rdod/entrypoint.sh at master · mderasse/rdod · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#!/bin/bash

# ------------------------------------------------------------------------------
# Clean and Sync at boot
# ------------------------------------------------------------------------------
rm -rf $HOME/.vnc/*.pid &> /dev/null
rm -rf $HOME/.vnc/*.log &> /dev/null
rm -rf $HOME/.vnc/certs/*
rm -rf /tmp/.X*

rsync -a -v --ignore-existing /etc/skel/ $HOME/  &> /dev/null

if [ "$(stat -c '%U' $HOME)" = "root" ]; then
  echo "Docker-Compose: Please create the volume as user 1000 on the host"
  exit 1
fi
# ------------------------------------------------------------------------------

# ------------------------------------------------------------------------------
# Configure VNC passwd
# ------------------------------------------------------------------------------
VNC_RW_GENERATED=false
VNC_RO_GENERATED=false

if [ -f /run/secrets/VNC_RW_PASSWORD ]; then
  VNC_RW_PASSWORD=$(head -n 1 /run/secrets/VNC_RW_PASSWORD)
  if [ ${#VNC_RW_PASSWORD} -ge 7 ]; then
    echo "VNC Password only support password with less than 8 characters. Your RW Password is over that limit"
  fi
elif [ -z "$VNC_RW_PASSWORD" ]; then
  VNC_RW_GENERATED=true
  VNC_RW_PASSWORD=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 7)
fi

if [ -f /run/secrets/VNC_RO_PASSWORD ]; then
  VNC_RO_PASSWORD=$(head -n 1 /run/secrets/VNC_RO_PASSWORD)
  if [ ${#VNC_RO_PASSWORD} -ge 7 ]; then
    echo "VNC Password only support password with less than 8 characters. Your RO Password is over that limit"
  fi
elif [ -z "$VNC_RO_PASSWORD" ]; then
  VNC_RO_GENERATED=true
  VNC_RO_PASSWORD=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 7)
fi

echo $VNC_RW_PASSWORD | vncpasswd -f > $HOME/.vnc/passwd
echo $VNC_RO_PASSWORD | vncpasswd -f >> $HOME/.vnc/passwd
chmod 600 $HOME/.vnc/passwd
# ------------------------------------------------------------------------------

# ------------------------------------------------------------------------------
# Generate SSL if needed
# ------------------------------------------------------------------------------
if [ "$USE_SSL" = "true" ]; then
  openssl genrsa -out $HOME/.vnc/certs/privkey.pem 2048 &> /dev/null
  openssl req -new -key $HOME/.vnc/certs/privkey.pem -out $HOME/.vnc/certs/cert.csr -subj "/CN=$(hostname -f)" &> /dev/null
  openssl x509 -req -days 365 -in $HOME/.vnc/certs/cert.csr -signkey $HOME/.vnc/certs/privkey.pem -out $HOME/.vnc/certs/cert.crt &> /dev/null
  cat $HOME/.vnc/certs/privkey.pem > $HOME/.vnc/certs/fullcert.pem
  cat $HOME/.vnc/certs/cert.crt >> $HOME/.vnc/certs/fullcert.pem
  chmod -R 700 $HOME/.vnc/certs
  echo "+127.0.0.1/32" > $HOME/.vnc/hosts
  echo "-" >> $HOME/.vnc/hosts
fi
# ------------------------------------------------------------------------------

VNC_ADDRESS=$(hostname -i)
echo "----------- Connection Informations -----------"
echo " You can connect to rDoD with : "
echo "   - VNC Viewer: $VNC_ADDRESS:5901"

if [ "$USE_SSL" = "true" ]; then
  echo -e "   - noVNC: https://$VNC_ADDRESS:5911/\n"
else
  echo -e "   - noVNC: http://$VNC_ADDRESS:5911/\n"
fi

echo -e " Port might differ base on your docker configuration\n"

echo " Credentials: "
if [ "$VNC_RW_GENERATED" = "true" ]; then
  echo "   - VNC Read-Write Password: $VNC_RW_PASSWORD"
else
  echo "   - VNC Read-Write Password: ***************"
fi
if [ "$VNC_RO_GENERATED" = "true" ]; then
  echo "   - VNC Read-Only Password:  $VNC_RO_PASSWORD"
else
  echo "   - VNC Read-Only Password:  ***************"
fi
echo "-----------------------------------------------"

unset VNC_RW_PASSWORD
unset VNC_RO_PASSWORD

/usr/bin/supervisord --pidfile=$HOME/.vnc/supervisord.pid &> /dev/null