diff --git a/.env.sample b/.env.sample
index cbecb63af1906a8c580718c7f375b38d7f2e0f4a..9c304c844ea7ed402e43d23ff8ac37d5c3fd1b0a 100644
--- a/.env.sample
+++ b/.env.sample
@@ -7,6 +7,8 @@ NAME=kasmVNC
VNC_USER=kasm
HOST=kasmVNC.tetras-lab.io
PORT=6901
+UID=1000
+GID=1000
# === install module === #
#
@@ -15,9 +17,12 @@ PORT=6901
#
# ====================== #
-# Install Spyder (python IDE)
-SPYDER=true
+LC_ALL=fr_FR-UTF-8
+TZ=Europe/Paris
# Install anaconda (distribution platform for Python and R)
ANACONDA=true
# Install QGIS
QGIS=true
+# Should the user have sudo rights
+# **only home is a volume, any modifcation in other FS will be lost**
+SUDO=true
diff --git a/docker-compose.yml b/docker-compose.yml
index f56423cd776bfaf03e198857dc0ba3492e6158ed..8f99852735a343bb12eb4002a3ebec59a68a53f1 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,32 +1,27 @@
services:
- front:
- build:
- context: ./docker/front
- volumes:
- - homedir:/kasm
- depends_on:
- kasm:
- condition: service_started
kasm:
build:
context: ./docker/kasm
target: kasmvnc-base
args:
- - SPYDER=${SPYDER}
- QGIS=${QGIS}
- ANACONDA=${ANACONDA}
- - KASM_USER=${VNC_USER}
- image: "kasmvnc-ubuntu-noble:spyder-${SPYDER}_anaconda-${ANACONDA}_QGIS-${QGIS}"
- shm_size: '512m'
+ image: "webtop-ubuntu-mate:anaconda-${ANACONDA}_QGIS-${QGIS}_SUDO-${SUDO}"
+ #image: lscr.io/linuxserver/webtop:ubuntu-mate
+ shm_size: '1gb'
+ security_opt:
+ - seccomp:unconfined #optional
volumes:
- - homedir:/home/:rw
+ - homedir:/config/:rw
environment:
- - VNC_PW=${PASS}
- - SPYDER=${SPYDER}
+ - PASSWORD=${PASS}
- ANACONDA=${ANACONDA}
- - KASM_USER=${VNC_USER}
- - VNCOPTIONS=-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7 -DLP_ClipDelay=0 -select-de manual -UnixRelay printer:/tmp/printer -allowoverride AcceptPointerEvents -disableBasicAuth
-
+ - CUSTOM_USER=${VNC_USER}
+ - PUID=${UID}
+ - PGID=${GID}
+ - TZ=${TZ}
+ devices:
+ - /dev/dri:/dev/dri #optional
volumes:
homedir:
diff --git a/docker/front/Dockerfile b/docker/front/Dockerfile
deleted file mode 100644
index 4dd6f60be965959780c7816edc72557cff3b36dc..0000000000000000000000000000000000000000
--- a/docker/front/Dockerfile
+++ /dev/null
@@ -1,5 +0,0 @@
-FROM nginx:latest
-
-COPY nginx.conf /etc/nginx/conf.d/kasm.conf
-
-COPY start.sh /docker-entrypoint.d
diff --git a/docker/front/nginx.conf b/docker/front/nginx.conf
deleted file mode 100644
index 681701e5b52346703de6c4a9c533b41da55f29be..0000000000000000000000000000000000000000
--- a/docker/front/nginx.conf
+++ /dev/null
@@ -1,20 +0,0 @@
-server {
-
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
- server_name nginx;
- ssl_certificate /etc/nginx/certs/nginx.crt;
- ssl_certificate_key /etc/nginx/certs/nginx.key;
- location / {
- auth_basic "Administrator’s Area";
- auth_basic_user_file /kasm/kasm-user/.nginxpasswd;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_set_header Host $http_host;
- proxy_cache_bypass $http_upgrade;
- proxy_pass https://kasm:6901/;
- }
-}
diff --git a/docker/front/start.sh b/docker/front/start.sh
deleted file mode 100755
index 68e05f1d3d7390b7afe49be373195db5c4466c3f..0000000000000000000000000000000000000000
--- a/docker/front/start.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-
-mkdir -p /etc/nginx/certs
-echo -e "FR\n\n\n\n\n\n\n" | openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
- -keyout /etc/nginx/certs/nginx.key -out /etc/nginx/certs/nginx.crt
diff --git a/docker/kasm/Dockerfile b/docker/kasm/Dockerfile
index 8348ce8c78b5a059ace8baa9a02f33dab36baa7e..db88ecf84c60cf170fa97d493d9939fc877d7f17 100644
--- a/docker/kasm/Dockerfile
+++ b/docker/kasm/Dockerfile
@@ -1,10 +1,8 @@
-FROM kasmweb/core-ubuntu-noble:1.16.0 as kasmvnc-base
-USER root
+FROM lscr.io/linuxserver/webtop:ubuntu-mate as kasmvnc-base
-ENV HOME /home/kasm-default-profile
-ENV STARTUPDIR /dockerstartup
-ENV INST_SCRIPTS $STARTUPDIR/install
-WORKDIR $HOME
+#ENV HOME /home/kasm-default-profile
+ENV STARTUPDIR /custom-cont-init.d
+#ENV INST_SCRIPTS $STARTUPDIR/install
######### Customize Container Here ###########
@@ -15,50 +13,24 @@ ARG ANACONDA_VERS=Anaconda3-2024.02-1
ARG KASM_USER
-COPY firefox-deb-nosnap /etc/apt/preferences.d/firefox-deb-nosnap
-
-RUN sudo add-apt-repository ppa:mozillateam/ppa && \
- apt-get update && \
- apt-get purge -y language-pack-* && \
- apt-get -y dist-upgrade && \
+RUN apt-get update && \
apt-get install -y \
- autoconf \
- build-essential \
- evince \
- firefox \
- gedit \
- git \
- git-cola \
- gnupg \
- htop \
- inotify-tools \
- language-pack-en \
- language-pack-en-base \
- language-pack-fr \
- language-pack-fr-base \
- libreoffice \
- software-properties-common \
- vim-nox \
- wget && \
- locale-gen --purge fr_FR.UTF-8 en_US.UTF-8
-
-RUN mkdir /install
-
-RUN usermod -l $KASM_USER kasm-user; \
- for f in /dockerstartup/*.sh; do sed -i -e "s/kasm_user/$KASM_USER/g" $f; done
-
-WORKDIR /install
-
-RUN wget https://dbeaver.io/files/dbeaver-ce_latest_amd64.deb && \
- dpkg -i dbeaver-ce_latest_amd64.deb && \
- rm dbeaver-ce_latest_amd64.deb
-
-# === Install Spyder === #
-
-RUN if [ "$SPYDER" = true ] ; then apt-get install -y python3-spyder; fi
+ evince \
+ git \
+ git-cola \
+ htop \
+ python3-spyder \
+ vim-nox \
+ wget \
+ && \
+ wget https://dbeaver.io/files/dbeaver-ce_latest_amd64.deb && \
+ dpkg -i dbeaver-ce_latest_amd64.deb && \
+ rm dbeaver-ce_latest_amd64.deb
# === Install anaconda === #
RUN if [ "$ANACONDA" = true ] ; then \
+ mkdir /install; \
+ cd /install; \
wget https://repo.anaconda.com/archive/${ANACONDA_VERS}-Linux-x86_64.sh; \
fi
@@ -73,12 +45,8 @@ RUN if [ "$QGIS" = true ] ; then \
COPY custom_startup.sh $STARTUPDIR/custom_startup.sh
COPY change_password.sh /
-######### End Customizations ###########
-
-RUN chown 1000:0 $HOME
-
-ENV HOME /home/kasm-user
-WORKDIR $HOME
-RUN mkdir -p $HOME && chown -R 1000:0 $HOME
-
-USER 1000
+# TODO usermod
+# Homedir
+# Sudoer
+# username
+# lecture file for sudo
diff --git a/docker/kasm/change_password.sh b/docker/kasm/change_password.sh
index eb2cd5c3cbf7bb731780299db8f7381c39db4c93..1e4c694949c6d4d91c79f47c823d20447b790f25 100755
--- a/docker/kasm/change_password.sh
+++ b/docker/kasm/change_password.sh
@@ -9,6 +9,7 @@ if [ "$password" == "$confirm" ]; then
ok=1
message=$(echo -e "$password\n$password\n" | kasmvncpasswd -u $KASM_USER -wo 2>&1)
if [ $? -eq 0 ]; then
+ # TODO generate htpassword file in /etc/nginx/.htpasswd and copy it to /home/$KASM_USER/.htpasswd
cp $HOME/.kasmpasswd $HOME/.kasmpasswd.persist
cut -d : -f 1-2 $HOME/.kasmpasswd > $HOME/.nginxpasswd
# Restart the VNC server
diff --git a/docker/kasm/custom_startup.sh b/docker/kasm/custom_startup.sh
index 2d69e9408406e594a89e09be4c1b203696fd5470..88335179955546961ccca7e9b38903184d3eb8f5 100755
--- a/docker/kasm/custom_startup.sh
+++ b/docker/kasm/custom_startup.sh
@@ -12,7 +12,7 @@ Exec=/change_password.sh
terminal=true
EOF
-if [ $ANACONDA == 'true' ]; then
+if [ "$ANACONDA" == 'true' ]; then
cat <<eof > $VNC_HOME/Desktop/anaconda.desktop
[Desktop Entry]
Type=Application
@@ -28,7 +28,6 @@ if [ -z "$(grep 'conda init' $VNC_HOME/.bashrc)" ]; then
fi
fi
-if [ $SPYDER == 'true' ]; then
cat <<eof > $VNC_HOME/Desktop/spyder.desktop
[Desktop Entry]
Type=Application
@@ -37,14 +36,11 @@ Terminal=true
Icon=$VNC_HOME/anaconda3/share/icons/spyder.png
Exec=$(which spyder)
eof
-fi
-chmod +x $VNC_HOME/Desktop/*.desktop
-if [ -f "$HOME/.kasmpasswd.persist" ]; then
- cp $HOME/.kasmpasswd.persist $HOME/.kasmpasswd
- chown 600 $HOME/.kasmpasswd
-fi
-cut -d : -f 1-2 $HOME/.kasmpasswd > $HOME/.nginxpasswd
+chmod +x $VNC_HOME/Desktop/*.desktop
-# We should not exit
-sleep infinity
+# TODO persist /home/$USER/.htpasswd to /etc/nginx/.htpasswd
+#if [ -f "$HOME/.kasmpasswd.persist" ]; then
+# cp $HOME/.kasmpasswd.persist $HOME/.kasmpasswd
+# chown 600 $HOME/.kasmpasswd
+#fi
diff --git a/kasm b/kasm
index 6f6197b861d790d20be985fc6fa72c00b5a55a6f..99d851cf7e2df7c3d9e522fe2e3c70568b1c0ae8 100755
--- a/kasm
+++ b/kasm
@@ -53,7 +53,7 @@ case $action in
$compose down $@
;;
"reset_passwd")
- $cmd rm .kasmpasswd.persist
+ $cmd rm .htpasswd
$compose down
$compose up -d
;;
diff --git a/ports.yml b/ports.yml
index 6d1033af8764de8c6c5a74e6044551069763ed59..426a748e6302f8b1876c469979318caac7783775 100644
--- a/ports.yml
+++ b/ports.yml
@@ -1,4 +1,4 @@
services:
- front:
+ kasm:
ports:
- - ${PORT}:443
+ - ${PORT}:3001