From 2c627aa681b79964baf2447ca4cf592d54bd9957 Mon Sep 17 00:00:00 2001 From: Emin Muhammadi Date: Mon, 9 Jan 2023 00:27:37 +0100 Subject: [PATCH] Script updated --- Dockerfile | 39 +++++++++++++++++++----------- run.sh | 5 ++-- src/startup.sh | 57 +++++++++++++++++++++++++++++++++++++++++--- src/supervisord.conf | 2 ++ 4 files changed, 84 insertions(+), 19 deletions(-) diff --git a/Dockerfile b/Dockerfile index 07f40b3..c5e5958 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=amd64 ubuntu:jammy as winvnc_base +FROM ubuntu:jammy as winvnc_base USER root WORKDIR /root @@ -8,13 +8,15 @@ ENV DEBIAN_FRONTEND=noninteractive # Install base packages RUN apt-get update --fix-missing --install-recommends \ && apt-get install -y --fix-missing --install-recommends \ - # VNC packages - supervisor xfce4 xfce4-goodies x11vnc xvfb \ + # xfce4 desktop environment + supervisor xfce4 xfce4-goodies x11vnc xvfb xpra \ # OpenSSH server openssh-server openssh-client tzdata vim-tiny \ - gnupg gnupg2 gnupg1 wget tar curl gdm3\ + # Common packages + gnupg gnupg2 gnupg1 wget tar curl git build-essential bc\ + software-properties-common net-tools ca-certificates locales locales-all \ + python3 python3-pip python3-numpy\ # Install firefox - software-properties-common net-tools \ && add-apt-repository ppa:mozillateam/ppa \ && apt-get update --fix-missing --install-recommends \ && apt-get install -y --fix-missing --install-recommends \ @@ -23,8 +25,7 @@ RUN apt-get update --fix-missing --install-recommends \ && echo 'pref("browser.tabs.remote.autostart", false);' >> /etc/firefox/firefox.js \ && apt-get autoclean \ && apt-get autoremove \ - && rm -rf /var/lib/apt/lists/* \ - && dpkg-reconfigure gdm3 + && rm -rf /var/lib/apt/lists/* # Install WineHQ RUN dpkg --add-architecture i386 \ @@ -32,20 +33,30 @@ RUN dpkg --add-architecture i386 \ && wget -O /etc/apt/keyrings/winehq-archive.key https://dl.winehq.org/wine-builds/winehq.key \ && wget -NP /etc/apt/sources.list.d/ https://dl.winehq.org/wine-builds/ubuntu/dists/jammy/winehq-jammy.sources \ && apt-get update --fix-missing --install-recommends \ - && apt-get install -y --fix-missing --install-recommends winehq-stable winetricks \ + && apt-get install -y --fix-missing --install-recommends winehq-staging winetricks \ && apt-get autoclean \ && apt-get autoremove \ && rm -rf /var/lib/apt/lists/* +# GStreamer plugins +RUN apt-get update -y && \ + apt-get install -y --install-recommends \ + libgl1-mesa-glx libgl1-mesa-dri \ + gstreamer1.0-libav:i386 \ + gstreamer1.0-plugins-bad:i386 \ + gstreamer1.0-plugins-base:i386 \ + gstreamer1.0-plugins-good:i386 \ + gstreamer1.0-plugins-ugly:i386 \ + gstreamer1.0-pulseaudio:i386 \ + && apt-get autoclean \ + && apt-get autoremove \ + && rm -rf /var/lib/apt/lists/* \ + && pip3 install PyOpenGL PyOpenGL_accelerate + # Install noVNC ARG NOVNC_VERSION=1.4.0-beta ENV NOVNC_VERSION=${NOVNC_VERSION} RUN mkdir -p /root/.novnc \ - && apt-get update --fix-missing --install-recommends \ - && apt-get install -y --fix-missing --install-recommends git python3-numpy \ - && apt-get autoclean \ - && apt-get autoremove \ - && rm -rf /var/lib/apt/lists/* \ && wget https://github.com/novnc/noVNC/archive/refs/tags/v${NOVNC_VERSION}.tar.gz -O /root/.novnc/novnc.tar.gz \ && tar -xzf /root/.novnc/novnc.tar.gz -C /root/.novnc \ && rm /root/.novnc/novnc.tar.gz \ @@ -76,7 +87,7 @@ RUN sed -i 's/^#\(PermitRootLogin\) .*/\1 yes/' /etc/ssh/sshd_config \ && openssl req -x509 -nodes -days 3650 -newkey rsa:4096 \ -keyout /etc/ssl/certs/novnc.pem \ -out /etc/ssl/certs/novnc.pem \ - -subj "/C=US/ST=Denial/L=Springfield/O=winvnc/CN=localhost" + -subj "/C=US/ST=California/L=San Francisco/O=IT/CN=localhost" ADD ./src/supervisord.conf /root/supervisord.conf diff --git a/run.sh b/run.sh index 87264dd..e59d658 100644 --- a/run.sh +++ b/run.sh @@ -12,10 +12,11 @@ docker run -it --rm \ --name winvnc \ -p $HTTP_PORT:$HTTP_PORT/tcp \ -p $HTTPS_PORT:$HTTPS_PORT/tcp \ - --memory="1g" \ - --memory-swap="2g" \ + --memory="2g" \ + --memory-swap="3g" \ --cpus="1.0" \ -e VNC_PASSWORD=$random_password \ -e HTTP_PORT=$HTTP_PORT \ -e HTTPS_PORT=$HTTPS_PORT \ + --security-opt seccomp=unconfined \ winvnc:latest \ No newline at end of file diff --git a/src/startup.sh b/src/startup.sh index 265e79b..52f8329 100644 --- a/src/startup.sh +++ b/src/startup.sh @@ -1,14 +1,65 @@ #!/bin/bash +set -e + # Start SSH server mkdir -p /var/run/sshd # Start supervisord /usr/bin/supervisord -c /root/supervisord.conf -# Info -echo "winvnc running at http://0.0.0.0:$HTTP_PORT/vnc.html?password=$VNC_PASSWORD" -echo "winvnc running at https://0.0.0.0:$HTTPS_PORT/vnc.html?password=$VNC_PASSWORD" +for i in {1..10}; do + if [ $i -eq 10 ]; then + cat /var/log/sshd.err + exit 1 + fi + + if netstat -tulpn | grep :40022; then + break + fi + + sleep 1 +done + +for i in {1..10}; do + if [ $i -eq 10 ]; then + cat /var/log/x11vnc.err + cat /var/log/reverse_ssh.err + exit 1 + fi + + if netstat -tulpn | grep :45900; then + break + fi + + sleep 1 +done + +for i in {1..10}; do + if [ $i -eq 10 ]; then + cat /var/log/novnc_http.err + exit 1 + fi + + if netstat -tulpn | grep :$HTTP_PORT; then + echo "winvnc is available at http://$HOSTNAME:$HTTP_PORT/vnc.html?password=$VNC_PASSWORD" + break + fi + sleep 1 +done + +for i in {1..10}; do + if [ $i -eq 10 ]; then + cat /var/log/novnc_https.err + exit 1 + fi + + if netstat -tulpn | grep :$HTTPS_PORT; then + echo "winvnc is available at https://$HOSTNAME:$HTTPS_PORT/vnc.html?password=$VNC_PASSWORD" + break + fi + sleep 1 +done # Sleep forever while true; do sleep 1000; done \ No newline at end of file diff --git a/src/supervisord.conf b/src/supervisord.conf index 147defb..085f6ac 100644 --- a/src/supervisord.conf +++ b/src/supervisord.conf @@ -9,6 +9,8 @@ user=root autostart=true autorestart=true stopsignal=QUIT +stdout_logfile=/var/log/sshd.log +stderr_logfile=/var/log/sshd.err [program:startxfce4] priority=10