Gaming inside a container!

README.md

First, we need to get the GPG key used by external repositories and some DEB files.

mkdir ./trust
dlkey() { wget -q -O - --https-only --secure-protocol=TLSv1_2 -- "$1" | gpg --dearmor | base64; }
dlkey 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xEB8B81E14DA65431D7504EA8F63F0F2B90935439' >./trust/ppa_kisak.txt
dlkey 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x2388FF3BE10A76F638F80723FCAE110B1118213C' >./trust/ppa_graphics_drivers.txt
dlkey 'https://dl.winehq.org/wine-builds/winehq.key' >./trust/winehq.txt
dlkey 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x82D96E430A1F1C0F0502747E37B90EDD4E3EFAE4' >./trust/ppa_lutris.txt
dlkey 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x824A27DD09DEDA33BF7835962EA8F35793D8809A' >./trust/ppa_flexiondotorg.txt
(cd ./trust && wget http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.16_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.16_i386.deb)

Ensure that you have a Games folder in your home.

mkdir -p ~/Games

Then, we build the image.

podman image build -t gamenv -f ./gamenv.dockerfile

This step is required on systems with SELinux like Fedora. I have yet to find how to make SELinux work with my container, but for now, let's disable it. This should be done after each reboot.

sudo setenforce 0

Then we create the container.

podman container run -it --rm \
  --device=/dev/dri \
  -e DISPLAY -v "/tmp/.X11-unix/X${DISPLAY#*:}":"/tmp/.X11-unix/X${DISPLAY#*:}":ro \
  -v "${XDG_RUNTIME_DIR}/pulse":/run/user/0/pulse:ro \
  -v "${HOME}/Games":/root \
  --name=gamenv localhost/gamenv

You may or may not need a combination of these additional flags:

-e XAUTHORITY -v "$XAUTHORITY":"$XAUTHORITY":ro
-e LIBVA_DRIVER_NAME=radeonsi

Optinally, on Intel graphics, you may disable this safety feature for performance and reboot (source).

test "$(sysctl -n dev.i915.perf_stream_paranoid)" -eq 0 ||
  echo 'dev.i915.perf_stream_paranoid = 0' | sudo tee /etc/sysctl.d/50-intel_perf.conf

Finally, we can start Lutris.

podman container start -a gamenv

Installing Wine-GE.

podman container exec -it gamenv sh
cd .local/share/lutris/runners/wine
wget -O - 'https://github.com/GloriousEggroll/wine-ge-custom/releases/download/GE-Proton7-25/wine-lutris-GE-Proton7-25-x86_64.tar.xz' | xz -dc | pax -r

When the container is running, you can spawn a root terminal inside the guest.

podman container exec -it -u root gamenv bash

gamenv.dockerfile

# v0.1
FROM ubuntu:22.04

ENV LC_CTYPE=C.UTF-8 POSIXLY_CORRECT=y
ARG TZ=UTC
ARG DEBIAN_FRONTEND=noninteractive

COPY ./trust/. /tmp

# TODO: select nearest Ubuntu mirror supporting 32-bit

# https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xEB8B81E14DA65431D7504EA8F63F0F2B90935439
RUN . /etc/os-release && \
  base64 -d </tmp/ppa_kisak.txt >/usr/share/keyrings/ppa_kisak-archive-keyring.gpg && \
  printf 'deb [signed-by=/usr/share/keyrings/%s-archive-keyring.gpg] %s %s main\n' \
    ppa_kisak 'http://ppa.launchpadcontent.net/kisak/kisak-mesa/ubuntu' "$UBUNTU_CODENAME" \
    >'/etc/apt/sources.list.d/ppa_kisak_mesa.list'

# https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x2388FF3BE10A76F638F80723FCAE110B1118213C
RUN . /etc/os-release && \
  base64 -d </tmp/ppa_graphics_drivers.txt >/usr/share/keyrings/ppa_graphics_drivers-archive-keyring.gpg && \
  printf 'deb [signed-by=/usr/share/keyrings/%s-archive-keyring.gpg] %s %s main\n' \
    ppa_graphics_drivers 'http://ppa.launchpadcontent.net/graphics-drivers/ppa/ubuntu' "$UBUNTU_CODENAME" \
    >'/etc/apt/sources.list.d/ppa_graphics_drivers.list'

# https://dl.winehq.org/wine-builds/winehq.key
RUN . /etc/os-release && \
  base64 -d </tmp/winehq.txt >/usr/share/keyrings/winehq-archive-keyring.gpg && \
  printf 'deb [signed-by=/usr/share/keyrings/%s-archive-keyring.gpg] %s %s main\n' \
    winehq 'http://dl.winehq.org/wine-builds/ubuntu' "$UBUNTU_CODENAME" \
    >'/etc/apt/sources.list.d/wine.list'

# https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x82D96E430A1F1C0F0502747E37B90EDD4E3EFAE4
RUN . /etc/os-release && \
  base64 -d </tmp/ppa_lutris.txt >/usr/share/keyrings/ppa_lutris-archive-keyring.gpg && \
  printf 'deb [signed-by=/usr/share/keyrings/%s-archive-keyring.gpg] %s %s main\n' \
    ppa_lutris 'http://ppa.launchpadcontent.net/lutris-team/lutris/ubuntu' "$UBUNTU_CODENAME" \
    >'/etc/apt/sources.list.d/ppa_lutris.list'

# Currently PPA has no 32-bit libraries (https://github.com/flightlessmango/MangoHud#ubuntu)
# https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x824A27DD09DEDA33BF7835962EA8F35793D8809A
RUN . /etc/os-release && \
  base64 -d </tmp/ppa_flexiondotorg.txt >/usr/share/keyrings/ppa_flexiondotorg-archive-keyring.gpg && \
  printf 'deb [signed-by=/usr/share/keyrings/%s-archive-keyring.gpg] %s %s main\n' \
    ppa_flexiondotorg 'http://ppa.launchpadcontent.net/flexiondotorg/mangohud/ubuntu' "$UBUNTU_CODENAME" \
    >'/etc/apt/sources.list.d/ppa_mangohud.list'

RUN dpkg --add-architecture i386 && apt-get update

RUN apt-get -qy --no-install-recommends install \
  libgl1-mesa-dri libgl1-mesa-dri:i386 \
  mesa-vulkan-drivers mesa-vulkan-drivers:i386 \
  va-driver-all va-driver-all:i386

# FIXME: fix nvidia-dkms-510 hook in upstream
#RUN env -u POSIXLY_CORRECT apt-get -qy --no-install-recommends install nvidia-dkms-510
#RUN apt-get -qy --no-install-recommends install nvidia-driver-510 libnvidia-gl-510:i386 libgl1:i386 libvulkan1:i386

# Auto-generated from wine-lutris-7.2-x86_64
# FIXME:
#  lib/wine/i386-unix/wldap32.so lib64/wine/x86_64-unix/wldap32.so : liblber-2.4.so.2 libldap_r-2.4.so.2 : libldap-2.4-2 dropped in 21.10
#  lib/libSDL2-2.0.so.0.8.0 : libsndio.so.6.1 : libsndio6.1 dropped in 18.04
RUN apt-get -qy --no-install-recommends install \
  libasound2 libc6 libcairo2 libdrm2 libflac8 libfontconfig1 libfreetype6 libgcc-s1 libgcrypt20 libgl1 libglib2.0-0 libgnutls30 libgudev-1.0-0 libjack0 libjpeg62 liblcms2-2 liblzma5 libmpg123-0 libogg0 libopenal1 libopus0 libpango-1.0-0 libpangocairo-1.0-0 libpcap0.8 libpulse0 libsndfile1 libspeex1 libtheora0 libudev1 libusb-1.0-0 libv4l-0 libva2 libva-drm2 libvkd3d1 libvorbis0a libvorbisenc2 libwayland-client0 libwayland-cursor0 libwayland-egl1 libx11-6 libxcb1 libxcb-shape0 libxcb-shm0 libxcb-xfixes0 libxcursor1 libxext6 libxi6 libxinerama1 libxkbcommon0 libxml2 libxrandr2 libxss1 libxxf86vm1 ocl-icd-libopencl1 zlib1g
RUN apt-get -qy --no-install-recommends install \
  libasound2:i386 libc6:i386 libcairo2:i386 libdrm2:i386 libflac8:i386 libfontconfig1:i386 libfreetype6:i386 libgcc-s1:i386 libgcrypt20:i386 libgl1:i386 libglib2.0-0:i386 libgnutls30:i386 libgudev-1.0-0:i386 libjack0:i386 libjpeg62:i386 liblcms2-2:i386 liblzma5:i386 libmpg123-0:i386 libogg0:i386 libopenal1:i386 libopus0:i386 libpango-1.0-0:i386 libpangocairo-1.0-0:i386 libpcap0.8:i386 libpulse0:i386 libsndfile1:i386 libspeex1:i386 libtheora0:i386 libudev1:i386 libusb-1.0-0:i386 libv4l-0:i386 libva2:i386 libva-drm2:i386 libvkd3d1:i386 libvorbis0a:i386 libvorbisenc2:i386 libwayland-client0:i386 libwayland-cursor0:i386 libwayland-egl1:i386 libx11-6:i386 libxcb1:i386 libxcb-shape0:i386 libxcb-shm0:i386 libxcb-xfixes0:i386 libxcursor1:i386 libxext6:i386 libxi6:i386 libxinerama1:i386 libxkbcommon0:i386 libxml2:i386 libxrandr2:i386 libxss1:i386 libxxf86vm1:i386 ocl-icd-libopencl1:i386 zlib1g:i386

# lib{,64}/gstreamer-1.0/libgstdtls.so : libcrypto.so.1.1 libssl.so.1.1 : libssl1.1 dropped in 22.04
RUN dpkg -i /tmp/libssl1.1*.deb

# FIXME: fix samba-common-bin hook in upstream
RUN env -u POSIXLY_CORRECT apt-get -qy --no-install-recommends install samba-common-bin
RUN apt-get -qy --no-install-recommends install \
  winehq-staging cabextract winbind zenity

RUN apt-get -qy --no-install-recommends install lutris

# Debug tools (TODO: mangohud:i386)
# Lutris: "Invalid glxinfo received" "lspci is not available" "Couldn't find a terminal emulator"
# Ideally, replace xterm with https://github.com/andir/ate, which supports Wayland and X11
RUN apt-get -qy --no-install-recommends install \
  kmscube mesa-utils mesa-utils-extra vainfo vulkan-tools \
  gamemode mangohud pciutils xdg-utils xterm

# TODO: replace gdbus with dbus-send
#  https://gitlab.freedesktop.org/xdg/xdg-utils/-/blob/master/scripts/xdg-open.in#L252
#  https://gitlab.freedesktop.org/xdg/xdg-utils/-/blob/master/scripts/xdg-utils-common.in#L317
RUN apt-get -qy --no-install-recommends install libglib2.0-bin

# Extra tools for archives
RUN apt-get -qy --no-install-recommends install ca-certificates patch pax wget gzip p7zip unrar xz-utils

# (lutris:95): Gtk-WARNING **: 01:53:29.253: Found an icon but could not load it. Most likely gdk-pixbuf does not provide SVG support.
RUN apt-get -qy --no-install-recommends install librsvg2-common

# https://github.com/lutris/lutris/issues/4235#issuecomment-1114098480
# RUN echo 'QEAgLTUxLDggKzUxLDE1IEBACiAjIC5pbmNsdWRlIGZpcHNtb2R1bGUuY25mCiAKIFtvcGVuc3NsX2luaXRdCitzc2xfY29uZiA9IHNzbF9zZWN0CiBwcm92aWRlcnMgPSBwcm92aWRlcl9zZWN0CiAKK1tzc2xfc2VjdF0KK3N5c3RlbV9kZWZhdWx0ID0gc3lzdGVtX2RlZmF1bHRfc2VjdAorCitbc3lzdGVtX2RlZmF1bHRfc2VjdF0KK09wdGlvbnMgPSBVbnNhZmVMZWdhY3lSZW5lZ290aWF0aW9uCisKICMgTGlzdCBvZiBwcm92aWRlcnMgdG8gbG9hZAogW3Byb3ZpZGVyX3NlY3RdCiBkZWZhdWx0ID0gZGVmYXVsdF9zZWN0Cg==' | \
#   base64 -d | patch /etc/ssl/openssl.cnf

###

VOLUME "/root"
WORKDIR "/root"

ENV XDG_RUNTIME_DIR="/run/user/0"
RUN mkdir -p -m 700 "$XDG_RUNTIME_DIR"
## Mock Flatpak to use XDG with D-Bus
##  https://gitlab.freedesktop.org/xdg/xdg-utils/-/blob/master/scripts/xdg-utils-common.in#L361
##  https://gitlab.freedesktop.org/xdg/xdg-utils/-/blob/master/scripts/xdg-open.in#L250
RUN touch "${XDG_RUNTIME_DIR}/flatpak-info"

# FIXME: make lsblk work inside guest
# https://github.com/lutris/lutris/blob/master/lutris/util/linux.py#L160
#RUN printf "%s\nexec echo '%s'\n" '#!/bin/sh' '{"blockdevices": []}' >./.local/bin/lsblk && chmod +x ./.local/bin/lsblk

CMD ["/usr/games/lutris"]

RESOURCES.txt

https://wiki.winehq.org/Ubuntu
https://www.gloriouseggroll.tv/how-to-get-out-of-wine-dependency-hell/
https://github.com/ValveSoftware/Proton/wiki/Requirements
https://github.com/lutris/docs/blob/master/InstallingDrivers.md
https://github.com/lutris/docs/blob/master/WineDependencies.md
https://github.com/lutris/docs/blob/master/HowToEsync.md
https://github.com/lutris/docs/blob/master/Battle.Net.md