项目配置#
# incus project set user-1000 restricted.devices.proxy=allow
# incus project set user-1000 restricted.devices.disk.paths=/home/king,/run/user/1000
基础配置#
$ incus profile create my-debian
$ incus profile edit my-debian
config:
boot.autostart: "false"
description: my-debian base profile
devices:
eth0:
name: eth0
host_name: my-debian-eth0
ipv4.address: 192.168.20.100
network: incusbr-1000
type: nic
root:
path: /
pool: default
type: disk
Wayland 配置#
$ incus profile create wayland
$ incus profile edit wayland
config:
environment.WAYLAND_DISPLAY: wayland-1
description: Wayland profile
devices:
wayland-socket:
connect: unix:/run/user/1000/wayland-1
listen: unix:/mnt/wayland-1
type: proxy
bind: instance
mode: "0700"
uid: "1000"
gid: "1000"
security.gid: "1000"
security.uid: "1000"
gpu:
type: gpu
Pipewire 配置#
$ incus profile create pipewire
$ incus profile edit pipewire
config:
environment.PIPEWIRE_REMOTE: unix:/mnt/pipewire-0
description: Pipewire profile
devices:
pipewire-0:
connect: unix:/run/user/1000/pipewire-0
listen: unix:/mnt/pipewire-0
type: proxy
bind: instance
mode: "0700"
uid: "1000"
gid: "1000"
security.gid: "1000"
security.uid: "1000"
Pulseaudio 配置#
$ incus profile create pulseaudio
$ incus profile edit pulseaudio
config:
environment.PULSE_SERVER: unix:/mnt/pulse-native
description: Pulseaudio profile
devices:
pulse-native:
connect: unix:/run/user/1000/pulse/native
listen: unix:/mnt/pulse-native
type: proxy
bind: instance
mode: "0700"
uid: "1000"
gid: "1000"
security.gid: "1000"
security.uid: "1000"
创建容器#
$ incus launch images:debian/13 my-debian -p my-debian -p wayland -p pipewire -p pulseaudio
容器内配置#
$ incus exec my-debian -- bash
[创建用户]
root@my-debian:/# useradd -m -s /usr/bin/bash -u 1000 king
[配置时区]
root@my-debian:/# ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
[环境变量]
root@my-debian:/# cat << EOF | tee /root/.bash_profile /home/king/.bash_profile
export WAYLAND_DISPLAY=wayland-1
export PIPEWIRE_REMOTE=unix:/mnt/pipewire-0
export PULSE_SERVER=unix:/mnt/pulse-native
if [[ -e /mnt/wayland-1 && ! -e /run/user/\$(id -u)/wayland-1 ]]; then
ln -sf /mnt/wayland-1 /run/user/\$(id -u)/
fi
EOF
[配置软件源]
root@my-debian:/# cat << EOF > /etc/apt/sources.list.d/debian.sources
Types: deb
URIs: http://mirrors4.tuna.tsinghua.edu.cn/debian
Suites: trixie trixie-updates trixie-backports
Components: main contrib non-free non-free-firmware
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
Types: deb
URIs: http://mirrors4.tuna.tsinghua.edu.cn/debian-security
Suites: trixie-security
Components: main contrib non-free non-free-firmware
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
EOF
[更新并安装应用]
root@my-debian:/# apt update
root@my-debian:/# apt install pciutils mesa-utils pipewire-audio fonts-dejavu fonts-wqy-microhei
root@my-debian:/# apt install firefox-esr foot
$ incus restart my-debian
$ incus exec my-debian -- su - root -c firefox
$ incus exec my-debian -- su - king -c firefox