MinimalDesktop/metauser_home/.vnc/config

+## Supported server options to pass to vncserver upon invocation can be listed
+## in this file. See the following manpages for more: vncserver(1) Xvnc(1).
+## Several common ones are shown below. Uncomment and modify to your liking.
+##
+# securitytypes=vncauth,tlsvnc
+# desktop=sandbox
+# geometry=2000x1200
+# localhost
+# alwaysshared

MinimalDesktop/metauser_home/logs/novnc.log

+Warning: could not find self.pem
+Using local websockify at /usr/lib/noVNC/utils/websockify/run
+Starting webserver and WebSockets proxy on port 8590
+/usr/lib/noVNC/utils/websockify/websockify/websocket.py:30: UserWarning: no 'numpy' module, HyBi protocol will be slower
+  warnings.warn("no 'numpy' module, HyBi protocol will be slower")
+WebSocket server settings:
+  - Listen on :8590
+  - Web server. Web root: /usr/lib/noVNC
+  - No SSL/TLS support (no cert file)
+  - proxying from :8590 to localhost:5900
+172.17.0.1 - - [14/May/2020 15:23:37] 172.17.0.1: Plain non-SSL (ws://) WebSocket connection
+172.17.0.1 - - [14/May/2020 15:23:37] 172.17.0.1: Path: '/websockify'
+172.17.0.1 - - [14/May/2020 15:23:37] connecting to: localhost:5900
+172.17.0.1: ignoring socket not ready
+172.17.0.1: ignoring socket not ready
+Warning: could not find self.pem
+Using local websockify at /usr/lib/noVNC/utils/websockify/run
+Starting webserver and WebSockets proxy on port 8590
+/usr/lib/noVNC/utils/websockify/websockify/websocket.py:30: UserWarning: no 'numpy' module, HyBi protocol will be slower
+  warnings.warn("no 'numpy' module, HyBi protocol will be slower")
+WebSocket server settings:
+  - Listen on :8590
+  - Web server. Web root: /usr/lib/noVNC
+  - No SSL/TLS support (no cert file)
+  - proxying from :8590 to localhost:5900
+172.17.0.1: ignoring socket not ready
+172.17.0.1 - - [14/May/2020 15:24:09] 172.17.0.1: Plain non-SSL (ws://) WebSocket connection
+172.17.0.1 - - [14/May/2020 15:24:09] 172.17.0.1: Path: '/websockify'
+172.17.0.1 - - [14/May/2020 15:24:09] connecting to: localhost:5900
+172.17.0.1: ignoring socket not ready
+172.17.0.1: ignoring socket not ready

MinimalDesktop/metauser_home/logs/supervisord.log

+2020-05-14 15:23:25,726 INFO Included extra file "/etc/supervisor/conf.d/supervisord_novnc.conf" during parsing
+2020-05-14 15:23:25,727 INFO Included extra file "/etc/supervisor/conf.d/supervisord_vnc.conf" during parsing
+2020-05-14 15:23:25,743 INFO RPC interface 'supervisor' initialized
+2020-05-14 15:23:25,744 CRIT Server 'unix_http_server' running without any HTTP authentication checking
+2020-05-14 15:23:25,748 INFO supervisord started with pid 1
+2020-05-14 15:23:26,758 INFO spawned: 'novnc' with pid 18
+2020-05-14 15:23:26,768 INFO spawned: 'vnc' with pid 19
+2020-05-14 15:23:29,884 INFO reaped unknown pid 44
+2020-05-14 15:23:36,915 INFO success: novnc entered RUNNING state, process has stayed up for > than 10 seconds (startsecs)
+2020-05-14 15:23:36,917 INFO success: vnc entered RUNNING state, process has stayed up for > than 10 seconds (startsecs)
+2020-05-14 15:23:53,706 WARN received SIGINT indicating exit request
+2020-05-14 15:23:53,712 INFO waiting for novnc, vnc to die
+2020-05-14 15:23:54,721 INFO stopped: vnc (terminated by SIGTERM)
+2020-05-14 15:23:54,723 INFO stopped: novnc (terminated by SIGTERM)
+2020-05-14 15:23:57,760 INFO Included extra file "/etc/supervisor/conf.d/supervisord_novnc.conf" during parsing
+2020-05-14 15:23:57,761 INFO Included extra file "/etc/supervisor/conf.d/supervisord_vnc.conf" during parsing
+2020-05-14 15:23:57,776 INFO RPC interface 'supervisor' initialized
+2020-05-14 15:23:57,777 CRIT Server 'unix_http_server' running without any HTTP authentication checking
+2020-05-14 15:23:57,783 INFO supervisord started with pid 1
+2020-05-14 15:23:58,799 INFO spawned: 'novnc' with pid 11
+2020-05-14 15:23:58,808 INFO spawned: 'vnc' with pid 12
+2020-05-14 15:24:01,917 INFO reaped unknown pid 37
+2020-05-14 15:24:09,051 INFO success: novnc entered RUNNING state, process has stayed up for > than 10 seconds (startsecs)
+2020-05-14 15:24:09,057 INFO success: vnc entered RUNNING state, process has stayed up for > than 10 seconds (startsecs)
+2020-05-14 15:24:17,133 WARN received SIGINT indicating exit request
+2020-05-14 15:24:17,136 INFO waiting for novnc, vnc to die
+2020-05-14 15:24:18,140 INFO stopped: vnc (terminated by SIGTERM)
+2020-05-14 15:24:18,145 INFO stopped: novnc (terminated by SIGTERM)

MinimalDesktop/metauser_home/logs/vnc.log

+xauth:  file /home/metauser/.Xauthority does not exist
+
+New '8424db806320:0 ()' desktop is 8424db806320:0
+
+Creating default config /home/metauser/.vnc/config
+Starting applications specified in /opt/tigervnc/xstartup
+Log file is /home/metauser/.vnc/8424db806320:0.log
+
+
+New 'f4fd1f7a7af8:0 ()' desktop is f4fd1f7a7af8:0
+
+Starting applications specified in /opt/tigervnc/xstartup
+Log file is /home/metauser/.vnc/f4fd1f7a7af8:0.log
+

MinimalDesktop/run.sh

+#!/bin/bash
+docker run -v$PWD/:/data -p8590:8590 -eBASE_PORT=8590 -eAUTH_PASS=testpass -it minimaldesktop

SSH/Dockerfile

@@ -11,18 +11,18 @@ RUN apt-get install openssh-server  -y
 RUN echo "metauser:metapass" | chpasswd
 
 # Set entrypoint command
-COPY files/entrypoint.sh /entrypoint.sh
-RUN chmod 755 /entrypoint.sh
-ENV DEFAULT_ENTRYPOINT_COMMAND="/entrypoint.sh"
+COPY files/entrypoint.sh /usr/bin/entrypoint.sh
+RUN chmod 755 /usr/bin/entrypoint.sh
+ENV DEFAULT_ENTRYPOINT_COMMAND="/usr/bin/entrypoint.sh"
 
 # Fix home permissions
 RUN chmod 777 /home
 
-# Set user (mainly for Singularity)
+# Set user
 USER metauser
 
 # Set container name
-ENV CONTAINER_NAME='SSH'
+ENV CONTAINER_NAME='ssh'
 
 
 

X11Web/Dockerfile

+FROM base
+MAINTAINER Stefano Alberto Russo <stefano.russo@inaf.it>
+
+# Switch to root
+USER root
+
+#------------------------
+# Supervisord
+#------------------------
+
+# In this container we need to use supervisord as we have two servoces (VNC and noVNC)
+
+# Supervisord conf
+COPY files/supervisord.conf /etc/supervisor/
+
+# VNC supervisord conf
+COPY files/supervisord_vnc.conf /etc/supervisor/conf.d/
+COPY files/run_vnc.sh /etc/supervisor/conf.d/
+RUN chmod 755 /etc/supervisor/conf.d/run_vnc.sh
+
+# noVNC supervisord conf
+COPY files/supervisord_novnc.conf /etc/supervisor/conf.d/
+COPY files/run_novnc.sh /etc/supervisor/conf.d/
+RUN chmod 755 /etc/supervisor/conf.d/run_novnc.sh
+
+
+#------------------------
+# VNC
+#------------------------
+
+# Install xvfb that triggers minimal install of X base packages and xterm as sample application
+RUN apt-get install xvfb xterm net-tools -y
+
+# Install base packages for VNC server and headless desktop (2)
+COPY files/tigervnc-1.8.0.x86_64.tar.gz /opt/tigervnc-1.8.0.x86_64.tar.gz
+RUN cd /opt && tar -zxvf tigervnc-1.8.0.x86_64.tar.gz && mv tigervnc-1.8.0.x86_64 tigervnc
+
+# Web VNC (noVNC) v0.6.1.
+# NOTE: this is a custom version from Doro Wu (fcwu.tw@gmail.com).
+# TODO: Check differences and maybe move to 0.6.2
+COPY files/noVNC.tar.gz /usr/lib/
+RUN cd /usr/lib/ && tar -zxvf noVNC.tar.gz
+COPY files/index.html /usr/lib/noVNC
+
+# X environment setup/startup
+COPY files/xstartup /opt/tigervnc/
+RUN chmod 755 /opt/tigervnc/xstartup
+
+
+#------------------------
+# Post-intall
+#------------------------
+
+# Fix home permissions
+RUN chmod 777 /home
+
+# Set entrypoint command
+ENV DEFAULT_ENTRYPOINT_COMMAND="supervisord"
+
+# Set user
+USER metauser
+
+# Set container name
+ENV CONTAINER_NAME='x11web'
+
+
+

X11Web/build.sh

+#!/bin/bash
+
+docker build  . -t x11web

X11Web/files/index.html

+<html>
+<head>
+<script type="text/javascript">
+function redirecter(){
+    window.location = "./vnc.html?autoconnect=true&resize=remote"
+}
+</script>
+</head>
+<body onLoad="redirecter()">
+Access VNC: click <a href="./vnc.html?autoconnect=true&resize=remote">here</a>.
+</body>
+</html>
\ No newline at end of file

X11Web/files/run_novnc.sh

+#!/bin/bash
+
+# Exec TigerVNC server 
+
+if [ "x$BASE_PORT" == "x" ]; then
+    /usr/lib/noVNC/utils/launch.sh --listen 8590
+    echo "Running noVNC on port 8590"
+else
+    /usr/lib/noVNC/utils/launch.sh --listen $BASE_PORT --vnc localhost:$(($BASE_PORT+1))
+    echo "Running noVNC on port $BASE_PORT and connecting to VNC on port $(($BASE_PORT+1))"
+
+fi

X11Web/files/run_vnc.sh

+#!/bin/bash
+
+# Exec TigerVNC server 
+
+# Set port
+if [ "x$BASE_PORT" == "x" ]; then
+    DESKTOP_NUMBER=0
+else
+    DESKTOP_NUMBER=$(($BASE_PORT-5900+1))
+fi
+
+
+# Set password
+if [ "x$AUTH_PASS" != "x" ]; then
+    echo "[INFO] Setting up VNC password..."
+    mkdir -p /home/metauser/.vnc
+    /opt/tigervnc/usr/bin/vncpasswd -f <<< $AUTH_PASS > /home/metauser/.vnc/passwd
+    chmod 600 /home/metauser/.vnc/passwd
+    export VNC_AUTH=True
+else
+    echo "[INFO] Not setting up any VNC password"           
+fi
+
+
+# Run VNC server
+if [ "x$VNC_AUTH" == "xTrue" ]; then
+    /opt/tigervnc/usr/bin/vncserver :$DESKTOP_NUMBER -SecurityTypes vncauth,tlsvnc -xstartup /opt/tigervnc/xstartup
+else
+    /opt/tigervnc/usr/bin/vncserver :$DESKTOP_NUMBER -SecurityTypes None -xstartup /opt/tigervnc/xstartup
+fi
+
+
+# Check if VNC is running. If it is not, exit
+while true
+do
+
+    PSOUT=$(ps -ef | grep /opt/tigervnc/usr/bin/Xvnc | grep SecurityTypes) 
+
+    if [[ "x$PSOUT" == "x" ]] ; then
+        exit 1
+    fi
+
+	# Sleep other 10 secs before re-checking
+	sleep 10
+
+done

X11Web/files/supervisord.conf

+; supervisor config file (modified for our own purpose)
+
+[unix_http_server]
+file=/home/metauser/.supervisor.sock   ; (the path to the socket file)
+chmod=0700                             ; sockef file mode (default 0700)
+
+[supervisord]
+logfile=/home/metauser/.logs/supervisord.log   ; (main log file;default $CWD/supervisord.log)
+pidfile=/home/metauser/.logs/supervisord.pid   ; (supervisord pidfile;default supervisord.pid)
+childlogdir=/home/metauser/.logs               ; ('AUTO' child log dir, default $TEMP)
+nodaemon=true                                  ; Mandatory to run Supervisor in foreground and avoid Docker to exit!
+
+; The below section must remain in the config file for RPC
+; (supervisorctl/web interface) to work, additional interfaces may be
+; added by defining them in separate rpcinterface: sections
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///home/metauser/.supervisor.sock ; use a unix:// URL  for a unix socket
+
+; The [include] section can just contain the "files" setting.  This
+; setting can list multiple files (separated by whitespace or
+; newlines).  It can also contain wildcards.  The filenames are
+; interpreted as relative to this file.  Included files *cannot*
+; include files themselves.
+
+[include]
+files = /etc/supervisor/conf.d/*.conf

X11Web/files/supervisord_novnc.conf

+;=======================================
+; noVNC service
+;=======================================
+ 
+[program:novnc]
+ 
+; General
+directory     = /usr/lib/noVNC/
+command       = /etc/supervisor/conf.d/run_novnc.sh
+numprocs      = 1
+autostart     = true
+autorestart   = true
+startsecs     = 10
+stopwaitsecs  = 30
+process_name  = novnc
+ 
+; Standard out / error
+stdout_logfile          = /home/metauser/.logs/%(program_name)s.log
+stdout_logfile_maxbytes = 5MB
+stdout_logfile_backups  = 10
+stderr_logfile          = /home/metauser/.logs/%(program_name)s.log
+stderr_logfile_maxbytes = 5MB
+stderr_logfile_backups  = 10

X11Web/files/supervisord_vnc.conf

+;=======================================
+; VNC service
+;=======================================
+ 
+[program:vnc]
+ 
+; General
+directory     = /
+command       = /etc/supervisor/conf.d/run_vnc.sh
+numprocs      = 1
+autostart     = true
+autorestart   = true
+startsecs     = 10
+stopwaitsecs  = 30
+process_name  = vnc
+ 
+; Standard out / error
+stdout_logfile          = /home/metauser/.logs/%(program_name)s.log
+stdout_logfile_maxbytes = 5MB
+stdout_logfile_backups  = 10
+stderr_logfile          = /home/metauser/.logs/%(program_name)s.log
+stderr_logfile_maxbytes = 5MB
+stderr_logfile_backups  = 10

X11Web/files/xstartup

+#!/bin/sh
+
+cd /home/metauser
+
+unset SESSION_MANAGER
+unset DBUS_SESSION_BUS_ADDRESS
+OS=`uname -s`
+if [ $OS = 'Linux' ]; then
+  case "$WINDOWMANAGER" in
+    *gnome*)
+      if [ -e /etc/SuSE-release ]; then
+        PATH=$PATH:/opt/gnome/bin
+        export PATH
+      fi
+      ;;
+  esac
+fi
+if [ -x /etc/X11/xinit/xinitrc ]; then
+  exec /etc/X11/xinit/xinitrc
+fi
+if [ -f /etc/X11/xinit/xinitrc ]; then
+  exec sh /etc/X11/xinit/xinitrc
+fi
+[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
+
+# Set password
+if [ "x$X11_ENTRYPOINT_COMMAND" = "x" ]; then
+    xsetroot -solid grey
+    xterm -geometry 80x24+10+10 -ls -title "Desktop" /bin/bash &
+else
+    $X11_ENTRYPOINT_COMMAND
+fi
+
+
+

X11Web/metauser_home/.bash_logout

+# ~/.bash_logout: executed by bash(1) when login shell exits.
+
+# when leaving the console clear the screen to increase privacy
+
+if [ "$SHLVL" = 1 ]; then
+    [ -x /usr/bin/clear_console ] && /usr/bin/clear_console -q
+fi

X11Web/metauser_home/.bashrc

+# ~/.bashrc: executed by bash(1) for non-login shells.
+# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
+# for examples
+
+# If not running interactively, don't do anything
+case $- in
+    *i*) ;;
+      *) return;;
+esac
+
+# don't put duplicate lines or lines starting with space in the history.
+# See bash(1) for more options
+HISTCONTROL=ignoreboth
+
+# append to the history file, don't overwrite it
+shopt -s histappend
+
+# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
+HISTSIZE=1000
+HISTFILESIZE=2000
+
+# check the window size after each command and, if necessary,
+# update the values of LINES and COLUMNS.
+shopt -s checkwinsize
+
+# If set, the pattern "**" used in a pathname expansion context will
+# match all files and zero or more directories and subdirectories.
+#shopt -s globstar
+
+# make less more friendly for non-text input files, see lesspipe(1)
+[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
+
+# set variable identifying the chroot you work in (used in the prompt below)
+if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
+    debian_chroot=$(cat /etc/debian_chroot)
+fi
+
+# set a fancy prompt (non-color, unless we know we "want" color)
+case "$TERM" in
+    xterm-color|*-256color) color_prompt=yes;;
+esac
+
+# uncomment for a colored prompt, if the terminal has the capability; turned
+# off by default to not distract the user: the focus in a terminal window
+# should be on the output of commands, not on the prompt
+#force_color_prompt=yes
+
+if [ -n "$force_color_prompt" ]; then
+    if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
+	# We have color support; assume it's compliant with Ecma-48
+	# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
+	# a case would tend to support setf rather than setaf.)
+	color_prompt=yes
+    else
+	color_prompt=
+    fi
+fi
+
+if [ "$color_prompt" = yes ]; then
+    PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
+else
+    PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
+fi
+unset color_prompt force_color_prompt
+
+# If this is an xterm set the title to user@host:dir
+case "$TERM" in
+xterm*|rxvt*)
+    PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
+    ;;
+*)
+    ;;
+esac
+
+# enable color support of ls and also add handy aliases
+if [ -x /usr/bin/dircolors ]; then
+    test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
+    alias ls='ls --color=auto'
+    #alias dir='dir --color=auto'
+    #alias vdir='vdir --color=auto'
+
+    alias grep='grep --color=auto'
+    alias fgrep='fgrep --color=auto'
+    alias egrep='egrep --color=auto'
+fi
+
+# colored GCC warnings and errors
+#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
+
+# some more ls aliases
+alias ll='ls -alF'
+alias la='ls -A'
+alias l='ls -CF'
+
+# Add an "alert" alias for long running commands.  Use like so:
+#   sleep 10; alert
+alias alert='notify-send --urgency=low -i "$([ $? = 0 ] && echo terminal || echo error)" "$(history|tail -n1|sed -e '\''s/^\s*[0-9]\+\s*//;s/[;&|]\s*alert$//'\'')"'
+
+# Alias definitions.
+# You may want to put all your additions into a separate file like
+# ~/.bash_aliases, instead of adding them here directly.
+# See /usr/share/doc/bash-doc/examples in the bash-doc package.
+
+if [ -f ~/.bash_aliases ]; then
+    . ~/.bash_aliases
+fi
+
+# enable programmable completion features (you don't need to enable
+# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
+# sources /etc/bash.bashrc).
+if ! shopt -oq posix; then
+  if [ -f /usr/share/bash-completion/bash_completion ]; then
+    . /usr/share/bash-completion/bash_completion
+  elif [ -f /etc/bash_completion ]; then
+    . /etc/bash_completion
+  fi
+fi
+export PS1="${debian_chroot:+($debian_chroot)}\u@$CONTAINER_NAME@\h:\w\$ "
+export PS1="${debian_chroot:+($debian_chroot)}\u@$CONTAINER_NAME@\h:\w\$ "