Wip switching to webtop base

.env.sample

@@ -7,6 +7,8 @@ NAME=kasmVNC
 VNC_USER=kasm
 HOST=kasmVNC.tetras-lab.io
 PORT=6901
+UID=1000
+GID=1000
 
 # === install module === #
 #
@@ -15,9 +17,12 @@ PORT=6901
 #
 # ====================== #
 
-# Install Spyder (python IDE)
-SPYDER=true
+LC_ALL=fr_FR-UTF-8
+TZ=Europe/Paris
 # Install anaconda (distribution platform for Python and R)
 ANACONDA=true
 # Install QGIS
 QGIS=true
+# Should the user have sudo rights
+# **only home is a volume, any modifcation in other FS will be lost**
+SUDO=true

docker-compose.yml

 services:
-  front:
-    build:
-      context: ./docker/front
-    volumes:
-      - homedir:/kasm
-    depends_on:
-      kasm:
-        condition: service_started
   kasm:
     build:
       context: ./docker/kasm
       target: kasmvnc-base
       args:
-        - SPYDER=${SPYDER}
         - QGIS=${QGIS}
         - ANACONDA=${ANACONDA}
-        - KASM_USER=${VNC_USER}
-    image: "kasmvnc-ubuntu-noble:spyder-${SPYDER}_anaconda-${ANACONDA}_QGIS-${QGIS}"
-    shm_size: '512m'
+    image: "webtop-ubuntu-mate:anaconda-${ANACONDA}_QGIS-${QGIS}_SUDO-${SUDO}"
+    #image: lscr.io/linuxserver/webtop:ubuntu-mate
+    shm_size: '1gb'
+    security_opt:
+      - seccomp:unconfined #optional
     volumes:
-      - homedir:/home/:rw
+      - homedir:/config/:rw
     environment:
-      - VNC_PW=${PASS}
-      - SPYDER=${SPYDER}
+      - PASSWORD=${PASS}
       - ANACONDA=${ANACONDA}
-      - KASM_USER=${VNC_USER}
-      - VNCOPTIONS=-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7 -DLP_ClipDelay=0 -select-de manual -UnixRelay printer:/tmp/printer -allowoverride AcceptPointerEvents  -disableBasicAuth
-
+      - CUSTOM_USER=${VNC_USER}
+      - PUID=${UID}
+      - PGID=${GID}
+      - TZ=${TZ}
+    devices:
+      - /dev/dri:/dev/dri #optional
 
 volumes:
   homedir:

docker/front/Dockerfile

-FROM nginx:latest
-
-COPY nginx.conf /etc/nginx/conf.d/kasm.conf
-
-COPY start.sh /docker-entrypoint.d

docker/front/nginx.conf

-server {
-
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
-    server_name nginx;
-    ssl_certificate      /etc/nginx/certs/nginx.crt;
-    ssl_certificate_key  /etc/nginx/certs/nginx.key;
-    location / {
-       auth_basic           "Administrator’s Area";
-       auth_basic_user_file /kasm/kasm-user/.nginxpasswd;
-       proxy_set_header X-Real-IP $remote_addr;
-       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-       proxy_http_version 1.1;
-       proxy_set_header Upgrade $http_upgrade;
-       proxy_set_header Connection "upgrade";
-       proxy_set_header Host $http_host;
-       proxy_cache_bypass $http_upgrade;
-       proxy_pass https://kasm:6901/;
-     }
-}

docker/front/start.sh

-#!/bin/bash
-
-mkdir -p /etc/nginx/certs
-echo -e "FR\n\n\n\n\n\n\n" | openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-        -keyout /etc/nginx/certs/nginx.key -out /etc/nginx/certs/nginx.crt

docker/kasm/Dockerfile

-FROM kasmweb/core-ubuntu-noble:1.16.0 as kasmvnc-base
-USER root
+FROM lscr.io/linuxserver/webtop:ubuntu-mate as kasmvnc-base
 
-ENV HOME /home/kasm-default-profile
-ENV STARTUPDIR /dockerstartup
-ENV INST_SCRIPTS $STARTUPDIR/install
-WORKDIR $HOME
+#ENV HOME /home/kasm-default-profile
+ENV STARTUPDIR /custom-cont-init.d
+#ENV INST_SCRIPTS $STARTUPDIR/install
 
 ######### Customize Container Here ###########
 
@@ -15,50 +13,24 @@ ARG ANACONDA_VERS=Anaconda3-2024.02-1
 ARG KASM_USER
 
 
-COPY firefox-deb-nosnap /etc/apt/preferences.d/firefox-deb-nosnap
-
-RUN sudo add-apt-repository ppa:mozillateam/ppa && \ 
-    apt-get update && \
-    apt-get purge -y language-pack-* && \
-    apt-get -y dist-upgrade && \
+RUN apt-get update && \
     apt-get install -y \
-                    autoconf \
-                    build-essential \
         evince \
-                    firefox \
-                    gedit \
         git \
         git-cola \
-                    gnupg \
         htop \
-                    inotify-tools \
-                    language-pack-en  \
-                    language-pack-en-base \
-                    language-pack-fr \
-                    language-pack-fr-base \
-                    libreoffice \
-                    software-properties-common \
+        python3-spyder \
         vim-nox \
-                    wget && \
-    locale-gen --purge fr_FR.UTF-8 en_US.UTF-8
-
-RUN mkdir /install
-
-RUN usermod -l $KASM_USER kasm-user; \
-     for f in /dockerstartup/*.sh; do sed -i -e "s/kasm_user/$KASM_USER/g" $f; done
-
-WORKDIR /install
-
-RUN wget https://dbeaver.io/files/dbeaver-ce_latest_amd64.deb && \
+        wget \
+        && \
+    wget https://dbeaver.io/files/dbeaver-ce_latest_amd64.deb && \
     dpkg -i dbeaver-ce_latest_amd64.deb && \
     rm dbeaver-ce_latest_amd64.deb
 
-# === Install Spyder === #
-
-RUN if [ "$SPYDER" = true ] ; then apt-get install -y python3-spyder; fi
-
 # === Install anaconda === #
 RUN if [ "$ANACONDA" = true ] ; then \
+    mkdir /install; \
+    cd /install; \
     wget https://repo.anaconda.com/archive/${ANACONDA_VERS}-Linux-x86_64.sh; \
 fi
 
@@ -73,12 +45,8 @@ RUN if [ "$QGIS" = true ] ; then \
 COPY custom_startup.sh $STARTUPDIR/custom_startup.sh
 COPY change_password.sh /
 
-######### End Customizations ###########
-
-RUN chown 1000:0 $HOME
-
-ENV HOME /home/kasm-user
-WORKDIR $HOME
-RUN mkdir -p $HOME && chown -R 1000:0 $HOME
-
-USER 1000
+# TODO usermod
+# Homedir
+# Sudoer
+# username
+# lecture file for sudo

docker/kasm/change_password.sh

@@ -9,6 +9,7 @@ if [ "$password" == "$confirm" ]; then
     ok=1
     message=$(echo -e "$password\n$password\n" | kasmvncpasswd -u $KASM_USER -wo 2>&1)
     if [ $? -eq 0 ]; then
+        # TODO generate htpassword file in /etc/nginx/.htpasswd and copy it to /home/$KASM_USER/.htpasswd
         cp $HOME/.kasmpasswd $HOME/.kasmpasswd.persist
         cut -d : -f 1-2 $HOME/.kasmpasswd > $HOME/.nginxpasswd
         # Restart the VNC server

docker/kasm/custom_startup.sh

@@ -12,7 +12,7 @@ Exec=/change_password.sh
 terminal=true
 EOF
 
-if [ $ANACONDA == 'true' ]; then
+if [ "$ANACONDA" == 'true' ]; then
 cat <<eof > $VNC_HOME/Desktop/anaconda.desktop
 [Desktop Entry]
 Type=Application
@@ -28,7 +28,6 @@ if [ -z "$(grep 'conda init' $VNC_HOME/.bashrc)" ]; then
 fi
 fi
 
-if [ $SPYDER == 'true' ]; then
 cat <<eof > $VNC_HOME/Desktop/spyder.desktop
 [Desktop Entry]
 Type=Application
@@ -37,14 +36,11 @@ Terminal=true
 Icon=$VNC_HOME/anaconda3/share/icons/spyder.png
 Exec=$(which spyder)
 eof
-fi
-chmod +x $VNC_HOME/Desktop/*.desktop
 
-if [ -f "$HOME/.kasmpasswd.persist" ]; then
-    cp $HOME/.kasmpasswd.persist $HOME/.kasmpasswd
-    chown 600 $HOME/.kasmpasswd
-fi
-cut -d : -f 1-2 $HOME/.kasmpasswd > $HOME/.nginxpasswd
+chmod +x $VNC_HOME/Desktop/*.desktop
 
-# We should not exit
-sleep infinity
+# TODO persist /home/$USER/.htpasswd to /etc/nginx/.htpasswd
+#if [ -f "$HOME/.kasmpasswd.persist" ]; then
+#    cp $HOME/.kasmpasswd.persist $HOME/.kasmpasswd
+#    chown 600 $HOME/.kasmpasswd
+#fi

kasm

@@ -53,7 +53,7 @@ case $action in
         $compose down $@
         ;;
     "reset_passwd")
-        $cmd rm .kasmpasswd.persist
+        $cmd rm .htpasswd
         $compose down
         $compose up -d
         ;;

ports.yml

 services:
-  front:
+  kasm:
     ports:
-      - ${PORT}:443
+      - ${PORT}:3001