This commit is contained in:
Brian Zalewski 2023-06-28 07:19:01 +00:00
parent df0f479f94
commit d6e9d2d434
4 changed files with 177 additions and 6 deletions

View file

@ -29,17 +29,30 @@ if [ -d /Applications ] && [ -d /System ]; then
else
# System is Linux
### VNC set-up / configuration
if command -v vncpasswd > /dev/null; then
# TigerVNC (or alternative VNC program) is installed
logg info 'Copying VNC configuration files from ~/.config/vnc/etc to /'
sudo cp -Rf "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/etc" /
# KasmVNC / TigerVNC (or alternative VNC program) is installed
# if command -v kasmvncpasswd > /dev/null; then
# logg info 'Copying VNC configuration files from ~/.config/vnc/etc/kasmvnc/ to /etc/'
# sudo cp -Rf "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/etc/kasmvnc/" /etc/
# logg info 'Adding VNC full-control password to ~/.config/vnc/kasmpasswd'
# echo -e "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_PASSWORD")) }}{{ includeTemplate "secrets/VNC_PASSWORD" | decrypt | trim }}{{ else }}{{ default "vncpass" (env "VNC_PASSWORD") }}{{ end }}\n{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_PASSWORD")) }}{{ includeTemplate "secrets/VNC_PASSWORD" | decrypt | trim }}{{ else }}{{ default "vncpass" (env "VNC_PASSWORD") }}{{ end }}" | kasmvncpasswd -u {{ .user.name }} -rwo
# logg info 'Adding VNC read-only password to ~/.config/vnc/kasmpasswd for user `readonly`'
# echo -e "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_READ_PASSWORD")) }}{{ includeTemplate "secrets/VNC_READ_PASSWORD" | decrypt | trim }}{{ else }}{{ default "readonly" (env "VNC_READ_PASSWORD") }}{{ end }}\n{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_READ_PASSWORD")) }}{{ includeTemplate "secrets/VNC_READ_PASSWORD" | decrypt | trim }}{{ else }}{{ default "readonly" (env "VNC_READ_PASSWORD") }}{{ end }}" | kasmvncpasswd -u guest -r
# logg info 'Reloading the systemctl configuration files since a new one for VNC may have been added'
# sudo systemctl daemon-reload
# logg info 'Enabling / starting the VNC service for the current user / display 1'
# sudo systemctl start vncserver@1
# sudo systemctl enable vncserver@1
# fi
if command -v tigervncpasswd > /dev/null; then
if [ ! -d "${XDG_CONFIG_HOME:-$HOME/.config}/vnc" ]; then
mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/vnc"
fi
logg info 'Copying VNC configuration files from ~/.config/vnc/etc/tigervnc/ to /etc/'
sudo cp -Rf "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/etc/tigervnc/" /etc/
logg info 'Adding VNC full-control password to ~/.config/vnc/passwd'
echo -n "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_PASSWORD")) }}{{ includeTemplate "secrets/VNC_PASSWORD" | decrypt | trim }}{{ else }}{{ default "vncpass" (env "VNC_PASSWORD") }}{{ end }}" | vncpasswd -f > "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/passwd"
echo -n "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_PASSWORD")) }}{{ includeTemplate "secrets/VNC_PASSWORD" | decrypt | trim }}{{ else }}{{ default "vncpass" (env "VNC_PASSWORD") }}{{ end }}" | tigervncpasswd -f > "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/passwd"
logg info 'Adding VNC read-only password to ~/.config/vnc/passwd'
echo -n "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_READ_PASSWORD")) }}{{ includeTemplate "secrets/VNC_READ_PASSWORD" | decrypt | trim }}{{ else }}{{ default "readonly" (env "VNC_READ_PASSWORD") }}{{ end }}" | vncpasswd -f >> "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/passwd"
echo -n "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_READ_PASSWORD")) }}{{ includeTemplate "secrets/VNC_READ_PASSWORD" | decrypt | trim }}{{ else }}{{ default "readonly" (env "VNC_READ_PASSWORD") }}{{ end }}" | tigervncpasswd -f >> "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/passwd"
logg info 'Reloading the systemctl configuration files since a new one for VNC may have been added'
sudo systemctl daemon-reload
logg info 'Enabling / starting the VNC service for the current user / display 1'

View file

@ -0,0 +1,12 @@
{{- if (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "DIGITALOCEAN_ACCESS_TOKEN")) (env "DIGITALOCEAN_ACCESS_TOKEN")) -}}
#!/usr/bin/env bash
# @file Kasm Workspaces
# @brief Connects to DigitalOcean Kubernetes cluster
# @description
# This script runs when `DIGITALOCEAN_ACCESS_TOKEN` is defined as an environment variable or as an encrypted key (see
# [Secrets documentation](https://install.doctor/docs/customization/secrets#encrypted-secrets)). If the check passes,
# then the script ensures the DigitalOcean CLI is installed (i.e. `doctl`). Then, it uses `doctl` to connect to the Kubernetes
# cluster defined by the the configuration stored under `.user.digitalOceanClusterId` in `home/.chezmoi.yaml.tmpl`.
{{ includeTemplate "universal/profile" }}
{{ includeTemplate "universal/logg" }}

View file

@ -0,0 +1,143 @@
---
desktop:
resolution:
width: 1024
height: 768
# allow_resize: true
# pixel_depth: 24
# gpu:
# hw3d: false
# drinode: /dev/dri/renderD128
# network:
# protocol: httpecho -e "test123\ntest123" | kasmvncpasswd -u user -rwo
# interface: 0.0.0.0
# websocket_port: auto
# use_ipv4: true
# use_ipv6: true
# udp:
# public_ip: auto
# port: auto
# stun_server: auto
# ssl:
# pem_certificate: /etc/ssl/certs/ssl-cert-snakeoil.pem
# pem_key: /etc/ssl/private/ssl-cert-snakeoil.key
# require_ssl: true
# user_session:
# # session_type: shared
# new_session_disconnects_existing_exclusive_session: false
# concurrent_connections_prompt: false
# concurrent_connections_prompt_timeout: 10
# idle_timeout: never
# keyboard:
# remap_keys:
# # - 0x22->0x40
# ignore_numlock: false
# raw_keyboard: false
# Mouse, trackpad, etc.
# pointer:
# enabled: true
# runtime_configuration:
# allow_client_to_override_kasm_server_settings: true
# allow_override_standard_vnc_server_settings: true
# allow_override_list:
# - pointer.enabled
# - data_loss_prevention.clipboard.server_to_client.enabled
# - data_loss_prevention.clipboard.client_to_server.enabled
# - data_loss_prevention.clipboard.server_to_client.primary_clipboard_enabled
# logging:
# log_writer_name: all
# log_dest: logfile
# # 0 - minimal verbosity, 100 - most verbose
# level: 30
# security:
# brute_force_protection:
# blacklist_threshold: 5
# blacklist_timeout: 10
# data_loss_prevention:
# visible_region:
# # top: 10
# # left: 10
# # right: 40
# # bottom: 40
# concealed_region:
# allow_click_down: false
# allow_click_release: false
# clipboard:
# delay_between_operations: none
# allow_mimetypes:
# - chromium/x-web-custom-data
# - text/html
# - image/png
# # Add to docs: Cut buffers and CLIPBOARD selection.
# server_to_client:
# enabled: true
# size: unlimited
# primary_clipboard_enabled: false
# client_to_server:
# enabled: true
# size: unlimited
# keyboard:
# enabled: true
# rate_limit: unlimited
# watermark:
# # image: /etc/kasmvnc/picture.png
# # location: 10,10
# # tint: 255,20,20,128
# # repeat_spacing: 10
# logging:
# # "verbose" SETTING LOGS YOUR PRIVATE INFORMATION. Keypresses and clipboard content
# level: off
# encoding:
# max_frame_rate: 60
# full_frame_updates: none
# rect_encoding_mode:
# min_quality: 7
# max_quality: 8
# consider_lossless_quality: 10
# rectangle_compress_threads: auto
# video_encoding_mode:
# jpeg_quality: -1
# webp_quality: -1
# max_resolution:
# width: 1920
# height: 1080
# enter_video_encoding_mode:
# time_threshold: 5
# area_threshold: 45%
# exit_video_encoding_mode:
# time_threshold: 3
# logging:
# level: off
# scaling_algorithm: progressive_bilinear
# compare_framebuffer: auto
# zrle_zlib_level: auto
# hextile_improved_compression: true
server:
# http:
# headers:
# - Cross-Origin-Embedder-Policy=require-corp
# - Cross-Origin-Opener-Policy=same-origin
# httpd_directory: /usr/share/kasmvnc/www
advanced:
# x_font_path: auto
kasm_password_file: ${HOME}/.config/vnc/kasmpasswd
# x_authority_file: auto
# auto_shutdown:
# no_user_session_timeout: never
# active_user_session_timeout: never
# inactive_user_session_timeout: never
# command_line:
# prompt: true

View file

@ -7174,6 +7174,9 @@ softwarePackages:
pacman: xrdp
zypper: xrdp
yay: xrdp
kasmvnc:
_bin:
dnf: https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
responsively:
_bin: null
_desc: A modified web browser that helps in responsive web development