From f51b0ac256683295cf5e30ce4a9b7c4cc5b6f0c7 Mon Sep 17 00:00:00 2001
From: David Beniamine <david.beniamine@tetras-libre.fr>
Date: Tue, 25 Mar 2025 15:13:23 +0100
Subject: [PATCH] Wip switching to webtop base
---
.env.sample | 9 +++-
docker-compose.yml | 31 ++++++--------
docker/front/Dockerfile | 5 ---
docker/front/nginx.conf | 20 ---------
docker/front/start.sh | 5 ---
docker/kasm/Dockerfile | 78 ++++++++++------------------------
docker/kasm/change_password.sh | 1 +
docker/kasm/custom_startup.sh | 18 +++-----
kasm | 2 +-
ports.yml | 4 +-
10 files changed, 54 insertions(+), 119 deletions(-)
delete mode 100644 docker/front/Dockerfile
delete mode 100644 docker/front/nginx.conf
delete mode 100755 docker/front/start.sh
diff --git a/.env.sample b/.env.sample
index cbecb63..9c304c8 100644
--- a/.env.sample
+++ b/.env.sample
@@ -7,6 +7,8 @@ NAME=kasmVNC
VNC_USER=kasm
HOST=kasmVNC.tetras-lab.io
PORT=6901
+UID=1000
+GID=1000
# === install module === #
#
@@ -15,9 +17,12 @@ PORT=6901
#
# ====================== #
-# Install Spyder (python IDE)
-SPYDER=true
+LC_ALL=fr_FR-UTF-8
+TZ=Europe/Paris
# Install anaconda (distribution platform for Python and R)
ANACONDA=true
# Install QGIS
QGIS=true
+# Should the user have sudo rights
+# **only home is a volume, any modifcation in other FS will be lost**
+SUDO=true
diff --git a/docker-compose.yml b/docker-compose.yml
index f56423c..8f99852 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,32 +1,27 @@
services:
- front:
- build:
- context: ./docker/front
- volumes:
- - homedir:/kasm
- depends_on:
- kasm:
- condition: service_started
kasm:
build:
context: ./docker/kasm
target: kasmvnc-base
args:
- - SPYDER=${SPYDER}
- QGIS=${QGIS}
- ANACONDA=${ANACONDA}
- - KASM_USER=${VNC_USER}
- image: "kasmvnc-ubuntu-noble:spyder-${SPYDER}_anaconda-${ANACONDA}_QGIS-${QGIS}"
- shm_size: '512m'
+ image: "webtop-ubuntu-mate:anaconda-${ANACONDA}_QGIS-${QGIS}_SUDO-${SUDO}"
+ #image: lscr.io/linuxserver/webtop:ubuntu-mate
+ shm_size: '1gb'
+ security_opt:
+ - seccomp:unconfined #optional
volumes:
- - homedir:/home/:rw
+ - homedir:/config/:rw
environment:
- - VNC_PW=${PASS}
- - SPYDER=${SPYDER}
+ - PASSWORD=${PASS}
- ANACONDA=${ANACONDA}
- - KASM_USER=${VNC_USER}
- - VNCOPTIONS=-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7 -DLP_ClipDelay=0 -select-de manual -UnixRelay printer:/tmp/printer -allowoverride AcceptPointerEvents -disableBasicAuth
-
+ - CUSTOM_USER=${VNC_USER}
+ - PUID=${UID}
+ - PGID=${GID}
+ - TZ=${TZ}
+ devices:
+ - /dev/dri:/dev/dri #optional
volumes:
homedir:
diff --git a/docker/front/Dockerfile b/docker/front/Dockerfile
deleted file mode 100644
index 4dd6f60..0000000
--- a/docker/front/Dockerfile
+++ /dev/null
@@ -1,5 +0,0 @@
-FROM nginx:latest
-
-COPY nginx.conf /etc/nginx/conf.d/kasm.conf
-
-COPY start.sh /docker-entrypoint.d
diff --git a/docker/front/nginx.conf b/docker/front/nginx.conf
deleted file mode 100644
index 681701e..0000000
--- a/docker/front/nginx.conf
+++ /dev/null
@@ -1,20 +0,0 @@
-server {
-
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
- server_name nginx;
- ssl_certificate /etc/nginx/certs/nginx.crt;
- ssl_certificate_key /etc/nginx/certs/nginx.key;
- location / {
- auth_basic "Administrator’s Area";
- auth_basic_user_file /kasm/kasm-user/.nginxpasswd;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_set_header Host $http_host;
- proxy_cache_bypass $http_upgrade;
- proxy_pass https://kasm:6901/;
- }
-}
diff --git a/docker/front/start.sh b/docker/front/start.sh
deleted file mode 100755
index 68e05f1..0000000
--- a/docker/front/start.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-
-mkdir -p /etc/nginx/certs
-echo -e "FR\n\n\n\n\n\n\n" | openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
- -keyout /etc/nginx/certs/nginx.key -out /etc/nginx/certs/nginx.crt
diff --git a/docker/kasm/Dockerfile b/docker/kasm/Dockerfile
index 8348ce8..db88ecf 100644
--- a/docker/kasm/Dockerfile
+++ b/docker/kasm/Dockerfile
@@ -1,10 +1,8 @@
-FROM kasmweb/core-ubuntu-noble:1.16.0 as kasmvnc-base
-USER root
+FROM lscr.io/linuxserver/webtop:ubuntu-mate as kasmvnc-base
-ENV HOME /home/kasm-default-profile
-ENV STARTUPDIR /dockerstartup
-ENV INST_SCRIPTS $STARTUPDIR/install
-WORKDIR $HOME
+#ENV HOME /home/kasm-default-profile
+ENV STARTUPDIR /custom-cont-init.d
+#ENV INST_SCRIPTS $STARTUPDIR/install
######### Customize Container Here ###########
@@ -15,50 +13,24 @@ ARG ANACONDA_VERS=Anaconda3-2024.02-1
ARG KASM_USER
-COPY firefox-deb-nosnap /etc/apt/preferences.d/firefox-deb-nosnap
-
-RUN sudo add-apt-repository ppa:mozillateam/ppa && \
- apt-get update && \
- apt-get purge -y language-pack-* && \
- apt-get -y dist-upgrade && \
+RUN apt-get update && \
apt-get install -y \
- autoconf \
- build-essential \
- evince \
- firefox \
- gedit \
- git \
- git-cola \
- gnupg \
- htop \
- inotify-tools \
- language-pack-en \
- language-pack-en-base \
- language-pack-fr \
- language-pack-fr-base \
- libreoffice \
- software-properties-common \
- vim-nox \
- wget && \
- locale-gen --purge fr_FR.UTF-8 en_US.UTF-8
-
-RUN mkdir /install
-
-RUN usermod -l $KASM_USER kasm-user; \
- for f in /dockerstartup/*.sh; do sed -i -e "s/kasm_user/$KASM_USER/g" $f; done
-
-WORKDIR /install
-
-RUN wget https://dbeaver.io/files/dbeaver-ce_latest_amd64.deb && \
- dpkg -i dbeaver-ce_latest_amd64.deb && \
- rm dbeaver-ce_latest_amd64.deb
-
-# === Install Spyder === #
-
-RUN if [ "$SPYDER" = true ] ; then apt-get install -y python3-spyder; fi
+ evince \
+ git \
+ git-cola \
+ htop \
+ python3-spyder \
+ vim-nox \
+ wget \
+ && \
+ wget https://dbeaver.io/files/dbeaver-ce_latest_amd64.deb && \
+ dpkg -i dbeaver-ce_latest_amd64.deb && \
+ rm dbeaver-ce_latest_amd64.deb
# === Install anaconda === #
RUN if [ "$ANACONDA" = true ] ; then \
+ mkdir /install; \
+ cd /install; \
wget https://repo.anaconda.com/archive/${ANACONDA_VERS}-Linux-x86_64.sh; \
fi
@@ -73,12 +45,8 @@ RUN if [ "$QGIS" = true ] ; then \
COPY custom_startup.sh $STARTUPDIR/custom_startup.sh
COPY change_password.sh /
-######### End Customizations ###########
-
-RUN chown 1000:0 $HOME
-
-ENV HOME /home/kasm-user
-WORKDIR $HOME
-RUN mkdir -p $HOME && chown -R 1000:0 $HOME
-
-USER 1000
+# TODO usermod
+# Homedir
+# Sudoer
+# username
+# lecture file for sudo
diff --git a/docker/kasm/change_password.sh b/docker/kasm/change_password.sh
index eb2cd5c..1e4c694 100755
--- a/docker/kasm/change_password.sh
+++ b/docker/kasm/change_password.sh
@@ -9,6 +9,7 @@ if [ "$password" == "$confirm" ]; then
ok=1
message=$(echo -e "$password\n$password\n" | kasmvncpasswd -u $KASM_USER -wo 2>&1)
if [ $? -eq 0 ]; then
+ # TODO generate htpassword file in /etc/nginx/.htpasswd and copy it to /home/$KASM_USER/.htpasswd
cp $HOME/.kasmpasswd $HOME/.kasmpasswd.persist
cut -d : -f 1-2 $HOME/.kasmpasswd > $HOME/.nginxpasswd
# Restart the VNC server
diff --git a/docker/kasm/custom_startup.sh b/docker/kasm/custom_startup.sh
index 2d69e94..8833517 100755
--- a/docker/kasm/custom_startup.sh
+++ b/docker/kasm/custom_startup.sh
@@ -12,7 +12,7 @@ Exec=/change_password.sh
terminal=true
EOF
-if [ $ANACONDA == 'true' ]; then
+if [ "$ANACONDA" == 'true' ]; then
cat <<eof > $VNC_HOME/Desktop/anaconda.desktop
[Desktop Entry]
Type=Application
@@ -28,7 +28,6 @@ if [ -z "$(grep 'conda init' $VNC_HOME/.bashrc)" ]; then
fi
fi
-if [ $SPYDER == 'true' ]; then
cat <<eof > $VNC_HOME/Desktop/spyder.desktop
[Desktop Entry]
Type=Application
@@ -37,14 +36,11 @@ Terminal=true
Icon=$VNC_HOME/anaconda3/share/icons/spyder.png
Exec=$(which spyder)
eof
-fi
-chmod +x $VNC_HOME/Desktop/*.desktop
-if [ -f "$HOME/.kasmpasswd.persist" ]; then
- cp $HOME/.kasmpasswd.persist $HOME/.kasmpasswd
- chown 600 $HOME/.kasmpasswd
-fi
-cut -d : -f 1-2 $HOME/.kasmpasswd > $HOME/.nginxpasswd
+chmod +x $VNC_HOME/Desktop/*.desktop
-# We should not exit
-sleep infinity
+# TODO persist /home/$USER/.htpasswd to /etc/nginx/.htpasswd
+#if [ -f "$HOME/.kasmpasswd.persist" ]; then
+# cp $HOME/.kasmpasswd.persist $HOME/.kasmpasswd
+# chown 600 $HOME/.kasmpasswd
+#fi
diff --git a/kasm b/kasm
index 6f6197b..99d851c 100755
--- a/kasm
+++ b/kasm
@@ -53,7 +53,7 @@ case $action in
$compose down $@
;;
"reset_passwd")
- $cmd rm .kasmpasswd.persist
+ $cmd rm .htpasswd
$compose down
$compose up -d
;;
diff --git a/ports.yml b/ports.yml
index 6d1033a..426a748 100644
--- a/ports.yml
+++ b/ports.yml
@@ -1,4 +1,4 @@
services:
- front:
+ kasm:
ports:
- - ${PORT}:443
+ - ${PORT}:3001
--
GitLab