Resolve KASM-6039 "Feature/ noble dind"

ci-scripts/template-vars.yaml

@@ -649,6 +649,35 @@ multiImages:
       - src/ubuntu/install/cleanup/**
       - src/ubuntu/install/chromium/**
       - src/ubuntu/install/chrome/**
+  - name: ubuntu-noble-dind
+    singleapp: false
+    base: core-ubuntu-noble
+    dockerfile: dockerfile-kasm-ubuntu-noble-dind
+    changeFiles:
+      - dockerfile-kasm-ubuntu-noble-dind
+      - src/ubuntu/install/vs_code/**
+      - src/ubuntu/install/tools/**
+      - src/ubuntu/install/sublime_text/**
+      - src/ubuntu/install/misc/**
+      - src/ubuntu/install/dind/**
+      - src/ubuntu/install/cleanup/**
+      - src/ubuntu/install/chromium/**
+      - src/ubuntu/install/chrome/**
+  - name: ubuntu-noble-dind-rootless
+    singleapp: false
+    base: core-ubuntu-noble
+    dockerfile: dockerfile-kasm-ubuntu-noble-dind-rootless
+    changeFiles:
+      - dockerfile-kasm-ubuntu-noble-dind-rootless
+      - src/ubuntu/install/vs_code/**
+      - src/ubuntu/install/vs_code/**
+      - src/ubuntu/install/tools/**
+      - src/ubuntu/install/sublime_text/**
+      - src/ubuntu/install/misc/**
+      - src/ubuntu/install/dind_rootless/**
+      - src/ubuntu/install/cleanup/**
+      - src/ubuntu/install/chromium/**
+      - src/ubuntu/install/chrome/**
   - name: vivaldi
     singleapp: true
     base: core-ubuntu-focal

dockerfile-kasm-ubuntu-noble-dind

@@ -0,0 +1,51 @@
+ARG BASE_TAG="develop"
+ARG BASE_IMAGE="core-ubuntu-noble"
+FROM kasmweb/$BASE_IMAGE:$BASE_TAG
+USER root
+
+ENV HOME /home/kasm-default-profile
+ENV STARTUPDIR /dockerstartup
+WORKDIR $HOME
+
+### Envrionment config
+ENV DEBUG=false \
+    DEBIAN_FRONTEND=noninteractive \
+    SKIP_CLEAN=true \
+    KASM_RX_HOME=$STARTUPDIR/kasmrx \
+    DONT_PROMPT_WSL_INSTALL="No_Prompt_please" \
+    INST_DIR=$STARTUPDIR/install \
+    INST_SCRIPTS="/ubuntu/install/dind/install_dind.sh \
+                  /ubuntu/install/tools/install_tools_deluxe.sh \
+                  /ubuntu/install/misc/install_tools.sh \
+                  /ubuntu/install/chrome/install_chrome.sh \
+                  /ubuntu/install/chromium/install_chromium.sh \
+                  /ubuntu/install/sublime_text/install_sublime_text.sh \
+                  /ubuntu/install/vs_code/install_vs_code.sh \
+                  /ubuntu/install/cleanup/cleanup.sh"
+
+# Startup Scripts
+COPY ./src/ubuntu/install/dind/custom_startup.sh $STARTUPDIR/custom_startup.sh
+RUN chmod 755 $STARTUPDIR/custom_startup.sh
+COPY ./src/ubuntu/install/dind/dockerd.conf /etc/supervisor/conf.d/
+
+# Copy install scripts
+COPY ./src/ $INST_DIR
+
+# Run installations
+RUN \
+  for SCRIPT in $INST_SCRIPTS; do \
+    bash ${INST_DIR}${SCRIPT} || exit 1; \
+  done && \
+  $STARTUPDIR/set_user_permission.sh $HOME && \
+  rm -f /etc/X11/xinit/Xclients && \
+  chown 1000:0 $HOME && \
+  mkdir -p /home/kasm-user && \
+  chown -R 1000:0 /home/kasm-user && \
+  rm -Rf ${INST_DIR}
+
+# Userspace Runtime
+ENV HOME /home/kasm-user
+WORKDIR $HOME
+USER 1000
+
+CMD ["--tail-log"]

dockerfile-kasm-ubuntu-noble-dind-rootless

@@ -0,0 +1,57 @@
+ARG BASE_TAG="develop"
+ARG BASE_IMAGE="core-ubuntu-noble"
+FROM kasmweb/$BASE_IMAGE:$BASE_TAG
+USER root
+
+ENV HOME /home/kasm-default-profile
+ENV STARTUPDIR /dockerstartup
+ENV INST_SCRIPTS $STARTUPDIR/install
+WORKDIR $HOME
+
+# Rootless Dind
+COPY ./src/ubuntu/install/dind_rootless/install_dind_rootless.sh $INST_SCRIPTS/dind_rootless/
+RUN bash $INST_SCRIPTS/dind_rootless/install_dind_rootless.sh
+RUN rm -rf $INST_SCRIPTS/dind_rootless
+COPY ./src/ubuntu/install/dind_rootless/custom_startup.sh $STARTUPDIR/custom_startup.sh
+RUN chmod +x $STARTUPDIR/custom_startup.sh && chmod 755 $STARTUPDIR/custom_startup.sh
+COPY ./src/ubuntu/install/dind_rootless/modprobe /usr/local/bin/modprobe
+RUN chmod +x /usr/local/bin/modprobe
+ENV XDG_RUNTIME_DIR=/docker \
+    DOCKER_HOST=unix:///docker/docker.sock
+RUN mkdir -p $XDG_RUNTIME_DIR && chown 1000:0 $XDG_RUNTIME_DIR
+
+### Envrionment config
+ENV DEBIAN_FRONTEND=noninteractive \
+    SKIP_CLEAN=true \
+    KASM_RX_HOME=$STARTUPDIR/kasmrx \
+    DONT_PROMPT_WSL_INSTALL="No_Prompt_please" \
+    INST_DIR=$STARTUPDIR/install \
+    INST_SCRIPTS="/ubuntu/install/tools/install_tools_deluxe.sh \
+                  /ubuntu/install/misc/install_tools.sh \
+                  /ubuntu/install/chrome/install_chrome.sh \
+                  /ubuntu/install/chromium/install_chromium.sh \
+                  /ubuntu/install/sublime_text/install_sublime_text.sh \
+                  /ubuntu/install/vs_code/install_vs_code.sh \
+                  /ubuntu/install/cleanup/cleanup.sh"
+
+# Copy install scripts
+COPY ./src/ $INST_DIR
+
+# Run installations
+RUN \
+  for SCRIPT in $INST_SCRIPTS; do \
+    bash ${INST_DIR}${SCRIPT} || exit 1; \
+  done && \
+  $STARTUPDIR/set_user_permission.sh $HOME && \
+  rm -f /etc/X11/xinit/Xclients && \
+  chown 1000:0 $HOME && \
+  mkdir -p /home/kasm-user && \
+  chown -R 1000:0 /home/kasm-user && \
+  rm -Rf ${INST_DIR}
+
+# Userspace Runtime
+ENV HOME /home/kasm-user
+WORKDIR $HOME
+USER 1000
+
+CMD ["--tail-log"]

docs/ubuntu-noble-dind-rootless/README.md

@@ -0,0 +1,13 @@
+# About This Image
+
+This Image contains a browser-accessible version of [Docker](https://www.docker.com/) running as a normal, non-root user.
+
+![Screenshot][Image_Screenshot]
+
+[Image_Screenshot]: https://5856039.fs1.hubspotusercontent-na1.net/hubfs/5856039/dockerhub/image-screenshots/ubuntu-jammy-dind-rootless.png "Image Screenshot"
+
+See [Kasm Docs](https://kasmweb.com/docs/latest/how_to/docker_in_kasm.html) for additional setup instructions.
+
+# Environment Variables
+
+* `APP_ARGS` - Additional arguments to pass to the application when launched.

docs/ubuntu-noble-dind-rootless/demo.txt

@@ -0,0 +1,9 @@
+# Live Demo
+
+**Launch a real-time demo in a new browser window:** <a href="https://app.kasmweb.com/#/cast/5670885710" target="_blank">Live Demo</a>.
+
+<a href="https://app.kasmweb.com/#/cast/5670885710" target="_blank"><img src="https://5856039.fs1.hubspotusercontent-na1.net/hub/5856039/hubfs/dockerhub/casting-buttons/UbuntuJammyD-in-D.png" width="300" height="104"></a>
+
+&lowast;*Docker will not be functional in the demo for security reasons.*
+
+&lowast;*Note: Demo is limited to 3 minutes and has upload/downloads restricted for security purposes.*

docs/ubuntu-noble-dind-rootless/description.txt

@@ -0,0 +1 @@
+Rootless Docker for Kasm Workspaces

docs/ubuntu-noble-dind/README.md

@@ -0,0 +1,13 @@
+# About This Image
+
+This Image contains a browser-accessible version of [Docker](https://www.docker.com/).
+
+![Screenshot][Image_Screenshot]
+
+[Image_Screenshot]: https://5856039.fs1.hubspotusercontent-na1.net/hubfs/5856039/dockerhub/image-screenshots/ubuntu-jammy-dind.png "Image Screenshot"
+
+See [Kasm Docs](https://kasmweb.com/docs/latest/how_to/docker_in_kasm.html) for additional setup instructions.
+
+# Environment Variables
+
+* `APP_ARGS` - Additional arguments to pass to the application when launched.

docs/ubuntu-noble-dind/demo.txt

@@ -0,0 +1,9 @@
+# Live Demo
+
+**Launch a real-time demo in a new browser window:** <a href="https://app.kasmweb.com/#/cast/1093408057" target="_blank">Live Demo</a>.
+
+<a href="https://app.kasmweb.com/#/cast/1093408057" target="_blank"><img src="https://5856039.fs1.hubspotusercontent-na1.net/hub/5856039/hubfs/dockerhub/casting-buttons/UbuntuJammyD-in-D.png" width="300" height="104"></a>
+
+&lowast;*Docker will not be functional in the demo for security reasons.*
+
+&lowast;*Note: Demo is limited to 3 minutes and has upload/downloads restricted for security purposes.*

docs/ubuntu-noble-dind/description.txt

@@ -0,0 +1 @@
+Docker for Kasm Workspaces

src/ubuntu/install/firefox/install_firefox.sh

@@ -32,9 +32,18 @@ Pin-Priority: 1001
   fi
   apt-get install -y firefox p11-kit-modules
 elif grep -q "ID=debian" /etc/os-release || grep -q "ID=kali" /etc/os-release || grep -q "ID=parrot" /etc/os-release; then
-  echo \
-    "deb http://deb.debian.org/debian/ unstable main contrib non-free" >> \
-    /etc/apt/sources.list
+  if grep -q "bullseye" /etc/os-release; then
+    apt-get update
+    apt-get install -y firefox-esr p11-kit-modules
+    rm -f $HOME/Desktop/firefox.desktop
+    cp \
+      /usr/share/applications/firefox-esr.desktop \
+      $HOME/Desktop/
+    chmod +x $HOME/Desktop/firefox-esr.desktop
+  else
+    echo \
+      "deb http://deb.debian.org/debian/ unstable main contrib non-free" >> \
+      /etc/apt/sources.list
 cat > /etc/apt/preferences.d/99pin-unstable <<EOF
 Package: *
 Pin: release a=stable
@@ -44,8 +53,9 @@ Package: *
 Pin: release a=unstable
 Pin-Priority: 10
 EOF
-  apt-get update
-  apt-get install -o Dpkg::Options::="--force-confnew" -y -t unstable firefox p11-kit-modules
+    apt-get update
+    apt-get install -o Dpkg::Options::="--force-confnew" -y -t unstable firefox p11-kit-modules
+  fi
 else
   apt-mark unhold firefox || :
   apt-get remove firefox
@@ -103,8 +113,13 @@ fi
 
 if [[ "${DISTRO}" != @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|opensuse|fedora37|fedora38|fedora39|fedora40) ]]; then
   # Update firefox to utilize the system certificate store instead of the one that ships with firefox
-  rm -f /usr/lib/firefox/libnssckbi.so
-  ln /usr/lib/$(arch)-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox/libnssckbi.so
+  if grep -q "bullseye" /etc/os-release; then
+    rm -f /usr/lib/firefox-esr/libnssckbi.so
+    ln /usr/lib/$(arch)-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox-esr/libnssckbi.so
+  else
+    rm -f /usr/lib/firefox/libnssckbi.so
+    ln /usr/lib/$(arch)-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox/libnssckbi.so
+  fi
 fi
 
 if [[ "${DISTRO}" == @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|fedora37|fedora38|fedora39|fedora40) ]]; then
@@ -116,6 +131,8 @@ if [[ "${DISTRO}" == @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9
   sed -i -e '/homepage/d' "$preferences_file"
 elif [ "${DISTRO}" == "opensuse" ]; then
   preferences_file=/usr/lib64/firefox/browser/defaults/preferences/firefox.js
+elif grep -q "bullseye" /etc/os-release; then
+  preferences_file=/usr/lib/firefox-esr/browser/defaults/preferences/firefox.js
 else
   preferences_file=/usr/lib/firefox/browser/defaults/preferences/firefox.js
 fi