Merge branch 'feature/KasmVNC' into develop

BasicMetaDesktop/run.sh

 #!/bin/bash
-docker run -v$PWD/:/data -p5900:5900 -p8590:8590 -it basicmetadesktop
+docker run -v$PWD/:/data -p8590:8590 -it basicmetadesktop

DevMetaDesktop/run.sh

 #!/bin/bash
-docker run -v$PWD/:/data -p5900:5900 -p8590:8590 -it devmetadesktop
+docker run -v$PWD/:/data -p8590:8590 -it devmetadesktop

MinimalMetaDesktop/Dockerfile

@@ -49,45 +49,46 @@ COPY files/supervisord.conf /etc/supervisor/
 RUN apt-get install xvfb xterm  -y
 
 # Install base packages for VNC server and headless desktop (2)
-RUN cd /opt && wget https://bintray.com/tigervnc/stable/download_file?file_path=tigervnc-1.8.0.x86_64.tar.gz -O tigervnc-1.8.0.x86_64.tar.gz \
-            && tar -zxvf tigervnc-1.8.0.x86_64.tar.gz \
-            && mv tigervnc-1.8.0.x86_64 tigervnc
+#RUN cd /opt && wget https://bintray.com/tigervnc/stable/download_file?file_path=tigervnc-1.8.0.x86_64.tar.gz -O tigervnc-1.8.0.x86_64.tar.gz \
+#            && tar -zxvf tigervnc-1.8.0.x86_64.tar.gz \
+#            && mv tigervnc-1.8.0.x86_64 tigervnc
 
 # Supervisord configuration
-COPY files/supervisord_vnc.conf /etc/supervisor/conf.d/
-COPY files/run_vnc.sh /etc/supervisor/conf.d/
-COPY files/run_novnc.sh /etc/supervisor/conf.d/
-RUN chmod 755 /etc/supervisor/conf.d/run_vnc.sh
-RUN chmod 755 /etc/supervisor/conf.d/run_novnc.sh
-
-# Web VNC (noVNC) v0.6.1.
-# NOTE: this is a custom version from Doro Wu (fcwu.tw@gmail.com).
-# TODO: Check differences and maybe move to 0.6.2
-COPY files/noVNC.tar.gz /usr/lib/
-RUN cd /usr/lib/ && tar -zxvf noVNC.tar.gz
-COPY files/index.html /usr/lib/noVNC
-
+COPY files/supervisord_kasm.conf /etc/supervisor/conf.d/
+COPY files/run_kasm.sh /etc/supervisor/conf.d/
+RUN chmod 755 /etc/supervisor/conf.d/run_kasm.sh
+
+# Kasm VNC (modded by gtaffoni to use a socket named by an env var)
+COPY files/kasmvnc-Linux-x86_64-0.9.tar.gz /tmp
+RUN sudo tar xz --strip 1 -C / -f /tmp/kasmvnc-Linux-x86_64-0.9.tar.gz && rm /tmp/kasmvnc-Linux-x86_64-0.9.tar.gz
+RUN mkdir /usr/local/share/kasmvnc/certs
+RUN chown metauser:metauser /usr/local/share/kasmvnc/certs
+COPY files/index.html /usr/local/share/kasmvnc/www/
+
+# Other utilities
 RUN apt-get install -y net-tools
 
-# Supervisord configuration
-COPY files/supervisord_novnc.conf /etc/supervisor/conf.d/
-
 # X environment setup/startup
 RUN apt-get install fluxbox -y
-COPY files/xstartup /opt/tigervnc/
-RUN chmod 755 /opt/tigervnc/xstartup
+RUN mkdir -p /metauser_home_vanilla/.vnc
+COPY files/config  /metauser_home_vanilla/.vnc
+COPY files/xstartup /metauser_home_vanilla/.vnc
+RUN chmod 755 /metauser_home_vanilla/.vnc/xstartup
+RUN chown -R metauser:metauser /metauser_home_vanilla/.vnc
 
 # Prepare for logs
-RUN mkdir /home/metauser/.logs && chown metauser:metauser /home/metauser/.logs
+RUN mkdir /metauser_home_vanilla/.logs && chown metauser:metauser /metauser_home_vanilla/.logs
 
 # Rename metauser home folder as a "vanilla" home folder
-RUN mv /home/metauser /metauser_home_vanilla
+#RUN mv /home/metauser /metauser_home_vanilla
 
 # Add fluxbox customisations
 COPY files/dot_fluxbox /metauser_home_vanilla/.fluxbox
 RUN chown -R metauser:metauser /metauser_home_vanilla/.fluxbox
 COPY files/background.jpg /usr/share/images/fluxbox/background.jpg
 
+
+
 # Give write access to anyone to the home folder so the entrypoint will be able
 # to copy over the /home/matauser_vanilla into /home/metauser (for Singularity)
 RUN chmod 777 /home

MinimalMetaDesktop/files/config

+## Supported server options to pass to vncserver upon invocation can be listed
+## in this file. See the following manpages for more: vncserver(1) Xvnc(1).
+## Several common ones are shown below. Uncomment and modify to your liking.
+##
+# securitytypes=vncauth,tlsvnc
+# desktop=sandbox
+# geometry=2000x1200
+# localhost
+# alwaysshared
+username=metauser

MinimalMetaDesktop/files/entrypoint.sh

@@ -61,21 +61,34 @@ else
 	  fi
 	done
 
+	
     #---------------------
     #   Password
     #---------------------
 
     if [ "x$AUTH_PASS" != "x" ]; then
         echo "[INFO] Setting up VNC password..."
-	    mkdir -p /home/metauser/.vnc
-	    /opt/tigervnc/usr/bin/vncpasswd -f <<< $AUTH_PASS > /home/metauser/.vnc/passwd
-	    chmod 600 /home/metauser/.vnc/passwd
-	    export VNC_AUTH=True
     else
-	    echo "[INFO] Not setting up any VNC password"
+        echo "[INFO] Setting up default VNC password (metapassword)"
+        AUTH_PASS=metapass
+    fi            
+    /usr/local/bin/kasmvncpasswd -f <<< $AUTH_PASS > /home/metauser/.kasmpasswd
+    chmod 600 /home/metauser/.kasmpasswd
+    export VNC_AUTH=True
+
 
+    #---------------------
+    #   User
+    #---------------------
+
+    if [ "x$AUTH_USER" != "x" ]; then
+        echo "[INFO] Setting up VNC user..."
+        sed -i -e "s/username=metauser/username=$AUTH_USER/" /home/metauser/.vnc/config 
+    else
+        echo "[INFO] Setting up default VNC user (metauser)"
     fi
 
+							
 	echo "[INFO] Setting new prompt @$CONTAINER_NAME container"
 	echo 'export PS1="${debian_chroot:+($debian_chroot)}\u@$CONTAINER_NAME@\h:\w\$ "' >> /home/metauser/.bashrc
 	

MinimalMetaDesktop/files/index.html

@@ -2,11 +2,11 @@
 <head>
 <script type="text/javascript">
 function redirecter(){
-    window.location = "./vnc.html?autoconnect=true&resize=remote"
+    window.location = "./vnc.html"
 }
 </script>
 </head>
 <body onLoad="redirecter()">
-Access VNC: click <a href="./vnc.html?autoconnect=true&resize=remote">here</a>.
+Access VNC: click <a href="./vnc.html">here</a>.
 </body>
 </html>
\ No newline at end of file

MinimalMetaDesktop/files/run_kasm.sh

+#!/bin/bash
+
+# Exec KasmVNC server 
+
+if [ "x$BASE_PORT" == "x" ]; then
+    BASE_PORT=8590
+    DESKTOP_NUMBER=1
+else
+    DESKTOP_NUMBER=$(($BASE_PORT-5900+1))
+fi
+
+if [ "x$KASMSOCK" == "xTrue" ]; then
+    export SOCKET_PORT=$(( $RANDOM % 50 + 1 ))
+fi
+
+if [ "x$VNC_AUTH" == "xTrue" ]; then
+     echo "[INFO] Setting new certificate for VNC"
+     openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /home/metauser/.vnc/self.pem -out /home/metauser/.vnc/self.pem -subj "/C=IT/ST=None/L=None/O=INAF/OU=OATs/CN=kasm/emailAddress=none@none.none" 
+     /usr/local/bin/vncserver :$DESKTOP_NUMBER -depth 24 -geometry 1280x1050 -websocketPort $BASE_PORT -cert /home/metauser/.vnc/self.pem -sslOnly -FrameRate=24 -interface 0.0.0.0
+else
+     /usr/local/bin/vncserver :$DESKTOP_NUMBER -depth 24 -geometry 1280x1050 -websocketPort $BASE_PORT -FrameRate=24 -interface 0.0.0.0
+fi
+
+# Check it is running. If it is not, exit
+while true
+do
+
+    #PSOUT=$(ps -ef | grep /usr/local/bin/Xvnc | grep SecurityTypes) 
+    PSOUT=$(ps -ef | grep /usr/local/bin/Xvnc) 
+
+    if [[ "x$PSOUT" == "x" ]] ; then
+        exit 1
+    fi
+
+	# Sleep other 10 secs before re-checking
+	sleep 10
+
+done

MinimalMetaDesktop/files/run_novnc.sh

-#!/bin/bash
-
-# Exec TigerVNC server 
-
-if [ "x$BASE_PORT" == "x" ]; then
-    /usr/lib/noVNC/utils/launch.sh --listen 8590
-    echo "Running noVNC on port 8590"
-else
-    /usr/lib/noVNC/utils/launch.sh --listen $BASE_PORT --vnc localhost:$(($BASE_PORT+1))
-    echo "Running noVNC on port $BASE_PORT and connecting to VNC on port $(($BASE_PORT+1))"
-
-fi

MinimalMetaDesktop/files/run_vnc.sh

-#!/bin/bash
-
-# Exec TigerVNC server 
-
-if [ "x$BASE_PORT" == "x" ]; then
-    DESKTOP_NUMBER=0
-else
-    DESKTOP_NUMBER=$(($BASE_PORT-5900+1))
-fi
-
-if [ "x$VNC_AUTH" == "xTrue" ]; then
-    /opt/tigervnc/usr/bin/vncserver :$DESKTOP_NUMBER -SecurityTypes vncauth,tlsvnc -xstartup /opt/tigervnc/xstartup
-else
-    /opt/tigervnc/usr/bin/vncserver :$DESKTOP_NUMBER -SecurityTypes None -xstartup /opt/tigervnc/xstartup
-fi
-
-
-# Check it is running. If it is not, exit
-while true
-do
-
-    PSOUT=$(ps -ef | grep /opt/tigervnc/usr/bin/Xvnc | grep SecurityTypes) 
-
-    if [[ "x$PSOUT" == "x" ]] ; then
-        exit 1
-    fi
-
-	# Sleep other 10 secs before re-checking
-	sleep 10
-
-done

MinimalMetaDesktop/files/supervisord_vnc.conf → MinimalMetaDesktop/files/supervisord_kasm.conf

 ;=======================================
-; VNC service
+; KasmVNC service
 ;=======================================
  
-[program:vnc]
+[program:kasmvnc]
  
 ; General
 directory     = /
-command       = /etc/supervisor/conf.d/run_vnc.sh
+command       = /etc/supervisor/conf.d/run_kasm.sh
 numprocs      = 1
 autostart     = true
 autorestart   = true
 startsecs     = 10
 stopwaitsecs  = 30
-process_name  = vnc
+process_name  = kasmvnc
  
 ; Standard out / error
 stdout_logfile          = /home/metauser/.logs/%(program_name)s.log

MinimalMetaDesktop/files/supervisord_novnc.conf

-;=======================================
-; noVNC service
-;=======================================
- 
-[program:novnc]
- 
-; General
-directory     = /usr/lib/noVNC/
-command       = /etc/supervisor/conf.d/run_novnc.sh
-numprocs      = 1
-autostart     = true
-autorestart   = true
-startsecs     = 10
-stopwaitsecs  = 30
-process_name  = novnc
- 
-; Standard out / error
-stdout_logfile          = /home/metauser/.logs/%(program_name)s.log
-stdout_logfile_maxbytes = 5MB
-stdout_logfile_backups  = 10
-stderr_logfile          = /home/metauser/.logs/%(program_name)s.log
-stderr_logfile_maxbytes = 5MB
-stderr_logfile_backups  = 10

MinimalMetaDesktop/run.sh

 #!/bin/bash
-docker run -v$PWD/:/data -p5900:5900 -p8590:8590 -it minimalmetadesktop
+docker run -v$PWD/:/data -p8590:8590 -it minimalmetadesktop