diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 3f5c464..63c160f 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -34,7 +34,7 @@ build: parallel: matrix: - - KASM_IMAGE: [chrome, firefox, desktop, desktop-deluxe, firefox-mobile, tor-browser, doom, edge, terminal, vmware-horizon, remmina, rdesktop, brave, discord, sublime-text, gimp, vs-code, slack, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, ubuntu-bionic-desktop, maltego, centos-7-desktop, telegram ] + - KASM_IMAGE: [chrome, chromium, firefox, desktop, desktop-deluxe, firefox-mobile, tor-browser, doom, edge, terminal, vmware-horizon, remmina, rdesktop, brave, discord, sublime-text, gimp, vs-code, slack, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, ubuntu-bionic-desktop, maltego, centos-7-desktop, telegram ] @@ -56,7 +56,7 @@ build_dev: - /^release\/.*$/ parallel: matrix: - - KASM_IMAGE: [chrome, firefox, desktop, desktop-deluxe, firefox-mobile, tor-browser, doom, edge, terminal, vmware-horizon, remmina, rdesktop, brave, discord, sublime-text, gimp, vs-code, slack, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, ubuntu-bionic-desktop, maltego, centos-7-desktop, telegram ] + - KASM_IMAGE: [chrome, chromium, firefox, desktop, desktop-deluxe, firefox-mobile, tor-browser, doom, edge, terminal, vmware-horizon, remmina, rdesktop, brave, discord, sublime-text, gimp, vs-code, slack, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, ubuntu-bionic-desktop, maltego, centos-7-desktop, telegram ] @@ -76,7 +76,7 @@ build_schedules: - schedules parallel: matrix: - - KASM_IMAGE: [chrome, firefox, desktop, desktop-deluxe, firefox-mobile, tor-browser, doom, edge, terminal, vmware-horizon, remmina, rdesktop, brave, discord, sublime-text, gimp, vs-code, slack, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, ubuntu-bionic-desktop, maltego, centos-7-desktop, telegram ] + - KASM_IMAGE: [chrome, chromium, firefox, desktop, desktop-deluxe, firefox-mobile, tor-browser, doom, edge, terminal, vmware-horizon, remmina, rdesktop, brave, discord, sublime-text, gimp, vs-code, slack, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, ubuntu-bionic-desktop, maltego, centos-7-desktop, telegram ] @@ -96,5 +96,5 @@ update_readmes: - $README_PASSWORD parallel: matrix: - - KASM_IMAGE: [chrome, firefox, desktop, desktop-deluxe, firefox-mobile, tor-browser, doom, edge, terminal, vmware-horizon, remmina, rdesktop, brave, discord, sublime-text, gimp, vs-code, slack, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, ubuntu-bionic-desktop, maltego, centos-7-desktop, telegram ] + - KASM_IMAGE: [chrome, chromium, firefox, desktop, desktop-deluxe, firefox-mobile, tor-browser, doom, edge, terminal, vmware-horizon, remmina, rdesktop, brave, discord, sublime-text, gimp, vs-code, slack, teams, only-office, zoom, signal, steam, postman, insomnia, zsnes, vlc, ubuntu-bionic-desktop, maltego, centos-7-desktop, telegram ] diff --git a/dockerfile-kasm-brave b/dockerfile-kasm-brave index 9e9df6d..4a15496 100644 --- a/dockerfile-kasm-brave +++ b/dockerfile-kasm-brave @@ -27,7 +27,7 @@ RUN chmod +x $STARTUPDIR/custom_startup.sh ENV KASM_RESTRICTED_FILE_CHOOSER=1 COPY ./src/ubuntu/install/gtk/ $INST_SCRIPTS/gtk/ -RUN $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh +RUN bash $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh ######### End Customizations ########### diff --git a/dockerfile-kasm-chrome b/dockerfile-kasm-chrome index 3c771d5..5014623 100644 --- a/dockerfile-kasm-chrome +++ b/dockerfile-kasm-chrome @@ -31,7 +31,7 @@ RUN chmod +x $STARTUPDIR/custom_startup.sh ENV KASM_RESTRICTED_FILE_CHOOSER=1 COPY ./src/ubuntu/install/gtk/ $INST_SCRIPTS/gtk/ -RUN $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh +RUN bash $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh ######### End Customizations ########### diff --git a/dockerfile-kasm-chrome-flash b/dockerfile-kasm-chrome-flash index 96ceafd..c9f64f5 100644 --- a/dockerfile-kasm-chrome-flash +++ b/dockerfile-kasm-chrome-flash @@ -13,7 +13,7 @@ WORKDIR $HOME # Install Google Chrome COPY ./src/ubuntu/install/chrome $INST_SCRIPTS/chrome/ -RUN bash $INST_SCRIPTS/chrome/install_chrome.sh && rm -rf $INST_SCRIPTS/chrome/ +RUN bash $INST_SCRIPTS/chrome/install_chrome.sh 87.0.4280.141-1 && rm -rf $INST_SCRIPTS/chrome/ # Update the desktop environment to be optimized for a single application RUN cp $HOME/.config/xfce4/xfconf/single-application-xfce-perchannel-xml/* $HOME/.config/xfce4/xfconf/xfce-perchannel-xml/ @@ -31,7 +31,7 @@ RUN bash $INST_SCRIPTS/chrome_flash/install_flash.sh && rm -rf $INST_SCRIPTS/ch ENV KASM_RESTRICTED_FILE_CHOOSER=1 COPY ./src/ubuntu/install/gtk/ $INST_SCRIPTS/gtk/ -RUN $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh +RUN bash $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh ######### End Customizations ########### diff --git a/dockerfile-kasm-chromium b/dockerfile-kasm-chromium new file mode 100644 index 0000000..cf4a028 --- /dev/null +++ b/dockerfile-kasm-chromium @@ -0,0 +1,45 @@ +ARG BASE_TAG="develop" +FROM kasmweb/core-ubuntu-bionic:$BASE_TAG +USER root + +ENV HOME /home/kasm-default-profile +ENV STARTUPDIR /dockerstartup +ENV INST_SCRIPTS $STARTUPDIR/install +WORKDIR $HOME + +######### Customize Container Here ########### + +# Install Chromium +COPY ./src/ubuntu/install/chromium $INST_SCRIPTS/chromium/ +RUN bash $INST_SCRIPTS/chromium/install_chromium.sh && rm -rf $INST_SCRIPTS/chromium/ + +# Update the desktop environment to be optimized for a single application +RUN cp $HOME/.config/xfce4/xfconf/single-application-xfce-perchannel-xml/* $HOME/.config/xfce4/xfconf/xfce-perchannel-xml/ +RUN cp /usr/share/extra/backgrounds/bg_kasm.png /usr/share/extra/backgrounds/bg_default.png +RUN apt-get remove -y xfce4-panel + +# Setup the custom startup script that will be invoked when the container starts +ENV LAUNCH_URL http://kasmweb.com + +COPY ./src/ubuntu/install/chromium/custom_startup.sh $STARTUPDIR/custom_startup.sh +RUN chmod +x $STARTUPDIR/custom_startup.sh + +# Install Custom Certificate Authority +# COPY ./src/ubuntu/install/certificates $INST_SCRIPTS/certificates/ +# RUN bash $INST_SCRIPTS/certificates/install_ca_cert.sh && rm -rf $INST_SCRIPTS/certificates/ + +ENV KASM_RESTRICTED_FILE_CHOOSER=1 +COPY ./src/ubuntu/install/gtk/ $INST_SCRIPTS/gtk/ +RUN bash $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh + + +######### End Customizations ########### + +RUN chown 1000:0 $HOME +RUN $STARTUPDIR/set_user_permission.sh $HOME + +ENV HOME /home/kasm-user +WORKDIR $HOME +RUN mkdir -p $HOME && chown -R 1000:0 $HOME + +USER 1000 diff --git a/dockerfile-kasm-edge b/dockerfile-kasm-edge index d811c22..1193b35 100644 --- a/dockerfile-kasm-edge +++ b/dockerfile-kasm-edge @@ -21,7 +21,7 @@ RUN apt-get remove -y xfce4-panel ENV KASM_RESTRICTED_FILE_CHOOSER=1 COPY ./src/ubuntu/install/gtk/ $INST_SCRIPTS/gtk/ -RUN $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh +RUN bash $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh # Setup the custom startup script that will be invoked when the container starts ENV LAUNCH_URL http://kasmweb.com diff --git a/dockerfile-kasm-firefox b/dockerfile-kasm-firefox index 8e8ed53..bd1c21d 100644 --- a/dockerfile-kasm-firefox +++ b/dockerfile-kasm-firefox @@ -31,7 +31,7 @@ RUN chmod +x $STARTUPDIR/custom_startup.sh ENV KASM_RESTRICTED_FILE_CHOOSER=1 COPY ./src/ubuntu/install/gtk/ $INST_SCRIPTS/gtk/ -RUN $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh +RUN bash $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh ######### End Customizations ########### diff --git a/dockerfile-kasm-firefox-flash b/dockerfile-kasm-firefox-flash index ba1f618..bf08b19 100644 --- a/dockerfile-kasm-firefox-flash +++ b/dockerfile-kasm-firefox-flash @@ -30,7 +30,7 @@ RUN bash $INST_SCRIPTS/firefox_flash/install_flash.sh && rm -rf $INST_SCRIPTS/f ENV KASM_RESTRICTED_FILE_CHOOSER=1 COPY ./src/ubuntu/install/gtk/ $INST_SCRIPTS/gtk/ -RUN $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh +RUN bash $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh ######### End Customizations ########### diff --git a/dockerfile-kasm-tor-browser b/dockerfile-kasm-tor-browser index 8f24c39..fb8bfd9 100644 --- a/dockerfile-kasm-tor-browser +++ b/dockerfile-kasm-tor-browser @@ -21,7 +21,7 @@ RUN apt-get remove -y xfce4-panel ENV KASM_RESTRICTED_FILE_CHOOSER=1 COPY ./src/ubuntu/install/gtk/ $INST_SCRIPTS/gtk/ -RUN $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh +RUN bash $INST_SCRIPTS/gtk/install_restricted_file_chooser.sh # Setup the custom startup script that will be invoked when the container starts ENV LAUNCH_URL about:blank diff --git a/docs/chromium/README.md b/docs/chromium/README.md new file mode 100644 index 0000000..5a7c47e --- /dev/null +++ b/docs/chromium/README.md @@ -0,0 +1,14 @@ +# About This Image + +This Image contains a browser-accessible version of [Chromium](https://www.chromium.org/Home). + +![Screenshot][Image_Screenshot] + +[Image_Screenshot]: https://f.hubspotusercontent30.net/hubfs/5856039/dockerhub/image-screenshots/chromium.png "Image Screenshot" + +# Environment Variables + +* `LAUNCH_URL` - The default URL the browser launches to when created. +* `APP_ARGS` - Additional arguments to pass to the browser when launched. +* `KASM_RESTRICTED_FILE_CHOOSER` - Confine "File Upload" and "File Save" + dialogs to ~/Desktop. On by default. diff --git a/docs/chromium/description.txt b/docs/chromium/description.txt new file mode 100644 index 0000000..48e7560 --- /dev/null +++ b/docs/chromium/description.txt @@ -0,0 +1 @@ +Chromium for Kasm Workspaces diff --git a/src/ubuntu/install/brave/install_brave.sh b/src/ubuntu/install/brave/install_brave.sh index 225d63e..9f47675 100644 --- a/src/ubuntu/install/brave/install_brave.sh +++ b/src/ubuntu/install/brave/install_brave.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash set -ex -CHROME_ARGS="--password-store=basic --no-sandbox --disable-gpu --user-data-dir --no-first-run --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" +CHROME_ARGS="--password-store=basic --no-sandbox --ignore-gpu-blocklist --user-data-dir --no-first-run --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" apt-get update apt install -y apt-transport-https curl diff --git a/src/ubuntu/install/chrome/install_chrome.sh b/src/ubuntu/install/chrome/install_chrome.sh index 1c2d529..c9337de 100644 --- a/src/ubuntu/install/chrome/install_chrome.sh +++ b/src/ubuntu/install/chrome/install_chrome.sh @@ -1,19 +1,28 @@ #!/usr/bin/env bash set -ex -CHROME_ARGS="--password-store=basic --no-sandbox --disable-gpu --user-data-dir --no-first-run --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" +CHROME_ARGS="--password-store=basic --no-sandbox --ignore-gpu-blocklist --user-data-dir --no-first-run --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" +CHROME_VERSION=$1 if [ "$DISTRO" = centos ]; then - wget https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm - yum localinstall -y google-chrome-stable_current_x86_64.rpm - rm google-chrome-stable_current_x86_64.rpm + if [ ! -z "${CHROME_VERSION}" ]; then + wget https://dl.google.com/linux/chrome/rpm/stable/x86_64/google-chrome-stable-${CHROME_VERSION}.x86_64.rpm -O chrome.rpm + else + wget https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm -O chrome.rpm + fi + + yum localinstall -y chrome.rpm + rm chrome.rpm else apt-get update apt-get remove -y chromium-browser-l10n chromium-codecs-ffmpeg chromium-browser - - wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb - apt-get install -y ./google-chrome-stable_current_amd64.deb - rm google-chrome-stable_current_amd64.deb + if [ ! -z "${CHROME_VERSION}" ]; then + wget https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_${CHROME_VERSION}_amd64.deb -O chrome.deb + else + wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb -O chrome.deb + fi + apt-get install -y ./chrome.deb + rm chrome.deb fi sed -i 's/-stable//g' /usr/share/applications/google-chrome.desktop diff --git a/src/ubuntu/install/chromium/custom_startup.sh b/src/ubuntu/install/chromium/custom_startup.sh new file mode 100644 index 0000000..dbc5051 --- /dev/null +++ b/src/ubuntu/install/chromium/custom_startup.sh @@ -0,0 +1,30 @@ +#!/usr/bin/env bash +set -ex +FORCE=$2 +if [ -n "$1" ] ; then + URL=$1 +else + URL=$LAUNCH_URL +fi + +DEFAULT_ARGS="--start-maximized" +ARGS=${APP_ARGS:-$DEFAULT_ARGS} + +if [ -n "$URL" ] && ( [ -z "$DISABLE_CUSTOM_STARTUP" ] || [ -n "$FORCE" ] ) ; then + if [ -f /tmp/custom_startup.lck ] ; then + echo "custom_startup already running!" + exit 1 + fi + touch /tmp/custom_startup.lck + while true + do + if ! pgrep -x chromium > /dev/null + then + /usr/bin/filter_ready + /usr/bin/desktop_ready + chromium-browser $ARGS $URL + fi + sleep 1 + done + rm /tmp/custom_startup.lck +fi diff --git a/src/ubuntu/install/chromium/install_chromium.sh b/src/ubuntu/install/chromium/install_chromium.sh new file mode 100644 index 0000000..dbb4ce0 --- /dev/null +++ b/src/ubuntu/install/chromium/install_chromium.sh @@ -0,0 +1,56 @@ +#!/usr/bin/env bash +set -ex + +CHROME_ARGS="--password-store=basic --no-sandbox --ignore-gpu-blocklist --user-data-dir --no-first-run --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" + +if [ "$DISTRO" = centos ]; then + yum install -y chromium + yum clean all +else + apt-get update + apt-get install -y software-properties-common + apt-get remove -y chromium-browser-l10n chromium-codecs-ffmpeg chromium-browser + apt-get install -y chromium-browser +fi + +sed -i 's/-stable//g' /usr/share/applications/chromium-browser.desktop + +cp /usr/share/applications/chromium-browser.desktop $HOME/Desktop/ +chown 1000:1000 $HOME/Desktop/chromium-browser.desktop + +mv /usr/bin/chromium-browser /usr/bin/chromium-browser-orig +cat >/usr/bin/chromium-browser <> $HOME/.config/mimeapps.list <>/usr/bin/x-www-browser <>/etc/chromium/policies/managed/default_managed_policy.json <