Run GUI apps with pulseaudio and GPU acceleration using x11docker

There are several solutions in the web to run GUi apps from within docker images. Most of them base on sharing host X socket from display :0 or using X forwarding with SSH. This has two drawbacks: It breaks container isolation due to X security leaks, and it can have bad RAM access and rendering glitches due to missing shared memory.

A solution is to run a segregated X server with MIT-SHM/shared memory disabled, thus avoiding both drawbacks and preserving container isolation from host.

I’ve scripted a tool x11docker doing this work.
It also provides pulseaudio support and GPU hardware accelerated OpenGL/GLX.
Further options allow to create a container user similar to host user, and to share a folder on host as home folder in container to preserve individual settings and files.

As second X server can be chosen between xpra, Xephyr and core X. (Sharing host display :0 is possible, too, but not recommended due to isolation loss and RAM access problems as mentioned above).

x11docker is a bash script for use in terminal, but has a GUI, too.
x11docker can run any GUI applications in docker images, there are no dependencies inside of the images.

Some example images can be found on docker hub: https://hub.docker.com/u/x11docker/

I hope this will be usefull for someone.