It has been a long journey from our first experiments with Taisun to the polished desktop containers we maintain today. We started by simply trying to put a desktop in a browser. With WebTop, we refined that vision using open-source RDP and VNC technologies. Then, we integrated KasmVNC for a modern, web-first VNC experience. After that, we worked with the Selkies project to pioneer a high-performance, low-latency video delivery stack designed for graphics-intensive workloads.
While we had the engine we lacked the vehicle. We needed a cohesive platform to manage these applications, secure the connection, and integrate them seamlessly into your daily browsing experience without requiring you to write a Docker Compose file for every single application you wanted to try.
Today, we are proud to introduce the culmination of years of development: SealSkin.
https://github.com/linuxserver/docker-sealskin
https://github.com/selkies-project/sealskin
Please use the provided run/compose example, unlike most applications this is not designed to work with a reverse proxy
What is SealSkin?
SealSkin is the glue that binds our entire desktop ecosystem together. It is a self-hosted, client-server platform composed of a Server Container and a Browser Extension.
The philosophy is simple: The browser is your operating system. SealSkin intercepts your intent—whether that is clicking a link, downloading a file, or launching a shortcut—and redirects that action to a secure, isolated container running on your remote server.
The Return of the Mainframe
In many ways, we are bringing back the "Mainframe" style of computing, but modernized for 2025.
Equip your students or employees with lightweight, inexpensive Chromebooks or older laptops. These devices don't need powerful GPUs or massive hard drives. They just need a browser. All the heavy lifting—compiling code, rendering 3D models, or processing video—happens on your powerful self-hosted server. You get the performance of a workstation with the portability of a tablet.
Real World Use Cases
We didn't build this just to look cool; we built it to solve problems we face every day.
1. The "Shady Link" & Malware Isolation
You receive an email with a suspicious .docx attachment, or you need to visit a website you don't trust. Instead of downloading it to your local machine, you right-click and select "Send to SealSkin."
The extension intercepts the download, streams it in chunks to the server (never writing the full file to your local disk), and automatically launches LibreOffice or OnlyOffice in a secure container to open it.
For security researchers, you can spin up our Kali Linux image. This gives you a completely isolated lab environment to analyze threats without risking your local network. When you are done, the container evaporates, and the threat is gone.
2. Instant Media Editing You find an image or a video clip online that you need to edit. Instead of downloading, saving, opening your local editor, and importing, you simply right-click the asset. SealSkin spins up GIMP, Krita, or Shotcut with that file pre-loaded. You leverage your server's power to render the edit, save the result to your persistent storage, and you are done.
3. Technical Interviews & Coaching In SealSkin , Because the sessions are disposable containers, you can spin up a coding environment (like VSCodium), invite a candidate or a junior developer, and pass keyboard and mouse control back and forth instantly. You can coach them through a problem, watch their workflow, and when the interview is over, you destroy the session. There is no software installed on their machine, and no residual access or files left on yours.
The App Laboratory: No Dockerfile Required
One of the biggest barriers to entry for self-hosting desktop apps is the complexity of configuration. We hope to have solved this with the App Laboratory.
The workflow is designed for the GUI user, not the CLI expert:
- Launch a Base: Start a session with a base image or an existing app.
- Customize: Inside the running session, install the software you need, configure your browser bookmarks, set up your code editor themes, or download course materials.
- Commit: Save the state of your home directory.
SealSkin treats this committed home directory as a template. You can now create a new "App" entry that uses that specific home directory configuration. This is perfect for setting up pre-configured environments for education, specific development workflows, or gaming setups.
App Templates: Granular Control & Hardening
Once you have created an app, you might want to restrict what a user can do with it. This is where App Templates come in.
Using a simple GUI in the dashboard, you can apply a template to any application that manipulates the underlying environment variables of our base image. This allows for extreme granularity in security and user experience:
- Kiosk Mode: Disable window decorations, force fullscreen, and hide the sidebar.
- Hardening: Disable
sudo, remove terminal emulators, and block the ability to executexdg-opencommands. - UI Locking: Lock specific settings like bitrate, framerate, or encoding quality so users cannot modify the stream.
- UI Customization: Customize the look of the launched application's settings showing or hiding options that do not apply to your audience, even down to removing Selkies branding.
This is ideal for creating a "Public Browser" app that allows a user to browse the web using Chromium, but prevents them from accessing the terminal, changing settings, or modifying the container environment.
Gaming on the Web
We have talked about performance before, but SealSkin's integration with the Selkies streaming stack allows for genuine gaming experiences.
Pointer Lock for FPS Most web-based remote desktops fail at First Person Shooters because the mouse cursor hits the edge of your screen. SealSkin utilizes the browser's Pointer Lock API to capture raw mouse input. This means you can play classic arena shooters or modern DRM-free titles with pixel-perfect 360-degree aiming.
4-Player Local Co-Op (Remotely) SealSkin supports up to 4 physical gamepads passed through to the container simultaneously.
- Spin up an emulator and play classic kart racers split-screen.
- Launch an emulator for some 4-player arcade beat 'em up action.
- Play split-screen shooters with friends from different locations.
Note: While Linux gaming is exploding, we do not provide pre-made images yet for platforms like Steam or EmuDeck due to Docker permission complexities. However, the ecosystem is open for you to bring your own DRM-free Linux native games or set up your own emulators and launch logic via the App Lab.
Collaboration: The Virtual Couch
SealSkin features a robust collaboration mode. Both the single-user stream and the collaboration features use a custom Server-Client WebSocket protocol. This ensures high stability, low resource usage (the server encodes once and broadcasts to many), and better compatibility with restrictive firewalls.
As the session controller, you can invite friends via a link. You can then assign input methods to them. You can give "Player 2" control of the second gamepad slot, or pass keyboard and mouse control to a collaborator. It is the virtual equivalent of handing your friend a controller on the couch. You can also invite Read-Only users with only basic permissions to chat and view the stream and collaboration.
File Management & Storage
SealSkin isn't just about apps; it's about data. The platform includes a File Manager that allows you to:
- Manage Multiple Home Directories: Keep your "Work" files separate from your "Gaming" configs.
- Public Sharing: Generate public, time-limited, password-protected links to files on your server.
- Secure Uploads: Uploads are chunked and streamed, ensuring reliability even with large files.
While SealSkin currently uses file-based storage, the architecture is designed to be pluggable in the future, with eyes on object storage support for multi-server deployments in the future.
Hardware & Software Requirements
Runs on Anything You do not need a GPU to run SealSkin. The software encoding is highly optimized and runs great on modest hardware while also sipping bandwidth. However, if you have an Nvidia, AMD, or Intel GPU, SealSkin can leverage it for both hardware video encoding and 3D acceleration inside the container.
Browser Support Currently, SealSkin is optimized for Desktop Chromium-based browsers (Chrome, Edge, Brave, Vivaldi).
- Mobile/iOS: We are working on it, but Apple's Safari currently lacks support for
MediaStreamTrackProcessor, which prevents our video collaboration features from working on iOS devices. - Firefox: Supported, but performance is generally better on Chromium and we currently lack a Firefox browser extension (collaboration client only).
Internationalization We want this to be a global platform. SealSkin along with Selkies is fully localized for the following languages:
- English (en)
- Spanish (es)
- Chinese (zh)
- Hindi (hi)
- Portuguese (pt)
- French (fr)
- Russian (ru)
- German (de)
- Turkish (tr)
- Italian (it)
- Dutch (nl)
- Arabic (ar)
- Korean (ko)
- Japanese (ja)
- Vietnamese (vi)
- Thai (th)
- Filipino (fil)
- Danish (da)
All language configuration is automatic including launching the applications and desktop sessions in the user's native language.
A Note on Security & Auth
You will notice that setting up SealSkin requires juggling RSA keys. We acknowledge this is a bit more complex than a simple username/password, but it is intentional. We do not store authentication credentials on the server. By using public/private key cryptography, we ensure that even if your server database were compromised, there are no passwords to steal. For a self-hosted platform exposed to the internet, we believe this is the only bulletproof way to handle authentication for an initial rollout. A user is incapable of generating an insecure configuration with both ports being designed to be exposed to the internet.
This is not a guarantee, but we have done our best to ensure this is ready to go out of the box.
The Open App Store: It's Just YAML
We do not believe in walled gardens. The "App Store" in SealSkin isn't a proprietary database or a gatekept marketplace; it is a simple YAML file hosted at a URL.
By default, SealSkin points to our Official App Repository, but you are free to change this. This means anyone—enterprises, universities, or hobbyist communities—can host their own "Store" simply by hosting a text file.
How it Works
The system relies on a manifest file named apps.yml. This file defines:
- Extension Groups: Reusable buckets of file extensions (e.g.,
*common_image_filesfor jpg, png, gif). - App Definitions: The Docker image to pull, the internal port, and hardware requirements (like GPU support).
- Capabilities: Whether the app can open URLs or specific file types.
If you have built a custom image based on our Selkies Base Image, adding it to SealSkin is as simple as adding an entry to your YAML file:
- id: my-custom-app
name: My Corporate Tool
provider: docker
provider_config:
image: my-registry.com/my-tool:latest
port: 3000
nvidia_support: true
open_support: true
extensions:
- *text_filesCustom Launch Logic
For the magic that allows you to right-click a file in Chrome and have it appear inside the remote application, we use Autostart Scripts. These are simple shell scripts associated with the app that handle the logic of taking the file path passed by SealSkin and launching the application command (e.g., gimp /tmp/downloaded_image.png).
You can view the structure, the apps.yml spec, and all our autostart logic at our repository:
https://github.com/linuxserver/sealskin-apps
The Library
Our entire desktop catalog based on Selkies baseimages works with SealSkin. Here is what is available right now:
WebTop Flavors
lscr.io/linuxserver/webtop:TAGNAME
| Tag | Desktop | Distro |
|---|---|---|
latest |
XFCE | Alpine |
alpine-i3 |
i3 | Alpine |
alpine-mate |
MATE | Alpine |
arch-i3 |
i3 | Arch |
arch-kde |
KDE | Arch |
arch-mate |
MATE | Arch |
arch-xfce |
XFCE | Arch |
debian-i3 |
i3 | Debian |
debian-kde |
KDE | Debian |
debian-mate |
MATE | Debian |
debian-xfce |
XFCE | Debian |
el-i3 |
i3 | Enterprise Linux |
el-mate |
MATE | Enterprise Linux |
el-xfce |
XFCE | Enterprise Linux |
fedora-i3 |
i3 | Fedora |
fedora-kde |
KDE | Fedora |
fedora-mate |
MATE | Fedora |
fedora-xfce |
XFCE | Fedora |
ubuntu-i3 |
i3 | Ubuntu |
ubuntu-kde |
KDE | Ubuntu |
ubuntu-mate |
MATE | Ubuntu |
ubuntu-xfce |
XFCE | Ubuntu |
Application Containers
altus
ardour
audacity
azahar
bambustudio
blender
boinc
brave
calibre
calligra
chrome
chromium
citron
cura
darktable
digikam
dogwalk
dolphin
doublecommander
duckstation
ferdium
filezilla
firefox
flycast
freecad
gimp
github-desktop
gitqlient
gzdoom
handbrake
inkscape
joplin
kali-linux
kdenlive
keepassxc
kicad
krita
libreoffice
librewolf
lollypop
mame
mediaelch
melonds
msedge
mullvad-browser
mysql-workbench
obsidian
onlyoffice
opera
pcsx2
pidgin
qdirstat
rawtherapee
remmina
retroarch
rpcs3
rustdesk
shotcut
spotube
sqlitebrowser
ungoogled-chromium
vscodium
webcord
weixin
wireshark
wps-office
xemu
yaak
zen
zotero
Join Us
SealSkin is Open Source. It is self-hosted. It is yours.
This is an Early Adoption phase. We have built the foundation, but we need your help to refine it. We invite you to install it, break it, build amazing things in the App Lab, and tell us about it. If you find bugs or have feature requests, please file them HERE
Hop on our Discord and let's build the future of the web-based desktop sessions together.