From a8cc861e831d796914f965ec5c6c5b1b59aa9118 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 12:48:11 +0000 Subject: [PATCH 01/30] Refactor KasmVNC Deployment --- kasmvnc/README.md | 2 +- kasmvnc/main.tf | 2 +- kasmvnc/run.sh | 203 +++++++++++++++++++++++----------------------- 3 files changed, 105 insertions(+), 102 deletions(-) diff --git a/kasmvnc/README.md b/kasmvnc/README.md index 3b7fe507..0639bf00 100644 --- a/kasmvnc/README.md +++ b/kasmvnc/README.md @@ -14,7 +14,7 @@ Automatically install [KasmVNC](https://kasmweb.com/kasmvnc) in a workspace, and ```tf module "kasmvnc" { source = "registry.coder.com/modules/kasmvnc/coder" - version = "1.0.22" + version = "1.0.23" agent_id = coder_agent.example.id desktop_environment = "xfce" } diff --git a/kasmvnc/main.tf b/kasmvnc/main.tf index 3a730ff5..4265f3c7 100644 --- a/kasmvnc/main.tf +++ b/kasmvnc/main.tf @@ -42,7 +42,7 @@ resource "coder_script" "kasm_vnc" { script = templatefile("${path.module}/run.sh", { PORT : var.port, DESKTOP_ENVIRONMENT : var.desktop_environment, - VERSION : var.kasm_version + KASM_VERSION : var.kasm_version }) run_on_start = true } diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index b8315376..60d21e85 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -1,6 +1,7 @@ #!/usr/bin/env bash -#!/bin/bash +# Exit on error, undefined variables, and pipe failures +set -euo pipefail # Function to check if vncserver is already installed check_installed() { @@ -14,55 +15,63 @@ check_installed() { # Function to download a file using wget, curl, or busybox as a fallback download_file() { - local url=$1 - local output=$2 - if command -v wget &> /dev/null; then - wget $url -O $output - elif command -v curl &> /dev/null; then - curl -fsSL $url -o $output + local url="$1" + local output="$2" + local download_tool + + if command -v curl &> /dev/null; then + download_tool="curl -fsSL" + elif command -v wget &> /dev/null; then + download_tool="wget -q -O-" elif command -v busybox &> /dev/null; then - busybox wget -O $output $url + download_tool="busybox wget -O-" else - echo "Neither wget, curl, nor busybox is installed. Please install one of them to proceed." + echo "ERROR: No download tool available (curl, wget, or busybox required)" exit 1 fi -} -# Function to install kasmvncserver for debian-based distros -install_deb() { - local url=$1 - download_file $url /tmp/kasmvncserver.deb - sudo apt-get update - DEBIAN_FRONTEND=noninteractive sudo apt-get install --yes -qq --no-install-recommends --no-install-suggests /tmp/kasmvncserver.deb - sudo adduser $USER ssl-cert - rm /tmp/kasmvncserver.deb + $download_tool "$url" > "$output" || { + echo "ERROR: Failed to download $url" + exit 1 + } } -# Function to install kasmvncserver for Oracle 8 -install_rpm_oracle8() { - local url=$1 - download_file $url /tmp/kasmvncserver.rpm - sudo dnf config-manager --set-enabled ol8_codeready_builder - sudo dnf install oracle-epel-release-el8 -y - sudo dnf localinstall /tmp/kasmvncserver.rpm -y - sudo usermod -aG kasmvnc-cert $USER - rm /tmp/kasmvncserver.rpm +# Add user to group using available commands +add_user_to_group() { + local user="$1" + local group="$2" + + if command -v usermod &> /dev/null; then + sudo usermod -aG "$group" "$user" + elif command -v adduser &> /dev/null; then + sudo adduser "$user" "$group" + else + echo "ERROR: At least one of 'adduser'(Debian) 'usermod'(RHEL) is required" + exit 1 + fi } -# Function to install kasmvncserver for CentOS 7 -install_rpm_centos7() { +# Function to install kasmvncserver for debian-based distros +install_deb() { local url=$1 - download_file $url /tmp/kasmvncserver.rpm - sudo yum install epel-release -y - sudo yum install /tmp/kasmvncserver.rpm -y - sudo usermod -aG kasmvnc-cert $USER - rm /tmp/kasmvncserver.rpm + download_file "$url" /tmp/kasmvncserver.deb + # Define the directory to check + CACHE_DIR="/var/lib/apt/lists/partial" + # Check if the directory exists and was modified in the last 60 minutes + if [ ! -d "$CACHE_DIR" ] || ! find "$CACHE_DIR" -mmin -60 -print -quit &>/dev/null; then + echo "Stale Package Cache, updating..." + # Update package cache with a 300-second timeout for dpkg lock + sudo apt-get -o DPkg::Lock::Timeout=300 -qq update + fi + DEBIAN_FRONTEND=noninteractive sudo apt-get -o DPkg::Lock::Timeout=300 install --yes -qq --no-install-recommends --no-install-suggests /tmp/kasmvncserver.deb + add_user_to_group "$USER" ssl-cert + rm /tmp/kasmvncserver.deb } # Function to install kasmvncserver for rpm-based distros install_rpm() { local url=$1 - download_file $url /tmp/kasmvncserver.rpm + download_file "$url" /tmp/kasmvncserver.rpm sudo rpm -i /tmp/kasmvncserver.rpm rm /tmp/kasmvncserver.rpm } @@ -70,87 +79,73 @@ install_rpm() { # Function to install kasmvncserver for Alpine Linux install_alpine() { local url=$1 - download_file $url /tmp/kasmvncserver.tgz + download_file "$url" /tmp/kasmvncserver.tgz tar -xzf /tmp/kasmvncserver.tgz -C /usr/local/bin/ rm /tmp/kasmvncserver.tgz } +# Check for sudo (required) +if ! command -v sudo &> /dev/null; then + echo "ERROR: Required command 'sudo' not found" + exit 1 +fi + # Detect system information -distro=$(grep "^ID=" /etc/os-release | awk -F= '{print $2}') -version=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') -arch=$(uname -m) +if [[ ! -f /etc/os-release ]]; then + echo "ERROR: Cannot detect OS: /etc/os-release not found" + exit 1 +fi + +# shellcheck disable=SC1091 +source /etc/os-release +distro="$ID" +distro_version="$VERSION_ID" +codename="$VERSION_CODENAME" +arch="$(uname -m)" +if [[ "$ID" == "ol" ]]; then + distro="oracle" + distro_version="$${distro_version%%.*}" +fi echo "Detected Distribution: $distro" -echo "Detected Version: $version" +echo "Detected Version: $distro_version" +echo "Detected Codename: $codename" echo "Detected Architecture: $arch" # Map arch to package arch -if [[ "$arch" == "x86_64" ]]; then - if [[ "$distro" == "ubuntu" || "$distro" == "debian" || "$distro" == "kali" ]]; then - arch="amd64" - else - arch="x86_64" - fi -elif [[ "$arch" == "aarch64" || "$arch" == "arm64" ]]; then - if [[ "$distro" == "ubuntu" || "$distro" == "debian" || "$distro" == "kali" ]]; then - arch="arm64" - else - arch="aarch64" - fi -else - echo "Unsupported architecture: $arch" - exit 1 -fi +case "$arch" in + x86_64) + [[ "$distro" =~ ^(ubuntu|debian|kali)$ ]] && arch="amd64" || arch="x86_64" + ;; + aarch64|arm64) + [[ "$distro" =~ ^(ubuntu|debian|kali)$ ]] && arch="arm64" || arch="aarch64" + ;; + *) + echo "ERROR: Unsupported architecture: $arch" + exit 1 + ;; +esac # Check if vncserver is installed, and install if not if ! check_installed; then - echo "Installing KASM version: ${VERSION}" + base_url="https://github.com/kasmtech/KasmVNC/releases/download/v${KASM_VERSION}" + + echo "Installing KASM version: ${KASM_VERSION}" case $distro in ubuntu | debian | kali) - case $version in - "20.04") - install_deb "https://github.com/kasmtech/KasmVNC/releases/download/v${VERSION}/kasmvncserver_focal_${VERSION}_$${arch}.deb" - ;; - "22.04") - install_deb "https://github.com/kasmtech/KasmVNC/releases/download/v${VERSION}/kasmvncserver_jammy_${VERSION}_$${arch}.deb" - ;; - "24.04") - install_deb "https://github.com/kasmtech/KasmVNC/releases/download/v${VERSION}/kasmvncserver_noble_${VERSION}_$${arch}.deb" - ;; - *) - echo "Unsupported Ubuntu/Debian/Kali version: $${version}" - exit 1 - ;; - esac + bin_name="kasmvncserver_$${codename}_${KASM_VERSION}_$${arch}.deb" + install_deb "$base_url/$bin_name" ;; - oracle) - if [[ "$version" == "8" ]]; then - install_rpm_oracle8 "https://github.com/kasmtech/KasmVNC/releases/download/v${VERSION}/kasmvncserver_oracle_8_${VERSION}_$${arch}.rpm" - else - echo "Unsupported Oracle version: $${version}" - exit 1 - fi - ;; - centos) - if [[ "$version" == "7" ]]; then - install_rpm_centos7 "https://github.com/kasmtech/KasmVNC/releases/download/v${VERSION}/kasmvncserver_centos_core_${VERSION}_$${arch}.rpm" - else - install_rpm "https://github.com/kasmtech/KasmVNC/releases/download/v${VERSION}/kasmvncserver_centos_core_${VERSION}_$${arch}.rpm" - fi + oracle | fedora | opensuse) + bin_name="kasmvncserver_$${distro}_$${distro_version}_${KASM_VERSION}_$${arch}.rpm" + install_rpm "$base_url/$bin_name" ;; alpine) - if [[ "$version" == "3.17" || "$version" == "3.18" || "$version" == "3.19" || "$version" == "3.20" ]]; then - install_alpine "https://github.com/kasmtech/KasmVNC/releases/download/v${VERSION}/kasmvnc.alpine_$${version}_$${arch}.tgz" - else - echo "Unsupported Alpine version: $${version}" - exit 1 - fi - ;; - fedora | opensuse) - install_rpm "https://github.com/kasmtech/KasmVNC/releases/download/v${VERSION}/kasmvncserver_$${distro}_$${version}_${VERSION}_$${arch}.rpm" + bin_name="kasmvnc.alpine_$${distro_version//./}_$${arch}.tgz" + install_alpine "$base_url/$bin_name" ;; *) - echo "Unsupported distribution: $${distro}" + echo "Unsupported distribution: $distro" exit 1 ;; esac @@ -159,7 +154,7 @@ else fi # Coder port-forwarding from dashboard only supports HTTP -sudo bash -c "cat > /etc/kasmvnc/kasmvnc.yaml < /dev/null << EOF network: protocol: http websocket_port: ${PORT} @@ -167,13 +162,21 @@ network: require_ssl: false udp: public_ip: 127.0.0.1 -EOF" +EOF # This password is not used since we start the server without auth. # The server is protected via the Coder session token / tunnel # and does not listen publicly -echo -e "password\npassword\n" | vncpasswd -wo -u $USER +echo -e "password\npassword\n" | vncpasswd -wo -u "$USER" # Start the server printf "🚀 Starting KasmVNC server...\n" -sudo -u $USER bash -c "vncserver -select-de ${DESKTOP_ENVIRONMENT} -disableBasicAuth" > /tmp/kasmvncserver.log 2>&1 & +# shellcheck disable=SC2024 +sudo -u "$USER" bash -c "vncserver -select-de ${DESKTOP_ENVIRONMENT} -disableBasicAuth" > /tmp/kasmvncserver.log 2>&1 & + +# Wait for server to start +sleep 5 +if ! pgrep -f vncserver > /dev/null; then + echo "ERROR: Failed to start KasmVNC server. Check logs at /tmp/kasmvncserver.log" + exit 1 +fi From 8213a5736793f60eab478dab7fd7c206bb03c160 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 13:00:29 +0000 Subject: [PATCH 02/30] Make Prettier happy --- kasmvnc/run.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 60d21e85..18e39e16 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -58,7 +58,7 @@ install_deb() { # Define the directory to check CACHE_DIR="/var/lib/apt/lists/partial" # Check if the directory exists and was modified in the last 60 minutes - if [ ! -d "$CACHE_DIR" ] || ! find "$CACHE_DIR" -mmin -60 -print -quit &>/dev/null; then + if [ ! -d "$CACHE_DIR" ] || ! find "$CACHE_DIR" -mmin -60 -print -quit &> /dev/null; then echo "Stale Package Cache, updating..." # Update package cache with a 300-second timeout for dpkg lock sudo apt-get -o DPkg::Lock::Timeout=300 -qq update @@ -117,7 +117,7 @@ case "$arch" in x86_64) [[ "$distro" =~ ^(ubuntu|debian|kali)$ ]] && arch="amd64" || arch="x86_64" ;; - aarch64|arm64) + aarch64 | arm64) [[ "$distro" =~ ^(ubuntu|debian|kali)$ ]] && arch="arm64" || arch="aarch64" ;; *) From 6d6e0dd9bc38b101a63c063752f058eac893c0a8 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 14:23:16 +0000 Subject: [PATCH 03/30] Run KasmVNC server as coder user --- kasmvnc/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 18e39e16..33cc1582 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -172,7 +172,7 @@ echo -e "password\npassword\n" | vncpasswd -wo -u "$USER" # Start the server printf "🚀 Starting KasmVNC server...\n" # shellcheck disable=SC2024 -sudo -u "$USER" bash -c "vncserver -select-de ${DESKTOP_ENVIRONMENT} -disableBasicAuth" > /tmp/kasmvncserver.log 2>&1 & +vncserver -select-de "${DESKTOP_ENVIRONMENT}" -disableBasicAuth > /tmp/kasmvncserver.log 2>&1 & # Wait for server to start sleep 5 From c59ba95975dac7f1ed8eedf64a15eb04809bf953 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 14:24:55 +0000 Subject: [PATCH 04/30] Coder supports ssl now and remove sudo requirement --- kasmvnc/run.sh | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 33cc1582..038558b2 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -153,13 +153,10 @@ else echo "vncserver already installed. Skipping installation." fi -# Coder port-forwarding from dashboard only supports HTTP -sudo tee /etc/kasmvnc/kasmvnc.yaml > /dev/null << EOF +tee "$HOME/.vnc/kasmvnc.yaml" > /dev/null << EOF network: protocol: http websocket_port: ${PORT} - ssl: - require_ssl: false udp: public_ip: 127.0.0.1 EOF From bb7d4388cf9fcf4ff11ba2a7093434946f254c81 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 14:25:31 +0000 Subject: [PATCH 05/30] Require sudo to install only --- kasmvnc/run.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 038558b2..5cbdd798 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -84,12 +84,6 @@ install_alpine() { rm /tmp/kasmvncserver.tgz } -# Check for sudo (required) -if ! command -v sudo &> /dev/null; then - echo "ERROR: Required command 'sudo' not found" - exit 1 -fi - # Detect system information if [[ ! -f /etc/os-release ]]; then echo "ERROR: Cannot detect OS: /etc/os-release not found" @@ -128,6 +122,12 @@ esac # Check if vncserver is installed, and install if not if ! check_installed; then + # Check for sudo (required) + if ! command -v sudo &> /dev/null; then + echo "ERROR: Required command 'sudo' not found" + exit 1 + fi + base_url="https://github.com/kasmtech/KasmVNC/releases/download/v${KASM_VERSION}" echo "Installing KASM version: ${KASM_VERSION}" From 10a86bdfe998534f41ec5912914f6267cab333a0 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 14:28:54 +0000 Subject: [PATCH 06/30] Re-add SSL Req --- kasmvnc/run.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 5cbdd798..4d6adc81 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -157,6 +157,8 @@ tee "$HOME/.vnc/kasmvnc.yaml" > /dev/null << EOF network: protocol: http websocket_port: ${PORT} + ssl: + require_ssl: false udp: public_ip: 127.0.0.1 EOF From 46bbcb973d809c4b5b53af8e09477fe45b525116 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 14:40:28 +0000 Subject: [PATCH 07/30] Alert KasmVNC started successfully --- kasmvnc/run.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 4d6adc81..add16775 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -179,3 +179,4 @@ if ! pgrep -f vncserver > /dev/null; then echo "ERROR: Failed to start KasmVNC server. Check logs at /tmp/kasmvncserver.log" exit 1 fi +printf "🚀 Starting KasmVNC server started successfully!\n" From 30e6bed8a01c6cb24900c96204ab4df4296b4176 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 14:41:03 +0000 Subject: [PATCH 08/30] Remove unneeded shellcheck directive --- kasmvnc/run.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index add16775..36b74fd8 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -170,7 +170,6 @@ echo -e "password\npassword\n" | vncpasswd -wo -u "$USER" # Start the server printf "🚀 Starting KasmVNC server...\n" -# shellcheck disable=SC2024 vncserver -select-de "${DESKTOP_ENVIRONMENT}" -disableBasicAuth > /tmp/kasmvncserver.log 2>&1 & # Wait for server to start From 4d831b4776df9dd58daade6a78a677c7dc2a279f Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 14:41:33 +0000 Subject: [PATCH 09/30] Override kasm ssl certificate directives --- kasmvnc/run.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 36b74fd8..7297c952 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -159,6 +159,8 @@ network: websocket_port: ${PORT} ssl: require_ssl: false + pem_certificate: + pem_key: udp: public_ip: 127.0.0.1 EOF From 9c3904dfbfde261df0ab4259a9c6f7df44512ecd Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 18:11:25 +0000 Subject: [PATCH 10/30] Handle Fedora Distro Version --- kasmvnc/run.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 7297c952..2f69a077 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -99,6 +99,8 @@ arch="$(uname -m)" if [[ "$ID" == "ol" ]]; then distro="oracle" distro_version="$${distro_version%%.*}" +elif [[ "$ID" == "fedora" ]]; then + distro_version="$(grep -oP '\(\K[\w ]+' /etc/fedora-release | tr '[:upper:]' '[:lower:]' | tr -d ' ')" fi echo "Detected Distribution: $distro" From 4a72b2e2db722042a0b33fa53d124aad64768e84 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 18:20:50 +0000 Subject: [PATCH 11/30] Improve readability fo amd64 check --- kasmvnc/run.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 2f69a077..696ca88e 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -111,7 +111,9 @@ echo "Detected Architecture: $arch" # Map arch to package arch case "$arch" in x86_64) - [[ "$distro" =~ ^(ubuntu|debian|kali)$ ]] && arch="amd64" || arch="x86_64" + if [[ "$distro" =~ ^(ubuntu|debian|kali)$ ]]; then + arch="amd64" + fi ;; aarch64 | arm64) [[ "$distro" =~ ^(ubuntu|debian|kali)$ ]] && arch="arm64" || arch="aarch64" From a2d8e72f407f0f8f0ad656677e5b84bbafdfcaa9 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 18:29:00 +0000 Subject: [PATCH 12/30] Bash Array for download command --- kasmvnc/run.sh | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 696ca88e..f73e9788 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -20,17 +20,21 @@ download_file() { local download_tool if command -v curl &> /dev/null; then - download_tool="curl -fsSL" + # shellcheck disable=SC2034 + download_tool=(curl -fsSL) elif command -v wget &> /dev/null; then - download_tool="wget -q -O-" + # shellcheck disable=SC2034 + download_tool=(wget -q -O-) elif command -v busybox &> /dev/null; then - download_tool="busybox wget -O-" + # shellcheck disable=SC2034 + download_tool=(busybox wget -O-) else echo "ERROR: No download tool available (curl, wget, or busybox required)" exit 1 fi - $download_tool "$url" > "$output" || { + # shellcheck disable=SC2288 + "$${download_tool[@]}" "$url" > "$output" || { echo "ERROR: Failed to download $url" exit 1 } From 026a5bc5221281bfe7fea6b4a6c0a431a416cc40 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 18:30:24 +0000 Subject: [PATCH 13/30] Don't mention distro --- kasmvnc/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index f73e9788..d2a1cdb2 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -50,7 +50,7 @@ add_user_to_group() { elif command -v adduser &> /dev/null; then sudo adduser "$user" "$group" else - echo "ERROR: At least one of 'adduser'(Debian) 'usermod'(RHEL) is required" + echo "ERROR: At least one of 'adduser' or 'usermod' is required" exit 1 fi } From 4fc9f6d33909497edfee2fcd2c310e165a3cf957 Mon Sep 17 00:00:00 2001 From: djarbz <30350993+djarbz@users.noreply.github.com> Date: Thu, 24 Oct 2024 13:31:12 -0500 Subject: [PATCH 14/30] Bracket Consistency Co-authored-by: Mathias Fredriksson --- kasmvnc/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index d2a1cdb2..d354e11f 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -62,7 +62,7 @@ install_deb() { # Define the directory to check CACHE_DIR="/var/lib/apt/lists/partial" # Check if the directory exists and was modified in the last 60 minutes - if [ ! -d "$CACHE_DIR" ] || ! find "$CACHE_DIR" -mmin -60 -print -quit &> /dev/null; then + if [[ ! -d "$CACHE_DIR" ]] || ! find "$CACHE_DIR" -mmin -60 -print -quit &> /dev/null; then echo "Stale Package Cache, updating..." # Update package cache with a 300-second timeout for dpkg lock sudo apt-get -o DPkg::Lock::Timeout=300 -qq update From d418c81bd610bbf782862f3d054f2719424e7010 Mon Sep 17 00:00:00 2001 From: djarbz <30350993+djarbz@users.noreply.github.com> Date: Thu, 24 Oct 2024 13:31:37 -0500 Subject: [PATCH 15/30] Naming cleanup Co-authored-by: Mathias Fredriksson --- kasmvnc/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index d354e11f..5e75331e 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -63,7 +63,7 @@ install_deb() { CACHE_DIR="/var/lib/apt/lists/partial" # Check if the directory exists and was modified in the last 60 minutes if [[ ! -d "$CACHE_DIR" ]] || ! find "$CACHE_DIR" -mmin -60 -print -quit &> /dev/null; then - echo "Stale Package Cache, updating..." + echo "Stale package cache, updating..." # Update package cache with a 300-second timeout for dpkg lock sudo apt-get -o DPkg::Lock::Timeout=300 -qq update fi From c4f88fa5f3038965855ac310dfb5d75383ca3d3a Mon Sep 17 00:00:00 2001 From: djarbz <30350993+djarbz@users.noreply.github.com> Date: Thu, 24 Oct 2024 13:33:41 -0500 Subject: [PATCH 16/30] cat vs tee Co-authored-by: Mathias Fredriksson --- kasmvnc/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 5e75331e..5a5a90a0 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -161,7 +161,7 @@ else echo "vncserver already installed. Skipping installation." fi -tee "$HOME/.vnc/kasmvnc.yaml" > /dev/null << EOF +cat < "$HOME/.vnc/kasmvnc.yaml" network: protocol: http websocket_port: ${PORT} From 52ba74c3e6567fec1f1ba41a235e253684def8c9 Mon Sep 17 00:00:00 2001 From: djarbz <30350993+djarbz@users.noreply.github.com> Date: Thu, 24 Oct 2024 13:35:52 -0500 Subject: [PATCH 17/30] Update wording Co-authored-by: Mathias Fredriksson --- kasmvnc/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 5a5a90a0..c8c12315 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -188,4 +188,4 @@ if ! pgrep -f vncserver > /dev/null; then echo "ERROR: Failed to start KasmVNC server. Check logs at /tmp/kasmvncserver.log" exit 1 fi -printf "🚀 Starting KasmVNC server started successfully!\n" +printf "🚀 KasmVNC server started successfully!\n" From d619e6570b143c1376f00a65973048adb52d6115 Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 18:37:03 +0000 Subject: [PATCH 18/30] Print logs on failure --- kasmvnc/run.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index c8c12315..cf079641 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -186,6 +186,7 @@ vncserver -select-de "${DESKTOP_ENVIRONMENT}" -disableBasicAuth > /tmp/kasmvncse sleep 5 if ! pgrep -f vncserver > /dev/null; then echo "ERROR: Failed to start KasmVNC server. Check logs at /tmp/kasmvncserver.log" + grep -v '^[[:space:]]*$' /tmp/kasmvncserver.log exit 1 fi printf "🚀 KasmVNC server started successfully!\n" From eff921ecd0a2b7ea7db41c975f297bcef7a3bcbb Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 18:37:56 +0000 Subject: [PATCH 19/30] Portability of checking server status --- kasmvnc/run.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index cf079641..117b5c00 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -181,10 +181,11 @@ echo -e "password\npassword\n" | vncpasswd -wo -u "$USER" # Start the server printf "🚀 Starting KasmVNC server...\n" vncserver -select-de "${DESKTOP_ENVIRONMENT}" -disableBasicAuth > /tmp/kasmvncserver.log 2>&1 & +pid=$! # Wait for server to start sleep 5 -if ! pgrep -f vncserver > /dev/null; then +if ps -p $pid | grep -q "^$pid"; then echo "ERROR: Failed to start KasmVNC server. Check logs at /tmp/kasmvncserver.log" grep -v '^[[:space:]]*$' /tmp/kasmvncserver.log exit 1 From eb974cb43cc01917322c4ce40ef518d09c75a94f Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 19:16:44 +0000 Subject: [PATCH 20/30] dnf localinstall --- kasmvnc/run.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 117b5c00..c4ac311f 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -76,7 +76,7 @@ install_deb() { install_rpm() { local url=$1 download_file "$url" /tmp/kasmvncserver.rpm - sudo rpm -i /tmp/kasmvncserver.rpm + sudo dnf localinstall /tmp/kasmvncserver.rpm rm /tmp/kasmvncserver.rpm } @@ -116,7 +116,7 @@ echo "Detected Architecture: $arch" case "$arch" in x86_64) if [[ "$distro" =~ ^(ubuntu|debian|kali)$ ]]; then - arch="amd64" + arch="amd64" fi ;; aarch64 | arm64) @@ -161,7 +161,7 @@ else echo "vncserver already installed. Skipping installation." fi -cat < "$HOME/.vnc/kasmvnc.yaml" +cat << EOF > "$HOME/.vnc/kasmvnc.yaml" network: protocol: http websocket_port: ${PORT} From f3a0f98c29dac06f850296d0b9fe1fc2605265fc Mon Sep 17 00:00:00 2001 From: default Date: Thu, 24 Oct 2024 19:27:32 +0000 Subject: [PATCH 21/30] Show up to 10 lines of log --- kasmvnc/run.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index c4ac311f..46d4dc12 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -185,9 +185,9 @@ pid=$! # Wait for server to start sleep 5 +grep -v '^[[:space:]]*$' /tmp/kasmvncserver.log | tail -n 10 if ps -p $pid | grep -q "^$pid"; then - echo "ERROR: Failed to start KasmVNC server. Check logs at /tmp/kasmvncserver.log" - grep -v '^[[:space:]]*$' /tmp/kasmvncserver.log + echo "ERROR: Failed to start KasmVNC server. Check full logs at /tmp/kasmvncserver.log" exit 1 fi printf "🚀 KasmVNC server started successfully!\n" From ab96d933cd4cb7b1ed2941b3fc540df702170f19 Mon Sep 17 00:00:00 2001 From: default Date: Fri, 25 Oct 2024 13:23:59 +0000 Subject: [PATCH 22/30] Cleanup Package Install --- kasmvnc/run.sh | 54 ++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 44 insertions(+), 10 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 46d4dc12..0c06e8c4 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -58,8 +58,10 @@ add_user_to_group() { # Function to install kasmvncserver for debian-based distros install_deb() { local url=$1 - download_file "$url" /tmp/kasmvncserver.deb - # Define the directory to check + local kasmdeb="/tmp/kasmvncserver.deb" + + download_file "$url" "$kasmdeb" + CACHE_DIR="/var/lib/apt/lists/partial" # Check if the directory exists and was modified in the last 60 minutes if [[ ! -d "$CACHE_DIR" ]] || ! find "$CACHE_DIR" -mmin -60 -print -quit &> /dev/null; then @@ -67,25 +69,57 @@ install_deb() { # Update package cache with a 300-second timeout for dpkg lock sudo apt-get -o DPkg::Lock::Timeout=300 -qq update fi - DEBIAN_FRONTEND=noninteractive sudo apt-get -o DPkg::Lock::Timeout=300 install --yes -qq --no-install-recommends --no-install-suggests /tmp/kasmvncserver.deb + + DEBIAN_FRONTEND=noninteractive sudo apt-get -o DPkg::Lock::Timeout=300 install --yes -qq --no-install-recommends --no-install-suggests "$kasmdeb" + rm "$kasmdeb" + add_user_to_group "$USER" ssl-cert - rm /tmp/kasmvncserver.deb } # Function to install kasmvncserver for rpm-based distros install_rpm() { local url=$1 - download_file "$url" /tmp/kasmvncserver.rpm - sudo dnf localinstall /tmp/kasmvncserver.rpm - rm /tmp/kasmvncserver.rpm + local kasmrpm="/tmp/kasmvncserver.rpm" + local package_manager + + if command -v dnf &> /dev/null; then + # shellcheck disable=SC2034 + package_manager=(dnf localinstall -y) + elif command -v zypper &> /dev/null; then + # shellcheck disable=SC2034 + package_manager=(zypper install -y) + elif command -v yum &> /dev/null; then + # shellcheck disable=SC2034 + package_manager=(yum localinstall -y) + elif command -v rpm &> /dev/null; then + # Do we need to manually handle missing dependencies? + # shellcheck disable=SC2034 + package_manager=(rpm -i) + else + echo "ERROR: No supported package manager available (dnf, zypper, yum, or rpm required)" + exit 1 + fi + + download_file "$url" "$kasmrpm" + + # shellcheck disable=SC2288 + sudo "$${package_manager[@]}" "$kasmrpm" || { + echo "ERROR: Failed to install $kasmrpm" + exit 1 + } + + rm "$kasmrpm" } # Function to install kasmvncserver for Alpine Linux install_alpine() { local url=$1 - download_file "$url" /tmp/kasmvncserver.tgz - tar -xzf /tmp/kasmvncserver.tgz -C /usr/local/bin/ - rm /tmp/kasmvncserver.tgz + local kasmtgz="/tmp/kasmvncserver.tgz" + + download_file "$url" "$kasmtgz" + + tar -xzf "$kasmtgz" -C /usr/local/bin/ + rm "$kasmtgz" } # Detect system information From ebc57a1dcbb613a82a53efc085236d60e443c87a Mon Sep 17 00:00:00 2001 From: default Date: Fri, 25 Oct 2024 13:25:26 +0000 Subject: [PATCH 23/30] We don't use SSL Certificates --- kasmvnc/run.sh | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 0c06e8c4..5406c38e 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -40,21 +40,6 @@ download_file() { } } -# Add user to group using available commands -add_user_to_group() { - local user="$1" - local group="$2" - - if command -v usermod &> /dev/null; then - sudo usermod -aG "$group" "$user" - elif command -v adduser &> /dev/null; then - sudo adduser "$user" "$group" - else - echo "ERROR: At least one of 'adduser' or 'usermod' is required" - exit 1 - fi -} - # Function to install kasmvncserver for debian-based distros install_deb() { local url=$1 @@ -72,8 +57,6 @@ install_deb() { DEBIAN_FRONTEND=noninteractive sudo apt-get -o DPkg::Lock::Timeout=300 install --yes -qq --no-install-recommends --no-install-suggests "$kasmdeb" rm "$kasmdeb" - - add_user_to_group "$USER" ssl-cert } # Function to install kasmvncserver for rpm-based distros @@ -117,7 +100,7 @@ install_alpine() { local kasmtgz="/tmp/kasmvncserver.tgz" download_file "$url" "$kasmtgz" - + tar -xzf "$kasmtgz" -C /usr/local/bin/ rm "$kasmtgz" } From 86b48dd20a836d40e278bd9e3ac70980e39c518f Mon Sep 17 00:00:00 2001 From: default Date: Fri, 25 Oct 2024 14:15:09 +0000 Subject: [PATCH 24/30] Prefer /etc instead of /home for Kasm Config --- kasmvnc/run.sh | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 5406c38e..3dedd19f 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -147,9 +147,9 @@ esac # Check if vncserver is installed, and install if not if ! check_installed; then - # Check for sudo (required) - if ! command -v sudo &> /dev/null; then - echo "ERROR: Required command 'sudo' not found" + # Check for NOPASSWD sudo (required) + if ! command -v sudo &>/dev/null || ! sudo -n true 2>/dev/null; then + echo "ERROR: sudo NOPASSWD access required!" exit 1 fi @@ -178,7 +178,19 @@ else echo "vncserver already installed. Skipping installation." fi -cat << EOF > "$HOME/.vnc/kasmvnc.yaml" +if command -v sudo &>/dev/null && sudo -n true 2>/dev/null; then + kasm_config_file="/etc/kasmvnc/kasmvnc.yaml" + SUDO=sudo +else + kasm_config_file="$HOME/.vnc/kasmvnc.yaml" + SUDO= + mkdir -p "$HOME/.vnc" + echo "WARNING: Sudo access not available, using user config dir!" + echo "WARNING: This may prevent custom user KasmVNC settings from applying!" +fi + +echo "Writing KasmVNC config to $kasm_config_file" +$SUDO tee "$kasm_config_file" > /dev/null < Date: Fri, 25 Oct 2024 14:16:28 +0000 Subject: [PATCH 25/30] Prettier formatting --- kasmvnc/run.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 3dedd19f..db6e469c 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -46,7 +46,7 @@ install_deb() { local kasmdeb="/tmp/kasmvncserver.deb" download_file "$url" "$kasmdeb" - + CACHE_DIR="/var/lib/apt/lists/partial" # Check if the directory exists and was modified in the last 60 minutes if [[ ! -d "$CACHE_DIR" ]] || ! find "$CACHE_DIR" -mmin -60 -print -quit &> /dev/null; then @@ -148,7 +148,7 @@ esac # Check if vncserver is installed, and install if not if ! check_installed; then # Check for NOPASSWD sudo (required) - if ! command -v sudo &>/dev/null || ! sudo -n true 2>/dev/null; then + if ! command -v sudo &> /dev/null || ! sudo -n true 2> /dev/null; then echo "ERROR: sudo NOPASSWD access required!" exit 1 fi @@ -178,7 +178,7 @@ else echo "vncserver already installed. Skipping installation." fi -if command -v sudo &>/dev/null && sudo -n true 2>/dev/null; then +if command -v sudo &> /dev/null && sudo -n true 2> /dev/null; then kasm_config_file="/etc/kasmvnc/kasmvnc.yaml" SUDO=sudo else @@ -190,7 +190,7 @@ else fi echo "Writing KasmVNC config to $kasm_config_file" -$SUDO tee "$kasm_config_file" > /dev/null < /dev/null << EOF network: protocol: http websocket_port: ${PORT} From 41baf485b61cdec33645673984a277b38414ddd0 Mon Sep 17 00:00:00 2001 From: default Date: Fri, 25 Oct 2024 14:37:48 +0000 Subject: [PATCH 26/30] Do not overwrite custom user config --- kasmvnc/run.sh | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index db6e469c..9945113d 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -184,9 +184,17 @@ if command -v sudo &> /dev/null && sudo -n true 2> /dev/null; then else kasm_config_file="$HOME/.vnc/kasmvnc.yaml" SUDO= - mkdir -p "$HOME/.vnc" + echo "WARNING: Sudo access not available, using user config dir!" - echo "WARNING: This may prevent custom user KasmVNC settings from applying!" + + if [[ -f "$kasm_config_file" ]]; then + echo "WARNING: Custom user KasmVNC config exists, not overwriting!" + echo "WARNIGN: Ensure that you manually configure the appropriate settings." + kasm_config_file="/dev/stderr" + else + echo "WARNING: This may prevent custom user KasmVNC settings from applying!" + mkdir -p "$HOME/.vnc" + fi fi echo "Writing KasmVNC config to $kasm_config_file" From 7d7c7e83698f6a838036e31c9bd110ece634d7f4 Mon Sep 17 00:00:00 2001 From: default Date: Fri, 25 Oct 2024 14:42:59 +0000 Subject: [PATCH 27/30] Prettier Format --- kasmvnc/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 9945113d..def5f89a 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -186,7 +186,7 @@ else SUDO= echo "WARNING: Sudo access not available, using user config dir!" - + if [[ -f "$kasm_config_file" ]]; then echo "WARNING: Custom user KasmVNC config exists, not overwriting!" echo "WARNIGN: Ensure that you manually configure the appropriate settings." From f35b53533364074bca9a20cd7d3cd15466c15106 Mon Sep 17 00:00:00 2001 From: default Date: Fri, 25 Oct 2024 14:45:56 +0000 Subject: [PATCH 28/30] Fix Typo --- kasmvnc/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index def5f89a..55540ff3 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -189,7 +189,7 @@ else if [[ -f "$kasm_config_file" ]]; then echo "WARNING: Custom user KasmVNC config exists, not overwriting!" - echo "WARNIGN: Ensure that you manually configure the appropriate settings." + echo "WARNING: Ensure that you manually configure the appropriate settings." kasm_config_file="/dev/stderr" else echo "WARNING: This may prevent custom user KasmVNC settings from applying!" From a0373c01b2d6875f011568868de59d74f82f290c Mon Sep 17 00:00:00 2001 From: default Date: Fri, 25 Oct 2024 15:35:11 +0000 Subject: [PATCH 29/30] Cleanup architecture mapping --- kasmvnc/run.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 55540ff3..13726841 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -136,8 +136,13 @@ case "$arch" in arch="amd64" fi ;; - aarch64 | arm64) - [[ "$distro" =~ ^(ubuntu|debian|kali)$ ]] && arch="arm64" || arch="aarch64" + aarch64) + if [[ "$distro" =~ ^(ubuntu|debian|kali)$ ]]; then + arch="arm64" + fi + ;; + arm64) + : # This is effectively a noop ;; *) echo "ERROR: Unsupported architecture: $arch" From ccf299b7294d57e8a9b091675b29ae28968864d3 Mon Sep 17 00:00:00 2001 From: default Date: Fri, 25 Oct 2024 15:38:44 +0000 Subject: [PATCH 30/30] Prettier Format --- kasmvnc/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kasmvnc/run.sh b/kasmvnc/run.sh index 13726841..c285b050 100644 --- a/kasmvnc/run.sh +++ b/kasmvnc/run.sh @@ -142,7 +142,7 @@ case "$arch" in fi ;; arm64) - : # This is effectively a noop + : # This is effectively a noop ;; *) echo "ERROR: Unsupported architecture: $arch"