );
        }
--- a/php/src/Data/ConfigurationManager.php
+++ b/php/src/Data/ConfigurationManager.php
@ -791,4 +791,19 @@ class ConfigurationManager
            return true;
        }
    }
+
+    private function GetEnabledDriDevice() : string {
+        $envVariableName = 'NEXTCLOUD_ENABLE_DRI_DEVICE';
+        $configName = 'nextcloud_enable_dri_device';
+        $defaultValue = '';
+        return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue);
+    }
+
+    public function isDriDeviceEnabled() : bool {
+        if ($this->GetEnabledDriDevice() === 'true') {
+            return true;
+        } else {
+            return false;
+        }
+    }
 }
--- a/php/src/Docker/DockerActionManager.php
+++ b/php/src/Docker/DockerActionManager.php
@ -384,10 +384,21 @@ class DockerActionManager
            }
        }

+        $devices = [];
+        foreach($container->GetDevices() as $device) {
+            if ($device === '/dev/dri' && ! $this->configurationManager->isDriDeviceEnabled()) {
+                continue;
+            }
+            $devices[] = ["PathOnHost" => $device, "PathInContainer" => $device, "CgroupPermissions" => "rwm"];
+        }
+
+        if (count($devices) > 0) {
+            $requestBody['HostConfig']['Devices'] = $devices;
+        }
+
        // Special things for the backup container which should not be exposed in the containers.json
        if ($container->GetIdentifier() === 'nextcloud-aio-borgbackup') {
            $requestBody['HostConfig']['CapAdd'] = ["SYS_ADMIN"];
-            $requestBody['HostConfig']['Devices'] = [["PathOnHost" => "/dev/fuse", "PathInContainer" => "/dev/fuse", "CgroupPermissions" => "rwm"]];
            $requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined"];
            
            // Additional backup directories