I run Firefox in a systemd-nspawn container. Before, I would connect the audio via a pipewire-pulse tcp connection. I’m trying to use pure Pipewire for it now, and I don’t know how to do it.
This is what I have done so far:
launch nspawn with -U --bind=“/run/user/1000/pipewire-0:/tmp/pipewire-0” and --setenv=“XDG_RUNTIME_DIR=/tmp”.
[this creates a r/w mapping to the pipewire socket inside the nspawn container]
launch firefox and play a youtube video, but NO SOUND .
The nspawn container has all the pipewire and alsa packages installed.
I remember there were some authentication issues with pulse audio server setup, so I would imagine there’s a need to authenticate with the Pipewire server somehow?
How do I debug this even? Is there a way to monitor clients trying to connect to a pipewire server to see why they don’t connect? How do I check that firefox inside the container is even trying to connect over the pipewire socket?
ls -l /tmp/pipewire-0 is the same except it says nobody nobody, and the host’s one says hostuser hostuser.
If I run nspawn with --private-users=off, then on the guest side I get the pipewire socket as guestuser guestuser.
I remember a while ago if I ran nspawn with the matching username inside the guest, I would be able to have the sound working. But there’s a security issue, the whole point of containerizing is to separate as much as possible. So how do we connect to pipewire as some other username.
Hey sorry I never go back. I’m caught up in other projects.
Try inside the container:
echo $XDG_RUNTIME_DIR
should return /tmp.
Also, just so I understand what you’re trying to achieve here, You have a systemd-nspawn container and booted and image, then installed Firefox ? Am I right?
If so, a different approach would have been to create the image with firefox so most of these things are handled at build time.
The solution is super easy. Thanks to Pipewire devs!
It turns out that Firefox does NOT use Pipewire for sound. Firefox uses Pulseaudio for sound.
The configuration is simple using a UNIX socket (not TCP). Everyone with Pipewire on Fedora should have a pipewire-pulse service and socket. That socket, as seen from the systemd’s pipewire-pulse.socket config is in /run/user/1000/pulse/native. So, you bind that to an nspawn container, i.e. --bind="/run/user/1000/pulse/native:/tmp/pulsesocket" --setenv="PULSE_SERVER=/tmp/pulsesocket", and I have Firefox playing sound.
Well, When you are running systemd-nspawn -Db <an image/a distro/my own install> what are you booting into? You have an image predefined or did you install a distro into a container, and then install software into said container?
What was your process ?
What I am saying is there are many things you can do to ease this setup.
