diff --git a/builder/README.md b/builder/README.md index 41af2d8..4c80f0e 100644 --- a/builder/README.md +++ b/builder/README.md @@ -1,22 +1,31 @@ -REQIUREMENTS +## REQIUREMENTS Docker CE -# build the docker image +Each supported operating system has two dockerfiles, one for building and one for testing. This example is for building and testing Ubuntu 18.04 LTS + +### Build the docker image +```sh cd /src_code_root - sudo docker build -t kasmvncbuilder:18.04 -f builder/dockerfile.build . + sudo docker build -t kasmvncbuilder:18.04 -f builder/dockerfile.ubuntu1804.build . +``` -# run the builder +### Run the builder +```sh + mkdir -p builder/build sudo docker run -v /tmp:/build --rm kasmvncbuilder:18.04 + cp /tmp/build/kasmvnc.ubuntu_18.04.tar.gz builder/build/ +``` -# tar will be on /tmp of host - cp /tmp/kasmvnc*.tar.gz builder/ - -# build test desktop container with new binary installed +### Build test desktop container +```sh cd builder - sudo docker build -t kasmvnctester:18.04 -f dockerfile.test . + sudo docker build -t kasmvnctester:18.04 -f dockerfile.ubuntu1804.test . +``` -# run an instance of the new destkop - sudo docker run -d -p 80:6901 -p 5901:5901 -e VNCOPTIONS="-detectScrolling -PreferBandwidth -DynamicQualityMin=0" kasmvnctester:latest +### run an instance of the new destkop +```sh +sudo docker run -it -p 443:8443 --rm -e "VNC_USER=username" -e "VNC_PW=password123" kasmvnctester:18.04 +``` -open browser and point to http://IPAddress/vnc_lite.html -default password is "vncpassword" or use a VNC client +open browser and point to https:///vnc.html +The username and password were set in the docker run command diff --git a/builder/build.sh b/builder/build.sh index 87e8a02..63be78d 100755 --- a/builder/build.sh +++ b/builder/build.sh @@ -7,7 +7,10 @@ # Ubuntu applies a million patches, but here we use upstream to simplify matters cd /tmp -wget https://www.x.org/archive/individual/xserver/xorg-server-1.19.6.tar.bz2 +# default to the version of x in Ubuntu 18.04, otherwise caller will need to specify +XORG_VER=${XORG_VER:-"1.19.6"} +XORG_PATCH=$(echo "$XORG_VER" | grep -Po '^\d.\d+' | sed 's#\.##') +wget https://www.x.org/archive/individual/xserver/xorg-server-${XORG_VER}.tar.bz2 #git clone https://kasmweb@bitbucket.org/kasmtech/kasmvnc.git #cd kasmvnc @@ -23,10 +26,10 @@ sed -i -e '/find_package(FLTK/s@^@#@' \ cmake . make -j5 -tar -C unix/xserver -xvf /tmp/xorg-server-1.19.6.tar.bz2 --strip-components=1 +tar -C unix/xserver -xvf /tmp/xorg-server-${XORG_VER}.tar.bz2 --strip-components=1 cd unix/xserver -patch -Np1 -i ../xserver119.patch +patch -Np1 -i ../xserver${XORG_PATCH}.patch autoreconf -i # Configuring Xorg is long and has many distro-specific paths. # The distro paths start after prefix and end with the font path, @@ -64,4 +67,4 @@ mv release/maketarball3 release/maketarball make servertarball -cp kasmvnc*.tar.gz /build/ +cp kasmvnc*.tar.gz /build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz diff --git a/builder/dockerfile.centos7.build b/builder/dockerfile.centos7.build new file mode 100644 index 0000000..288db42 --- /dev/null +++ b/builder/dockerfile.centos7.build @@ -0,0 +1,20 @@ +FROM centos:centos7 + +RUN yum install -y build-dep xorg-server libxfont-dev sudo +RUN yum install -y cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver +RUN yum install -y libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev + +# Additions for webp +RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz +RUN cd /tmp && tar -xzvf /tmp/libwebp-* +RUN cd /tmp/libwebp-1.0.2 && \ + ./configure --enable-static --disable-shared && \ + make && make install + +RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo + +COPY . /src +RUN chown -R docker:docker /src + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.debian10.build b/builder/dockerfile.debian10.build new file mode 100644 index 0000000..99cfd10 --- /dev/null +++ b/builder/dockerfile.debian10.build @@ -0,0 +1,31 @@ +FROM debian:buster + +ENV KASMVNC_BUILD_OS debian +ENV KASMVNC_BUILD_OS_VER 10 +ENV XORG_VER 1.20.10 +ENV DEBIAN_FRONTEND noninteractive + +RUN grep '^deb' /etc/apt/sources.list | sed 's#^deb#deb-src#' >> /etc/apt/sources.list + +RUN apt-get update && \ + apt-get -y install sudo + +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata +RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev +RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver +RUN apt-get update && apt-get -y install libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev + +# Additions for webp +RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz +RUN cd /tmp && tar -xzvf /tmp/libwebp-* +RUN cd /tmp/libwebp-1.0.2 && \ + ./configure --enable-static --disable-shared && \ + make && make install + +RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo + +COPY . /src +RUN chown -R docker:docker /src + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.test b/builder/dockerfile.test deleted file mode 100644 index 742cc0a..0000000 --- a/builder/dockerfile.test +++ /dev/null @@ -1,12 +0,0 @@ -FROM kasmweb/desktop-deluxe:develop - -ENV VNCOPTIONS "-PreferBandwidth -DynamicQualityMin=3 -DynamicQualityMax=7 -detectScrolling" - -USER root - -COPY kasmvnc-Linux-x86_64-*.tar.gz /tmp/ -RUN tar -xzvf /tmp/kasmvnc-Linux-x86_64-*.tar.gz --strip 1 -C / - -USER 1000 - -CMD ["--tail-log"] diff --git a/builder/dockerfile.16.04.build b/builder/dockerfile.ubuntu1604.build similarity index 100% rename from builder/dockerfile.16.04.build rename to builder/dockerfile.ubuntu1604.build diff --git a/builder/dockerfile.build b/builder/dockerfile.ubuntu1804.build similarity index 95% rename from builder/dockerfile.build rename to builder/dockerfile.ubuntu1804.build index 7ee1a42..6c48eed 100644 --- a/builder/dockerfile.build +++ b/builder/dockerfile.ubuntu1804.build @@ -1,5 +1,8 @@ FROM ubuntu:18.04 +ENV KASMVNC_BUILD_OS ubuntu +ENV KASMVNC_BUILD_OS_VER 18.04 + RUN sed -i 's$# deb-src$deb-src$' /etc/apt/sources.list RUN apt-get update && \ diff --git a/builder/dockerfile.ubuntu1804.test b/builder/dockerfile.ubuntu1804.test new file mode 100644 index 0000000..a734c58 --- /dev/null +++ b/builder/dockerfile.ubuntu1804.test @@ -0,0 +1,51 @@ +FROM ubuntu:18.04 + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=ubuntu \ + KASMVNC_BUILD_OS_VER=18.04 + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext libjpeg-dev wget +RUN apt-get purge -y pm-utils xscreensaver* + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +COPY build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz /tmp/ +RUN tar -xzvf /tmp/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz --strip 1 -C / + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000 +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/dockerfile.ubuntu2004.build b/builder/dockerfile.ubuntu2004.build new file mode 100644 index 0000000..5540232 --- /dev/null +++ b/builder/dockerfile.ubuntu2004.build @@ -0,0 +1,31 @@ +FROM ubuntu:20.04 + +ENV KASMVNC_BUILD_OS ubuntu +ENV KASMVNC_BUILD_OS_VER 20.04 +ENV XORG_VER 1.20.8 +ENV DEBIAN_FRONTEND noninteractive + +RUN sed -i 's$# deb-src$deb-src$' /etc/apt/sources.list + +RUN apt-get update && \ + apt-get -y install sudo + +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata +RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev +RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver +RUN apt-get update && apt-get -y install libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev + +# Additions for webp +RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz +RUN cd /tmp && tar -xzvf /tmp/libwebp-* +RUN cd /tmp/libwebp-1.0.2 && \ + ./configure --enable-static --disable-shared && \ + make && make install + +RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo + +COPY . /src +RUN chown -R docker:docker /src + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.ubuntu2004.test b/builder/dockerfile.ubuntu2004.test new file mode 100644 index 0000000..37da8e8 --- /dev/null +++ b/builder/dockerfile.ubuntu2004.test @@ -0,0 +1,51 @@ +FROM ubuntu:20.04 + +ENV DISPLAY=:1 \ + VNC_PORT=8443 \ + VNC_RESOLUTION=1280x720 \ + MAX_FRAME_RATE=24 \ + VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \ + HOME=/home/user \ + TERM=xterm \ + STARTUPDIR=/dockerstartup \ + INST_SCRIPTS=/dockerstartup/install \ + KASM_RX_HOME=/dockerstartup/kasmrx \ + DEBIAN_FRONTEND=noninteractive \ + VNC_COL_DEPTH=24 \ + VNC_RESOLUTION=1280x1024 \ + VNC_PW=vncpassword \ + VNC_USER=user \ + VNC_VIEW_ONLY_PW=vncviewonlypassword \ + LD_LIBRARY_PATH=/usr/local/lib/ \ + OMP_WAIT_POLICY=PASSIVE \ + SHELL=/bin/bash \ + SINGLE_APPLICATION=0 \ + KASMVNC_BUILD_OS=ubuntu \ + KASMVNC_BUILD_OS_VER=20.04 + +EXPOSE $VNC_PORT + +WORKDIR $HOME + +### REQUIRED STUFF ### + +RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext libjpeg-dev wget +RUN apt-get purge -y pm-utils xscreensaver* + +RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc + +RUN mkdir -p $STARTUPDIR +COPY startup/ $STARTUPDIR + +### START CUSTOM STUFF #### + +COPY build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz /tmp/ +RUN tar -xzvf /tmp/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_VER}.tar.gz --strip 1 -C / + +### END CUSTOM STUFF ### + +RUN chown -R 1000:0 $HOME +USER 1000 +WORKDIR $HOME + +ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ] diff --git a/builder/startup/generate_container_user b/builder/startup/generate_container_user new file mode 100755 index 0000000..b259e7c --- /dev/null +++ b/builder/startup/generate_container_user @@ -0,0 +1,37 @@ +# Set current user in nss_wrapper +USER_ID=$(id -u) +GROUP_ID=$(id -g) +echo "USER_ID: $USER_ID, GROUP_ID: $GROUP_ID" + +# Attempt to set the username to the kasm username +USERNAME=${VNC_USER:-default} +# Make the username posix compliant +USERNAME=$(echo "$USERNAME" | sed -r 's#[^a-zA-Z0-9\._\-]#_#g') +if ! echo "$USERNAME" | grep -qP "^[a-zA-Z0-9_\.][a-zA-Z0-9_\-\.]*"; then + USERNAME="default" +fi +export PS1="$USERNAME:\w\$ " + +if [ x"$USER_ID" != x"0" ]; then + + NSS_WRAPPER_PASSWD=/tmp/passwd + NSS_WRAPPER_GROUP=/etc/group + + cat /etc/passwd > $NSS_WRAPPER_PASSWD + + echo "${USERNAME}:x:${USER_ID}:${GROUP_ID}:Default Application User:${HOME}:/bin/bash" >> $NSS_WRAPPER_PASSWD + + export NSS_WRAPPER_PASSWD + export NSS_WRAPPER_GROUP + + if [ -r /usr/lib/libnss_wrapper.so ]; then + LD_PRELOAD=/usr/lib/libnss_wrapper.so + elif [ -r /usr/lib64/libnss_wrapper.so ]; then + LD_PRELOAD=/usr/lib64/libnss_wrapper.so + else + echo "no libnss_wrapper.so installed!" + exit 1 + fi + echo "nss_wrapper location: $LD_PRELOAD" + export LD_PRELOAD +fi diff --git a/builder/startup/vnc_startup.sh b/builder/startup/vnc_startup.sh new file mode 100755 index 0000000..42ff912 --- /dev/null +++ b/builder/startup/vnc_startup.sh @@ -0,0 +1,68 @@ +#!/bin/bash +### every exit != 0 fails the script +set -e + +# should also source $STARTUPDIR/generate_container_user +source $HOME/.bashrc + +## correct forwarding of shutdown signal +cleanup () { + kill -s SIGTERM $! + exit 0 +} +trap cleanup SIGINT SIGTERM + +## resolve_vnc_connection +VNC_IP=$(hostname -i) + +# first entry is control, second is view (if only one is valid for both) +mkdir -p "$HOME/.vnc" +PASSWD_PATH="$HOME/.vnc/passwd" +echo "$VNC_PW" | kasmvncpasswd -f > $HOME/.kasmpasswd +chmod 0600 $HOME/.kasmpasswd +openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout $HOME/.vnc/self.pem -out $HOME/.vnc/self.pem -subj "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none" + +vncserver :1 -interface 0.0.0.0 +vncserver -kill :1 + +if [[ -f $PASSWD_PATH ]]; then + rm -f $PASSWD_PATH +fi + +#echo "$VNC_PW" | vncpasswd -f > $PASSWD_PATH +#echo "$VNC_VIEW_ONLY_PW" | vncpasswd -f >> $PASSWD_PATH +#chmod 600 $PASSWD_PATH + +unset VNC_VIEW_ONLY_PW +unset VNC_PW + +if [[ $DEBUG == true ]]; then + echo -e "\n------------------ start VNC server ------------------------" + echo "remove old vnc locks to be a reattachable container" +fi +vncserver -kill $DISPLAY &> $HOME/.vnc/vnc_startup.log \ + || rm -rfv /tmp/.X*-lock /tmp/.X11-unix &> $HOME/.vnc/vnc_startup.log \ + || echo "no locks present" + +echo -e "start vncserver with param: VNC_COL_DEPTH=$VNC_COL_DEPTH, VNC_RESOLUTION=$VNC_RESOLUTION\n..." +vncserver $DISPLAY -depth $VNC_COL_DEPTH -geometry $VNC_RESOLUTION -FrameRate=$MAX_FRAME_RATE -websocketPort $VNC_PORT -cert $HOME/.vnc/self.pem -sslOnly -interface 0.0.0.0 $VNCOPTIONS #&> $STARTUPDIR/no_vnc_startup.log + +PID_SUN=$! + +echo -e "start window manager\n..." +$STARTUPDIR/window_manager_startup.sh #&> $STARTUPDIR/window_manager_startup.log + +## log connect options +echo -e "\n\n------------------ VNC environment started ------------------" +echo -e "\nVNCSERVER started on DISPLAY= $DISPLAY \n\t=> connect via VNC viewer with $VNC_IP:$VNC_PORT" +echo -e "\nnoVNC HTML client started:\n\t=> connect via http://$VNC_IP:$NO_VNC_PORT/?password=...\n" +echo "WEB PID: $PID_SUB" + +# tail vncserver logs +tail -f $HOME/.vnc/*$DISPLAY.log & + +eval "$@" + +wait $PID_SUB + +echo "Exiting Kasm container" diff --git a/builder/startup/window_manager_startup.sh b/builder/startup/window_manager_startup.sh new file mode 100755 index 0000000..d5e1774 --- /dev/null +++ b/builder/startup/window_manager_startup.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash +set -e + +echo -e "\n------------------ Xfce4 window manager startup------------------" + +### disable screen saver and power management +xset -dpms & +xset s noblank & +xset s off & + +if [ "$SINGLE_APPLICATION" -eq "1" ]; then + echo "Configured of Single Application Mode" + sed -i "s/O|SHMC/|/g" $HOME/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml + #xfwm4 --daemon +fi