MinimalDesktop/run.sh

+#!/bin/bash
+docker run -v$PWD/:/data -p8590:8590 -eBASE_PORT=8590 -eAUTH_PASS=testpass -it minimaldesktop

MinimalMetaDesktop/Dockerfile

-FROM ubuntu:18.04
-MAINTAINER Stefano Alberto Russo <stefano.russo@gmail.com>
-
-#----------------------
-# Basics
-#----------------------
-
-# Set non-interactive
-ENV DEBIAN_FRONTEND noninteractive
-
-# Update first of all
-RUN apt-get update
-
-# Utilities
-RUN apt-get install -y nano telnet unzip wget supervisor build-essential python-dev git-core openjdk-8-jre
-
-
-#------------------------
-# "Meta" user
-#------------------------
-
-# Add group. We chose GID 65527 to try avoiding conflicts.
-RUN groupadd -g 65527 metauser
-
-# Add user. We chose UID 65527 to try avoiding conflicts.
-RUN useradd metauser -d /home/metauser -u 65527 -g 65527 -m -s /bin/bash
-
-# Add metuaser user to sudoers
-RUN adduser metauser sudo
-
-# Install suodo
-RUN apt-get install sudo -y
-
-# No pass sudo (for everyone, actually)
-COPY files/sudoers /etc/sudoers
-
-#------------------------
-# Supervisor conf
-#------------------------
-
-# Supervisord conf
-COPY files/supervisord.conf /etc/supervisor/
-
-#------------------------
-# VNC
-#------------------------
-
-# Install xvfb that triggers minimal install of X base packages and xterm as sample application
-RUN apt-get install xvfb xterm  -y
-
-# Install base packages for VNC server and headless desktop (2)
-#RUN cd /opt && wget https://bintray.com/tigervnc/stable/download_file?file_path=tigervnc-1.8.0.x86_64.tar.gz -O tigervnc-1.8.0.x86_64.tar.gz \
-#            && tar -zxvf tigervnc-1.8.0.x86_64.tar.gz \
-#            && mv tigervnc-1.8.0.x86_64 tigervnc
-
-# Supervisord configuration
-COPY files/supervisord_kasm.conf /etc/supervisor/conf.d/
-COPY files/run_kasm.sh /etc/supervisor/conf.d/
-RUN chmod 755 /etc/supervisor/conf.d/run_kasm.sh
-
-# Kasm VNC (modded by gtaffoni to use a socket named by an env var)
-COPY files/kasmvnc-Linux-x86_64-0.9.tar.gz /tmp
-RUN sudo tar xz --strip 1 -C / -f /tmp/kasmvnc-Linux-x86_64-0.9.tar.gz && rm /tmp/kasmvnc-Linux-x86_64-0.9.tar.gz
-RUN mkdir /usr/local/share/kasmvnc/certs
-RUN chown metauser:metauser /usr/local/share/kasmvnc/certs
-COPY files/index.html /usr/local/share/kasmvnc/www/
-
-# Other utilities
-RUN apt-get install -y net-tools
-
-# X environment setup/startup
-RUN apt-get install fluxbox -y
-RUN mkdir -p /metauser_home_vanilla/.vnc
-COPY files/config  /metauser_home_vanilla/.vnc
-COPY files/xstartup /metauser_home_vanilla/.vnc
-RUN chmod 755 /metauser_home_vanilla/.vnc/xstartup
-RUN chown -R metauser:metauser /metauser_home_vanilla/.vnc
-
-# Prepare for logs
-RUN mkdir /metauser_home_vanilla/.logs && chown metauser:metauser /metauser_home_vanilla/.logs
-
-# Rename metauser home folder as a "vanilla" home folder
-#RUN mv /home/metauser /metauser_home_vanilla
-
-# Add fluxbox customisations
-COPY files/dot_fluxbox /metauser_home_vanilla/.fluxbox
-RUN chown -R metauser:metauser /metauser_home_vanilla/.fluxbox
-COPY files/background.jpg /usr/share/images/fluxbox/background.jpg
-
-
-
-# Give write access to anyone to the home folder so the entrypoint will be able
-# to copy over the /home/matauser_vanilla into /home/metauser (for Singularity)
-RUN chmod 777 /home
-
-
-#----------------------
-# Entrypoint
-#----------------------
-
-# Copy entrypoint
-COPY files/entrypoint.sh /
-
-# Give right permissions
-RUN chmod 755 /entrypoint.sh
-
-# Set entrypoint
-ENTRYPOINT ["/entrypoint.sh"]
-
-# Set user (mainly for Singularity)
-USER metauser
-
-# To access: expose 8590/tcp and 5900/tcp
-ENV CONTAINER_NAME='minimalmetadesktop'

MinimalMetaDesktop/build.sh

-#!/bin/bash
-
-docker build  . -t minimalmetadesktop

MinimalMetaDesktop/files/config

-## Supported server options to pass to vncserver upon invocation can be listed
-## in this file. See the following manpages for more: vncserver(1) Xvnc(1).
-## Several common ones are shown below. Uncomment and modify to your liking.
-##
-# securitytypes=vncauth,tlsvnc
-# desktop=sandbox
-# geometry=2000x1200
-# localhost
-# alwaysshared
-username=metauser

MinimalMetaDesktop/files/index.html

-<html>
-<head>
-<script type="text/javascript">
-function redirecter(){
-    window.location = "./vnc.html"
-}
-</script>
-</head>
-<body onLoad="redirecter()">
-Access VNC: click <a href="./vnc.html">here</a>.
-</body>
-</html>
\ No newline at end of file

MinimalMetaDesktop/files/run_kasm.sh

-#!/bin/bash
-
-# Exec KasmVNC server 
-
-if [ "x$BASE_PORT" == "x" ]; then
-    BASE_PORT=8590
-    DESKTOP_NUMBER=1
-else
-    DESKTOP_NUMBER=$(($BASE_PORT-5900+1))
-fi
-
-if [ "x$KASMSOCK" == "xTrue" ]; then
-    export SOCKET_PORT=$(( $RANDOM % 50 + 1 ))
-fi
-
-if [ "x$VNC_AUTH" == "xTrue" ]; then
-     echo "[INFO] Setting new certificate for VNC"
-     openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /home/metauser/.vnc/self.pem -out /home/metauser/.vnc/self.pem -subj "/C=IT/ST=None/L=None/O=INAF/OU=OATs/CN=kasm/emailAddress=none@none.none" 
-     /usr/local/bin/vncserver :$DESKTOP_NUMBER -depth 24 -geometry 1280x1050 -websocketPort $BASE_PORT -cert /home/metauser/.vnc/self.pem -sslOnly -FrameRate=24 -interface 0.0.0.0
-else
-     /usr/local/bin/vncserver :$DESKTOP_NUMBER -depth 24 -geometry 1280x1050 -websocketPort $BASE_PORT -FrameRate=24 -interface 0.0.0.0
-fi
-
-# Check it is running. If it is not, exit
-while true
-do
-
-    #PSOUT=$(ps -ef | grep /usr/local/bin/Xvnc | grep SecurityTypes) 
-    PSOUT=$(ps -ef | grep /usr/local/bin/Xvnc) 
-
-    if [[ "x$PSOUT" == "x" ]] ; then
-        exit 1
-    fi
-
-	# Sleep other 10 secs before re-checking
-	sleep 10
-
-done

MinimalMetaDesktop/files/supervisord.conf

-; supervisor config file (modified for our own purpose)
-
-[unix_http_server]
-file=/home/metauser/.supervisor.sock   ; (the path to the socket file)
-chmod=0700                             ; sockef file mode (default 0700)
-
-[supervisord]
-logfile=/home/metauser/.logs/supervisord.log   ; (main log file;default $CWD/supervisord.log)
-pidfile=/home/metauser/.logs/supervisord.pid   ; (supervisord pidfile;default supervisord.pid)
-childlogdir=/home/metauser/.logs               ; ('AUTO' child log dir, default $TEMP)
-nodaemon=true                                  ; Mandatory to run Supervisor in foreground and avoid Docker to exit!
-
-; The below section must remain in the config file for RPC
-; (supervisorctl/web interface) to work, additional interfaces may be
-; added by defining them in separate rpcinterface: sections
-[rpcinterface:supervisor]
-supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
-
-[supervisorctl]
-serverurl=unix:///home/metauser/.supervisor.sock ; use a unix:// URL  for a unix socket
-
-; The [include] section can just contain the "files" setting.  This
-; setting can list multiple files (separated by whitespace or
-; newlines).  It can also contain wildcards.  The filenames are
-; interpreted as relative to this file.  Included files *cannot*
-; include files themselves.
-
-[include]
-files = /etc/supervisor/conf.d/*.conf

MinimalMetaDesktop/files/supervisord_kasm.conf

-;=======================================
-; KasmVNC service
-;=======================================
- 
-[program:kasmvnc]
- 
-; General
-directory     = /
-command       = /etc/supervisor/conf.d/run_kasm.sh
-numprocs      = 1
-autostart     = true
-autorestart   = true
-startsecs     = 10
-stopwaitsecs  = 30
-process_name  = kasmvnc
- 
-; Standard out / error
-stdout_logfile          = /home/metauser/.logs/%(program_name)s.log
-stdout_logfile_maxbytes = 5MB
-stdout_logfile_backups  = 10
-stderr_logfile          = /home/metauser/.logs/%(program_name)s.log
-stderr_logfile_maxbytes = 5MB
-stderr_logfile_backups  = 10