From 7c96dd2f7e816309eacf1b914b099453ba60aef2 Mon Sep 17 00:00:00 2001 From: thelamer Date: Fri, 10 Apr 2026 19:13:22 -0400 Subject: [PATCH 1/7] wrong env var shown in example section --- .../roles/documentation/templates/README_SNIPPETS/SELKIES.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 b/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 index 5990eb85..779e2bc4 100644 --- a/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 +++ b/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 @@ -48,14 +48,14 @@ When using 3d acceleration via Nvidia DRM or DRI3 in X11 mode, it is important to clamp the virtual display to a reasonable max resolution to avoid memory exhaustion or poor performance. -* `-e MAX_RESOLUTION=3840x2160` +* `-e MAX_RES=3840x2160` This will set the total virtual framebuffer to 4K. By default, the virtual monitor is 16K. If you have performance issues in an accelerated X11 session, try clamping the resolution to 1080p and work up from there: ```bash -e SELKIES_MANUAL_WIDTH=1920 -e SELKIES_MANUAL_HEIGHT=1080 --e MAX_RESOLUTION=1920x1080 +-e MAX_RES=1920x1080 ``` {% endset -%} {%- set selkies_sec_vars -%} From 43a7ed47fb19c775b3dd88221d90dc5a2f70fd5f Mon Sep 17 00:00:00 2001 From: aptalca <541623+aptalca@users.noreply.github.com> Date: Thu, 16 Apr 2026 11:12:53 -0400 Subject: [PATCH 2/7] add PR comment on ci false, switch manifestimage setting to if block --- Jenkinsfile | 14 ++++++++++++-- ansible/roles/repository/templates/Jenkinsfile.j2 | 14 ++++++++++++-- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index acaee0b2..547844fe 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -879,6 +879,9 @@ pipeline { environment name: 'EXIT_STATUS', value: '' } steps { + script{ + env.PUSH_ATTEMPTED = 'true' + } retry_backoff(5,5) { sh '''#! /bin/bash set -e @@ -908,11 +911,18 @@ pipeline { environment name: 'EXIT_STATUS', value: '' } steps { + script{ + env.PUSH_ATTEMPTED = 'true' + } retry_backoff(5,5) { sh '''#! /bin/bash set -e for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do - [[ ${MANIFESTIMAGE%%/*} =~ \\. ]] && MANIFESTIMAGEPLUS="${MANIFESTIMAGE}" || MANIFESTIMAGEPLUS="docker.io/${MANIFESTIMAGE}" + if [[ "${MANIFESTIMAGE%%/*}" =~ \\. ]]; then + MANIFESTIMAGEPLUS="${MANIFESTIMAGE}" + else + MANIFESTIMAGEPLUS="docker.io/${MANIFESTIMAGE}" + fi IFS=',' read -ra CACHE <<< "$BUILDCACHE" for i in "${CACHE[@]}"; do if [[ "${MANIFESTIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then @@ -1080,7 +1090,7 @@ EOF } script { if (env.GITHUBIMAGE =~ /lspipepr/){ - if (env.CI_TEST_ATTEMPTED == "true"){ + if (env.CI_TEST_ATTEMPTED == "true" || env.PUSH_ATTEMPTED == "true"){ sh '''#! /bin/bash # Function to retrieve JSON data from URL get_json() { diff --git a/ansible/roles/repository/templates/Jenkinsfile.j2 b/ansible/roles/repository/templates/Jenkinsfile.j2 index 74e3187b..d0adba76 100644 --- a/ansible/roles/repository/templates/Jenkinsfile.j2 +++ b/ansible/roles/repository/templates/Jenkinsfile.j2 @@ -1248,6 +1248,9 @@ pipeline { environment name: 'EXIT_STATUS', value: '' } steps { + script{ + env.PUSH_ATTEMPTED = 'true' + } retry_backoff(5,5) { sh '''#! /bin/bash set -e @@ -1280,11 +1283,18 @@ pipeline { environment name: 'EXIT_STATUS', value: '' } steps { + script{ + env.PUSH_ATTEMPTED = 'true' + } retry_backoff(5,5) { sh '''#! /bin/bash set -e for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do - [[ ${MANIFESTIMAGE%%/*} =~ \\. ]] && MANIFESTIMAGEPLUS="${MANIFESTIMAGE}" || MANIFESTIMAGEPLUS="docker.io/${MANIFESTIMAGE}" + if [[ "${MANIFESTIMAGE%%/*}" =~ \\. ]]; then + MANIFESTIMAGEPLUS="${MANIFESTIMAGE}" + else + MANIFESTIMAGEPLUS="docker.io/${MANIFESTIMAGE}" + fi IFS=',' read -ra CACHE <<< "$BUILDCACHE" for i in "${CACHE[@]}"; do if [[ "${MANIFESTIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then @@ -1512,7 +1522,7 @@ EOF } script { if (env.GITHUBIMAGE =~ /lspipepr/){ - if (env.CI_TEST_ATTEMPTED == "true"){ + if (env.CI_TEST_ATTEMPTED == "true" || env.PUSH_ATTEMPTED == "true"){ sh '''#! /bin/bash # Function to retrieve JSON data from URL get_json() { From 29e9d5f837f73e403be44223ef1484fc5cc96b92 Mon Sep 17 00:00:00 2001 From: aptalca <541623+aptalca@users.noreply.github.com> Date: Thu, 16 Apr 2026 11:21:53 -0400 Subject: [PATCH 3/7] precreate var --- Jenkinsfile | 1 + ansible/roles/repository/templates/Jenkinsfile.j2 | 1 + 2 files changed, 2 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 547844fe..40f8784c 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -76,6 +76,7 @@ pipeline { script{ env.EXIT_STATUS = '' env.CI_TEST_ATTEMPTED = '' + env.PUSH_ATTEMPTED = '' env.LS_RELEASE = sh( script: '''docker run --rm quay.io/skopeo/stable:v1 inspect docker://ghcr.io/${LS_USER}/${CONTAINER_NAME}:latest 2>/dev/null | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''', returnStdout: true).trim() diff --git a/ansible/roles/repository/templates/Jenkinsfile.j2 b/ansible/roles/repository/templates/Jenkinsfile.j2 index d0adba76..0d506fa2 100644 --- a/ansible/roles/repository/templates/Jenkinsfile.j2 +++ b/ansible/roles/repository/templates/Jenkinsfile.j2 @@ -62,6 +62,7 @@ pipeline { script{ env.EXIT_STATUS = '' env.CI_TEST_ATTEMPTED = '' + env.PUSH_ATTEMPTED = '' env.LS_RELEASE = sh( script: '''docker run --rm quay.io/skopeo/stable:v1 inspect docker://ghcr.io/${LS_USER}/${CONTAINER_NAME}:{{ release_tag }} 2>/dev/null | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''', returnStdout: true).trim() From 07c2352038be9005c0362c84e0ac3ff8ca9a608b Mon Sep 17 00:00:00 2001 From: aptalca <541623+aptalca@users.noreply.github.com> Date: Thu, 16 Apr 2026 12:32:18 -0400 Subject: [PATCH 4/7] add commit tag to PR comment --- Jenkinsfile | 4 ++-- ansible/roles/repository/templates/Jenkinsfile.j2 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 40f8784c..f384b7d4 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1152,12 +1152,12 @@ EOF curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ -H "Accept: application/vnd.github.v3+json" \ "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ - -d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}" + -d "{\\"body\\": \\"I am a bot, here are the test results for this PR for commit ${COMMIT_SHA:0:7} : \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}" else curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ -H "Accept: application/vnd.github.v3+json" \ "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ - -d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR: \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}" + -d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR for commit ${COMMIT_SHA:0:7} : \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}" fi ''' } diff --git a/ansible/roles/repository/templates/Jenkinsfile.j2 b/ansible/roles/repository/templates/Jenkinsfile.j2 index 0d506fa2..5a902490 100644 --- a/ansible/roles/repository/templates/Jenkinsfile.j2 +++ b/ansible/roles/repository/templates/Jenkinsfile.j2 @@ -1584,12 +1584,12 @@ EOF curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ -H "Accept: application/vnd.github.v3+json" \ "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ - -d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}" + -d "{\\"body\\": \\"I am a bot, here are the test results for this PR for commit ${COMMIT_SHA:0:7} : \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}" else curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ -H "Accept: application/vnd.github.v3+json" \ "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ - -d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR: \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}" + -d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR for commit ${COMMIT_SHA:0:7} : \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}" fi ''' } From 8e764f1bb8e2a72acc6787c99f5a38018fecdbcf Mon Sep 17 00:00:00 2001 From: aptalca <541623+aptalca@users.noreply.github.com> Date: Thu, 16 Apr 2026 13:01:51 -0400 Subject: [PATCH 5/7] Post PR comment when build fails early --- Jenkinsfile | 7 +++++++ ansible/roles/repository/templates/Jenkinsfile.j2 | 7 +++++++ 2 files changed, 14 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index f384b7d4..eda13bb1 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1160,6 +1160,13 @@ EOF -d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR for commit ${COMMIT_SHA:0:7} : \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}" fi ''' + } else { + sh '''#! /bin/bash + curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ + -H "Accept: application/vnd.github.v3+json" \ + "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ + -d "{\\"body\\": \\"I am a bot, the build for PR commit ${COMMIT_SHA:0:7} failed and as a result no CI test was attempted and no images were pushed.\\"}" + ''' } } } diff --git a/ansible/roles/repository/templates/Jenkinsfile.j2 b/ansible/roles/repository/templates/Jenkinsfile.j2 index 5a902490..d41ecf20 100644 --- a/ansible/roles/repository/templates/Jenkinsfile.j2 +++ b/ansible/roles/repository/templates/Jenkinsfile.j2 @@ -1592,6 +1592,13 @@ EOF -d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR for commit ${COMMIT_SHA:0:7} : \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}" fi ''' + } else { + sh '''#! /bin/bash + curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ + -H "Accept: application/vnd.github.v3+json" \ + "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ + -d "{\\"body\\": \\"I am a bot, the build for PR commit ${COMMIT_SHA:0:7} failed and as a result no CI test was attempted and no images were pushed.\\"}" + ''' } } } From 7156886775058c32dbec8277b352a9b1f0a8023c Mon Sep 17 00:00:00 2001 From: thelamer Date: Fri, 17 Apr 2026 09:55:20 -0400 Subject: [PATCH 6/7] add notes on how 444 works and what needs to be done to make it work --- .../documentation/templates/README_SNIPPETS/SELKIES.j2 | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 b/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 index 779e2bc4..77e07a77 100644 --- a/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 +++ b/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 @@ -173,6 +173,14 @@ The web interface includes a terminal with passwordless `sudo` access. Any user While not generally recommended, certain legacy environments specifically those with older hardware or outdated Linux distributions may require the deactivation of the standard seccomp profile to get containerized desktop software to run. This can be achieved by utilizing the `--security-opt seccomp=unconfined` parameter. It is critical to use this option only when absolutely necessary as it disables a key security layer of Docker, elevating the potential for container escape vulnerabilities. +### FullColor 4:4:4 Encoding + +If you notice blurry text, particularly light text on a black background, you can send true 8-bit color to the browser by enabling the **FullColor 4:4:4** encoding in the sidebar, or by using the jpeg encoding mode. + +To view this withut crashing on most client hardware, users on Chromium based browsers (including Android) will need to navigate to `chrome://flags/#disable-accelerated-video-decode` and set it to **Disabled**. Apple clients using Bionic processors can decode these frames natively with no additional settings. + +**Note on Hardware Acceleration:** Currently, only Nvidia GPUs support encoding this color profile in **Zero Copy** mode. If FullColor 4:4:4 is enabled on Intel or AMD GPUs, the system will fall back to CPU encoding. This forces the CPU to read the pixels back from the GPU, which will cause a significant decrease in performance. + ### Hardware Acceleration & The Move to Wayland We are currently transitioning our desktop containers from X11 to Wayland. While X11 is still the default, we strongly encourage users to test the new Wayland mode. From 0651a8e50ceb9bd505c08351e40226b1988396c5 Mon Sep 17 00:00:00 2001 From: thelamer Date: Fri, 17 Apr 2026 22:15:37 -0400 Subject: [PATCH 7/7] update docs to pull out recommendation for manually disabling vaapi --- .../roles/documentation/templates/README_SNIPPETS/SELKIES.j2 | 4 ---- 1 file changed, 4 deletions(-) diff --git a/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 b/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 index 77e07a77..9ee65d07 100644 --- a/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 +++ b/ansible/roles/documentation/templates/README_SNIPPETS/SELKIES.j2 @@ -177,8 +177,6 @@ While not generally recommended, certain legacy environments specifically those If you notice blurry text, particularly light text on a black background, you can send true 8-bit color to the browser by enabling the **FullColor 4:4:4** encoding in the sidebar, or by using the jpeg encoding mode. -To view this withut crashing on most client hardware, users on Chromium based browsers (including Android) will need to navigate to `chrome://flags/#disable-accelerated-video-decode` and set it to **Disabled**. Apple clients using Bionic processors can decode these frames natively with no additional settings. - **Note on Hardware Acceleration:** Currently, only Nvidia GPUs support encoding this color profile in **Zero Copy** mode. If FullColor 4:4:4 is enabled on Intel or AMD GPUs, the system will fall back to CPU encoding. This forces the CPU to read the pixels back from the GPU, which will cause a significant decrease in performance. ### Hardware Acceleration & The Move to Wayland @@ -230,8 +228,6 @@ For Intel and AMD GPUs. **Note: Nvidia support is not available for Alpine-based images.** -**Note: Nvidia frames have issues with hardware decoders in Chromium browsers you need to navigate to `chrome://flags/#disable-accelerated-video-decode` and toggle it to `Disabled` for smooth playback** - **Prerequisites:** 1. **Driver:** Proprietary drivers **580 or higher** are required. **Crucially, you should install the driver using the `.run` file downloaded directly from the Nvidia website.**