A long time ago I wanted this, and didn’t find anything like it out there. The browser-in-a-container systems were all around CI tests instead of day-to-day use. So I wrote my own and have been actively using it for over a year now.
I haven’t checked since to see if someone else has done this, but even if they have, I don’t think this type of setup gets much attention. So here’s me Firefox-in-a-Docker config:
The goal was to isolate Firefox from as much of the hardware and filesystem as seemed “reasonable” to me. My reasonable may not be yours.
Longer term, I have been thinking about adding memory / cpu limits by way of Docker, but it has been so long since I’ve had real run-away problems there with Firefox that I haven’t done that. It’s an easy addition to the
docker run line in the runner script. Harder is deciding what’s a reasonable limit without being arbitrary.