From 56ca25dce93e07465b339180bd7318e12b403a8e Mon Sep 17 00:00:00 2001 From: bluesky <379865549@qq.com> Date: Thu, 5 Sep 2024 12:43:59 +0800 Subject: [PATCH] feat: add apricot for kasmvnc --- .github/workflows/build-webtop.yml | 5 + webtop/deepin/dde20/docker-compose.yml | 25 + webtop/deepin/dde20/kasmvnc/Dockerfile | 426 ++++++++++++++++++ .../dde20/kasmvnc/root/defaults/autostart | 1 + .../dde20/kasmvnc/root/defaults/default.conf | 102 +++++ .../dde20/kasmvnc/root/defaults/menu.xml | 6 + .../dde20/kasmvnc/root/defaults/startwm.sh | 10 + .../dde20/kasmvnc/root/etc/cups/ppd/kasm.ppd | 362 +++++++++++++++ .../dde20/kasmvnc/root/etc/cups/start_cups.sh | 17 + .../dependencies.d/init-kasmvnc-end | 0 .../dependencies.d/init-nginx | 0 .../s6-rc.d/init-kasmvnc-config/run | 62 +++ .../s6-rc.d/init-kasmvnc-config/type | 1 + .../s6-overlay/s6-rc.d/init-kasmvnc-config/up | 1 + .../dependencies.d/init-video | 0 .../s6-overlay/s6-rc.d/init-kasmvnc-end/type | 1 + .../s6-overlay/s6-rc.d/init-kasmvnc-end/up | 1 + .../init-kasmvnc/dependencies.d/init-os-end | 0 .../etc/s6-overlay/s6-rc.d/init-kasmvnc/type | 1 + .../etc/s6-overlay/s6-rc.d/init-kasmvnc/up | 1 + .../init-nginx/dependencies.d/init-kasmvnc | 0 .../etc/s6-overlay/s6-rc.d/init-nginx/run | 35 ++ .../etc/s6-overlay/s6-rc.d/init-nginx/type | 1 + .../root/etc/s6-overlay/s6-rc.d/init-nginx/up | 1 + .../dependencies.d/init-kasmvnc-config | 0 .../etc/s6-overlay/s6-rc.d/init-video/run | 35 ++ .../etc/s6-overlay/s6-rc.d/init-video/type | 1 + .../root/etc/s6-overlay/s6-rc.d/init-video/up | 1 + .../svc-de/dependencies.d/init-services | 0 .../s6-rc.d/svc-de/dependencies.d/svc-nginx | 0 .../root/etc/s6-overlay/s6-rc.d/svc-de/run | 5 + .../root/etc/s6-overlay/s6-rc.d/svc-de/type | 1 + .../svc-docker/dependencies.d/init-services | 0 .../s6-rc.d/svc-docker/dependencies.d/svc-de | 0 .../etc/s6-overlay/s6-rc.d/svc-docker/run | 15 + .../etc/s6-overlay/s6-rc.d/svc-docker/type | 1 + .../svc-kasmvnc/dependencies.d/init-services | 0 .../svc-kasmvnc/dependencies.d/svc-pulseaudio | 0 .../etc/s6-overlay/s6-rc.d/svc-kasmvnc/run | 26 ++ .../etc/s6-overlay/s6-rc.d/svc-kasmvnc/type | 1 + .../svc-kclient/dependencies.d/init-services | 0 .../svc-kclient/dependencies.d/svc-kasmvnc | 0 .../etc/s6-overlay/s6-rc.d/svc-kclient/run | 24 + .../etc/s6-overlay/s6-rc.d/svc-kclient/type | 1 + .../svc-nginx/dependencies.d/init-services | 0 .../svc-nginx/dependencies.d/svc-kclient | 0 .../root/etc/s6-overlay/s6-rc.d/svc-nginx/run | 16 + .../etc/s6-overlay/s6-rc.d/svc-nginx/type | 1 + .../dependencies.d/init-services | 0 .../etc/s6-overlay/s6-rc.d/svc-pulseaudio/run | 7 + .../s6-overlay/s6-rc.d/svc-pulseaudio/type | 1 + .../s6-rc.d/user/contents.d/init-config | 0 .../s6-rc.d/user/contents.d/init-kasmvnc | 0 .../user/contents.d/init-kasmvnc-config | 0 .../s6-rc.d/user/contents.d/init-kasmvnc-end | 0 .../s6-rc.d/user/contents.d/init-nginx | 0 .../s6-rc.d/user/contents.d/init-video | 0 .../s6-overlay/s6-rc.d/user/contents.d/svc-de | 0 .../s6-rc.d/user/contents.d/svc-docker | 0 .../s6-rc.d/user/contents.d/svc-kasmvnc | 0 .../s6-rc.d/user/contents.d/svc-kclient | 0 .../s6-rc.d/user/contents.d/svc-nginx | 0 .../s6-rc.d/user/contents.d/svc-pulseaudio | 0 webtop/deepin/dde20/kasmvnc/root/kasminit | 206 +++++++++ .../root/usr/local/bin/dockerd-entrypoint.sh | 196 ++++++++ .../root/usr/local/etc/kasmvnc/kasmvnc.yaml | 6 + .../usr/local/etc/kasmvnc/kasmvnc.yaml.lsio | 22 + 67 files changed, 1625 insertions(+) create mode 100644 webtop/deepin/dde20/docker-compose.yml create mode 100644 webtop/deepin/dde20/kasmvnc/Dockerfile create mode 100755 webtop/deepin/dde20/kasmvnc/root/defaults/autostart create mode 100644 webtop/deepin/dde20/kasmvnc/root/defaults/default.conf create mode 100644 webtop/deepin/dde20/kasmvnc/root/defaults/menu.xml create mode 100755 webtop/deepin/dde20/kasmvnc/root/defaults/startwm.sh create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/cups/ppd/kasm.ppd create mode 100755 webtop/deepin/dde20/kasmvnc/root/etc/cups/start_cups.sh create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-config/dependencies.d/init-kasmvnc-end create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/dependencies.d/init-nginx create mode 100755 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/run create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/type create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/up create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-end/dependencies.d/init-video create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-end/type create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-end/up create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc/dependencies.d/init-os-end create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc/type create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc/up create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/dependencies.d/init-kasmvnc create mode 100755 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/run create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/type create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/up create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/dependencies.d/init-kasmvnc-config create mode 100755 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/run create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/type create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/up create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/dependencies.d/init-services create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/dependencies.d/svc-nginx create mode 100755 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/run create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/type create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/dependencies.d/init-services create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/dependencies.d/svc-de create mode 100755 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/run create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/type create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/dependencies.d/init-services create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/dependencies.d/svc-pulseaudio create mode 100755 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/run create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/type create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/dependencies.d/init-services create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/dependencies.d/svc-kasmvnc create mode 100755 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/run create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/type create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/dependencies.d/init-services create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/dependencies.d/svc-kclient create mode 100755 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/run create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/type create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-pulseaudio/dependencies.d/init-services create mode 100755 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-pulseaudio/run create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-pulseaudio/type create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-config create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-kasmvnc create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-kasmvnc-config create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-kasmvnc-end create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-nginx create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-video create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-de create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-docker create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-kasmvnc create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-kclient create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-nginx create mode 100644 webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-pulseaudio create mode 100755 webtop/deepin/dde20/kasmvnc/root/kasminit create mode 100755 webtop/deepin/dde20/kasmvnc/root/usr/local/bin/dockerd-entrypoint.sh create mode 100644 webtop/deepin/dde20/kasmvnc/root/usr/local/etc/kasmvnc/kasmvnc.yaml create mode 100644 webtop/deepin/dde20/kasmvnc/root/usr/local/etc/kasmvnc/kasmvnc.yaml.lsio diff --git a/.github/workflows/build-webtop.yml b/.github/workflows/build-webtop.yml index c3f8378..3d34e92 100644 --- a/.github/workflows/build-webtop.yml +++ b/.github/workflows/build-webtop.yml @@ -31,6 +31,10 @@ jobs: # docker buildx build --load --platform linux/amd64 -t ${{ env.owner }}/webtop:debian-gxde . # popd + pushd webtop/deepin/dde20/kasmvnc + docker buildx build --load --platform linux/amd64 -t ${{ env.owner }}/baseimage-kasmvnc:deepinapricot . + popd + pushd webtop/deepin/dde20 docker buildx build --load --platform linux/amd64 -t ${{ env.owner }}/webtop:deepin-dde20 . popd @@ -44,4 +48,5 @@ jobs: - name: Docker image push run: | # docker push ${{ env.owner }}/webtop:debian-gxde + docker push ${{ env.owner }}/webtop:baseimage-kasmvnc:deepinapricot docker push ${{ env.owner }}/webtop:deepin-dde20 diff --git a/webtop/deepin/dde20/docker-compose.yml b/webtop/deepin/dde20/docker-compose.yml new file mode 100644 index 0000000..77857b9 --- /dev/null +++ b/webtop/deepin/dde20/docker-compose.yml @@ -0,0 +1,25 @@ +--- +services: + webtop: + image: chenchongbiao/webtop:deepin-dde20 + container_name: deepin-webtop + security_opt: + - seccomp:unconfined #optional + environment: + - PUID=1000 + - PGID=1000 + - TZ=Asia/Shanghai + - SUBFOLDER=/ #optional + - TITLE=Webtop #optional + - DOCKER_MODS=linuxserver/mods:universal-package-install + - INSTALL_PACKAGES=fonts-noto-cjk + - LC_ALL=zh_CN.UTF-8 + volumes: + - ./data:/config + - /var/run/docker.sock:/var/run/docker.sock #optional + ports: + - 3002:3000 + devices: + - /dev/dri:/dev/dri #optional + shm_size: "1gb" #optional + restart: unless-stopped diff --git a/webtop/deepin/dde20/kasmvnc/Dockerfile b/webtop/deepin/dde20/kasmvnc/Dockerfile new file mode 100644 index 0000000..ab1d8ba --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/Dockerfile @@ -0,0 +1,426 @@ +# syntax=docker/dockerfile:1 + +FROM node:12-buster AS wwwstage + +ARG KASMWEB_RELEASE="5ba4695e6526a27b8e38ec8d55dc33b39143e68a" + +RUN \ + echo "**** build clientside ****" && \ + export QT_QPA_PLATFORM=offscreen && \ + export QT_QPA_FONTDIR=/usr/share/fonts && \ + mkdir /src && \ + cd /src && \ + wget https://github.com/kasmtech/noVNC/tarball/${KASMWEB_RELEASE} -O - \ + | tar --strip-components=1 -xz && \ + npm install && \ + npm run-script build + +RUN \ + echo "**** organize output ****" && \ + mkdir /build-out && \ + cd /src && \ + rm -rf node_modules/ && \ + cp -R ./* /build-out/ && \ + cd /build-out && \ + rm *.md && \ + rm AUTHORS && \ + cp index.html vnc.html && \ + mkdir Downloads + + +FROM chenchongbiao/baseimage-deepin:apricot AS buildstage + +ARG KASMVNC_RELEASE="511e2ae542e95f5447a0a145bb54ced968e6cfec" + +COPY --from=wwwstage /build-out /www + +RUN \ + echo "**** install build deps ****" && \ + apt-get update && \ + apt-get build-dep -y \ + libxfont-dev \ + xorg-server && \ + apt-get install -y \ + autoconf \ + automake \ + cmake \ + console-data \ + git \ + grep \ + kbd \ + libavcodec-dev \ + libdrm-dev \ + libepoxy-dev \ + libgbm-dev \ + libgif-dev \ + libgnutls28-dev \ + libgnutls28-dev \ + libjpeg-dev \ + libpciaccess-dev \ + libpng-dev \ + libssl-dev \ + libtiff-dev \ + libtool \ + libwebp-dev \ + libx11-dev \ + libxau-dev \ + libxcursor-dev \ + libxcursor-dev \ + libxdmcp-dev \ + libxext-dev \ + libxkbfile-dev \ + libxrandr-dev \ + libxrandr-dev \ + libxshmfence-dev \ + libxtst-dev \ + meson \ + nettle-dev \ + tar \ + tightvncserver \ + wget \ + wayland-protocols \ + x11-apps \ + x11-common \ + x11-utils \ + x11-xkb-utils \ + x11-xserver-utils \ + xauth \ + xdg-utils \ + xfonts-base \ + xinit \ + xkb-data \ + xserver-xorg-dev + +RUN \ + echo "**** build libjpeg-turbo ****" && \ + mkdir /jpeg-turbo && \ + JPEG_TURBO_RELEASE=$(curl -sX GET "https://api.github.com/repos/libjpeg-turbo/libjpeg-turbo/releases/latest" \ + | awk '/tag_name/{print $4;exit}' FS='[""]'); \ + curl -o \ + /tmp/jpeg-turbo.tar.gz -L \ + "https://github.com/libjpeg-turbo/libjpeg-turbo/archive/${JPEG_TURBO_RELEASE}.tar.gz" && \ + tar xf \ + /tmp/jpeg-turbo.tar.gz -C \ + /jpeg-turbo/ --strip-components=1 && \ + cd /jpeg-turbo && \ + MAKEFLAGS=-j`nproc` \ + CFLAGS="-fpic" \ + cmake -DCMAKE_INSTALL_PREFIX=/usr/local -G"Unix Makefiles" && \ + make && \ + make install + +RUN \ + echo "**** build kasmvnc ****" && \ + git clone https://github.com/kasmtech/KasmVNC.git src && \ + cd /src && \ + git checkout -f ${KASMVNC_release} && \ + sed -i \ + -e '/find_package(FLTK/s@^@#@' \ + -e '/add_subdirectory(tests/s@^@#@' \ + CMakeLists.txt && \ + cmake \ + -DCMAKE_BUILD_TYPE=RelWithDebInfo \ + -DBUILD_VIEWER:BOOL=OFF \ + -DENABLE_GNUTLS:BOOL=OFF \ + . && \ + make -j4 && \ + echo "**** build xorg ****" && \ + XORG_VER="1.20.14" && \ + XORG_PATCH=$(echo "$XORG_VER" | grep -Po '^\d.\d+' | sed 's#\.##') && \ + wget --no-check-certificate \ + -O /tmp/xorg-server-${XORG_VER}.tar.gz \ + "https://www.x.org/archive/individual/xserver/xorg-server-${XORG_VER}.tar.gz" && \ + tar --strip-components=1 \ + -C unix/xserver \ + -xf /tmp/xorg-server-${XORG_VER}.tar.gz && \ + cd unix/xserver && \ + patch -Np1 -i ../xserver${XORG_PATCH}.patch && \ + patch -s -p0 < ../CVE-2022-2320-v1.20.patch && \ + autoreconf -i && \ + ./configure --prefix=/opt/kasmweb \ + --with-xkb-path=/usr/share/X11/xkb \ + --with-xkb-output=/var/lib/xkb \ + --with-xkb-bin-directory=/usr/bin \ + --with-default-font-path="/usr/share/fonts/X11/misc,/usr/share/fonts/X11/cyrillic,/usr/share/fonts/X11/100dpi/:unscaled,/usr/share/fonts/X11/75dpi/:unscaled,/usr/share/fonts/X11/Type1,/usr/share/fonts/X11/100dpi,/usr/share/fonts/X11/75dpi,built-ins" \ + --with-sha1=libcrypto \ + --without-dtrace --disable-dri \ + --disable-static \ + --disable-xinerama \ + --disable-xvfb \ + --disable-xnest \ + --disable-xorg \ + --disable-dmx \ + --disable-xwin \ + --disable-xephyr \ + --disable-kdrive \ + --disable-config-hal \ + --disable-config-udev \ + --disable-dri2 \ + --enable-glx \ + --disable-xwayland \ + --enable-dri3 && \ + find . -name "Makefile" -exec sed -i 's/-Werror=array-bounds//g' {} \; && \ + make -j4 + +RUN \ + echo "**** generate final output ****" && \ + cd /src && \ + mkdir -p xorg.build/bin && \ + cd xorg.build/bin/ && \ + ln -s /src/unix/xserver/hw/vnc/Xvnc Xvnc && \ + cd .. && \ + mkdir -p man/man1 && \ + touch man/man1/Xserver.1 && \ + cp /src/unix/xserver/hw/vnc/Xvnc.man man/man1/Xvnc.1 && \ + mkdir lib && \ + cd lib && \ + ln -s /usr/lib/x86_64-linux-gnu/dri dri && \ + cd /src && \ + mkdir -p builder/www && \ + cp -ax /www/* builder/www/ && \ + cp builder/www/index.html builder/www/vnc.html && \ + make servertarball && \ + mkdir /build-out && \ + tar xzf \ + kasmvnc-Linux*.tar.gz \ + -C /build-out/ && \ + rm -Rf /build-out/usr/local/man + +# nodejs builder +FROM chenchongbiao/baseimage-deepin:apricot AS nodebuilder +ARG KCLIENT_RELEASE + +RUN \ + echo "**** install build deps ****" && \ + apt-get update && \ + apt-get install -y \ + gnupg && \ + curl -fsSL https://deb.nodesource.com/setup_18.x | bash - && \ + apt-get update && \ + apt-get install -y \ + g++ \ + gcc \ + libpam0g-dev \ + libpulse-dev \ + make \ + nodejs + +RUN \ + echo "**** grab source ****" && \ + mkdir -p /kclient && \ + if [ -z ${KCLIENT_RELEASE+x} ]; then \ + KCLIENT_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/kclient/releases/latest" \ + | awk '/tag_name/{print $4;exit}' FS='[""]'); \ + fi && \ + curl -o \ + /tmp/kclient.tar.gz -L \ + "https://github.com/linuxserver/kclient/archive/${KCLIENT_RELEASE}.tar.gz" && \ + tar xf \ + /tmp/kclient.tar.gz -C \ + /kclient/ --strip-components=1 + +RUN \ + echo "**** install node modules ****" && \ + cd /kclient && \ + npm install && \ + rm -f package-lock.json + +# runtime stage +FROM chenchongbiao/baseimage-deepin:apricot + +# set version label +ARG BUILD_DATE +ARG VERSION +ARG KASMBINS_RELEASE="1.15.0" +LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}" +LABEL maintainer="thelamer" +LABEL "com.kasmweb.image"="true" + +# env +ENV DISPLAY=:1 \ + PERL5LIB=/usr/local/bin \ + OMP_WAIT_POLICY=PASSIVE \ + GOMP_SPINCOUNT=0 \ + HOME=/config \ + START_DOCKER=true \ + PULSE_RUNTIME_PATH=/defaults \ + NVIDIA_DRIVER_CAPABILITIES=all + +# copy over build output +COPY --from=nodebuilder /kclient /kclient +COPY --from=buildstage /build-out/ / + +RUN \ + echo "**** install deps ****" && \ + curl -fsSL https://download.docker.com/linux/debian/gpg | tee /usr/share/keyrings/docker.asc >/dev/null && \ + echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker.asc] https://download.docker.com/linux/debian bookworm stable" > /etc/apt/sources.list.d/docker.list && \ + curl -fsSL https://deb.nodesource.com/setup_18.x | bash - && \ + apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \ + ca-certificates \ + containerd.io \ + cups \ + cups-client \ + cups-pdf \ + docker-ce \ + docker-ce-cli \ + docker-buildx-plugin \ + docker-compose-plugin \ + dbus-x11 \ + dunst \ + ffmpeg \ + file \ + fonts-noto-color-emoji \ + fonts-noto-core \ + fuse-overlayfs \ + intel-media-va-driver \ + kbd \ + libdatetime-perl \ + libfontenc1 \ + libfreetype6 \ + libgbm1 \ + libgcrypt20 \ + libgl1-mesa-dri \ + libglu1-mesa \ + libgnutls30 \ + libgomp1 \ + libhash-merge-simple-perl \ + liblist-moreutils-perl \ + libnotify-bin \ + libp11-kit0 \ + libpam0g \ + libpixman-1-0 \ + libscalar-list-utils-perl \ + libswitch-perl \ + libtasn1-6 \ + libtry-tiny-perl \ + libvulkan1 \ + libwebp7 \ + libx11-6 \ + libxau6 \ + libxcb1 \ + libxcursor1 \ + libxdmcp6 \ + libxext6 \ + libxfixes3 \ + libxfont2 \ + libxinerama1 \ + libxshmfence1 \ + libxtst6 \ + libyaml-tiny-perl \ + locales-all \ + mesa-va-drivers \ + mesa-vulkan-drivers \ + nginx \ + nodejs \ + openbox \ + openssh-client \ + openssl \ + pciutils \ + perl \ + procps \ + pulseaudio \ + pulseaudio-utils \ + python3 \ + software-properties-common \ + ssl-cert \ + sudo \ + tar \ + util-linux \ + vulkan-tools \ + x11-apps \ + x11-common \ + x11-utils \ + x11-xkb-utils \ + x11-xserver-utils \ + xauth \ + xdg-utils \ + xfonts-base \ + xkb-data \ + xserver-common \ + xserver-xorg-core \ + xserver-xorg-video-amdgpu \ + xserver-xorg-video-ati \ + xserver-xorg-video-intel \ + xserver-xorg-video-nouveau \ + xserver-xorg-video-qxl \ + xterm \ + xutils \ + zlib1g && \ + echo "**** printer config ****" && \ + sed -i -r \ + -e "s:^(Out\s).*:\1/home/kasm-user/PDF:" \ + /etc/cups/cups-pdf.conf && \ + echo "**** filesystem setup ****" && \ + ln -s /usr/local/share/kasmvnc /usr/share/kasmvnc && \ + ln -s /usr/local/etc/kasmvnc /etc/kasmvnc && \ + ln -s /usr/local/lib/kasmvnc /usr/lib/kasmvncserver && \ + echo "**** openbox tweaks ****" && \ + sed -i \ + -e 's/NLIMC/NLMC/g' \ + -e '/debian-menu/d' \ + -e 's|| yes\n|' \ + -e 's|| \n|' \ + /etc/xdg/openbox/rc.xml && \ + echo "**** user perms ****" && \ + sed -e 's/%sudo ALL=(ALL:ALL) ALL/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' \ + -i /etc/sudoers && \ + echo "abc:abc" | chpasswd && \ + usermod -s /bin/bash abc && \ + usermod -aG sudo abc && \ + echo "**** proot-apps ****" && \ + mkdir /proot-apps/ && \ + PAPPS_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/proot-apps/releases/latest" \ + | awk '/tag_name/{print $4;exit}' FS='[""]') && \ + curl -L https://github.com/linuxserver/proot-apps/releases/download/${PAPPS_RELEASE}/proot-apps-x86_64.tar.gz \ + | tar -xzf - -C /proot-apps/ && \ + echo "${PAPPS_RELEASE}" > /proot-apps/pversion && \ + echo "**** kasm support ****" && \ + useradd \ + -u 1000 -U \ + -d /home/kasm-user \ + -s /bin/bash kasm-user && \ + echo "kasm-user:kasm" | chpasswd && \ + usermod -aG sudo kasm-user && \ + mkdir -p /home/kasm-user && \ + chown 1000:1000 /home/kasm-user && \ + mkdir -p /var/run/pulse && \ + chown 1000:root /var/run/pulse && \ + mkdir -p /kasmbins && \ + curl -s https://kasm-ci.s3.amazonaws.com/kasmbins-amd64-${KASMBINS_RELEASE}.tar.gz \ + | tar xzvf - -C /kasmbins/ && \ + chmod +x /kasmbins/* && \ + chown -R 1000:1000 /kasmbins && \ + chown 1000:1000 /usr/share/kasmvnc/www/Downloads && \ + mkdir -p /dockerstartup && \ + echo "**** dind support ****" && \ + useradd -U dockremap && \ + usermod -G dockremap dockremap && \ + echo 'dockremap:165536:65536' >> /etc/subuid && \ + echo 'dockremap:165536:65536' >> /etc/subgid && \ + curl -o \ + /usr/local/bin/dind -L \ + https://raw.githubusercontent.com/moby/moby/master/hack/dind && \ + chmod +x /usr/local/bin/dind && \ + echo 'hosts: files dns' > /etc/nsswitch.conf && \ + usermod -aG docker abc && \ + echo "**** locales ****" && \ + for LOCALE in $(curl -sL https://raw.githubusercontent.com/thelamer/lang-stash/master/langs); do \ + localedef -i $LOCALE -f UTF-8 $LOCALE.UTF-8; \ + done && \ + echo "**** theme ****" && \ + curl -s https://raw.githubusercontent.com/thelamer/lang-stash/master/theme.tar.gz \ + | tar xzvf - -C /usr/share/themes/Clearlooks/openbox-3/ && \ + echo "**** cleanup ****" && \ + apt-get autoclean && \ + rm -rf \ + /var/lib/apt/lists/* \ + /var/tmp/* \ + /tmp/* + +# add local files +COPY /root / + +# ports and volumes +EXPOSE 3000 3001 +VOLUME /config diff --git a/webtop/deepin/dde20/kasmvnc/root/defaults/autostart b/webtop/deepin/dde20/kasmvnc/root/defaults/autostart new file mode 100755 index 0000000..db0c341 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/defaults/autostart @@ -0,0 +1 @@ +xterm diff --git a/webtop/deepin/dde20/kasmvnc/root/defaults/default.conf b/webtop/deepin/dde20/kasmvnc/root/defaults/default.conf new file mode 100644 index 0000000..1350d5f --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/defaults/default.conf @@ -0,0 +1,102 @@ +server { + #auth_basic "Login"; + #auth_basic_user_file /etc/nginx/.htpasswd; + listen 3000 default_server; + listen [::]:3000 default_server; + location / { + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Cookie ""; + proxy_read_timeout 3600s; + proxy_send_timeout 3600s; + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Cross-Origin-Embedder-Policy' 'require-corp'; + add_header 'Cross-Origin-Opener-Policy' 'same-origin'; + add_header 'Cross-Origin-Resource-Policy' 'same-site'; + proxy_pass http://127.0.0.1:6900; + proxy_buffering off; + } + + location SUBFOLDERwebsockify { + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Cookie ""; + proxy_read_timeout 3600s; + proxy_send_timeout 3600s; + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Cross-Origin-Embedder-Policy' 'require-corp'; + add_header 'Cross-Origin-Opener-Policy' 'same-origin'; + add_header 'Cross-Origin-Resource-Policy' 'same-site'; + proxy_pass http://127.0.0.1:6901; + proxy_buffering off; + } +} + +server { + #auth_basic "Login"; + #auth_basic_user_file /etc/nginx/.htpasswd; + listen 3001 ssl; + listen [::]:3001 ssl; + ssl_certificate /config/ssl/cert.pem; + ssl_certificate_key /config/ssl/cert.key; + location / { + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Cookie ""; + proxy_read_timeout 3600s; + proxy_send_timeout 3600s; + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Cross-Origin-Embedder-Policy' 'require-corp'; + add_header 'Cross-Origin-Opener-Policy' 'same-origin'; + add_header 'Cross-Origin-Resource-Policy' 'same-site'; + proxy_pass http://127.0.0.1:6900; + proxy_buffering off; + } + + location SUBFOLDERwebsockify { + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Cookie ""; + proxy_read_timeout 3600s; + proxy_send_timeout 3600s; + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Cross-Origin-Embedder-Policy' 'require-corp'; + add_header 'Cross-Origin-Opener-Policy' 'same-origin'; + add_header 'Cross-Origin-Resource-Policy' 'same-site'; + proxy_pass http://127.0.0.1:6901; + proxy_buffering off; + } +} + diff --git a/webtop/deepin/dde20/kasmvnc/root/defaults/menu.xml b/webtop/deepin/dde20/kasmvnc/root/defaults/menu.xml new file mode 100644 index 0000000..1333076 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/defaults/menu.xml @@ -0,0 +1,6 @@ + + + +/usr/bin/xterm + + diff --git a/webtop/deepin/dde20/kasmvnc/root/defaults/startwm.sh b/webtop/deepin/dde20/kasmvnc/root/defaults/startwm.sh new file mode 100755 index 0000000..ce84d7f --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/defaults/startwm.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +# Enable Nvidia GPU support if detected +if which nvidia-smi; then + export LIBGL_KOPPER_DRI2=1 + export MESA_LOADER_DRIVER_OVERRIDE=zink + export GALLIUM_DRIVER=zink +fi + +/usr/bin/startdde diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/cups/ppd/kasm.ppd b/webtop/deepin/dde20/kasmvnc/root/etc/cups/ppd/kasm.ppd new file mode 100644 index 0000000..4e54c37 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/cups/ppd/kasm.ppd @@ -0,0 +1,362 @@ +*PPD-Adobe: "4.3" +*FormatVersion: "4.3" +*FileVersion: "1.1" +*LanguageVersion: English +*LanguageEncoding: ISOLatin1 +*PCFileName: "kasm.PPD" +*Manufacturer: "Kasm" +*Product: "(CUPS v1.1)" +*ModelName: "Kasm Virtual Printer" +*ShortNickName: "Kasm Virtual Printer" +*NickName: "Kasm Virtual Printer (no options)" +*1284DeviceID: "MFG:Kasm;MDL:Kasm Virtual Printer;DES:Kasm Virtual Printer Printer;CLS:PRINTER;CMD:POSTSCRIPT;" +*% cupsFilter: "application/vnd.cups-postscript 0 pstitleiconv" +*PSVersion: "(2017.000) 0" +*LanguageLevel: "2" +*ColorDevice: True +*DefaultColorSpace: RGB +*FileSystem: False +*Throughput: "8" +*LandscapeOrientation: Plus90 +*TTRasterizer: Type42 + +*HWMargins: 0 0 0 0 +*VariablePaperSize: True +*MaxMediaWidth: 100000 +*MaxMediaHeight: 100000 +*NonUIOrderDependency: 100 AnySetup *CustomPageSize +*CustomPageSize True: "pop pop pop +<>setpagedevice" +*End +*ParamCustomPageSize Width: 1 points 36 100000 +*ParamCustomPageSize Height: 2 points 36 100000 +*ParamCustomPageSize Orientation: 3 int 0 3 +*ParamCustomPageSize WidthOffset: 4 points 0 0 +*ParamCustomPageSize HeightOffset: 5 points 0 0 + +*OpenGroup: General/General + +*OpenUI *PageSize/Page Size: PickOne +*OrderDependency: 100 AnySetup *PageSize +*DefaultPageSize: Letter +*PageSize 11x14/11x14: "<>setpagedevice" +*PageSize 11x17/11x17: "<>setpagedevice" +*PageSize 13x19/13x19: "<>setpagedevice" +*PageSize 16x20/16x20: "<>setpagedevice" +*PageSize 16x24/16x24: "<>setpagedevice" +*PageSize 2A/2A: "<>setpagedevice" +*PageSize 4A/4A: "<>setpagedevice" +*PageSize 8x10/8x10: "<>setpagedevice" +*PageSize 8x12/8x12: "<>setpagedevice" +*PageSize A0/A0: "<>setpagedevice" +*PageSize A1/A1: "<>setpagedevice" +*PageSize A2/A2: "<>setpagedevice" +*PageSize A3/A3: "<>setpagedevice" +*PageSize A4/A4: "<>setpagedevice" +*PageSize A5/A5: "<>setpagedevice" +*PageSize AnsiA/ANSI A: "<>setpagedevice" +*PageSize AnsiB/ANSI B: "<>setpagedevice" +*PageSize AnsiC/ANSI C: "<>setpagedevice" +*PageSize AnsiD/ANSI D: "<>setpagedevice" +*PageSize AnsiE/ANSI E: "<>setpagedevice" +*PageSize ArchA/Arch A: "<>setpagedevice" +*PageSize ArchB/Arch B: "<>setpagedevice" +*PageSize ArchC/Arch C: "<>setpagedevice" +*PageSize ArchD/Arch D: "<>setpagedevice" +*PageSize ArchE/Arch E: "<>setpagedevice" +*PageSize C0/C0: "<>setpagedevice" +*PageSize C1/C1: "<>setpagedevice" +*PageSize C2/C2: "<>setpagedevice" +*PageSize C3/C3: "<>setpagedevice" +*PageSize C4/C4: "<>setpagedevice" +*PageSize C5/C5: "<>setpagedevice" +*PageSize Env10/Envelope #10: "<>setpagedevice" +*PageSize EnvC5/Envelope C5: "<>setpagedevice" +*PageSize EnvDL/Envelope DL: "<>setpagedevice" +*PageSize EnvMonarch/Envelope Monarch: "<>setpagedevice" +*PageSize Executive/Executive: "<>setpagedevice" +*PageSize ISOB0/B0 (ISO): "<>setpagedevice" +*PageSize ISOB1/B1 (ISO): "<>setpagedevice" +*PageSize ISOB2/B2 (ISO): "<>setpagedevice" +*PageSize ISOB3/B3 (ISO): "<>setpagedevice" +*PageSize ISOB4/B4 (ISO): "<>setpagedevice" +*PageSize ISOB5/B5 (ISO): "<>setpagedevice" +*PageSize JISB0/B0 (JIS): "<>setpagedevice" +*PageSize JISB1/B1 (JIS): "<>setpagedevice" +*PageSize JISB2/B2 (JIS): "<>setpagedevice" +*PageSize JISB3/B3 (JIS): "<>setpagedevice" +*PageSize JISB4/B4 (JIS): "<>setpagedevice" +*PageSize JISB5/B5 (JIS): "<>setpagedevice" +*PageSize Ledger/Ledger: "<>setpagedevice" +*PageSize Legal/US Legal: "<>setpagedevice" +*PageSize Letter/US Letter: "<>setpagedevice" +*PageSize RA0/RA0: "<>setpagedevice" +*PageSize RA1/RA1: "<>setpagedevice" +*PageSize RA2/RA2: "<>setpagedevice" +*PageSize RA3/RA3: "<>setpagedevice" +*PageSize RA4/RA4: "<>setpagedevice" +*PageSize SRA0/SRA0: "<>setpagedevice" +*PageSize SRA1/SRA1: "<>setpagedevice" +*PageSize SRA2/SRA2: "<>setpagedevice" +*PageSize SRA3/SRA3: "<>setpagedevice" +*PageSize SRA4/SRA4: "<>setpagedevice" +*PageSize SuperA/Super A: "<>setpagedevice" +*PageSize SuperB/Super B: "<>setpagedevice" +*PageSize TabloidExtra/Tabloid Extra: "<>setpagedevice" +*PageSize Tabloid/Tabloid: "<>setpagedevice" +*CloseUI: *PageSize + +*OpenUI *PageRegion: PickOne +*OrderDependency: 100 AnySetup *PageRegion +*DefaultPageRegion: Letter +*PageRegion 11x14/11x14: "<>setpagedevice" +*PageRegion 11x17/11x17: "<>setpagedevice" +*PageRegion 13x19/13x19: "<>setpagedevice" +*PageRegion 16x20/16x20: "<>setpagedevice" +*PageRegion 16x24/16x24: "<>setpagedevice" +*PageRegion 2A/2A: "<>setpagedevice" +*PageRegion 4A/4A: "<>setpagedevice" +*PageRegion 8x10/8x10: "<>setpagedevice" +*PageRegion 8x12/8x12: "<>setpagedevice" +*PageRegion A0/A0: "<>setpagedevice" +*PageRegion A1/A1: "<>setpagedevice" +*PageRegion A2/A2: "<>setpagedevice" +*PageRegion A3/A3: "<>setpagedevice" +*PageRegion A4/A4: "<>setpagedevice" +*PageRegion A5/A5: "<>setpagedevice" +*PageRegion AnsiA/ANSI A: "<>setpagedevice" +*PageRegion AnsiB/ANSI B: "<>setpagedevice" +*PageRegion AnsiC/ANSI C: "<>setpagedevice" +*PageRegion AnsiD/ANSI D: "<>setpagedevice" +*PageRegion AnsiE/ANSI E: "<>setpagedevice" +*PageRegion ArchA/Arch A: "<>setpagedevice" +*PageRegion ArchB/Arch B: "<>setpagedevice" +*PageRegion ArchC/Arch C: "<>setpagedevice" +*PageRegion ArchD/Arch D: "<>setpagedevice" +*PageRegion ArchE/Arch E: "<>setpagedevice" +*PageRegion C0/C0: "<>setpagedevice" +*PageRegion C1/C1: "<>setpagedevice" +*PageRegion C2/C2: "<>setpagedevice" +*PageRegion C3/C3: "<>setpagedevice" +*PageRegion C4/C4: "<>setpagedevice" +*PageRegion C5/C5: "<>setpagedevice" +*PageRegion Env10/Envelope #10: "<>setpagedevice" +*PageRegion EnvC5/Envelope C5: "<>setpagedevice" +*PageRegion EnvDL/Envelope DL: "<>setpagedevice" +*PageRegion EnvMonarch/Envelope Monarch: "<>setpagedevice" +*PageRegion Executive/Executive: "<>setpagedevice" +*PageRegion ISOB0/B0 (ISO): "<>setpagedevice" +*PageRegion ISOB1/B1 (ISO): "<>setpagedevice" +*PageRegion ISOB2/B2 (ISO): "<>setpagedevice" +*PageRegion ISOB3/B3 (ISO): "<>setpagedevice" +*PageRegion ISOB4/B4 (ISO): "<>setpagedevice" +*PageRegion ISOB5/B5 (ISO): "<>setpagedevice" +*PageRegion JISB0/B0 (JIS): "<>setpagedevice" +*PageRegion JISB1/B1 (JIS): "<>setpagedevice" +*PageRegion JISB2/B2 (JIS): "<>setpagedevice" +*PageRegion JISB3/B3 (JIS): "<>setpagedevice" +*PageRegion JISB4/B4 (JIS): "<>setpagedevice" +*PageRegion JISB5/B5 (JIS): "<>setpagedevice" +*PageRegion Ledger/Ledger: "<>setpagedevice" +*PageRegion Legal/US Legal: "<>setpagedevice" +*PageRegion Letter/US Letter: "<>setpagedevice" +*PageRegion RA0/RA0: "<>setpagedevice" +*PageRegion RA1/RA1: "<>setpagedevice" +*PageRegion RA2/RA2: "<>setpagedevice" +*PageRegion RA3/RA3: "<>setpagedevice" +*PageRegion RA4/RA4: "<>setpagedevice" +*PageRegion SRA0/SRA0: "<>setpagedevice" +*PageRegion SRA1/SRA1: "<>setpagedevice" +*PageRegion SRA2/SRA2: "<>setpagedevice" +*PageRegion SRA3/SRA3: "<>setpagedevice" +*PageRegion SRA4/SRA4: "<>setpagedevice" +*PageRegion SuperA/Super A: "<>setpagedevice" +*PageRegion SuperB/Super B: "<>setpagedevice" +*PageRegion TabloidExtra/Tabloid Extra: "<>setpagedevice" +*PageRegion Tabloid/Tabloid: "<>setpagedevice" +*CloseUI: *PageRegion + +*DefaultImageableArea: Letter +*ImageableArea 11x14/11x14: "0 0 792 1008" +*ImageableArea 11x17/11x17: "0 0 792 1224" +*ImageableArea 13x19/13x19: "0 0 936 1368" +*ImageableArea 16x20/16x20: "0 0 1152 1440" +*ImageableArea 16x24/16x24: "0 0 1152 1728" +*ImageableArea 2A/2A: "0 0 3370 4768" +*ImageableArea 4A/4A: "0 0 4768 6749" +*ImageableArea 8x10/8x10: "0 0 576 720" +*ImageableArea 8x12/8x12: "0 0 576 864" +*ImageableArea A0/A0: "0 0 2384 3370" +*ImageableArea A1/A1: "0 0 1684 2384" +*ImageableArea A2/A2: "0 0 1191 1684" +*ImageableArea A3/A3: "0 0 842 1191" +*ImageableArea A4/A4: "0 0 595 842" +*ImageableArea A5/A5: "0 0 421 595" +*ImageableArea AnsiA/ANSI A: "0 0 612 792" +*ImageableArea AnsiB/ANSI B: "0 0 792 1224" +*ImageableArea AnsiC/ANSI C: "0 0 1224 1584" +*ImageableArea AnsiD/ANSI D: "0 0 1584 2448" +*ImageableArea AnsiE/ANSI E: "0 0 2448 3168" +*ImageableArea ArchA/Arch A: "0 0 648 864" +*ImageableArea ArchB/Arch B: "0 0 864 1296" +*ImageableArea ArchC/Arch C: "0 0 1296 1728" +*ImageableArea ArchD/Arch D: "0 0 1728 2592" +*ImageableArea ArchE/Arch E: "0 0 2592 3456" +*ImageableArea C0/C0: "0 0 2599 3676" +*ImageableArea C1/C1: "0 0 1836 2599" +*ImageableArea C2/C2: "0 0 1298 1836" +*ImageableArea C3/C3: "0 0 918 1298" +*ImageableArea C4/C4: "0 0 649 918" +*ImageableArea C5/C5: "0 0 459 649" +*ImageableArea Env10/Envelope #10: "0 0 297 684" +*ImageableArea EnvC5/Envelope C5: "0 0 459 649" +*ImageableArea EnvDL/Envelope DL: "0 0 312 624" +*ImageableArea EnvMonarch/Envelope Monarch: "0 0 279 540" +*ImageableArea Executive/Executive: "0 0 522 756" +*ImageableArea ISOB0/B0 (ISO): "0 0 2834 4008" +*ImageableArea ISOB1/B1 (ISO): "0 0 2004 2834" +*ImageableArea ISOB2/B2 (ISO): "0 0 1417 2004" +*ImageableArea ISOB3/B3 (ISO): "0 0 1000 1417" +*ImageableArea ISOB4/B4 (ISO): "0 0 708 1000" +*ImageableArea ISOB5/B5 (ISO): "0 0 498 708" +*ImageableArea JISB0/B0 (JIS): "0 0 2919 4127" +*ImageableArea JISB1/B1 (JIS): "0 0 2063 2919" +*ImageableArea JISB2/B2 (JIS): "0 0 1459 2063" +*ImageableArea JISB3/B3 (JIS): "0 0 1029 1459" +*ImageableArea JISB4/B4 (JIS): "0 0 727 1029" +*ImageableArea JISB5/B5 (JIS): "0 0 518 727" +*ImageableArea Ledger/Ledger: "0 0 1224 792" +*ImageableArea Legal/US Legal: "0 0 612 1008" +*ImageableArea Letter/US Letter: "0 0 612 792" +*ImageableArea RA0/RA0: "0 0 2437 3458" +*ImageableArea RA1/RA1: "0 0 1729 2437" +*ImageableArea RA2/RA2: "0 0 1218 1729" +*ImageableArea RA3/RA3: "0 0 864 1218" +*ImageableArea RA4/RA4: "0 0 609 864" +*ImageableArea SRA0/SRA0: "0 0 2551 3628" +*ImageableArea SRA1/SRA1: "0 0 1814 2551" +*ImageableArea SRA2/SRA2: "0 0 1275 1814" +*ImageableArea SRA3/SRA3: "0 0 907 1275" +*ImageableArea SRA4/SRA4: "0 0 637 907" +*ImageableArea SuperA/Super A: "0 0 644 1008" +*ImageableArea SuperB/Super B: "0 0 936 1368" +*ImageableArea TabloidExtra/Tabloid Extra: "0 0 864 1296" +*ImageableArea Tabloid/Tabloid: "0 0 792 1224" + +*DefaultPaperDimension: Letter +*PaperDimension 11x14/11x14: "792 1008" +*PaperDimension 11x17/11x17: "792 1224" +*PaperDimension 13x19/13x19: "936 1368" +*PaperDimension 16x20/16x20: "1152 1440" +*PaperDimension 16x24/16x24: "1152 1728" +*PaperDimension 2A/2A: "3370 4768" +*PaperDimension 4A/4A: "4768 6749" +*PaperDimension 8x10/8x10: "576 720" +*PaperDimension 8x12/8x12: "576 864" +*PaperDimension A0/A0: "2384 3370" +*PaperDimension A1/A1: "1684 2384" +*PaperDimension A2/A2: "1191 1684" +*PaperDimension A3/A3: "842 1191" +*PaperDimension A4/A4: "595 842" +*PaperDimension A5/A5: "421 595" +*PaperDimension AnsiA/ANSI A: "612 792" +*PaperDimension AnsiB/ANSI B: "792 1224" +*PaperDimension AnsiC/ANSI C: "1224 1584" +*PaperDimension AnsiD/ANSI D: "1584 2448" +*PaperDimension AnsiE/ANSI E: "2448 3168" +*PaperDimension ArchA/Arch A: "648 864" +*PaperDimension ArchB/Arch B: "864 1296" +*PaperDimension ArchC/Arch C: "1296 1728" +*PaperDimension ArchD/Arch D: "1728 2592" +*PaperDimension ArchE/Arch E: "2592 3456" +*PaperDimension C0/C0: "2599 3676" +*PaperDimension C1/C1: "1836 2599" +*PaperDimension C2/C2: "1298 1836" +*PaperDimension C3/C3: "918 1298" +*PaperDimension C4/C4: "649 918" +*PaperDimension C5/C5: "459 649" +*PaperDimension Env10/Envelope #10: "297 684" +*PaperDimension EnvC5/Envelope C5: "459 649" +*PaperDimension EnvDL/Envelope DL: "312 624" +*PaperDimension EnvMonarch/Envelope Monarch: "279 540" +*PaperDimension Executive/Executive: "522 756" +*PaperDimension ISOB0/B0 (ISO): "2834 4008" +*PaperDimension ISOB1/B1 (ISO): "2004 2834" +*PaperDimension ISOB2/B2 (ISO): "1417 2004" +*PaperDimension ISOB3/B3 (ISO): "1000 1417" +*PaperDimension ISOB4/B4 (ISO): "708 1000" +*PaperDimension ISOB5/B5 (ISO): "498 708" +*PaperDimension JISB0/B0 (JIS): "2919 4127" +*PaperDimension JISB1/B1 (JIS): "2063 2919" +*PaperDimension JISB2/B2 (JIS): "1459 2063" +*PaperDimension JISB3/B3 (JIS): "1029 1459" +*PaperDimension JISB4/B4 (JIS): "727 1029" +*PaperDimension JISB5/B5 (JIS): "518 727" +*PaperDimension Ledger/Ledger: "1224 792" +*PaperDimension Legal/US Legal: "612 1008" +*PaperDimension Letter/US Letter: "612 792" +*PaperDimension RA0/RA0: "2437 3458" +*PaperDimension RA1/RA1: "1729 2437" +*PaperDimension RA2/RA2: "1218 1729" +*PaperDimension RA3/RA3: "864 1218" +*PaperDimension RA4/RA4: "609 864" +*PaperDimension SRA0/SRA0: "2551 3628" +*PaperDimension SRA1/SRA1: "1814 2551" +*PaperDimension SRA2/SRA2: "1275 1814" +*PaperDimension SRA3/SRA3: "907 1275" +*PaperDimension SRA4/SRA4: "637 907" +*PaperDimension SuperA/Super A: "644 1008" +*PaperDimension SuperB/Super B: "936 1368" +*PaperDimension TabloidExtra/Tabloid Extra: "864 1296" +*PaperDimension Tabloid/Tabloid: "792 1224" + +*OpenUI *Resolution/Output Resolution: PickOne +*OrderDependency: 100 AnySetup *Resolution +*DefaultResolution: 2400dpi +*Resolution 150dpi/150 DPI: "<>setpagedevice" +*Resolution 300dpi/300 DPI: "<>setpagedevice" +*Resolution 600dpi/600 DPI: "<>setpagedevice" +*Resolution 1200dpi/1200 DPI: "<>setpagedevice" +*Resolution 2400dpi/2400 DPI: "<>setpagedevice" +*CloseUI: *Resolution + +*CloseGroup: General + +*DefaultFont: Courier +*Font AvantGarde-Book: Standard "(001.006S)" Standard ROM +*Font AvantGarde-BookOblique: Standard "(001.006S)" Standard ROM +*Font AvantGarde-Demi: Standard "(001.007S)" Standard ROM +*Font AvantGarde-DemiOblique: Standard "(001.007S)" Standard ROM +*Font Bookman-Demi: Standard "(001.004S)" Standard ROM +*Font Bookman-DemiItalic: Standard "(001.004S)" Standard ROM +*Font Bookman-Light: Standard "(001.004S)" Standard ROM +*Font Bookman-LightItalic: Standard "(001.004S)" Standard ROM +*Font Courier: Standard "(002.004S)" Standard ROM +*Font Courier-Bold: Standard "(002.004S)" Standard ROM +*Font Courier-BoldOblique: Standard "(002.004S)" Standard ROM +*Font Courier-Oblique: Standard "(002.004S)" Standard ROM +*Font Helvetica: Standard "(001.006S)" Standard ROM +*Font Helvetica-Bold: Standard "(001.007S)" Standard ROM +*Font Helvetica-BoldOblique: Standard "(001.007S)" Standard ROM +*Font Helvetica-Narrow: Standard "(001.006S)" Standard ROM +*Font Helvetica-Narrow-Bold: Standard "(001.007S)" Standard ROM +*Font Helvetica-Narrow-BoldOblique: Standard "(001.007S)" Standard ROM +*Font Helvetica-Narrow-Oblique: Standard "(001.006S)" Standard ROM +*Font Helvetica-Oblique: Standard "(001.006S)" Standard ROM +*Font NewCenturySchlbk-Bold: Standard "(001.009S)" Standard ROM +*Font NewCenturySchlbk-BoldItalic: Standard "(001.007S)" Standard ROM +*Font NewCenturySchlbk-Italic: Standard "(001.006S)" Standard ROM +*Font NewCenturySchlbk-Roman: Standard "(001.007S)" Standard ROM +*Font Palatino-Bold: Standard "(001.005S)" Standard ROM +*Font Palatino-BoldItalic: Standard "(001.005S)" Standard ROM +*Font Palatino-Italic: Standard "(001.005S)" Standard ROM +*Font Palatino-Roman: Standard "(001.005S)" Standard ROM +*Font Symbol: Special "(001.007S)" Special ROM +*Font Times-Bold: Standard "(001.007S)" Standard ROM +*Font Times-BoldItalic: Standard "(001.009S)" Standard ROM +*Font Times-Italic: Standard "(001.007S)" Standard ROM +*Font Times-Roman: Standard "(001.007S)" Standard ROM +*Font ZapfChancery-MediumItalic: Standard "(001.007S)" Standard ROM +*Font ZapfDingbats: Special "(001.004S)" Standard ROM +*% +*% End of "$Id: postscript.ppd,v 1.1.1.1 2000/08/24 19:23:13 goffioul Exp $". diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/cups/start_cups.sh b/webtop/deepin/dde20/kasmvnc/root/etc/cups/start_cups.sh new file mode 100755 index 0000000..8b19823 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/cups/start_cups.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash +set -ex +{ + PRINTER_NAME=${KASM_PRINTER_NAME:-Kasm-Printer} + + echo "Starting cups" + # HACK: Some versions of cupsd cannot handle unlimited file descriptor limit + # that docker sets.. + ulimit -n 1024 &&/usr/sbin/cupsd -f & + until [[ "$(lpstat -r)" == "scheduler is running" ]]; do sleep 15; done + + echo "Creating a virtual printer: $PRINTER_NAME" + lpadmin -p $PRINTER_NAME -E -v cups-pdf:/ -P /etc/cups/ppd/kasm.ppd + lpadmin -p $PRINTER_NAME -o print-color-mode-default=color + + echo "Done!" +} 2>&1 | tee /tmp/start_cups.log diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-config/dependencies.d/init-kasmvnc-end b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-config/dependencies.d/init-kasmvnc-end new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/dependencies.d/init-nginx b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/dependencies.d/init-nginx new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/run b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/run new file mode 100755 index 0000000..db7590d --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/run @@ -0,0 +1,62 @@ +#!/usr/bin/with-contenv bash + +# default file copies first run +if [[ ! -f /config/.config/openbox/autostart ]]; then + mkdir -p /config/.config/openbox + cp /defaults/autostart /config/.config/openbox/autostart + chown -R abc:abc /config/.config/openbox +fi +if [[ ! -f /config/.config/openbox/menu.xml ]]; then + mkdir -p /config/.config/openbox && \ + cp /defaults/menu.xml /config/.config/openbox/menu.xml && \ + chown -R abc:abc /config/.config +fi +if [[ -f /usr/local/etc/kasmvnc/kasmvnc.yaml.lsio ]]; then + mv \ + /usr/local/etc/kasmvnc/kasmvnc.yaml.lsio \ + /usr/local/etc/kasmvnc/kasmvnc.yaml +fi + +# XDG Home +printf "${HOME}/.XDG" > /run/s6/container_environment/XDG_RUNTIME_DIR +if [ ! -d "${HOME}/.XDG" ]; then + mkdir -p ${HOME}/.XDG + chown abc:abc ${HOME}/.XDG +fi + +# Locale Support +if [ ! -z ${LC_ALL+x} ]; then + printf "${LC_ALL%.UTF-8}" > /run/s6/container_environment/LANGUAGE + printf "${LC_ALL}" > /run/s6/container_environment/LANG +fi + +# Remove window borders +if [[ ! -z ${NO_DECOR+x} ]] && [[ ! -f /decorlock ]]; then + sed -i \ + 's|| no \n|' \ + /etc/xdg/openbox/rc.xml + touch /decorlock +fi + +# Fullscreen everything in openbox unless the user explicitly disables it +if [[ ! -z ${NO_FULL+x} ]] && [[ ! -f /fulllock ]]; then + sed -i \ + '/yes<\/maximized><\/application>/d' \ + /etc/xdg/openbox/rc.xml + touch /fulllock +fi + +# Add proot-apps +if [ ! -f "${HOME}/.local/bin/proot-apps" ]; then + mkdir -p ${HOME}/.local/bin/ + cp /proot-apps/* ${HOME}/.local/bin/ + echo 'export PATH="$HOME/.local/bin:$PATH"' >> $HOME/.bashrc + chown abc:abc \ + ${HOME}/.bashrc \ + ${HOME}/.local/ \ + ${HOME}/.local/bin \ + ${HOME}/.local/bin/{ncat,proot-apps,proot,jq,pversion} +elif ! diff -q /proot-apps/pversion ${HOME}/.local/bin/pversion > /dev/null; then + cp /proot-apps/* ${HOME}/.local/bin/ + chown abc:abc ${HOME}/.local/bin/{ncat,proot-apps,proot,jq,pversion} +fi diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/type b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/type @@ -0,0 +1 @@ +oneshot diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/up b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/up new file mode 100644 index 0000000..a4718d3 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-kasmvnc-config/run diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-end/dependencies.d/init-video b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-end/dependencies.d/init-video new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-end/type b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-end/type new file mode 100644 index 0000000..3d92b15 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-end/type @@ -0,0 +1 @@ +oneshot \ No newline at end of file diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-end/up b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-end/up new file mode 100644 index 0000000..ada1957 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc-end/up @@ -0,0 +1 @@ +# This file doesn't do anything, it's just the end of the kasmvnc init process \ No newline at end of file diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc/dependencies.d/init-os-end b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc/dependencies.d/init-os-end new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc/type b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc/type new file mode 100644 index 0000000..3d92b15 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc/type @@ -0,0 +1 @@ +oneshot \ No newline at end of file diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc/up b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc/up new file mode 100644 index 0000000..4e85e17 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-kasmvnc/up @@ -0,0 +1 @@ +# This file doesn't do anything, it's just the beginning of the kasmvnc init process \ No newline at end of file diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/dependencies.d/init-kasmvnc b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/dependencies.d/init-kasmvnc new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/run b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/run new file mode 100755 index 0000000..6759cd0 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/run @@ -0,0 +1,35 @@ +#!/usr/bin/with-contenv bash + +# nginx Path +NGINX_CONFIG=/etc/nginx/sites-available/default + +# user passed env vars +CPORT="${CUSTOM_PORT:-3000}" +CHPORT="${CUSTOM_HTTPS_PORT:-3001}" +CUSER="${CUSTOM_USER:-abc}" +SFOLDER="${SUBFOLDER:-/}" + +# create self signed cert +if [ ! -f "/config/ssl/cert.pem" ]; then + mkdir -p /config/ssl + openssl req -new -x509 \ + -days 3650 -nodes \ + -out /config/ssl/cert.pem \ + -keyout /config/ssl/cert.key \ + -subj "/C=US/ST=CA/L=Carlsbad/O=Linuxserver.io/OU=LSIO Server/CN=*" + chmod 600 /config/ssl/cert.key + chown -R abc:abc /config/ssl +fi + +# modify nginx config +cp /defaults/default.conf ${NGINX_CONFIG} +sed -i "s/3000/$CPORT/g" ${NGINX_CONFIG} +sed -i "s/3001/$CHPORT/g" ${NGINX_CONFIG} +sed -i "s|SUBFOLDER|$SFOLDER|g" ${NGINX_CONFIG} +if [ ! -z ${DISABLE_IPV6+x} ]; then + sed -i '/listen \[::\]/d' ${NGINX_CONFIG} +fi +if [ ! -z ${PASSWORD+x} ]; then + printf "${CUSER}:$(openssl passwd -apr1 ${PASSWORD})\n" > /etc/nginx/.htpasswd + sed -i 's/#//g' ${NGINX_CONFIG} +fi diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/type b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/type @@ -0,0 +1 @@ +oneshot diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/up b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/up new file mode 100644 index 0000000..b3b5b49 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-nginx/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-nginx/run diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/dependencies.d/init-kasmvnc-config b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/dependencies.d/init-kasmvnc-config new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/run b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/run new file mode 100755 index 0000000..aaf9dfd --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/run @@ -0,0 +1,35 @@ +#!/usr/bin/with-contenv bash + +FILES=$(find /dev/dri /dev/dvb -type c -print 2>/dev/null) + +for i in $FILES +do + VIDEO_GID=$(stat -c '%g' "${i}") + VIDEO_UID=$(stat -c '%u' "${i}") + # check if user matches device + if id -u abc | grep -qw "${VIDEO_UID}"; then + echo "**** permissions for ${i} are good ****" + else + # check if group matches and that device has group rw + if id -G abc | grep -qw "${VIDEO_GID}" && [ $(stat -c '%A' "${i}" | cut -b 5,6) = "rw" ]; then + echo "**** permissions for ${i} are good ****" + # check if device needs to be added to video group + elif ! id -G abc | grep -qw "${VIDEO_GID}"; then + # check if video group needs to be created + VIDEO_NAME=$(getent group "${VIDEO_GID}" | awk -F: '{print $1}') + if [ -z "${VIDEO_NAME}" ]; then + VIDEO_NAME="video$(head /dev/urandom | tr -dc 'a-z0-9' | head -c4)" + groupadd "${VIDEO_NAME}" + groupmod -g "${VIDEO_GID}" "${VIDEO_NAME}" + echo "**** creating video group ${VIDEO_NAME} with id ${VIDEO_GID} ****" + fi + echo "**** adding ${i} to video group ${VIDEO_NAME} with id ${VIDEO_GID} ****" + usermod -a -G "${VIDEO_NAME}" abc + fi + # check if device has group rw + if [ $(stat -c '%A' "${i}" | cut -b 5,6) != "rw" ]; then + echo -e "**** The device ${i} does not have group read/write permissions, attempting to fix inside the container.If it doesn't work, you can run the following on your docker host: ****\nsudo chmod g+rw ${i}\n" + chmod g+rw "${i}" + fi + fi +done diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/type b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/type @@ -0,0 +1 @@ +oneshot diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/up b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/up new file mode 100644 index 0000000..01141b1 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/init-video/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-video/run diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/dependencies.d/init-services b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/dependencies.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/dependencies.d/svc-nginx b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/dependencies.d/svc-nginx new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/run b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/run new file mode 100755 index 0000000..14c12e7 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/run @@ -0,0 +1,5 @@ +#!/usr/bin/with-contenv bash + +cd $HOME +exec s6-setuidgid abc \ + /bin/bash /defaults/startwm.sh diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/type b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-de/type @@ -0,0 +1 @@ +longrun diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/dependencies.d/init-services b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/dependencies.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/dependencies.d/svc-de b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/dependencies.d/svc-de new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/run b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/run new file mode 100755 index 0000000..efe3cf4 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/run @@ -0,0 +1,15 @@ +#!/usr/bin/with-contenv bash + +# We need to wait for kclient to be full up as docker init breaks audio +sleep 5 + +# Make sure this is a priv container +if [ -e /dev/cpu_dma_latency ]; then + if [ "${START_DOCKER}" == "true" ]; then + exec /usr/local/bin/dockerd-entrypoint.sh -l error + else + sleep infinity + fi +fi +# if anything goes wrong with Docker don't loop +sleep infinity diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/type b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-docker/type @@ -0,0 +1 @@ +longrun diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/dependencies.d/init-services b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/dependencies.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/dependencies.d/svc-pulseaudio b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/dependencies.d/svc-pulseaudio new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/run b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/run new file mode 100755 index 0000000..6eca289 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/run @@ -0,0 +1,26 @@ +#!/usr/bin/with-contenv bash + +# Pass gpu flags if mounted +if ls /dev/dri/renderD* 1> /dev/null 2>&1 && [ -z ${DISABLE_DRI+x} ] && ! which nvidia-smi; then + HW3D="-hw3d" +fi +if [ -z ${DRINODE+x} ]; then + DRINODE="/dev/dri/renderD128" +fi + +exec s6-setuidgid abc \ + /usr/local/bin/Xvnc $DISPLAY \ + ${HW3D} \ + -PublicIP 127.0.0.1 \ + -drinode ${DRINODE} \ + -disableBasicAuth \ + -SecurityTypes None \ + -AlwaysShared \ + -http-header Cross-Origin-Embedder-Policy=require-corp \ + -http-header Cross-Origin-Opener-Policy=same-origin \ + -geometry 1024x768 \ + -sslOnly 0 \ + -RectThreads 0 \ + -websocketPort 6901 \ + -interface 0.0.0.0 \ + -Log *:stdout:10 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/type b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kasmvnc/type @@ -0,0 +1 @@ +longrun diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/dependencies.d/init-services b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/dependencies.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/dependencies.d/svc-kasmvnc b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/dependencies.d/svc-kasmvnc new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/run b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/run new file mode 100755 index 0000000..5df967b --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/run @@ -0,0 +1,24 @@ +#!/usr/bin/with-contenv bash + +# Mic Setup +if [ ! -f '/dev/shm/mic.lock' ]; then + until [ -f /defaults/pid ]; do + sleep .5 + done + s6-setuidgid abc with-contenv pactl \ + load-module module-pipe-source \ + source_name=virtmic \ + file=/defaults/mic.sock \ + source_properties=device.description=LSIOMic \ + format=s16le \ + rate=44100 \ + channels=1 + s6-setuidgid abc with-contenv pactl \ + set-default-source virtmic + touch /dev/shm/mic.lock +fi + +# NodeJS wrapper +cd /kclient +exec s6-setuidgid abc \ + node index.js diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/type b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-kclient/type @@ -0,0 +1 @@ +longrun diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/dependencies.d/init-services b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/dependencies.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/dependencies.d/svc-kclient b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/dependencies.d/svc-kclient new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/run b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/run new file mode 100755 index 0000000..521a47d --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/run @@ -0,0 +1,16 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +if pgrep -f "[n]ginx:" >/dev/null; then + echo "Zombie nginx processes detected, sending SIGTERM" + pkill -ef [n]ginx: + sleep 1 +fi + +if pgrep -f "[n]ginx:" >/dev/null; then + echo "Zombie nginx processes still active, sending SIGKILL" + pkill -9 -ef [n]ginx: + sleep 1 +fi + +exec /usr/sbin/nginx -g 'daemon off;' diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/type b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-nginx/type @@ -0,0 +1 @@ +longrun diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-pulseaudio/dependencies.d/init-services b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-pulseaudio/dependencies.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-pulseaudio/run b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-pulseaudio/run new file mode 100755 index 0000000..3ebebc8 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-pulseaudio/run @@ -0,0 +1,7 @@ +#!/usr/bin/with-contenv bash + +exec s6-setuidgid abc \ + /usr/bin/pulseaudio \ + --log-level=0 \ + --log-target=stderr \ + --exit-idle-time=-1 > /dev/null 2>&1 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-pulseaudio/type b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-pulseaudio/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/svc-pulseaudio/type @@ -0,0 +1 @@ +longrun diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-config b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-config new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-kasmvnc b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-kasmvnc new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-kasmvnc-config b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-kasmvnc-config new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-kasmvnc-end b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-kasmvnc-end new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-nginx b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-nginx new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-video b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-video new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-de b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-de new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-docker b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-docker new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-kasmvnc b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-kasmvnc new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-kclient b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-kclient new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-nginx b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-nginx new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-pulseaudio b/webtop/deepin/dde20/kasmvnc/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-pulseaudio new file mode 100644 index 0000000..e69de29 diff --git a/webtop/deepin/dde20/kasmvnc/root/kasminit b/webtop/deepin/dde20/kasmvnc/root/kasminit new file mode 100755 index 0000000..0abb94e --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/kasminit @@ -0,0 +1,206 @@ +#!/usr/bin/env bash +set -e + +# Purge temp files on init and exit +function clean () { + rm -rf /tmp/{,.[!.],..?}* || : +} +trap clean SIGINT SIGTERM +clean + +# Lang +if [ ! -z ${LC_ALL+x} ]; then + export LANGUAGE="${LC_ALL%.UTF-8}" + export LANG="${LC_ALL}" +fi + +# Environment +export HOME=/home/kasm-user +export KASM_VNC_PATH=/usr/share/kasmvnc +export PULSE_RUNTIME_PATH=/var/run/pulse +if [ -z ${DRINODE+x} ]; then + DRINODE="/dev/dri/renderD128" +fi +KASMNVC_HW3D='' +if [ ! -z ${HW3D+x} ]; then + KASMVNC_HW3D="-hw3d" +fi + +# Go URL translation +if [ ! -z ${KASM_URL+x} ]; then + export BRAVE_CLI=$KASM_URL + export CHROME_CLI=$KASM_URL + export EDGE_CLI=$KASM_URL + export FIREFOX_CLI=$KASM_URL + export OPERA_CLI=$KASM_URL + export TOR_CLI=$KASM_URL + export VIVALDI_CLI=$KASM_URL +fi + +# Notification daemon +dunst & + +## Directory setup for home folder ## +# Create folders for upload/download +mkdir -p $HOME/Desktop $HOME/Downloads +for FOLDER in Uploads Downloads; do + if [[ ! -L $HOME/Desktop/$FOLDER ]]; then + mkdir -p $HOME/$FOLDER + ln -sf $HOME/$FOLDER $HOME/Desktop/$FOLDER + fi +done +if [[ ! -L $KASM_VNC_PATH/www/Downloads/Downloads ]]; then + ln -sf $HOME/Downloads $KASM_VNC_PATH/www/Downloads/Downloads +fi +rm -rf $HOME/.config/pulse +# Openbox config files +if [[ ! -f $HOME/.config/openbox/autostart ]]; then + mkdir -p $HOME/.config/openbox + cp /defaults/autostart $HOME/.config/openbox/autostart +fi +if [[ ! -f $HOME/.config/openbox/menu.xml ]]; then + mkdir -p $HOME/.config/openbox + cp /defaults/menu.xml $HOME/.config/openbox/menu.xml +fi +# Startup Script for DE +mkdir -p $HOME/.vnc +cp \ + /defaults/startwm.sh \ + $HOME/.vnc/xstartup +touch $HOME/.vnc/.de-was-selected +# Add proot-apps +if [ ! -f "${HOME}/.local/bin/proot-apps" ]; then + mkdir -p ${HOME}/.local/bin/ + cp /proot-apps/* ${HOME}/.local/bin/ + echo 'export PATH="$HOME/.local/bin:$PATH"' >> $HOME/.bashrc +elif ! diff -q /proot-apps/pversion ${HOME}/.local/bin/pversion > /dev/null; then + cp /proot-apps/* ${HOME}/.local/bin/ +fi + +## Network egress wait ## +while :; do + interfaces=$(ip link show type veth | awk -F: '/^[0-9]+: / {print $2}' | awk '{print $1}' | sed 's/@.*//') + if [ -z "$interfaces" ]; then + sleep 1 + continue + fi + for interface in $interfaces; do + if [[ $interface == eth* ]]; then + break 2 + fi + if [[ $interface == k-p-* ]]; then + egress_file="/dockerstartup/.egress_status" + while [ ! -f "$egress_file" ]; do + sleep 1 + done + egress_status=$(cat $egress_file) + if [ "$egress_status" == "ready" ]; then + break 2 + fi + if [ "$egress_status" == "error" ]; then + echo "Failed to establish egress gateway. Exiting..." + exit 1 + fi + fi + done + sleep 1 +done + +## KasmVNC init ## +# Password +if [[ -f $HOME/.kasmpasswd ]]; then + rm -f $HOME/.kasmpasswd +fi +if [[ -z ${VNC_PW+x} ]]; then + VNC_PW="vncpassword" +fi +if [[ -z ${VNC_VIEW_ONLY_PW+x} ]]; then + VNC_VIEW_ONLY_PW="vncviewonlypassword" +fi +VNC_PW_HASH=$(python3 -c "import crypt; print(crypt.crypt('${VNC_PW}', '\$5\$kasm\$'));") +VNC_VIEW_PW_HASH=$(python3 -c "import crypt; print(crypt.crypt('${VNC_VIEW_ONLY_PW}', '\$5\$kasm\$'));") +echo "kasm_user:${VNC_PW_HASH}:ow" > $HOME/.kasmpasswd +echo "kasm_viewer:${VNC_VIEW_PW_HASH}:" >> $HOME/.kasmpasswd +chmod 600 $HOME/.kasmpasswd +# SSL cert +rm -f ${HOME}/.vnc/self.pem +openssl req -x509 \ + -nodes \ + -days 3650 \ + -newkey rsa:2048 \ + -keyout ${HOME}/.vnc/self.pem \ + -out ${HOME}/.vnc/self.pem \ + -subj "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none" +# Start KasmVNC +vncserver $DISPLAY \ + $KASMVNC_HW3D \ + -drinode $DRINODE \ + -websocketPort 6901 \ + -httpd ${KASM_VNC_PATH}/www \ + -FrameRate=60 \ + -interface 0.0.0.0 \ + -BlacklistThreshold=0 \ + -FreeKeyMappings \ + -PreferBandwidth \ + -DynamicQualityMin=4 \ + -DynamicQualityMax=7 \ + -DLP_ClipDelay=0 \ + -sslOnly \ + -UnixRelay printer:/tmp/printer + +## Microservice Init ## +# Audio +/kasmbins/kasm_websocket_relay/kasm_audio_out-linux \ + kasmaudio \ + 8081 \ + 4901 \ + ${HOME}/.vnc/self.pem \ + ${HOME}/.vnc/self.pem \ + "kasm_user:$VNC_PW" & +HOME=/var/run/pulse pulseaudio --start +HOME=/var/run/pulse no_proxy=127.0.0.1 ffmpeg \ + -v verbose \ + -f pulse \ + -fragment_size ${PULSEAUDIO_FRAGMENT_SIZE:-2000} \ + -ar 44100 \ + -i default \ + -f mpegts \ + -correct_ts_overflow 0 \ + -codec:a mp2 \ + -b:a 128k \ + -ac 1 \ + -muxdelay 0.001 \ + http://127.0.0.1:8081/kasmaudio > /dev/null 2>&1 & +# Audio in +/kasmbins/kasm_audio_input_server \ + --ssl \ + --auth-token "kasm_user:$VNC_PW" \ + --cert ${HOME}/.vnc/self.pem \ + --certkey ${HOME}/.vnc/self.pem & +# Uploads +/kasmbins/kasm_upload_server \ + --ssl \ + --auth-token "kasm_user:$VNC_PW" & +# Gamepad +if [[ ${KASM_SVC_GAMEPAD:-1} == 1 ]]; then + /kasmbins/kasm_gamepad_server \ + --ssl \ + --auth-token "kasm_user:$VNC_PW" \ + --cert ${HOME}/.vnc/self.pem \ + --certkey ${HOME}/.vnc/self.pem & +fi +# Webcam +if [[ -e /dev/video0 ]]; then + /kasmbins/kasm_webcam_server \ + --port 4905 \ + --ssl \ + --cert ${HOME}/.vnc/self.pem \ + --certkey ${HOME}/.vnc/self.pem & +fi +# Printer +/kasmbins/kasm_printer_service \ + --directory $HOME/PDF \ + --relay /tmp/printer & + +# Show KasmVNC Logs +tail -f $HOME/.vnc/*$DISPLAY.log diff --git a/webtop/deepin/dde20/kasmvnc/root/usr/local/bin/dockerd-entrypoint.sh b/webtop/deepin/dde20/kasmvnc/root/usr/local/bin/dockerd-entrypoint.sh new file mode 100755 index 0000000..0f843e0 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/usr/local/bin/dockerd-entrypoint.sh @@ -0,0 +1,196 @@ +#!/bin/sh +set -eu + +_tls_ensure_private() { + local f="$1"; shift + [ -s "$f" ] || openssl genrsa -out "$f" 4096 +} +_tls_san() { + { + ip -oneline address | awk '{ gsub(/\/.+$/, "", $4); print "IP:" $4 }' + { + cat /etc/hostname + echo 'docker' + echo 'localhost' + hostname -f + hostname -s + } | sed 's/^/DNS:/' + [ -z "${DOCKER_TLS_SAN:-}" ] || echo "$DOCKER_TLS_SAN" + } | sort -u | xargs printf '%s,' | sed "s/,\$//" +} +_tls_generate_certs() { + local dir="$1"; shift + + # if ca/key.pem || !ca/cert.pem, generate CA public if necessary + # if ca/key.pem, generate server public + # if ca/key.pem, generate client public + # (regenerating public certs every startup to account for SAN/IP changes and/or expiration) + + # https://github.com/FiloSottile/mkcert/issues/174 + local certValidDays='825' + + if [ -s "$dir/ca/key.pem" ] || [ ! -s "$dir/ca/cert.pem" ]; then + # if we either have a CA private key or do *not* have a CA public key, then we should create/manage the CA + mkdir -p "$dir/ca" + _tls_ensure_private "$dir/ca/key.pem" + openssl req -new -key "$dir/ca/key.pem" \ + -out "$dir/ca/cert.pem" \ + -subj '/CN=docker:dind CA' -x509 -days "$certValidDays" + fi + + if [ -s "$dir/ca/key.pem" ]; then + # if we have a CA private key, we should create/manage a server key + mkdir -p "$dir/server" + _tls_ensure_private "$dir/server/key.pem" + openssl req -new -key "$dir/server/key.pem" \ + -out "$dir/server/csr.pem" \ + -subj '/CN=docker:dind server' + cat > "$dir/server/openssl.cnf" <<-EOF + [ x509_exts ] + subjectAltName = $(_tls_san) + EOF + openssl x509 -req \ + -in "$dir/server/csr.pem" \ + -CA "$dir/ca/cert.pem" \ + -CAkey "$dir/ca/key.pem" \ + -CAcreateserial \ + -out "$dir/server/cert.pem" \ + -days "$certValidDays" \ + -extfile "$dir/server/openssl.cnf" \ + -extensions x509_exts + cp "$dir/ca/cert.pem" "$dir/server/ca.pem" + openssl verify -CAfile "$dir/server/ca.pem" "$dir/server/cert.pem" + fi + + if [ -s "$dir/ca/key.pem" ]; then + # if we have a CA private key, we should create/manage a client key + mkdir -p "$dir/client" + _tls_ensure_private "$dir/client/key.pem" + chmod 0644 "$dir/client/key.pem" # openssl defaults to 0600 for the private key, but this one needs to be shared with arbitrary client contexts + openssl req -new \ + -key "$dir/client/key.pem" \ + -out "$dir/client/csr.pem" \ + -subj '/CN=docker:dind client' + cat > "$dir/client/openssl.cnf" <<-'EOF' + [ x509_exts ] + extendedKeyUsage = clientAuth + EOF + openssl x509 -req \ + -in "$dir/client/csr.pem" \ + -CA "$dir/ca/cert.pem" \ + -CAkey "$dir/ca/key.pem" \ + -CAcreateserial \ + -out "$dir/client/cert.pem" \ + -days "$certValidDays" \ + -extfile "$dir/client/openssl.cnf" \ + -extensions x509_exts + cp "$dir/ca/cert.pem" "$dir/client/ca.pem" + openssl verify -CAfile "$dir/client/ca.pem" "$dir/client/cert.pem" + fi +} + +# no arguments passed +# or first arg is `-f` or `--some-option` +if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then + # set "dockerSocket" to the default "--host" *unix socket* value (for both standard or rootless) + uid="$(id -u)" + if [ "$uid" = '0' ]; then + dockerSocket='unix:///var/run/docker.sock' + else + # if we're not root, we must be trying to run rootless + : "${XDG_RUNTIME_DIR:=/run/user/$uid}" + dockerSocket="unix://$XDG_RUNTIME_DIR/docker.sock" + fi + case "${DOCKER_HOST:-}" in + unix://*) + dockerSocket="$DOCKER_HOST" + ;; + esac + + # add our default arguments + if [ -n "${DOCKER_TLS_CERTDIR:-}" ] \ + && _tls_generate_certs "$DOCKER_TLS_CERTDIR" \ + && [ -s "$DOCKER_TLS_CERTDIR/server/ca.pem" ] \ + && [ -s "$DOCKER_TLS_CERTDIR/server/cert.pem" ] \ + && [ -s "$DOCKER_TLS_CERTDIR/server/key.pem" ] \ + ; then + # generate certs and use TLS if requested/possible (default in 19.03+) + set -- dockerd \ + --host="$dockerSocket" \ + --host=tcp://0.0.0.0:2376 \ + --tlsverify \ + --tlscacert "$DOCKER_TLS_CERTDIR/server/ca.pem" \ + --tlscert "$DOCKER_TLS_CERTDIR/server/cert.pem" \ + --tlskey "$DOCKER_TLS_CERTDIR/server/key.pem" \ + "$@" + DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS="${DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS:-} -p 0.0.0.0:2376:2376/tcp" + else + # TLS disabled (-e DOCKER_TLS_CERTDIR='') or missing certs + set -- dockerd \ + --host="$dockerSocket" \ + "$@" + DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS="${DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS:-} -p 0.0.0.0:2375:2375/tcp" + fi +fi + +if [ "$1" = 'dockerd' ]; then + # explicitly remove Docker's default PID file to ensure that it can start properly if it was stopped uncleanly (and thus didn't clean up the PID file) + find /run /var/run -iname 'docker*.pid' -delete || : + + if dockerd --version | grep -qF ' 20.10.'; then + set -- docker-init -- "$@" + fi + + if ! iptables -nL > /dev/null 2>&1; then + # if iptables fails to run, chances are high the necessary kernel modules aren't loaded (perhaps the host is using nftables with the translating "iptables" wrappers, for example) + # https://github.com/docker-library/docker/issues/350 + # https://github.com/moby/moby/issues/26824 + modprobe ip_tables || : + fi + + uid="$(id -u)" + if [ "$uid" != '0' ]; then + # if we're not root, we must be trying to run rootless + if ! command -v rootlesskit > /dev/null; then + echo >&2 "error: attempting to run rootless dockerd but missing 'rootlesskit' (perhaps the 'docker:dind-rootless' image variant is intended?)" + exit 1 + fi + user="$(id -un 2>/dev/null || :)" + if ! grep -qE "^($uid${user:+|$user}):" /etc/subuid || ! grep -qE "^($uid${user:+|$user}):" /etc/subgid; then + echo >&2 "error: attempting to run rootless dockerd but missing necessary entries in /etc/subuid and/or /etc/subgid for $uid" + exit 1 + fi + : "${XDG_RUNTIME_DIR:=/run/user/$uid}" + export XDG_RUNTIME_DIR + if ! mkdir -p "$XDG_RUNTIME_DIR" || [ ! -w "$XDG_RUNTIME_DIR" ] || ! mkdir -p "$HOME/.local/share/docker" || [ ! -w "$HOME/.local/share/docker" ]; then + echo >&2 "error: attempting to run rootless dockerd but need writable HOME ($HOME) and XDG_RUNTIME_DIR ($XDG_RUNTIME_DIR) for user $uid" + exit 1 + fi + if [ -f /proc/sys/kernel/unprivileged_userns_clone ] && unprivClone="$(cat /proc/sys/kernel/unprivileged_userns_clone)" && [ "$unprivClone" != '1' ]; then + echo >&2 "error: attempting to run rootless dockerd but need 'kernel.unprivileged_userns_clone' (/proc/sys/kernel/unprivileged_userns_clone) set to 1" + exit 1 + fi + if [ -f /proc/sys/user/max_user_namespaces ] && maxUserns="$(cat /proc/sys/user/max_user_namespaces)" && [ "$maxUserns" = '0' ]; then + echo >&2 "error: attempting to run rootless dockerd but need 'user.max_user_namespaces' (/proc/sys/user/max_user_namespaces) set to a sufficiently large value" + exit 1 + fi + # TODO overlay support detection? + exec rootlesskit \ + --net="${DOCKERD_ROOTLESS_ROOTLESSKIT_NET:-vpnkit}" \ + --mtu="${DOCKERD_ROOTLESS_ROOTLESSKIT_MTU:-1500}" \ + --disable-host-loopback \ + --port-driver=builtin \ + --copy-up=/etc \ + --copy-up=/run \ + ${DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS:-} \ + "$@" + elif [ -x '/usr/local/bin/dind' ]; then + # if we have the (mostly defunct now) Docker-in-Docker wrapper script, use it + set -- '/usr/local/bin/dind' "$@" + fi +else + # if it isn't `dockerd` we're trying to run, pass it through `docker-entrypoint.sh` so it gets `DOCKER_HOST` set appropriately too + set -- docker-entrypoint.sh "$@" +fi + +exec "$@" diff --git a/webtop/deepin/dde20/kasmvnc/root/usr/local/etc/kasmvnc/kasmvnc.yaml b/webtop/deepin/dde20/kasmvnc/root/usr/local/etc/kasmvnc/kasmvnc.yaml new file mode 100644 index 0000000..a4c751e --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/usr/local/etc/kasmvnc/kasmvnc.yaml @@ -0,0 +1,6 @@ +network: + ssl: + pem_certificate: ${HOME}/.vnc/self.pem + pem_key: ${HOME}/.vnc/self.pem + udp: + public_ip: 127.0.0.1 diff --git a/webtop/deepin/dde20/kasmvnc/root/usr/local/etc/kasmvnc/kasmvnc.yaml.lsio b/webtop/deepin/dde20/kasmvnc/root/usr/local/etc/kasmvnc/kasmvnc.yaml.lsio new file mode 100644 index 0000000..e27f114 --- /dev/null +++ b/webtop/deepin/dde20/kasmvnc/root/usr/local/etc/kasmvnc/kasmvnc.yaml.lsio @@ -0,0 +1,22 @@ +network: + protocol: http + interface: 0.0.0.0 + websocket_port: 6901 + use_ipv4: true + use_ipv6: true + udp: + public_ip: auto + port: auto + stun_server: auto + ssl: + pem_certificate: /config/ssl/cert.pem + pem_key: /config/ssl/cert.key + require_ssl: false + +logging: + log_writer_name: all + log_dest: logfile + level: 1 + +command_line: + prompt: false