Firefox-in-a-Docker *for desktop*

(Eli the Bearded) #1

A long time ago I wanted this, and didn’t find anything like it out there. The browser-in-a-container systems were all around CI tests instead of day-to-day use. So I wrote my own and have been actively using it for over a year now.

I haven’t checked since to see if someone else has done this, but even if they have, I don’t think this type of setup gets much attention. So here’s me Firefox-in-a-Docker config:

The goal was to isolate Firefox from as much of the hardware and filesystem as seemed “reasonable” to me. My reasonable may not be yours.

Longer term, I have been thinking about adding memory / cpu limits by way of Docker, but it has been so long since I’ve had real run-away problems there with Firefox that I haven’t done that. It’s an easy addition to the docker run line in the runner script. Harder is deciding what’s a reasonable limit without being arbitrary.

Discussion welcome!

(rugk) #2

Another way to sandbox Firefox a bit would e.g. be using Flatpak.

(Eli the Bearded) #3

Under the hood that seems to be another Linux container implementation, but because the focus is on easy to use, it might be harder for tinkering with. I think the Docker set-up is reasonably straightforward to start tweaking and adjusting for someone not used to creating Docker files, but otherwise familiar with Unix scripting. Not so sure about Flatpak, I’ve never tried to create one.

Of course, yes, if someone else has created one, Flatpak will be easier to use. That’s the intent of Flatpak. Easy to use desktop containers.