diff --git a/roles/xsce-admin/defaults/main.yml b/roles/xsce-admin/defaults/main.yml
index 11b2ef8c..06965b0c 100644
--- a/roles/xsce-admin/defaults/main.yml
+++ b/roles/xsce-admin/defaults/main.yml
@@ -6,3 +6,6 @@ admin_console_path: "{{ xsce_base }}/admin_console"
cmdsrv_path: "{{ xsce_base }}/xsce_cmdsrv"
xsce_cmdsrv_dbname : "xsce_cmdsrv.0.2.db"
gui_version: 4
+novnc_version: noVNC-0.6.1
+novnc_install: True
+novnc_enabled: False
diff --git a/roles/xsce-admin/files/cmdsrv/passwd b/roles/xsce-admin/files/cmdsrv/passwd
new file mode 100644
index 00000000..7a9dd98c
--- /dev/null
+++ b/roles/xsce-admin/files/cmdsrv/passwd
@@ -0,0 +1 @@
+¸+�ŠÁ�pr
\ No newline at end of file
diff --git a/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
new file mode 100644
index 00000000..1b6d6aa3
--- /dev/null
+++ b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+# start the vnc server and websockify server
+/etc/init.d/vnc start
+
+# if a parameter was passed it is the remote addr
+if [ $# -eq 1 ]; then
+ iptables -I INPUT -p tcp -s $1 --dport 6080 -j ACCEPT
+else
+ # open the new port for direct access to the websocket
+ iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
+fi
+
+# launch the websocket server
+systemctl start websockify.service
diff --git a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
new file mode 100644
index 00000000..a8800b4a
--- /dev/null
+++ b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+# close down the vnc remote desktop
+
+# delete any rules permitting 6080
+iptables -L INPUT |grep 6080
+while [ $? -eq 0 ];do
+ iptables -D INPUT 1
+ iptables -L INPUT |grep 6080
+done
+
+/etc/init.d/vnc stop
+systemctl stop websockify.service
diff --git a/roles/xsce-admin/files/cmdsrv/scripts/test.sh b/roles/xsce-admin/files/cmdsrv/scripts/test.sh
old mode 100755
new mode 100644
diff --git a/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv b/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
index 5975e005..5e7e8698 100644
--- a/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
+++ b/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
@@ -578,6 +578,8 @@ def cmd_handler(cmd_msg):
"INST-RACHEL": install_rachel,
"DEL-DOWNLOADS": del_downloads,
"RESTART-KIWIX": restart_kiwix,
+ "START-VNC": start_vnc,
+ "STOP-VNC": stop_vnc,
"REBOOT": reboot_server,
"POWEROFF": poweroff_server,
"CHGPW": change_password
@@ -1160,6 +1162,28 @@ def restart_kiwix(cmd_info):
resp = cmd_error(cmd_info['cmd'])
return (resp)
+def start_vnc(cmd_info):
+ if "cmd_args" in cmd_info.keys() and "REMOTE_ADDR" in cmd_info["cmd_args"].keys():
+ remote_addr = cmd_info["cmd_args"]["REMOTE_ADDR"]
+ rc = subprocess.call(["scripts/display-desktop.sh", remote_addr])
+ else:
+ rc = subprocess.call(["scripts/display-desktop.sh"])
+ #print rc
+ if rc == 0:
+ resp = cmd_success(cmd_info['cmd'])
+ else:
+ resp = cmd_error(cmd_info['cmd'])
+ return (resp)
+
+def stop_vnc(cmd_info):
+ rc = subprocess.call(["scripts/secure-desktop.sh"])
+ #print rc
+ if rc == 0:
+ resp = cmd_success(cmd_info['cmd'])
+ else:
+ resp = cmd_error(cmd_info['cmd'])
+ return (resp)
+
def reboot_server(cmd_info):
resp = cmd_success_msg(cmd_info['cmd'], 'Reboot Initiated')
outp = subprocess.Popen(["scripts/reboot.sh"])
diff --git a/roles/xsce-admin/files/console/index.html b/roles/xsce-admin/files/console/index.html
index bfd9d8bd..8dac9044 100644
--- a/roles/xsce-admin/files/console/index.html
+++ b/roles/xsce-admin/files/console/index.html
@@ -57,6 +57,8 @@ Actions
+
+
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index d4506d41..347c28cd 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -102,6 +102,19 @@ function controlButtonsEvents() {
$("#POWEROFF").click(function(){
poweroffServer();
});
+
+ $("#START-VNC").click(function(){
+ make_button_disabled("#START-VNC", true);
+ startVnc();
+ make_button_disabled("#STOP-VNC", false);
+ });
+
+ $("#STOP-VNC").click(function(){
+ make_button_disabled("#STOP-VNC", true);
+ stopVnc();
+ make_button_disabled("#START-VNC", false);
+ });
+
console.log(' REBOOT and POWEROFF set');
}
@@ -1500,6 +1513,32 @@ function poweroffServer()
return true;
}
+function startVnc()
+{
+ var command = "START-VNC";
+ sendCmdSrvCmd(command, genericCmdHandler);
+ var loc = window.location;
+ var url = "http://" + loc.hostname + ":6080/vnc_auto.html?password=desktop";
+ var w = 1152;
+ var h = 864;
+ if (w > screen.width){
+ w = screen.width;
+ }
+ if (h > screen.height){
+ h = screen.height;
+ }
+ var win = window.open(url,"Server","menubar=no,resizeable=yes,scrollbars=yes,width=" + w + ",height=" + h);
+ win.focus();
+ return false;
+}
+
+function stopVnc()
+{
+ var command = "STOP-VNC";
+ sendCmdSrvCmd(command, genericCmdHandler);
+ return true;
+}
+
function getHelp(arg)
{
$.get( "help/" + arg, function( data ) {
diff --git a/roles/xsce-admin/tasks/main.yml b/roles/xsce-admin/tasks/main.yml
index c06c7633..1391e37e 100644
--- a/roles/xsce-admin/tasks/main.yml
+++ b/roles/xsce-admin/tasks/main.yml
@@ -17,6 +17,12 @@
- base
- console
+- include: vnc.yml
+ tags:
+ - base
+ - console
+ when: novnc_install
+
- name: Add xsce-admin parameters to ini file
ini_file: dest='{{ service_filelist }}'
section=xsce-admin
diff --git a/roles/xsce-admin/tasks/vnc.yml b/roles/xsce-admin/tasks/vnc.yml
new file mode 100644
index 00000000..37bf8fd8
--- /dev/null
+++ b/roles/xsce-admin/tasks/vnc.yml
@@ -0,0 +1,49 @@
+- name: Install vnc packages
+ yum: name={{ item }}
+ state=present
+ with_items:
+ - tigervnc-server
+ - python-websockify
+ when: ansible_distribution == "Fedora" or ansible_distribution == "CentOS"
+ tags: download
+
+- name: Download the noVNC source from our copy
+ get_url: url={{ xsce_download_url }}/{{ novnc_version }}.tar.gz
+ dest={{ downloads_dir }}
+ tags: download2
+
+- name: Expand novnc to our root directory
+ unarchive: src={{ downloads_dir }}/{{ novnc_version }}.tar.gz
+ dest={{ xsce_base }}
+ owner=xsce-admin
+
+- name: Create a link pointing to the current version
+ file: src={{ xsce_base }}/{{ novnc_version }}
+ dest={{ xsce_base }}/novnc
+ state=link
+
+- name: Install the mate desktop for use with VNC
+ shell: 'yum -y groupinstall "MATE Desktop"'
+ when: ansible_distribution == "Fedora" or ansible_distribution == "CentOS"
+ tags: download
+
+- name: make the vnc directory
+ file: path=/home/xsce-admin/.vnc
+ owner=xsce-admin
+ state=directory
+
+- name: Put templated files in place
+ template: src={{ item.src }}
+ dest={{ item.dest }}
+ owner=xsce-admin
+ mode=0755
+ with_items:
+ - { src: 'cmdsrv/xstartup', dest: '/home/xsce-admin/.vnc/' }
+ - { src: 'cmdsrv/vnc', dest: '/etc/init.d/' }
+ - { src: 'cmdsrv/websockify.service', dest: '/etc/systemd/system/' }
+
+- name: copy the password file -- binary confuses template module
+ copy: src=cmdsrv/passwd
+ dest=/home/xsce-admin/.vnc
+ mode=0700
+ owner=xsce-admin
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
new file mode 100644
index 00000000..2e709ced
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -0,0 +1,69 @@
+#!/bin/bash
+#
+# description: Starts and stops vncserver. \
+# used to provide remote X administration services.
+source /etc/init.d/functions
+
+unset VNCSERVERARGS
+VNCSERVERS="1:xsce-admin"
+VNCSERVERARGS[1]=" -localhost -geometry 1152x864"
+VNCSERVERARGS[2]="-geometry 1152x864"
+VNCSERVERARGS[3]="-geometry 1152x864"
+
+start() {
+ echo -n $"Starting VNC server: "
+ ulimit -S -c 0 >/dev/null 2>&1
+
+ if [ ! -d /tmp/.X11-unix ]
+ then
+ mkdir -m 1777 /tmp/.X11-unix || :
+ fi
+ for display in ${VNCSERVERS}
+ do
+ echo -n "${display} "
+ unset BASH_ENV ENV
+ DISP="${display%%:*}"
+ export USER="${display##*:}"
+ export VNCUSERARGS="${VNCSERVERARGS[${DISP}]}"
+ su - ${USER} -c "cd ~${USER} && [ -f .vnc/passwd ] && vncserver :${DISP} ${VNCUSERARGS}"
+ done
+}
+
+stop() {
+ echo -n $"Shutting down VNC server: "
+ for display in ${VNCSERVERS}
+ do
+ echo -n "${display} "
+ unset BASH_ENV ENV
+ export USER="${display##*:}"
+ su ${USER} -c "vncserver -kill :${display%%:*}" >/dev/null 2>&1
+ done
+}
+
+# See how we were called.
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart|reload)
+ stop
+ sleep 3
+ start
+ ;;
+ condrestart)
+ if [ -f /var/lock/subsys/vncserver ]; then
+ stop
+ sleep 3
+ start
+ fi
+ ;;
+ status)
+ status Xvnc
+ ;;
+ *)
+ echo $"Usage: $0 {start|stop|restart|condrestart|status}"
+ exit 1
+esac
diff --git a/roles/xsce-admin/templates/cmdsrv/websockify.service b/roles/xsce-admin/templates/cmdsrv/websockify.service
new file mode 100644
index 00000000..f7981254
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/websockify.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=provides a TCP to web protocol proxy
+After=syslog.target network.target
+
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/websockify --web={{ xsce_base}}/novnc 6080 localhost:5901
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/xsce-admin/templates/cmdsrv/xstartup b/roles/xsce-admin/templates/cmdsrv/xstartup
new file mode 100755
index 00000000..f0e2cd4d
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/xstartup
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+vncconfig -iconic &
+unset SESSION_MANAGER
+unset DBUS_SESSION_BUS_ADDRESS
+exec mate-session
diff --git a/roles/xsce-admin/templates/console/cmd-service.php b/roles/xsce-admin/templates/console/cmd-service.php
index 0058358d..b48b016d 100644
--- a/roles/xsce-admin/templates/console/cmd-service.php
+++ b/roles/xsce-admin/templates/console/cmd-service.php
@@ -10,6 +10,10 @@
$command = $_POST['command'];
//$command = "TEST";
// echo "Command: $command
";
+if (trim($command) == "START-VNC"){
+ $remote_addr = $_SERVER['REMOTE_ADDR'];
+ $command = $command . " {\"REMOTE_ADDR\": \"" . $remote_addr . "\"}";
+}
$alert_param = ',"Alert": "True"';