zoom-docked

#!/bin/bash

set -eo pipefail

SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )

# External configuration
ZOOM_EXTRA_DOCKER_ARGS="${ZOOM_EXTRA_DOCKER_ARGS:-}"
ZOOM_COMMAND="${ZOOM_COMMAND:-zoom}"

# Allow for registering subprocesses to kill and files to remove on exit
declare -a PIDS RM
function killpids {
	[[ ${#PIDS[@]} -ne 0 ]] && kill "${PIDS[@]}"
	[[ ${#RM[@]} -ne 0 ]] && rm "${RM[@]}"
}
trap killpids SIGINT SIGHUP SIGTERM EXIT

# Args for Docker
declare -a ARGS
function addenv {
	ARGS+=('--env' "$1=$2")
}

# So Zoom can interact with X
addenv DISPLAY "$DISPLAY"
addenv XDG_SESSION_TYPE "$XDG_SESSION_TYPE"

# docker-exec.sh and docker-run.sh use these so the user IDs and such inside the container match those outside.
USER_NAME="$(id -un)"
USER_HOME="$HOME"
addenv USER_NAME "$USER_NAME"
addenv USER_UID "$(id -u)"
addenv USER_GID "$(id -g)"
addenv USER_HOME "$USER_HOME"

# Pass through the host TZ variable, if any
[[ -n "$TZ" ]] && addenv TZ "$TZ"

# Create these so they get the right permissions inside the container.
mkdir -p ~/.zoom-docked/.zoom
mkdir -p ~/.zoom-docked/.config
[[ -e ~/.zoom-docked/zoomus.conf && ! -e ~/.zoom-docked/.config/zoomus.conf ]] && mv ~/.zoom-docked/zoomus.conf ~/.zoom-docked/.config/

# These will be needed later
CONTAINER="zoom-docked.$USER_NAME"
XDG_OPEN_FIFO=~/.zoom-docked/xdg-open-fifo
DBUS_PROXY_FILE=~/.zoom-docked/xdg-dbus-proxy

# Detect if our container is already running. If so, exec a command on it instead of starting it
# fresh.
if docker container inspect -f '{}' "$CONTAINER" > /dev/null 2>&1; then
	if [[ -e "$XDG_OPEN_FIFO" ]]; then
		addenv XDG_OPEN_FIFO "$XDG_OPEN_FIFO"
	fi
	if [[ -e "$DBUS_PROXY_FILE" ]]; then
		addenv DBUS_SESSION_BUS_ADDRESS "unix:path=$DBUS_PROXY_FILE"
	fi
	docker exec "${ARGS[@]}" $ZOOM_EXTRA_DOCKER_ARGS "$CONTAINER" /sbin/docker-exec.sh $ZOOM_COMMAND "$@"
	exit 0
fi

# If available, export xdg-open calls to the host via a fifo so clicking links in Zoom chat opens
# them in the host browser as expected.
if command -v xdg-open >/dev/null; then
	mkfifo -m 0600 "$XDG_OPEN_FIFO"
	RM+=($XDG_OPEN_FIFO)

	while true; do
		if read line <"$XDG_OPEN_FIFO"; then
			xdg-open "$line"
		fi
	done &
	PIDS+=($!)
	addenv XDG_OPEN_FIFO "$XDG_OPEN_FIFO"
fi

# If available, use xdg-dbus-proxy to proxy notification and screensaver-suppression DBus messages
# to the host's session bus.
if [[ -n "$DBUS_SESSION_BUS_ADDRESS" ]] && command -v xdg-dbus-proxy >/dev/null; then
	xdg-dbus-proxy "$DBUS_SESSION_BUS_ADDRESS" "$DBUS_PROXY_FILE" --filter \
		--talk=org.freedesktop.Notifications \
		--talk=org.freedesktop.ScreenSaver \
		--talk=org.gnome.ScreenSaver \
		--call=org.gnome.SessionManager.Inhibit=* \
		--call=org.gnome.SessionManager.UnInhibit=* \
		--call=org.gnome.SessionManager.IsInhibited=* \
		--call=org.freedesktop.portal.Desktop=* \
		--call=org.freedesktop.portal.ScreenCast.CreateSession=* \
		--talk=org.freedesktop.PowerManagement.Inhibit &
	PIDS+=($!)
	RM+=($DBUS_PROXY_FILE)
	addenv DBUS_SESSION_BUS_ADDRESS "unix:path=$DBUS_PROXY_FILE"
fi

# Add video and audio devices
for dev in /dev/video*; do
	[[ -e "$dev" ]] && ARGS+=('--device' "$dev:$dev:rw")
done
ARGS+=('--device' "/dev/snd:/dev/snd:rw")

# Alsa's dmix plugin needs IPC too. Otherwise zoom will be blocked by any host audio app, and vice versa.
ARGS+=('--ipc=host')

# Pass through the host timezone settings
[[ -e "/etc/timezone" ]] && ARGS+=('-v' '/etc/timezone:/etc/timezone:ro')
[[ -e "/etc/localtime" ]] && ARGS+=('-v' '/etc/localtime:/etc/localtime:ro')

# Updated seccomp profile: allow clone, setns, unshare.
ARGS+=('--security-opt' "seccomp=$SCRIPT_DIR/seccomp.json")

docker run --name "$CONTAINER" --rm \
	"${ARGS[@]}" \
	-v /tmp/.X11-unix:/tmp/.X11-unix \
	-v ~/.zoom-docked:"$USER_HOME/.zoom-docked" \
	-v ~/.zoom-docked/.zoom:"$USER_HOME/.zoom" \
	-v ~/.zoom-docked/.config:"$USER_HOME/.config" \
	$ZOOM_EXTRA_DOCKER_ARGS \
	anomiex/zoom-docked $ZOOM_COMMAND "$@"

# vim: ts=4 sw=4 noexpandtab