name: x11
description: GUI LXD profile
config:
  environment.DISPLAY: :0
  environment.PULSE_SERVER: unix:/home/.pulse-native
  user.user-data: |
    #cloud-config
    packages:
      - x11-apps
      - mesa-utils
      - pulseaudio
      - acl
    users:
      - name: hd
        groups: adm, dialout, cdrom, floppy, sudo, audio, dip, video, plugdev, netdev, lxd
        sudo: ALL=(ALL) NOPASSWD:ALL
        ssh_authorized_keys:
          - ssh-ed25519 REDACTED
    write_files:
      - content: |
          [Unit]
          Description=/etc/rc.local Compatibility
          ConditionPathExists=/etc/rc.local

          [Service]
          Type=forking
          ExecStart=/etc/rc.local start
          TimeoutSec=0
          StandardOutput=tty
          RemainAfterExit=yes
          SysVStartPriority=99

          [Install]
          WantedBy=multi-user.target
        path: /etc/systemd/system/rc-local.service
        owner: root:root
        permissions: '0644'
      - content: |
          #!/bin/bash
          setfacl -m "u:hd:rw-" /dev/dri/*
        path: /etc/rc.local
        owner: root:root
        permissions: '0744'

    runcmd:
      - 'sed -i "s/; enable-shm = yes/enable-shm = no/g" /etc/pulse/client.conf'
      - 'systemctl enable rc-local'
devices:
  PASocket1:
    bind: container
    connect: unix:/run/user/1000/pulse/native
    gid: "1000"
    listen: unix:/home/.pulse-native
    mode: "0777"
    security.gid: "1000"
    security.uid: "1000"
    type: proxy
    uid: "1000"
  X0:
    bind: container
    connect: unix:@/tmp/.X11-unix/X0
    listen: unix:@/tmp/.X11-unix/X0
    security.gid: "1000"
    security.uid: "1000"
    type: proxy
  mygpu:
    type: gpu