From d050236248492a394000f98e2fe719d172898d57 Mon Sep 17 00:00:00 2001 From: Ryan Kuba Date: Mon, 4 Apr 2022 16:31:55 +0000 Subject: [PATCH] Resolve KASM-2437 "Feature/ opensuse 15 images" --- .gitlab-ci.yml | 36 ++++++ builder/build.sh | 4 + builder/bump-package-version-rpm | 3 +- .../dockerfile.opensuse_15.barebones.rpm.test | 39 +++++++ builder/dockerfile.opensuse_15.build | 59 ++++++++++ builder/dockerfile.opensuse_15.rpm.build | 24 ++++ opensuse/kasmvncserver.spec | 105 ++++++++++++++++++ 7 files changed, 269 insertions(+), 1 deletion(-) create mode 100644 builder/dockerfile.opensuse_15.barebones.rpm.test create mode 100644 builder/dockerfile.opensuse_15.build create mode 100644 builder/dockerfile.opensuse_15.rpm.build create mode 100644 opensuse/kasmvncserver.spec diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 607cd0e..4349608 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -299,6 +299,42 @@ build_oracle_8_arm: paths: - output/ +build_opensuse_15: + stage: build + allow_failure: true + before_script: + - *prepare_build + - *prepare_www + after_script: + - *prepare_artfacts + script: + - bash builder/build-package opensuse 15; + only: + variables: + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME + artifacts: + paths: + - output/ + +build_opensuse_15_arm: + stage: build + allow_failure: true + tags: + - arm + before_script: + - *prepare_build + - *prepare_www + after_script: + - *prepare_artfacts + script: + - bash builder/build-package opensuse 15; + only: + variables: + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME + artifacts: + paths: + - output/ + upload: stage: upload image: ubuntu:focal diff --git a/builder/build.sh b/builder/build.sh index 8ace18f..c7a6168 100755 --- a/builder/build.sh +++ b/builder/build.sh @@ -56,6 +56,10 @@ autoreconf -i # everything after that is based on BUILDING.txt to remove unneeded # components. ensure_crashpad_can_fetch_line_number_by_address +# remove gl check for opensuse +if [ "${KASMVNC_BUILD_OS}" == "opensuse" ]; then + sed -i 's/LIBGL="gl >= 7.1.0"/LIBGL="gl >= 1.1"/g' configure +fi ./configure --prefix=/opt/kasmweb \ --with-xkb-path=/usr/share/X11/xkb \ --with-xkb-output=/var/lib/xkb \ diff --git a/builder/bump-package-version-rpm b/builder/bump-package-version-rpm index d46720c..d2066d7 100755 --- a/builder/bump-package-version-rpm +++ b/builder/bump-package-version-rpm @@ -4,7 +4,8 @@ set -eo pipefail new_version="$1" specs="centos/kasmvncserver.spec -oracle/kasmvncserver.spec" +oracle/kasmvncserver.spec +opensuse/kasmvncserver.spec" bump_version() { sed -i "s/^Version:.\+/Version: $new_version/" "$1" diff --git a/builder/dockerfile.opensuse_15.barebones.rpm.test b/builder/dockerfile.opensuse_15.barebones.rpm.test new file mode 100644 index 0000000..129cd60 --- /dev/null +++ b/builder/dockerfile.opensuse_15.barebones.rpm.test @@ -0,0 +1,39 @@ +FROM opensuse/leap:15 + +# base tools +RUN zypper -n install -y \ + less \ + vim \ + xterm + +# deps and rpm install +RUN zypper -n install -y \ + libglvnd \ + libgnutls30 \ + libgomp1 \ + libjpeg8 \ + libnettle6 \ + libpixman-1-0 \ + libXdmcp6 \ + libXfont2-2 \ + libxkbcommon-x11-0 \ + openssl \ + perl \ + x11-tools \ + xauth \ + xkbcomp \ + xkeyboard-config && \ + mkdir -p /etc/pki/tls/private + +ARG KASMVNC_PACKAGE_DIR +COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp +RUN rpm -i /tmp/*.rpm + +RUN useradd -m foo + +USER foo:kasmvnc-cert + +RUN mkdir ~/.vnc && echo '/usr/bin/xterm &' >> ~/.vnc/xstartup && \ + chmod +x ~/.vnc/xstartup + +ENTRYPOINT bash -c "echo -e \"$VNC_PW\n$VNC_PW\n\" | kasmvncpasswd -w -u \"$VNC_USER\" && vncserver :1 -interface 0.0.0.0 && vncserver -kill :1 && vncserver :1 -depth 24 -geometry 1280x1050 -websocketPort 6901 -cert /etc/pki/tls/private/kasmvnc.pem -sslOnly -FrameRate=24 -interface 0.0.0.0 -httpd /usr/share/kasmvnc/www && tail -f $HOME/.vnc/*.log " diff --git a/builder/dockerfile.opensuse_15.build b/builder/dockerfile.opensuse_15.build new file mode 100644 index 0000000..e0840dc --- /dev/null +++ b/builder/dockerfile.opensuse_15.build @@ -0,0 +1,59 @@ +FROM opensuse/leap:15 + +ENV KASMVNC_BUILD_OS opensuse +ENV KASMVNC_BUILD_OS_CODENAME 15 +ENV XORG_VER 1.20.3 + +# Install depends +RUN zypper install -ny \ + bdftopcf \ + bigreqsproto-devel \ + cmake \ + ffmpeg-4-libavcodec-devel \ + fonttosfnt \ + font-util \ + gcc \ + gcc-c++ \ + giflib-devel \ + git \ + gzip \ + lbzip2 \ + libbz2-devel \ + libGLw-devel \ + libgnutls-devel \ + libjpeg8-devel \ + libopenssl-devel \ + libpng16-devel \ + libtiff-devel \ + libXfont2-devel \ + libxkbcommon-x11-devel \ + make \ + Mesa-dri \ + Mesa-libglapi-devel \ + mkfontdir \ + mkfontscale \ + patch \ + tigervnc \ + wget \ + xcmiscproto-devel \ + xorg-x11-devel \ + xorg-x11-server-sdk \ + xorg-x11-util-devel \ + zlib-devel + +# Additions for webp +RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz +RUN cd /tmp && tar -xzf /tmp/libwebp-* +RUN cd /tmp/libwebp-1.0.2 && \ + ./configure --enable-static --disable-shared && \ + make && make install + +RUN useradd -u 1000 docker && \ + groupadd -g 1000 docker && \ + usermod -a -G docker docker + +COPY --chown=docker:docker . /src/ + + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.opensuse_15.rpm.build b/builder/dockerfile.opensuse_15.rpm.build new file mode 100644 index 0000000..9cfe154 --- /dev/null +++ b/builder/dockerfile.opensuse_15.rpm.build @@ -0,0 +1,24 @@ +FROM opensuse/leap:15 + +ENV KASMVNC_BUILD_OS opensuse +ENV KASMVNC_BUILD_OS_CODENAME 15 + +RUN zypper -n install -y \ + gpg* \ + less \ + lsb-release \ + rng-tools \ + rpm-build \ + rpmdevtools \ + rpmlint \ + tree \ + vim + +COPY opensuse/*.spec /tmp +RUN zypper -n install $(grep BuildRequires /tmp/*.spec | cut -d' ' -f2 | xargs) + +RUN useradd -u 1000 -m -d /home/docker docker && \ + groupadd -g 1000 docker && \ + usermod -a -G docker docker + +USER docker diff --git a/opensuse/kasmvncserver.spec b/opensuse/kasmvncserver.spec new file mode 100644 index 0000000..88edcc6 --- /dev/null +++ b/opensuse/kasmvncserver.spec @@ -0,0 +1,105 @@ +Name: kasmvncserver +Version: 0.9.3~beta +Release: leap15 +Summary: VNC server accessible from a web browser + +License: GPLv2+ +URL: https://github.com/kasmtech/KasmVNC + +BuildRequires: rsync +Requires: xauth, libxkbcommon-x11-0, xkeyboard-config, x11-tools, openssl, perl, libpixman-1-0, libnettle6, libjpeg8, libgomp1, libgnutls30, libXfont2-2, libXdmcp6, libglvnd, xkbcomp +Conflicts: tigervnc, tigervnc-x11vnc + +%description +VNC stands for Virtual Network Computing. It is, in essence, a remote +display system which allows you to view a computing `desktop' environment +not only on the machine where it is running, but from anywhere on the +Internet and from a wide variety of machine architectures. + +KasmVNC has different goals than TigerVNC: + +Web-based - KasmVNC is designed to provide a web accessible remote desktop. +It comes with a web server and web-socket server built in. There is no need to +install other components. Simply run and navigate to your desktop's URL on the +port you specify. While you can still tun on the legacy VNC port, it is +disabled by default. + +Security - KasmVNC defaults to HTTPS and allows for HTTP Basic Auth. VNC +Password authentication is limited by specification to 8 characters and is not +sufficient for use on an internet accessible remote desktop. Our goal is to +create a by default secure, web based experience. + +Simplicity - KasmVNC aims at being simple to deploy and configure. + +%prep + +%install +rm -rf $RPM_BUILD_ROOT + +TARGET_OS=$KASMVNC_BUILD_OS +TARGET_OS_CODENAME=$KASMVNC_BUILD_OS_CODENAME +TARBALL=$RPM_SOURCE_DIR/kasmvnc.${TARGET_OS}_${TARGET_OS_CODENAME}.tar.gz +TAR_DATA=$(mktemp -d) +tar -xzf "$TARBALL" -C "$TAR_DATA" + +SRC=$TAR_DATA/usr/local +SRC_BIN=$SRC/bin +DESTDIR=$RPM_BUILD_ROOT +DST_MAN=$DESTDIR/usr/share/man/man1 + +mkdir -p $DESTDIR/usr/bin $DESTDIR/usr/share/man/man1 \ + $DESTDIR/usr/share/doc/kasmvncserver +cp $SRC_BIN/Xvnc $DESTDIR/usr/bin; +cp $SRC_BIN/vncserver $DESTDIR/usr/bin; +cp $SRC_BIN/vncconfig $DESTDIR/usr/bin; +cp $SRC_BIN/kasmvncpasswd $DESTDIR/usr/bin; +cd $DESTDIR/usr/bin && ln -s kasmvncpasswd vncpasswd; +cp -r $SRC/share/doc/kasmvnc*/* $DESTDIR/usr/share/doc/kasmvncserver/ +rsync -r --exclude '.git*' --exclude po2js --exclude xgettext-html \ + --exclude www/utils/ --exclude .eslintrc \ + $SRC/share/kasmvnc $DESTDIR/usr/share +cp $SRC/man/man1/Xvnc.1 $DESTDIR/usr/share/man/man1/; +cp $SRC/share/man/man1/vncserver.1 $DST_MAN; +cp $SRC/share/man/man1/vncconfig.1 $DST_MAN; +cp $SRC/share/man/man1/vncpasswd.1 $DST_MAN; +cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1; + +%files +/usr/bin/* +/usr/share/man/man1/* +/usr/share/kasmvnc/www + +%license /usr/share/doc/kasmvncserver/LICENSE.TXT +%doc /usr/share/doc/kasmvncserver/README.md + +%changelog +* Tue Mar 22 2022 KasmTech - 0.9.3~beta-1 +* Fri Feb 12 2021 KasmTech - 0.9.1~beta-1 +- Initial release of the rpm package. + +%post + kasmvnc_group="kasmvnc-cert" + + create_kasmvnc_group() { + if ! getent group "$kasmvnc_group" >/dev/null; then + groupadd --system "$kasmvnc_group" + fi + } + + make_self_signed_certificate() { + local cert_file=/etc/pki/tls/private/kasmvnc.pem + [ -f "$cert_file" ] && return 0 + + openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \ + -keyout "$cert_file" \ + -out "$cert_file" -subj \ + "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none" + chgrp "$kasmvnc_group" "$cert_file" + chmod 640 "$cert_file" + } + + create_kasmvnc_group + make_self_signed_certificate + +%postun + rm -f /etc/pki/tls/private/kasmvnc.pem