mirror of
https://github.com/kasmtech/workspaces-images.git
synced 2024-11-21 23:53:10 +01:00
Resolve KASM-6039 "Feature/ noble dind"
This commit is contained in:
parent
a84e7dd847
commit
d901c460ee
@ -649,6 +649,35 @@ multiImages:
|
|||||||
- src/ubuntu/install/cleanup/**
|
- src/ubuntu/install/cleanup/**
|
||||||
- src/ubuntu/install/chromium/**
|
- src/ubuntu/install/chromium/**
|
||||||
- src/ubuntu/install/chrome/**
|
- src/ubuntu/install/chrome/**
|
||||||
|
- name: ubuntu-noble-dind
|
||||||
|
singleapp: false
|
||||||
|
base: core-ubuntu-noble
|
||||||
|
dockerfile: dockerfile-kasm-ubuntu-noble-dind
|
||||||
|
changeFiles:
|
||||||
|
- dockerfile-kasm-ubuntu-noble-dind
|
||||||
|
- src/ubuntu/install/vs_code/**
|
||||||
|
- src/ubuntu/install/tools/**
|
||||||
|
- src/ubuntu/install/sublime_text/**
|
||||||
|
- src/ubuntu/install/misc/**
|
||||||
|
- src/ubuntu/install/dind/**
|
||||||
|
- src/ubuntu/install/cleanup/**
|
||||||
|
- src/ubuntu/install/chromium/**
|
||||||
|
- src/ubuntu/install/chrome/**
|
||||||
|
- name: ubuntu-noble-dind-rootless
|
||||||
|
singleapp: false
|
||||||
|
base: core-ubuntu-noble
|
||||||
|
dockerfile: dockerfile-kasm-ubuntu-noble-dind-rootless
|
||||||
|
changeFiles:
|
||||||
|
- dockerfile-kasm-ubuntu-noble-dind-rootless
|
||||||
|
- src/ubuntu/install/vs_code/**
|
||||||
|
- src/ubuntu/install/vs_code/**
|
||||||
|
- src/ubuntu/install/tools/**
|
||||||
|
- src/ubuntu/install/sublime_text/**
|
||||||
|
- src/ubuntu/install/misc/**
|
||||||
|
- src/ubuntu/install/dind_rootless/**
|
||||||
|
- src/ubuntu/install/cleanup/**
|
||||||
|
- src/ubuntu/install/chromium/**
|
||||||
|
- src/ubuntu/install/chrome/**
|
||||||
- name: vivaldi
|
- name: vivaldi
|
||||||
singleapp: true
|
singleapp: true
|
||||||
base: core-ubuntu-focal
|
base: core-ubuntu-focal
|
||||||
|
51
dockerfile-kasm-ubuntu-noble-dind
Normal file
51
dockerfile-kasm-ubuntu-noble-dind
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
ARG BASE_TAG="develop"
|
||||||
|
ARG BASE_IMAGE="core-ubuntu-noble"
|
||||||
|
FROM kasmweb/$BASE_IMAGE:$BASE_TAG
|
||||||
|
USER root
|
||||||
|
|
||||||
|
ENV HOME /home/kasm-default-profile
|
||||||
|
ENV STARTUPDIR /dockerstartup
|
||||||
|
WORKDIR $HOME
|
||||||
|
|
||||||
|
### Envrionment config
|
||||||
|
ENV DEBUG=false \
|
||||||
|
DEBIAN_FRONTEND=noninteractive \
|
||||||
|
SKIP_CLEAN=true \
|
||||||
|
KASM_RX_HOME=$STARTUPDIR/kasmrx \
|
||||||
|
DONT_PROMPT_WSL_INSTALL="No_Prompt_please" \
|
||||||
|
INST_DIR=$STARTUPDIR/install \
|
||||||
|
INST_SCRIPTS="/ubuntu/install/dind/install_dind.sh \
|
||||||
|
/ubuntu/install/tools/install_tools_deluxe.sh \
|
||||||
|
/ubuntu/install/misc/install_tools.sh \
|
||||||
|
/ubuntu/install/chrome/install_chrome.sh \
|
||||||
|
/ubuntu/install/chromium/install_chromium.sh \
|
||||||
|
/ubuntu/install/sublime_text/install_sublime_text.sh \
|
||||||
|
/ubuntu/install/vs_code/install_vs_code.sh \
|
||||||
|
/ubuntu/install/cleanup/cleanup.sh"
|
||||||
|
|
||||||
|
# Startup Scripts
|
||||||
|
COPY ./src/ubuntu/install/dind/custom_startup.sh $STARTUPDIR/custom_startup.sh
|
||||||
|
RUN chmod 755 $STARTUPDIR/custom_startup.sh
|
||||||
|
COPY ./src/ubuntu/install/dind/dockerd.conf /etc/supervisor/conf.d/
|
||||||
|
|
||||||
|
# Copy install scripts
|
||||||
|
COPY ./src/ $INST_DIR
|
||||||
|
|
||||||
|
# Run installations
|
||||||
|
RUN \
|
||||||
|
for SCRIPT in $INST_SCRIPTS; do \
|
||||||
|
bash ${INST_DIR}${SCRIPT} || exit 1; \
|
||||||
|
done && \
|
||||||
|
$STARTUPDIR/set_user_permission.sh $HOME && \
|
||||||
|
rm -f /etc/X11/xinit/Xclients && \
|
||||||
|
chown 1000:0 $HOME && \
|
||||||
|
mkdir -p /home/kasm-user && \
|
||||||
|
chown -R 1000:0 /home/kasm-user && \
|
||||||
|
rm -Rf ${INST_DIR}
|
||||||
|
|
||||||
|
# Userspace Runtime
|
||||||
|
ENV HOME /home/kasm-user
|
||||||
|
WORKDIR $HOME
|
||||||
|
USER 1000
|
||||||
|
|
||||||
|
CMD ["--tail-log"]
|
57
dockerfile-kasm-ubuntu-noble-dind-rootless
Normal file
57
dockerfile-kasm-ubuntu-noble-dind-rootless
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
ARG BASE_TAG="develop"
|
||||||
|
ARG BASE_IMAGE="core-ubuntu-noble"
|
||||||
|
FROM kasmweb/$BASE_IMAGE:$BASE_TAG
|
||||||
|
USER root
|
||||||
|
|
||||||
|
ENV HOME /home/kasm-default-profile
|
||||||
|
ENV STARTUPDIR /dockerstartup
|
||||||
|
ENV INST_SCRIPTS $STARTUPDIR/install
|
||||||
|
WORKDIR $HOME
|
||||||
|
|
||||||
|
# Rootless Dind
|
||||||
|
COPY ./src/ubuntu/install/dind_rootless/install_dind_rootless.sh $INST_SCRIPTS/dind_rootless/
|
||||||
|
RUN bash $INST_SCRIPTS/dind_rootless/install_dind_rootless.sh
|
||||||
|
RUN rm -rf $INST_SCRIPTS/dind_rootless
|
||||||
|
COPY ./src/ubuntu/install/dind_rootless/custom_startup.sh $STARTUPDIR/custom_startup.sh
|
||||||
|
RUN chmod +x $STARTUPDIR/custom_startup.sh && chmod 755 $STARTUPDIR/custom_startup.sh
|
||||||
|
COPY ./src/ubuntu/install/dind_rootless/modprobe /usr/local/bin/modprobe
|
||||||
|
RUN chmod +x /usr/local/bin/modprobe
|
||||||
|
ENV XDG_RUNTIME_DIR=/docker \
|
||||||
|
DOCKER_HOST=unix:///docker/docker.sock
|
||||||
|
RUN mkdir -p $XDG_RUNTIME_DIR && chown 1000:0 $XDG_RUNTIME_DIR
|
||||||
|
|
||||||
|
### Envrionment config
|
||||||
|
ENV DEBIAN_FRONTEND=noninteractive \
|
||||||
|
SKIP_CLEAN=true \
|
||||||
|
KASM_RX_HOME=$STARTUPDIR/kasmrx \
|
||||||
|
DONT_PROMPT_WSL_INSTALL="No_Prompt_please" \
|
||||||
|
INST_DIR=$STARTUPDIR/install \
|
||||||
|
INST_SCRIPTS="/ubuntu/install/tools/install_tools_deluxe.sh \
|
||||||
|
/ubuntu/install/misc/install_tools.sh \
|
||||||
|
/ubuntu/install/chrome/install_chrome.sh \
|
||||||
|
/ubuntu/install/chromium/install_chromium.sh \
|
||||||
|
/ubuntu/install/sublime_text/install_sublime_text.sh \
|
||||||
|
/ubuntu/install/vs_code/install_vs_code.sh \
|
||||||
|
/ubuntu/install/cleanup/cleanup.sh"
|
||||||
|
|
||||||
|
# Copy install scripts
|
||||||
|
COPY ./src/ $INST_DIR
|
||||||
|
|
||||||
|
# Run installations
|
||||||
|
RUN \
|
||||||
|
for SCRIPT in $INST_SCRIPTS; do \
|
||||||
|
bash ${INST_DIR}${SCRIPT} || exit 1; \
|
||||||
|
done && \
|
||||||
|
$STARTUPDIR/set_user_permission.sh $HOME && \
|
||||||
|
rm -f /etc/X11/xinit/Xclients && \
|
||||||
|
chown 1000:0 $HOME && \
|
||||||
|
mkdir -p /home/kasm-user && \
|
||||||
|
chown -R 1000:0 /home/kasm-user && \
|
||||||
|
rm -Rf ${INST_DIR}
|
||||||
|
|
||||||
|
# Userspace Runtime
|
||||||
|
ENV HOME /home/kasm-user
|
||||||
|
WORKDIR $HOME
|
||||||
|
USER 1000
|
||||||
|
|
||||||
|
CMD ["--tail-log"]
|
13
docs/ubuntu-noble-dind-rootless/README.md
Normal file
13
docs/ubuntu-noble-dind-rootless/README.md
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
# About This Image
|
||||||
|
|
||||||
|
This Image contains a browser-accessible version of [Docker](https://www.docker.com/) running as a normal, non-root user.
|
||||||
|
|
||||||
|
![Screenshot][Image_Screenshot]
|
||||||
|
|
||||||
|
[Image_Screenshot]: https://5856039.fs1.hubspotusercontent-na1.net/hubfs/5856039/dockerhub/image-screenshots/ubuntu-jammy-dind-rootless.png "Image Screenshot"
|
||||||
|
|
||||||
|
See [Kasm Docs](https://kasmweb.com/docs/latest/how_to/docker_in_kasm.html) for additional setup instructions.
|
||||||
|
|
||||||
|
# Environment Variables
|
||||||
|
|
||||||
|
* `APP_ARGS` - Additional arguments to pass to the application when launched.
|
9
docs/ubuntu-noble-dind-rootless/demo.txt
Normal file
9
docs/ubuntu-noble-dind-rootless/demo.txt
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
# Live Demo
|
||||||
|
|
||||||
|
**Launch a real-time demo in a new browser window:** <a href="https://app.kasmweb.com/#/cast/5670885710" target="_blank">Live Demo</a>.
|
||||||
|
|
||||||
|
<a href="https://app.kasmweb.com/#/cast/5670885710" target="_blank"><img src="https://5856039.fs1.hubspotusercontent-na1.net/hub/5856039/hubfs/dockerhub/casting-buttons/UbuntuJammyD-in-D.png" width="300" height="104"></a>
|
||||||
|
|
||||||
|
∗*Docker will not be functional in the demo for security reasons.*
|
||||||
|
|
||||||
|
∗*Note: Demo is limited to 3 minutes and has upload/downloads restricted for security purposes.*
|
1
docs/ubuntu-noble-dind-rootless/description.txt
Normal file
1
docs/ubuntu-noble-dind-rootless/description.txt
Normal file
@ -0,0 +1 @@
|
|||||||
|
Rootless Docker for Kasm Workspaces
|
13
docs/ubuntu-noble-dind/README.md
Normal file
13
docs/ubuntu-noble-dind/README.md
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
# About This Image
|
||||||
|
|
||||||
|
This Image contains a browser-accessible version of [Docker](https://www.docker.com/).
|
||||||
|
|
||||||
|
![Screenshot][Image_Screenshot]
|
||||||
|
|
||||||
|
[Image_Screenshot]: https://5856039.fs1.hubspotusercontent-na1.net/hubfs/5856039/dockerhub/image-screenshots/ubuntu-jammy-dind.png "Image Screenshot"
|
||||||
|
|
||||||
|
See [Kasm Docs](https://kasmweb.com/docs/latest/how_to/docker_in_kasm.html) for additional setup instructions.
|
||||||
|
|
||||||
|
# Environment Variables
|
||||||
|
|
||||||
|
* `APP_ARGS` - Additional arguments to pass to the application when launched.
|
9
docs/ubuntu-noble-dind/demo.txt
Normal file
9
docs/ubuntu-noble-dind/demo.txt
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
# Live Demo
|
||||||
|
|
||||||
|
**Launch a real-time demo in a new browser window:** <a href="https://app.kasmweb.com/#/cast/1093408057" target="_blank">Live Demo</a>.
|
||||||
|
|
||||||
|
<a href="https://app.kasmweb.com/#/cast/1093408057" target="_blank"><img src="https://5856039.fs1.hubspotusercontent-na1.net/hub/5856039/hubfs/dockerhub/casting-buttons/UbuntuJammyD-in-D.png" width="300" height="104"></a>
|
||||||
|
|
||||||
|
∗*Docker will not be functional in the demo for security reasons.*
|
||||||
|
|
||||||
|
∗*Note: Demo is limited to 3 minutes and has upload/downloads restricted for security purposes.*
|
1
docs/ubuntu-noble-dind/description.txt
Normal file
1
docs/ubuntu-noble-dind/description.txt
Normal file
@ -0,0 +1 @@
|
|||||||
|
Docker for Kasm Workspaces
|
@ -32,6 +32,15 @@ Pin-Priority: 1001
|
|||||||
fi
|
fi
|
||||||
apt-get install -y firefox p11-kit-modules
|
apt-get install -y firefox p11-kit-modules
|
||||||
elif grep -q "ID=debian" /etc/os-release || grep -q "ID=kali" /etc/os-release || grep -q "ID=parrot" /etc/os-release; then
|
elif grep -q "ID=debian" /etc/os-release || grep -q "ID=kali" /etc/os-release || grep -q "ID=parrot" /etc/os-release; then
|
||||||
|
if grep -q "bullseye" /etc/os-release; then
|
||||||
|
apt-get update
|
||||||
|
apt-get install -y firefox-esr p11-kit-modules
|
||||||
|
rm -f $HOME/Desktop/firefox.desktop
|
||||||
|
cp \
|
||||||
|
/usr/share/applications/firefox-esr.desktop \
|
||||||
|
$HOME/Desktop/
|
||||||
|
chmod +x $HOME/Desktop/firefox-esr.desktop
|
||||||
|
else
|
||||||
echo \
|
echo \
|
||||||
"deb http://deb.debian.org/debian/ unstable main contrib non-free" >> \
|
"deb http://deb.debian.org/debian/ unstable main contrib non-free" >> \
|
||||||
/etc/apt/sources.list
|
/etc/apt/sources.list
|
||||||
@ -46,6 +55,7 @@ Pin-Priority: 10
|
|||||||
EOF
|
EOF
|
||||||
apt-get update
|
apt-get update
|
||||||
apt-get install -o Dpkg::Options::="--force-confnew" -y -t unstable firefox p11-kit-modules
|
apt-get install -o Dpkg::Options::="--force-confnew" -y -t unstable firefox p11-kit-modules
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
apt-mark unhold firefox || :
|
apt-mark unhold firefox || :
|
||||||
apt-get remove firefox
|
apt-get remove firefox
|
||||||
@ -103,8 +113,13 @@ fi
|
|||||||
|
|
||||||
if [[ "${DISTRO}" != @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|opensuse|fedora37|fedora38|fedora39|fedora40) ]]; then
|
if [[ "${DISTRO}" != @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|opensuse|fedora37|fedora38|fedora39|fedora40) ]]; then
|
||||||
# Update firefox to utilize the system certificate store instead of the one that ships with firefox
|
# Update firefox to utilize the system certificate store instead of the one that ships with firefox
|
||||||
|
if grep -q "bullseye" /etc/os-release; then
|
||||||
|
rm -f /usr/lib/firefox-esr/libnssckbi.so
|
||||||
|
ln /usr/lib/$(arch)-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox-esr/libnssckbi.so
|
||||||
|
else
|
||||||
rm -f /usr/lib/firefox/libnssckbi.so
|
rm -f /usr/lib/firefox/libnssckbi.so
|
||||||
ln /usr/lib/$(arch)-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox/libnssckbi.so
|
ln /usr/lib/$(arch)-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox/libnssckbi.so
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ "${DISTRO}" == @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|fedora37|fedora38|fedora39|fedora40) ]]; then
|
if [[ "${DISTRO}" == @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9|almalinux8|fedora37|fedora38|fedora39|fedora40) ]]; then
|
||||||
@ -116,6 +131,8 @@ if [[ "${DISTRO}" == @(centos|oracle8|rockylinux9|rockylinux8|oracle9|almalinux9
|
|||||||
sed -i -e '/homepage/d' "$preferences_file"
|
sed -i -e '/homepage/d' "$preferences_file"
|
||||||
elif [ "${DISTRO}" == "opensuse" ]; then
|
elif [ "${DISTRO}" == "opensuse" ]; then
|
||||||
preferences_file=/usr/lib64/firefox/browser/defaults/preferences/firefox.js
|
preferences_file=/usr/lib64/firefox/browser/defaults/preferences/firefox.js
|
||||||
|
elif grep -q "bullseye" /etc/os-release; then
|
||||||
|
preferences_file=/usr/lib/firefox-esr/browser/defaults/preferences/firefox.js
|
||||||
else
|
else
|
||||||
preferences_file=/usr/lib/firefox/browser/defaults/preferences/firefox.js
|
preferences_file=/usr/lib/firefox/browser/defaults/preferences/firefox.js
|
||||||
fi
|
fi
|
||||||
|
Loading…
Reference in New Issue
Block a user