Rewrite whole project with nestjs and give alpine support for docker image.

.dockerignore

@@ -0,0 +1,21 @@
+.gitignore
+.dockerignore
+.git/
+node_modules/
+dist/
+.env
+.env.*
+.npmrc
+secrets/
+*pem
+*.md
+README*.md
+coverage/
+.docker-slim-state/
+logs/
+tmp/
+docker-compose.yaml
+Dockerfile
+.versionbot/
+.github/
+documentation/

.eslintrc.js

@@ -0,0 +1,25 @@
+module.exports = {
+  parser: '@typescript-eslint/parser',
+  parserOptions: {
+    project: 'tsconfig.json',
+    tsconfigRootDir: __dirname,
+    sourceType: 'module',
+  },
+  plugins: ['@typescript-eslint/eslint-plugin'],
+  extends: [
+    'plugin:@typescript-eslint/recommended',
+    'plugin:prettier/recommended',
+  ],
+  root: true,
+  env: {
+    node: true,
+    jest: true,
+  },
+  ignorePatterns: ['.eslintrc.js'],
+  rules: {
+    '@typescript-eslint/interface-name-prefix': 'off',
+    '@typescript-eslint/explicit-function-return-type': 'off',
+    '@typescript-eslint/explicit-module-boundary-types': 'off',
+    '@typescript-eslint/no-explicit-any': 'off',
+  },
+};

.gitignore

@@ -1,4 +1,38 @@
-sha256bca9ad158da383a9af76908776cf6cd8b06359a8a1529c4862fd17fd3f2fc7b3
-Dockerfile.raspberrypi3
-Dockerfile.raspberrypi4-64
+# compiled output
+/dist
+/node_modules
+/documentation
+# Logs
+logs
+*.log
+npm-debug.log*
+pnpm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+
+# OS
+.DS_Store
+
+# Tests
+/coverage
+/.nyc_output
 
+# IDEs and editors
+/.idea
+.project
+.classpath
+.c9/
+*.launch
+.settings/
+*.sublime-workspace
+
+# IDE - VSCode
+.vscode/*
+!.vscode/settings.json
+!.vscode/tasks.json
+!.vscode/launch.json
+!.vscode/extensions.json
+
+Dockerfile.raspberrypi3
+Dockerfile.raspberrypi4-64

.prettierrc

@@ -0,0 +1,4 @@
+{
+  "singleQuote": true,
+  "trailingComma": "all"
+}

Dockerfile.template

@@ -1,43 +1,60 @@
-ARG NODEJS_VERSION="16.19.1"
-
-FROM balenalib/%%BALENA_MACHINE_NAME%%-debian-node:${NODEJS_VERSION}-bookworm-run
-
-# Install the necessary packages
-COPY ./build /usr/src/build
-RUN /usr/src/build/install_chromium "%%BALENA_MACHINE_NAME%%"
-
+FROM balenalib/%%BALENA_ARCH%%-node:18 As development
 WORKDIR /usr/src/app
+COPY package*.json ./
+RUN npm ci
 
-# install node dependencies
-COPY ./package.json /usr/src/app/package.json
-RUN JOBS=MAX npm install --unsafe-perm --production && npm cache clean --force
-
-COPY ./src /usr/src/app/
-
-RUN chmod +x ./*.sh
-
+FROM balenalib/%%BALENA_ARCH%%-node:18 As build
+WORKDIR /usr/src/app
+COPY --from=development /usr/src/app/node_modules ./node_modules
+COPY . .
+RUN npm run build
+ENV NODE_ENV production
+RUN npm ci --omit=dev && npm cache clean --force
+
+FROM balenalib/%%BALENA_ARCH%%-alpine-node:18 As production
+ENV NODE_ENV production
+COPY --from=build /usr/src/app/node_modules ./node_modules
+COPY --from=build /usr/src/app/dist ./dist
+COPY osScripts/* /dist/
+RUN install_packages \
+    chromium \
+    mesa-gles \
+    lsb-release \
+    mesa-vdpau-gallium \
+    scrot \
+    libx11 \
+    xorg-server \
+    xf86-input-evdev \
+    xinit \
+    xinput
+
+RUN chmod +x /dist/*.sh
 ENV UDEV=1
 
 RUN mkdir -p /etc/chromium/policies
 RUN mkdir -p /etc/chromium/policies/recommended
 COPY ./policy.json /etc/chromium/policies/recommended/my_policy.json
 
 # Add chromium user
-RUN useradd chromium -m -s /bin/bash -G root || true && \
-    groupadd -r -f chromium && id -u chromium || true \
-    && chown -R chromium:chromium /home/chromium || true
+RUN adduser -D -G root -s /bin/bash chromium
+RUN addgroup -S chromium
+RUN id -u chromium
+RUN chown -R chromium:chromium /home/chromium
 
 COPY ./public-html /home/chromium  
 
 # udev rule to set specific permissions 
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN echo 'SUBSYSTEM=="vchiq",GROUP="video",MODE="0660"' > /etc/udev/rules.d/10-vchiq-permissions.rules
-RUN usermod -a -G audio,video,tty chromium
+RUN adduser chromium audio
+RUN adduser chromium video
+RUN adduser chromium tty
 
 # Set up the audio block. This won't have any effect if the audio block is not being used.
-RUN curl -skL https://raw.githubusercontent.com/balena-labs-projects/audio/master/scripts/alsa-bridge/debian-setup.sh| sh
+RUN curl -skL https://raw.githubusercontent.com/balena-labs-projects/audio/master/scripts/alsa-bridge/alpine-setup.sh| sh
 ENV PULSE_SERVER=tcp:audio:4317
 
 COPY VERSION .
 
 # Start app
-CMD ["bash", "/usr/src/app/start.sh"]
+CMD ["bash", "/dist/start.sh"]

nest-cli.json

@@ -0,0 +1,8 @@
+{
+  "$schema": "https://json.schemastore.org/nest-cli",
+  "collection": "@nestjs/schematics",
+  "sourceRoot": "src",
+  "compilerOptions": {
+    "deleteOutDir": true
+  }
+}

osScripts/start.sh

@@ -0,0 +1,87 @@
+#!/usr/bin/env bash
+
+# this allows chromium sandbox to run, see https://github.com/balena-os/meta-balena/issues/2319
+sysctl -w user.max_user_namespaces=10000
+
+# Run balena base image entrypoint script
+/usr/bin/entry.sh echo "Running balena base image entrypoint..."
+
+export DBUS_SYSTEM_BUS_ADDRESS=unix:path=/host/run/dbus/system_bus_socket
+
+
+xwrapper_config="/etc/X11/Xwrapper.config"
+# Check if the Xwrapper.config file exists
+if [[ -f "$xwrapper_config" ]]; then
+  # Modify the Xwrapper.config file using sed
+  sed -i 's/^allowed_users=.*/allowed_users=anybody/' "$xwrapper_config"
+  echo "Xwrapper.config modified."
+else
+  touch "$xwrapper_config"
+  echo 'allowed_users=' > "$xwrapper_config"
+  sed -i 's/^allowed_users=.*/allowed_users=anybody/' "$xwrapper_config"
+  echo "Xwrapper.config file not found so I made one :)"
+fi
+
+echo "needs_root_rights=yes" >> /etc/X11/Xwrapper.config
+if [[ $(lsb_release -i | awk '{print $3}') == "Debian" ]]; then
+  dpkg-reconfigure xserver-xorg-legacy
+fi
+
+echo "balenaLabs browser version: $(<VERSION)"
+
+# this stops the CPU performance scaling down
+echo "Setting CPU Scaling Governor to 'performance'"
+echo 'performance' > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor 
+
+# check if display number envar was set
+if [[ -z "$DISPLAY_NUM" ]]
+  then
+    export DISPLAY_NUM=0
+fi
+
+# set whether to show a cursor or not
+if [[ ! -z $SHOW_CURSOR ]] && [[ "$SHOW_CURSOR" -eq "1" ]]
+  then
+    export CURSOR=''
+    echo "Enabling cursor"
+  else
+    export CURSOR='-- -nocursor'
+    echo "Disabling cursor"
+fi
+
+# When using alpine the vcgencmd isn't supported :(
+# If the vcgencmd is supported (i.e. RPi device) - check enough GPU memory is allocated
+if command -v vcgencmd &> /dev/null
+then
+	echo "Checking GPU memory"
+    if [ "$(vcgencmd get_mem gpu | grep -o '[0-9]\+')" -lt 128 ]
+	then
+	echo -e "\033[91mWARNING: GPU MEMORY TOO LOW"
+	fi
+fi
+
+# set up the user data area
+mkdir -p /data/chromium
+chown -R chromium:chromium /data
+rm -f /data/chromium/SingletonLock
+
+
+
+# launch Chromium and whitelist the enVars so that they pass through to the su session
+if [[ $(lsb_release -i | awk '{print $3}') == "Debian" ]]; then
+  # we can't maintain the environment with su, because we are logging in to a new session
+  # so we need to manually pass in the environment variables to maintain, in a whitelist
+  # This gets the current environment, as a comma-separated string
+  environment=$(env | grep -v -w '_' | awk -F= '{ st = index($0,"=");print substr($1,0,st) ","}' | tr -d "\n")
+  # remove the last comma
+  environment="${environment::-1}"
+
+  su -w $environment -c "export DISPLAY=:$DISPLAY_NUM && startx /dist/startx.sh $CURSOR" - chromium
+elif [[ $(lsb_release -i | awk '{print $3}') == "Alpine" ]]; then
+  # Alpine busybox su maintains the environment.
+  su -c "export DISPLAY=:$DISPLAY_NUM && startx /dist/startx.sh $CURSOR" chromium
+else
+  echo "Unknown operating system."
+fi
+
+balena-idle

src/startx.sh → osScripts/startx.sh

@@ -81,4 +81,4 @@ echo "Installed browser version: $VERSION"
 # stop the screen blanking
 xset s off -dpms
 
-node /usr/src/app/server.js
+node /dist/main.js