From 6234e87df8597de87f26e3712ef0f736116c1bf9 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Fri, 19 Aug 2016 20:29:17 -0400
Subject: [PATCH 01/40] initial checkin

---
 roles/xsce-admin/defaults/main.yml            |  3 +
 roles/xsce-admin/files/cmdsrv/passwd          |  1 +
 .../files/console/htmlf/70-utilities.html     |  7 +-
 roles/xsce-admin/tasks/vnc.yml                | 53 ++++++++++++++
 .../templates/cmdsrv/display-desktop          |  9 +++
 .../templates/cmdsrv/secure-desktop           |  6 ++
 roles/xsce-admin/templates/cmdsrv/vnc         | 69 +++++++++++++++++++
 roles/xsce-admin/templates/cmdsrv/xstartup    |  6 ++
 8 files changed, 152 insertions(+), 2 deletions(-)
 create mode 100644 roles/xsce-admin/files/cmdsrv/passwd
 create mode 100644 roles/xsce-admin/tasks/vnc.yml
 create mode 100755 roles/xsce-admin/templates/cmdsrv/display-desktop
 create mode 100755 roles/xsce-admin/templates/cmdsrv/secure-desktop
 create mode 100644 roles/xsce-admin/templates/cmdsrv/vnc
 create mode 100755 roles/xsce-admin/templates/cmdsrv/xstartup

diff --git a/roles/xsce-admin/defaults/main.yml b/roles/xsce-admin/defaults/main.yml
index ce5ea385..fb644330 100644
--- a/roles/xsce-admin/defaults/main.yml
+++ b/roles/xsce-admin/defaults/main.yml
@@ -6,3 +6,6 @@ admin_console_path: "{{ xsce_base }}/admin_console"
 cmdsrv_path: "{{ xsce_base }}/xsce_cmdsrv"
 xsce_cmdsrv_dbname : "xsce_cmdsrv.0.2.db"
 gui_version: 2
+novnc_version: noVNC-0.6.1
+novnc_install: True
+novnc_enabled: False
diff --git a/roles/xsce-admin/files/cmdsrv/passwd b/roles/xsce-admin/files/cmdsrv/passwd
new file mode 100644
index 00000000..b89816e8
--- /dev/null
+++ b/roles/xsce-admin/files/cmdsrv/passwd
@@ -0,0 +1 @@
+[IäSó›Õ
\ No newline at end of file
diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 0a5a7e43..d2044efb 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -20,13 +20,16 @@ <h2>Menu Options</h2>
 				<li><a href="#utilsSpeedTest">Perform Internet Speed Test</a></li>
 				<li><a href="#utilsAnsTags">Run Ansible by Tag</a></li>
 			</ul> <!-- End Status Sub Level Menu -->
-			<!--
 			<h2>Actions</h2>
 			<div class="action-buttons">
+				<button id="STARTVNC" type="button" class="btn btn-lg btn-danger">Start Remote Desktop</button>
+				<button id="STOPVNC" type="button" class="btn btn-lg btn-danger">Stop Remote Desktop</button>
+ 			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
 			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button>
-			</div>
+
 			-->
+			</div>
 		</div> <!-- left column -->
 		<div class="col-md-9"> <!-- Start right column -->
 			<div class="tab-content"> <!-- Start Container for Sub Menu Options Panes -->
diff --git a/roles/xsce-admin/tasks/vnc.yml b/roles/xsce-admin/tasks/vnc.yml
new file mode 100644
index 00000000..77bb2bba
--- /dev/null
+++ b/roles/xsce-admin/tasks/vnc.yml
@@ -0,0 +1,53 @@
+- name: Install vnc packages
+  yum: name={{ item }}
+           state=present
+  with_items:
+        - tigervnc-server
+  when: ansible_distribution == "Fedora" or ansible_distribution == "CentOS"
+  tags: download
+
+- name: Download the noVNC source from our copy
+  get_url: url={{ xsce_download_url }}/{{ novnc_version }}.tar.gz
+           dest={{ downloads_dir }}
+  tags: download2
+
+- name: Expand novnc to our root directory
+  unarchive: src={{ downloads_dir }}/{{ novnc_version }}.tar.gz
+           dest={{ xsce_base }}
+           owner=xsce-admin
+
+- name: Create a link pointing to the current version
+  file: src={{ xsce_base }}/{{ novnc_version }}
+        dest={{ xsce_base }}/novnc
+        state=link  
+
+- name: Install the mate desktop for use with VNC
+  shell: 'yum -y groupinstall "MATE Desktop"'
+  when: ansible_distribution == "Fedora" or ansible_distribution == "CentOS"
+  tags: download
+
+- name: make the vnc directory
+  file: path=/home/xsce-admin/.vnc
+        owner=xsce-admin
+        state=directory
+
+- name: make a bin directory for vnc
+  file: path=/home/xsce-admin/bin
+        owner=xsce-admin
+        state=directory
+
+- name: Put templated files in place
+  template: src={{ item.src }}
+            dest={{ item.dest }}
+            owner=xsce-admin
+            mode=0755
+  with_items:
+     - { src: 'xstartup', dest: '/home/xsce-admin/.vnc/' }
+     - { src: 'display-desktop', dest: '/home/xsce-admin/bin/' }
+     - { src: 'secure-desktop', dest: '/home/xsce-admin/bin/' }
+     - { src: 'vnc', dest: '/etc/init.d/' }
+
+- name: copy the password file -- binary confuses template module
+  copy: src=passwd
+        dest=/home/xsce-admin/.vnc
+         
diff --git a/roles/xsce-admin/templates/cmdsrv/display-desktop b/roles/xsce-admin/templates/cmdsrv/display-desktop
new file mode 100755
index 00000000..b421f80f
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/display-desktop
@@ -0,0 +1,9 @@
+#!/bin/bash
+# start the vnc server and websockify server
+/etc/init.d/vnc start
+
+# open the new port for direct access to the websocket
+iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
+
+# launch the websocket server
+{{ xsce_base }}/novnc/utils/launch.sh --vnc {{ xsce_hostname }}.{{ xsce_domain }}:5901
diff --git a/roles/xsce-admin/templates/cmdsrv/secure-desktop b/roles/xsce-admin/templates/cmdsrv/secure-desktop
new file mode 100755
index 00000000..0b80d246
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/secure-desktop
@@ -0,0 +1,6 @@
+#!/bin/bash
+# close down the vnc remote desktop
+
+/etc/init.d/vnc stop
+killall websockify
+iptables -D INPUT -p tcp --dport 6080 -j ACCEPT
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
new file mode 100644
index 00000000..b7c7cc45
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -0,0 +1,69 @@
+#!/bin/bash
+#
+# description: Starts and stops vncserver. \
+#	       used to provide remote X administration services.
+source /etc/init.d/functions
+
+unset VNCSERVERARGS
+VNCSERVERS="1:xsce-admin"
+VNCSERVERARGS[1]="-geometry 1024x768"
+VNCSERVERARGS[2]="-geometry 1152x864"
+VNCSERVERARGS[3]="-geometry 1152x864"
+
+start() {
+    echo -n $"Starting VNC server: "
+    ulimit -S -c 0 >/dev/null 2>&1
+
+    if [ ! -d /tmp/.X11-unix ]
+    then
+        mkdir -m 1777 /tmp/.X11-unix || :
+    fi
+    for display in ${VNCSERVERS}
+    do
+        echo -n "${display} "
+	unset BASH_ENV ENV
+	DISP="${display%%:*}"
+	export USER="${display##*:}"
+	export VNCUSERARGS="${VNCSERVERARGS[${DISP}]}"
+        su - ${USER} -c "cd ~${USER} && [ -f .vnc/passwd ] && vncserver :${DISP} ${VNCUSERARGS}"
+    done
+}
+
+stop() {
+    echo -n $"Shutting down VNC server: "
+    for display in ${VNCSERVERS}
+    do
+        echo -n "${display} "
+	unset BASH_ENV ENV
+	export USER="${display##*:}"
+	su ${USER} -c "vncserver -kill :${display%%:*}" >/dev/null 2>&1
+    done
+}
+
+# See how we were called.
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	stop
+	;;
+  restart|reload)
+	stop
+	sleep 3
+	start
+	;;
+  condrestart)
+	if [ -f /var/lock/subsys/vncserver ]; then
+	    stop
+	    sleep 3
+	    start
+	fi
+	;;
+  status)
+	status Xvnc
+	;;
+  *)
+	echo $"Usage: $0 {start|stop|restart|condrestart|status}"
+	exit 1
+esac
diff --git a/roles/xsce-admin/templates/cmdsrv/xstartup b/roles/xsce-admin/templates/cmdsrv/xstartup
new file mode 100755
index 00000000..f0e2cd4d
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/xstartup
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+vncconfig -iconic &
+unset SESSION_MANAGER
+unset DBUS_SESSION_BUS_ADDRESS
+exec mate-session

From 10165ba33bb96fa6c123d8db98b194f88d996a6c Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Fri, 19 Aug 2016 20:53:05 -0400
Subject: [PATCH 02/40] merge vnc into console and cmdsrv

---
 .../cmdsrv/scripts}/display-desktop           |  0
 .../cmdsrv/scripts}/secure-desktop            |  0
 roles/xsce-admin/files/cmdsrv/xsce-cmdsrv     | 20 +++++++++++++++++++
 roles/xsce-admin/tasks/main.yml               |  6 ++++++
 roles/xsce-admin/tasks/vnc.yml                | 10 ++--------
 5 files changed, 28 insertions(+), 8 deletions(-)
 rename roles/xsce-admin/{templates/cmdsrv => files/cmdsrv/scripts}/display-desktop (100%)
 rename roles/xsce-admin/{templates/cmdsrv => files/cmdsrv/scripts}/secure-desktop (100%)

diff --git a/roles/xsce-admin/templates/cmdsrv/display-desktop b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop
similarity index 100%
rename from roles/xsce-admin/templates/cmdsrv/display-desktop
rename to roles/xsce-admin/files/cmdsrv/scripts/display-desktop
diff --git a/roles/xsce-admin/templates/cmdsrv/secure-desktop b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop
similarity index 100%
rename from roles/xsce-admin/templates/cmdsrv/secure-desktop
rename to roles/xsce-admin/files/cmdsrv/scripts/secure-desktop
diff --git a/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv b/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
index ab609d14..6bf84096 100644
--- a/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
+++ b/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
@@ -577,6 +577,8 @@ def cmd_handler(cmd_msg):
         "INST-RACHEL": install_rachel,
         "DEL-DOWNLOADS": del_downloads,
         "RESTART-KIWIX": restart_kiwix,
+        "START-VNC": start_vnc,
+        "STOP-VNC": stop_vnc,
         "REBOOT": reboot_server,
         "POWEROFF": poweroff_server,
         "CHGPW": change_password
@@ -1153,6 +1155,24 @@ def restart_kiwix(cmd_info):
         resp = cmd_error(cmd_info['cmd'])
     return (resp)
 
+def start_vnc(cmd_info):
+    rc = subprocess.call(["/opt/schoolserver/xsce_cmdsrv/scripts/display-desktop.sh"])
+    #print rc
+    if rc == 0:
+        resp = cmd_success(cmd_info['cmd'])
+    else:
+        resp = cmd_error(cmd_info['cmd'])
+    return (resp)
+
+def stop_vnc(cmd_info):
+    rc = subprocess.call(["/opt/schoolserver/xsce_cmdsrv/scripts/secure-desktop.sh"])
+    #print rc
+    if rc == 0:
+        resp = cmd_success(cmd_info['cmd'])
+    else:
+        resp = cmd_error(cmd_info['cmd'])
+    return (resp)
+
 def reboot_server(cmd_info):
     resp = cmd_success_msg(cmd_info['cmd'], 'Reboot Initiated')
     outp = subprocess.Popen(["scripts/reboot.sh"])
diff --git a/roles/xsce-admin/tasks/main.yml b/roles/xsce-admin/tasks/main.yml
index c06c7633..1391e37e 100644
--- a/roles/xsce-admin/tasks/main.yml
+++ b/roles/xsce-admin/tasks/main.yml
@@ -17,6 +17,12 @@
     - base
     - console
 
+- include: vnc.yml
+  tags:
+    - base
+    - console
+  when: novnc_install
+
 - name: Add xsce-admin parameters to ini file
   ini_file: dest='{{ service_filelist }}'
             section=xsce-admin
diff --git a/roles/xsce-admin/tasks/vnc.yml b/roles/xsce-admin/tasks/vnc.yml
index 77bb2bba..a02e0901 100644
--- a/roles/xsce-admin/tasks/vnc.yml
+++ b/roles/xsce-admin/tasks/vnc.yml
@@ -31,11 +31,6 @@
         owner=xsce-admin
         state=directory
 
-- name: make a bin directory for vnc
-  file: path=/home/xsce-admin/bin
-        owner=xsce-admin
-        state=directory
-
 - name: Put templated files in place
   template: src={{ item.src }}
             dest={{ item.dest }}
@@ -43,11 +38,10 @@
             mode=0755
   with_items:
      - { src: 'xstartup', dest: '/home/xsce-admin/.vnc/' }
-     - { src: 'display-desktop', dest: '/home/xsce-admin/bin/' }
-     - { src: 'secure-desktop', dest: '/home/xsce-admin/bin/' }
      - { src: 'vnc', dest: '/etc/init.d/' }
 
 - name: copy the password file -- binary confuses template module
   copy: src=passwd
         dest=/home/xsce-admin/.vnc
-         
+        mode=0700
+        owner=xsce-admin 

From 4d02f202a003938fd0e6bfc1cf88eb795cc0a4a9 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Fri, 19 Aug 2016 20:56:25 -0400
Subject: [PATCH 03/40] conform with conventions for scripts (.sh)

---
 .../files/cmdsrv/scripts/{display-desktop => display-desktop.sh}  | 0
 .../files/cmdsrv/scripts/{secure-desktop => secure-desktop.sh}    | 0
 roles/xsce-admin/files/cmdsrv/scripts/test.sh                     | 0
 3 files changed, 0 insertions(+), 0 deletions(-)
 rename roles/xsce-admin/files/cmdsrv/scripts/{display-desktop => display-desktop.sh} (100%)
 mode change 100755 => 100644
 rename roles/xsce-admin/files/cmdsrv/scripts/{secure-desktop => secure-desktop.sh} (100%)
 mode change 100755 => 100644
 mode change 100755 => 100644 roles/xsce-admin/files/cmdsrv/scripts/test.sh

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/display-desktop b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
old mode 100755
new mode 100644
similarity index 100%
rename from roles/xsce-admin/files/cmdsrv/scripts/display-desktop
rename to roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
diff --git a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
old mode 100755
new mode 100644
similarity index 100%
rename from roles/xsce-admin/files/cmdsrv/scripts/secure-desktop
rename to roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
diff --git a/roles/xsce-admin/files/cmdsrv/scripts/test.sh b/roles/xsce-admin/files/cmdsrv/scripts/test.sh
old mode 100755
new mode 100644

From 58e1c9ce9fb8e6a963c9d14d994e09a44ee3e4d2 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sat, 20 Aug 2016 00:13:08 -0400
Subject: [PATCH 04/40] backend seems to work, some button function

---
 .../files/cmdsrv/scripts/display-desktop.sh   |  2 +-
 .../files/cmdsrv/scripts/secure-desktop.sh    |  2 +-
 .../files/console/js/admin_console.js         | 28 +++++++++++++++++++
 roles/xsce-admin/tasks/vnc.yml                |  8 ++++--
 .../templates/cmdsrv/websockify.service       | 11 ++++++++
 5 files changed, 46 insertions(+), 5 deletions(-)
 create mode 100644 roles/xsce-admin/templates/cmdsrv/websockify.service

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
index b421f80f..b3cdd0f1 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
@@ -6,4 +6,4 @@
 iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
 
 # launch the websocket server
-{{ xsce_base }}/novnc/utils/launch.sh --vnc {{ xsce_hostname }}.{{ xsce_domain }}:5901
+systemctl start websockify.service
diff --git a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
index 0b80d246..ac6fd240 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
@@ -2,5 +2,5 @@
 # close down the vnc remote desktop
 
 /etc/init.d/vnc stop
-killall websockify
+systemctl stop websockify.service
 iptables -D INPUT -p tcp --dport 6080 -j ACCEPT
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index cd5b3ab4..59e5471e 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -245,6 +245,18 @@ function utilButtonsEvents() {
   	changePassword();
   });
 
+  $("#START-VNC").click(function(){
+  	make_button_disabled("#START-VNC", true);
+  	startVnc();
+  	make_button_disabled("#STOP-VNC", false);
+  });
+
+  $("#STOP-VNC").click(function(){
+  	make_button_disabled("#STOP-VNC", true);
+  	stopVnc();
+  	make_button_disabled("#START-VNC", false);
+  });
+
   $("#JOB-STATUS-REFRESH").click(function(){
   	make_button_disabled("#JOB-STATUS-REFRESH", true);
     getJobStat();
@@ -1473,6 +1485,22 @@ function poweroffServer()
   return true;
 }
 
+function startVnc()
+{
+  var command = "START-VNC";
+  sendCmdSrvCmd(command, genericCmdHandler);
+  alert ("VNC desktop started");
+  return true;
+}
+
+function stopVnc()
+{
+  var command = "STOP-VNC";
+  sendCmdSrvCmd(command, genericCmdHandler);
+  alert ("Desktop no longer available remotely");
+  return true;
+}
+
 function getHelp(arg)
 {
   $.get( "help/" + arg, function( data ) {
diff --git a/roles/xsce-admin/tasks/vnc.yml b/roles/xsce-admin/tasks/vnc.yml
index a02e0901..37bf8fd8 100644
--- a/roles/xsce-admin/tasks/vnc.yml
+++ b/roles/xsce-admin/tasks/vnc.yml
@@ -3,6 +3,7 @@
            state=present
   with_items:
         - tigervnc-server
+        - python-websockify
   when: ansible_distribution == "Fedora" or ansible_distribution == "CentOS"
   tags: download
 
@@ -37,11 +38,12 @@
             owner=xsce-admin
             mode=0755
   with_items:
-     - { src: 'xstartup', dest: '/home/xsce-admin/.vnc/' }
-     - { src: 'vnc', dest: '/etc/init.d/' }
+     - { src: 'cmdsrv/xstartup', dest: '/home/xsce-admin/.vnc/' }
+     - { src: 'cmdsrv/vnc', dest: '/etc/init.d/' }
+     - { src: 'cmdsrv/websockify.service', dest: '/etc/systemd/system/' }
 
 - name: copy the password file -- binary confuses template module
-  copy: src=passwd
+  copy: src=cmdsrv/passwd
         dest=/home/xsce-admin/.vnc
         mode=0700
         owner=xsce-admin 
diff --git a/roles/xsce-admin/templates/cmdsrv/websockify.service b/roles/xsce-admin/templates/cmdsrv/websockify.service
new file mode 100644
index 00000000..3f342c36
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/websockify.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=provides a TCP to web protocol proxy
+After=syslog.target network.target 
+
+
+[Service]
+Type=simple
+ExecStart=/bin/websockify -D 6080 {{ xsce_hostname }}.{{ xsce_domain }}:5901
+
+[Install]
+WantedBy=multi-user.target

From b4ad2203f671bb73f7e0e02c099b15029ff8f52a Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sat, 20 Aug 2016 15:07:55 -0400
Subject: [PATCH 05/40] add iframe to the console

---
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 2 ++
 roles/xsce-admin/files/console/js/admin_console.js     | 4 ++++
 roles/xsce-admin/templates/cmdsrv/websockify.service   | 2 +-
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index d2044efb..0b734640 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -134,6 +134,8 @@ <h2>Ansible Tags</h2>
 					</form>
 					<button id="RUN-TAGS" type="button" class="btn btn-lg btn-danger">Run Ansible with Checked Tags</button>
 				</div> <!--  End utilsAnsTags pane -->
+				<div class="tab-pane" id="desktop"> <!-- Start desktop Pane -->
+				</div> <!--  End desktop pane -->
 			</div> <!-- End Container for Status Sub Menu Options Panes -->
 		</div> <!-- right column -->
 	</div> <!-- End containing row -->
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 59e5471e..4e41c195 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1490,6 +1490,8 @@ function startVnc()
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("VNC desktop started");
+  var vncIframe = "<iframe id=\"vncIframe\" src=\"/vnc/vnc.html\"></iframe>";
+  $(#desktop).append(vncIframe);
   return true;
 }
 
@@ -1498,6 +1500,8 @@ function stopVnc()
   var command = "STOP-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("Desktop no longer available remotely");
+  $(#vncIframe).src="about.blank";
+  $(#vncIframe).remove();
   return true;
 }
 
diff --git a/roles/xsce-admin/templates/cmdsrv/websockify.service b/roles/xsce-admin/templates/cmdsrv/websockify.service
index 3f342c36..aae6442a 100644
--- a/roles/xsce-admin/templates/cmdsrv/websockify.service
+++ b/roles/xsce-admin/templates/cmdsrv/websockify.service
@@ -5,7 +5,7 @@ After=syslog.target network.target
 
 [Service]
 Type=simple
-ExecStart=/bin/websockify -D 6080 {{ xsce_hostname }}.{{ xsce_domain }}:5901
+ExecStart=/bin/websockify --web {{ xsce_base}}/novnc 6080 {{ xsce_hostname }}.{{ xsce_domain }}:5901
 
 [Install]
 WantedBy=multi-user.target

From 7b36ca8978aee5b4f6473ce62420e9e3acfb4243 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sat, 20 Aug 2016 18:25:13 -0400
Subject: [PATCH 06/40] add desktop to the utils nav list

---
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 5 +++--
 roles/xsce-admin/files/console/js/admin_console.js     | 6 +++---
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 0b734640..0e5798ef 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -19,11 +19,12 @@ <h2>Menu Options</h2>
 				<li><a href="#utilsStorage" call-after="getSysStorage">Display System Storage</a></li>
 				<li><a href="#utilsSpeedTest">Perform Internet Speed Test</a></li>
 				<li><a href="#utilsAnsTags">Run Ansible by Tag</a></li>
+				<li><a href="#utilsDesktop">Server Desktop</a></li>
 			</ul> <!-- End Status Sub Level Menu -->
 			<h2>Actions</h2>
 			<div class="action-buttons">
-				<button id="STARTVNC" type="button" class="btn btn-lg btn-danger">Start Remote Desktop</button>
-				<button id="STOPVNC" type="button" class="btn btn-lg btn-danger">Stop Remote Desktop</button>
+				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">Start Remote Desktop</button>
+				<button id="STOP-VNC" type="button" class="btn btn-lg btn-danger">Stop Remote Desktop</button>
  			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
 			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button>
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 4e41c195..43d1de67 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1491,7 +1491,7 @@ function startVnc()
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("VNC desktop started");
   var vncIframe = "<iframe id=\"vncIframe\" src=\"/vnc/vnc.html\"></iframe>";
-  $(#desktop).append(vncIframe);
+  $( "#desktop" ).append(vncIframe);
   return true;
 }
 
@@ -1500,8 +1500,8 @@ function stopVnc()
   var command = "STOP-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("Desktop no longer available remotely");
-  $(#vncIframe).src="about.blank";
-  $(#vncIframe).remove();
+  $( "#vncIframe" ).src="about.blank";
+  $( "vncIframe" ).remove();
   return true;
 }
 

From 01a4d4bba4c64d26b68ad39366378b670c01bdc9 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sat, 20 Aug 2016 18:48:42 -0400
Subject: [PATCH 07/40] tweaks to desktop pane

---
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 4 +++-
 roles/xsce-admin/files/console/js/admin_console.js     | 3 +--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 0e5798ef..8fa19879 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -135,7 +135,9 @@ <h2>Ansible Tags</h2>
 					</form>
 					<button id="RUN-TAGS" type="button" class="btn btn-lg btn-danger">Run Ansible with Checked Tags</button>
 				</div> <!--  End utilsAnsTags pane -->
-				<div class="tab-pane" id="desktop"> <!-- Start desktop Pane -->
+				<div class="tab-pane" id="utilsDesktop"> <!-- Start desktop Pane -->
+					<h2>Local Version of Server's Desktop</h2>
+                                        <iframe id="vncIframe" src="about:blank"></iframe>
 				</div> <!--  End desktop pane -->
 			</div> <!-- End Container for Status Sub Menu Options Panes -->
 		</div> <!-- right column -->
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 43d1de67..fe0656b7 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1490,8 +1490,7 @@ function startVnc()
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("VNC desktop started");
-  var vncIframe = "<iframe id=\"vncIframe\" src=\"/vnc/vnc.html\"></iframe>";
-  $( "#desktop" ).append(vncIframe);
+  $( "#vncIframe" ).src = "/vnc/vnc.html";
   return true;
 }
 

From 84aa09091eb7bfdaac9a816ae2165d7e9aaee868 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sun, 21 Aug 2016 00:44:35 -0400
Subject: [PATCH 08/40] iframe now works, width set

---
 .../files/console/htmlf/70-utilities.html           | 13 ++++++-------
 roles/xsce-admin/files/console/js/admin_console.js  |  5 ++++-
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 8fa19879..1e31709d 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -19,16 +19,15 @@ <h2>Menu Options</h2>
 				<li><a href="#utilsStorage" call-after="getSysStorage">Display System Storage</a></li>
 				<li><a href="#utilsSpeedTest">Perform Internet Speed Test</a></li>
 				<li><a href="#utilsAnsTags">Run Ansible by Tag</a></li>
-				<li><a href="#utilsDesktop">Server Desktop</a></li>
+				<li><a href="#utilsDesktop">View Server's Screen</a></li>
 			</ul> <!-- End Status Sub Level Menu -->
 			<h2>Actions</h2>
 			<div class="action-buttons">
-				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">Start Remote Desktop</button>
-				<button id="STOP-VNC" type="button" class="btn btn-lg btn-danger">Stop Remote Desktop</button>
+				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">View Desktop (insecure)</button>
+				<button id="STOP-VNC" type="button" class="btn btn-lg btn-danger">Make Server Secure</button>
  			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
-			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button>
-
+			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button> 
 			-->
 			</div>
 		</div> <!-- left column -->
@@ -136,8 +135,8 @@ <h2>Ansible Tags</h2>
 					<button id="RUN-TAGS" type="button" class="btn btn-lg btn-danger">Run Ansible with Checked Tags</button>
 				</div> <!--  End utilsAnsTags pane -->
 				<div class="tab-pane" id="utilsDesktop"> <!-- Start desktop Pane -->
-					<h2>Local Version of Server's Desktop</h2>
-                                        <iframe id="vncIframe" src="about:blank"></iframe>
+					<h2>View of Server's Screen</h2>
+                                        <iframe id="vncIframe" src="about:blank"style="width:100%;height:768px"></iframe>
 				</div> <!--  End desktop pane -->
 			</div> <!-- End Container for Status Sub Menu Options Panes -->
 		</div> <!-- right column -->
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index fe0656b7..1978fe6d 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1490,7 +1490,10 @@ function startVnc()
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("VNC desktop started");
-  $( "#vncIframe" ).src = "/vnc/vnc.html";
+  var loc = window.location;
+  var url = "http://" + loc.hostname + ":6080/vnc.html";
+  $( "#vncIframe" ).prop("src", url); 
+  alert(url);
   return true;
 }
 

From d2dc2e3fc8362d2a71a26faa3770021c640bfd0e Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sun, 21 Aug 2016 10:41:29 -0400
Subject: [PATCH 09/40] make buttons clearer--stop->green

---
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 4 ++--
 roles/xsce-admin/files/console/js/admin_console.js     | 4 +---
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 1e31709d..c3aa6b71 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -21,10 +21,10 @@ <h2>Menu Options</h2>
 				<li><a href="#utilsAnsTags">Run Ansible by Tag</a></li>
 				<li><a href="#utilsDesktop">View Server's Screen</a></li>
 			</ul> <!-- End Status Sub Level Menu -->
-			<h2>Actions</h2>
+			<h2>Server Visability</h2>
 			<div class="action-buttons">
 				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">View Desktop (insecure)</button>
-				<button id="STOP-VNC" type="button" class="btn btn-lg btn-danger">Make Server Secure</button>
+				<button id="STOP-VNC" type="button" class="btn btn-lg btn-primary">Make Server Secure</button>
  			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
 			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button> 
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 1978fe6d..ee2a203e 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1489,11 +1489,9 @@ function startVnc()
 {
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
-  alert ("VNC desktop started");
   var loc = window.location;
   var url = "http://" + loc.hostname + ":6080/vnc.html";
   $( "#vncIframe" ).prop("src", url); 
-  alert(url);
   return true;
 }
 
@@ -1502,7 +1500,7 @@ function stopVnc()
   var command = "STOP-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("Desktop no longer available remotely");
-  $( "#vncIframe" ).src="about.blank";
+  $( "#vncIframe" ).prop("src","about.blank");
   $( "vncIframe" ).remove();
   return true;
 }

From dd20f5f5e31df923ce78c36c3af125996716bba9 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Tue, 23 Aug 2016 00:06:47 -0400
Subject: [PATCH 10/40] change vnc password to desktop, and put on view page

---
 roles/xsce-admin/files/cmdsrv/passwd                   | 2 +-
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 3 ++-
 roles/xsce-admin/templates/cmdsrv/vnc                  | 2 +-
 roles/xsce-admin/templates/cmdsrv/websockify.service   | 2 +-
 4 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/roles/xsce-admin/files/cmdsrv/passwd b/roles/xsce-admin/files/cmdsrv/passwd
index b89816e8..7a9dd98c 100644
--- a/roles/xsce-admin/files/cmdsrv/passwd
+++ b/roles/xsce-admin/files/cmdsrv/passwd
@@ -1 +1 @@
-[IäSó›Õ
\ No newline at end of file
+¸+ŠÁpr
\ No newline at end of file
diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index c3aa6b71..94689d30 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -24,7 +24,7 @@ <h2>Menu Options</h2>
 			<h2>Server Visability</h2>
 			<div class="action-buttons">
 				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">View Desktop (insecure)</button>
-				<button id="STOP-VNC" type="button" class="btn btn-lg btn-primary">Make Server Secure</button>
+				<button id="STOP-VNC" type="button" class="btn btn-lg btn-success">Make Server Secure</button>
  			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
 			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button> 
@@ -136,6 +136,7 @@ <h2>Ansible Tags</h2>
 				</div> <!--  End utilsAnsTags pane -->
 				<div class="tab-pane" id="utilsDesktop"> <!-- Start desktop Pane -->
 					<h2>View of Server's Screen</h2>
+                                        <p>The noVNC password is <b>desktop</b></p>
                                         <iframe id="vncIframe" src="about:blank"style="width:100%;height:768px"></iframe>
 				</div> <!--  End desktop pane -->
 			</div> <!-- End Container for Status Sub Menu Options Panes -->
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
index b7c7cc45..dedaf4b7 100644
--- a/roles/xsce-admin/templates/cmdsrv/vnc
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -6,7 +6,7 @@ source /etc/init.d/functions
 
 unset VNCSERVERARGS
 VNCSERVERS="1:xsce-admin"
-VNCSERVERARGS[1]="-geometry 1024x768"
+VNCSERVERARGS[1]="-geometry 800x600"
 VNCSERVERARGS[2]="-geometry 1152x864"
 VNCSERVERARGS[3]="-geometry 1152x864"
 
diff --git a/roles/xsce-admin/templates/cmdsrv/websockify.service b/roles/xsce-admin/templates/cmdsrv/websockify.service
index aae6442a..f7981254 100644
--- a/roles/xsce-admin/templates/cmdsrv/websockify.service
+++ b/roles/xsce-admin/templates/cmdsrv/websockify.service
@@ -5,7 +5,7 @@ After=syslog.target network.target
 
 [Service]
 Type=simple
-ExecStart=/bin/websockify --web {{ xsce_base}}/novnc 6080 {{ xsce_hostname }}.{{ xsce_domain }}:5901
+ExecStart=/usr/bin/websockify --web={{ xsce_base}}/novnc 6080 localhost:5901
 
 [Install]
 WantedBy=multi-user.target

From e560713651849bfabe4a17a0b53d6c948b88b9b8 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Tue, 23 Aug 2016 00:10:24 -0400
Subject: [PATCH 11/40] when disabling vnc, just blank it, no alert

---
 roles/xsce-admin/files/console/js/admin_console.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index ee2a203e..93762aaa 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1499,8 +1499,7 @@ function stopVnc()
 {
   var command = "STOP-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
-  alert ("Desktop no longer available remotely");
-  $( "#vncIframe" ).prop("src","about.blank");
+  $( "#vncIframe" ).prop("src","about:blank");
   $( "vncIframe" ).remove();
   return true;
 }

From 7204ddec981375fec18b659082d71b3010c8317a Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Wed, 31 Aug 2016 15:29:09 -0400
Subject: [PATCH 12/40] add ip of source to the spec of websocket, and have vnc
 only listen to localhost

---
 roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh | 9 +++++++--
 roles/xsce-admin/files/cmdsrv/xsce-cmdsrv                | 8 ++++++--
 roles/xsce-admin/templates/cmdsrv/vnc                    | 2 +-
 roles/xsce-admin/templates/console/cmd-service.php       | 4 ++++
 4 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
index b3cdd0f1..1b6d6aa3 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
@@ -2,8 +2,13 @@
 # start the vnc server and websockify server
 /etc/init.d/vnc start
 
-# open the new port for direct access to the websocket
-iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
+# if a parameter was passed it is the remote  addr
+if [ $# -eq 1 ]; then
+   iptables -I INPUT -p tcp -s $1 --dport 6080 -j ACCEPT
+else
+   # open the new port for direct access to the websocket
+   iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
+fi
 
 # launch the websocket server
 systemctl start websockify.service
diff --git a/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv b/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
index 6bf84096..dbdc9747 100644
--- a/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
+++ b/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
@@ -1156,7 +1156,11 @@ def restart_kiwix(cmd_info):
     return (resp)
 
 def start_vnc(cmd_info):
-    rc = subprocess.call(["/opt/schoolserver/xsce_cmdsrv/scripts/display-desktop.sh"])
+    if "cmd_args" in cmd_info.keys() and "REMOTE_ADDR" in cmd_info["cmd_args"].keys():
+        remote_addr =  cmd_info["cmd_args"]["REMOTE_ADDR"]
+        rc = subprocess.call(["scripts/display-desktop.sh", remote_addr])
+    else:
+        rc = subprocess.call(["scripts/display-desktop.sh"])
     #print rc
     if rc == 0:
         resp = cmd_success(cmd_info['cmd'])
@@ -1165,7 +1169,7 @@ def start_vnc(cmd_info):
     return (resp)
 
 def stop_vnc(cmd_info):
-    rc = subprocess.call(["/opt/schoolserver/xsce_cmdsrv/scripts/secure-desktop.sh"])
+    rc = subprocess.call(["scripts/secure-desktop.sh"])
     #print rc
     if rc == 0:
         resp = cmd_success(cmd_info['cmd'])
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
index dedaf4b7..945181ab 100644
--- a/roles/xsce-admin/templates/cmdsrv/vnc
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -6,7 +6,7 @@ source /etc/init.d/functions
 
 unset VNCSERVERARGS
 VNCSERVERS="1:xsce-admin"
-VNCSERVERARGS[1]="-geometry 800x600"
+VNCSERVERARGS[1]="-localhost -geometry 800x600"
 VNCSERVERARGS[2]="-geometry 1152x864"
 VNCSERVERARGS[3]="-geometry 1152x864"
 
diff --git a/roles/xsce-admin/templates/console/cmd-service.php b/roles/xsce-admin/templates/console/cmd-service.php
index 0058358d..b48b016d 100644
--- a/roles/xsce-admin/templates/console/cmd-service.php
+++ b/roles/xsce-admin/templates/console/cmd-service.php
@@ -10,6 +10,10 @@
 $command = $_POST['command'];
 //$command = "TEST";
 // echo "Command: $command <BR>";
+if (trim($command) == "START-VNC"){
+  $remote_addr = $_SERVER['REMOTE_ADDR'];
+  $command = $command . " {\"REMOTE_ADDR\": \"" . $remote_addr . "\"}";
+}
 
 $alert_param = ',"Alert": "True"';
 

From 15ad1714463764bcabd5b1e62ca0beac0e6f23ca Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 13:18:18 -0400
Subject: [PATCH 13/40] move vnc to contol page

---
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 6 ------
 roles/xsce-admin/files/console/index.html              | 1 +
 roles/xsce-admin/files/console/js/admin_console.js     | 8 ++++++--
 3 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 94689d30..757e75dc 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -19,17 +19,11 @@ <h2>Menu Options</h2>
 				<li><a href="#utilsStorage" call-after="getSysStorage">Display System Storage</a></li>
 				<li><a href="#utilsSpeedTest">Perform Internet Speed Test</a></li>
 				<li><a href="#utilsAnsTags">Run Ansible by Tag</a></li>
-				<li><a href="#utilsDesktop">View Server's Screen</a></li>
 			</ul> <!-- End Status Sub Level Menu -->
-			<h2>Server Visability</h2>
-			<div class="action-buttons">
-				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">View Desktop (insecure)</button>
-				<button id="STOP-VNC" type="button" class="btn btn-lg btn-success">Make Server Secure</button>
  			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
 			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button> 
 			-->
-			</div>
 		</div> <!-- left column -->
 		<div class="col-md-9"> <!-- Start right column -->
 			<div class="tab-content"> <!-- Start Container for Sub Menu Options Panes -->
diff --git a/roles/xsce-admin/files/console/index.html b/roles/xsce-admin/files/console/index.html
index bfd9d8bd..136f0a7d 100644
--- a/roles/xsce-admin/files/console/index.html
+++ b/roles/xsce-admin/files/console/index.html
@@ -57,6 +57,7 @@ <h2>Actions</h2>
 									<div class="action-buttons">
 									  <button id="REBOOT" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>REBOOT Server</button>
 									  <button id="POWEROFF" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>POWER OFF Server</button>
+									  <button id="START-VNC" type="button" class="btn btn-lg btn-success" style="opacity:0.5" disabled>View Server Screen</button>
 									</div>
 								</div> <!-- left column -->
 								<div class="col-md-9"> <!-- Start right column -->
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 93762aaa..7603812d 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -102,6 +102,11 @@ function controlButtonsEvents() {
   $("#POWEROFF").click(function(){
     poweroffServer();
   });
+
+  $("#START-VNC").click(function(){
+    startVnc();
+  });
+
   console.log(' REBOOT and POWEROFF set');
 }
 
@@ -1489,9 +1494,8 @@ function startVnc()
 {
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
-  var loc = window.location;
   var url = "http://" + loc.hostname + ":6080/vnc.html";
-  $( "#vncIframe" ).prop("src", url); 
+  var loc = window.open(url,"_blank");
   return true;
 }
 

From dd1cf650193fdd78134870176880d34205089598 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 13:52:35 -0400
Subject: [PATCH 14/40] increase vnc screen, add stop button

---
 roles/xsce-admin/files/console/index.html          | 3 ++-
 roles/xsce-admin/files/console/js/admin_console.js | 3 ++-
 roles/xsce-admin/templates/cmdsrv/vnc              | 2 +-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/roles/xsce-admin/files/console/index.html b/roles/xsce-admin/files/console/index.html
index 136f0a7d..57591f7d 100644
--- a/roles/xsce-admin/files/console/index.html
+++ b/roles/xsce-admin/files/console/index.html
@@ -57,7 +57,8 @@ <h2>Actions</h2>
 									<div class="action-buttons">
 									  <button id="REBOOT" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>REBOOT Server</button>
 									  <button id="POWEROFF" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>POWER OFF Server</button>
-									  <button id="START-VNC" type="button" class="btn btn-lg btn-success" style="opacity:0.5" disabled>View Server Screen</button>
+									  <button id="START-VNC" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" enabled>View Server (Insecure)</button>
+									  <button id="STOP-VNC" type="button" class="btn btn-lg btn-success" style="opacity:0.5" enabled>Make More Secure</button>
 									</div>
 								</div> <!-- left column -->
 								<div class="col-md-9"> <!-- Start right column -->
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 7603812d..c679e1f2 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1494,8 +1494,9 @@ function startVnc()
 {
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
+  var loc = window.location;
   var url = "http://" + loc.hostname + ":6080/vnc.html";
-  var loc = window.open(url,"_blank");
+  var resp = window.open(url,"_blank");
   return true;
 }
 
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
index 945181ab..9418b147 100644
--- a/roles/xsce-admin/templates/cmdsrv/vnc
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -6,7 +6,7 @@ source /etc/init.d/functions
 
 unset VNCSERVERARGS
 VNCSERVERS="1:xsce-admin"
-VNCSERVERARGS[1]="-localhost -geometry 800x600"
+VNCSERVERARGS[1]="-localhost -geometry 1152x864"
 VNCSERVERARGS[2]="-geometry 1152x864"
 VNCSERVERARGS[3]="-geometry 1152x864"
 

From afc8ee96572bae1fa66d3b3b1d4c0c5bed8a8729 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 14:01:09 -0400
Subject: [PATCH 15/40] remove _blank from window.open

---
 roles/xsce-admin/files/console/js/admin_console.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index c679e1f2..f82a3694 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1496,7 +1496,7 @@ function startVnc()
   sendCmdSrvCmd(command, genericCmdHandler);
   var loc = window.location;
   var url = "http://" + loc.hostname + ":6080/vnc.html";
-  var resp = window.open(url,"_blank");
+  var resp = window.open(url);
   return true;
 }
 

From 5bc935a4471691c5bef6440fe050f06b86ad7528 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 14:45:25 -0400
Subject: [PATCH 16/40] delete iptables rules by linenumber, full opacity on
 button

---
 roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh | 7 ++++++-
 roles/xsce-admin/files/console/index.html               | 4 ++--
 roles/xsce-admin/templates/cmdsrv/vnc                   | 2 +-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
index ac6fd240..9eebff78 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
@@ -1,6 +1,11 @@
 #!/bin/bash
 # close down the vnc remote desktop
 
+# delete any rules permitting 6080
+rules=`iptables -L INPUT --line-numbers |grep 6080|cut -d" " -f1`
+for rulenum in rules; do
+  iptables -D $rulenum
+done
+
 /etc/init.d/vnc stop
 systemctl stop websockify.service
-iptables -D INPUT -p tcp --dport 6080 -j ACCEPT
diff --git a/roles/xsce-admin/files/console/index.html b/roles/xsce-admin/files/console/index.html
index 57591f7d..8dac9044 100644
--- a/roles/xsce-admin/files/console/index.html
+++ b/roles/xsce-admin/files/console/index.html
@@ -57,8 +57,8 @@ <h2>Actions</h2>
 									<div class="action-buttons">
 									  <button id="REBOOT" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>REBOOT Server</button>
 									  <button id="POWEROFF" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>POWER OFF Server</button>
-									  <button id="START-VNC" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" enabled>View Server (Insecure)</button>
-									  <button id="STOP-VNC" type="button" class="btn btn-lg btn-success" style="opacity:0.5" enabled>Make More Secure</button>
+									  <button id="START-VNC" type="button" class="btn btn-lg btn-danger"  enabled>View Server (Insecure)</button>
+									  <button id="STOP-VNC" type="button" class="btn btn-lg btn-success" style="opacity:0.5" disabled>Make More Secure</button>
 									</div>
 								</div> <!-- left column -->
 								<div class="col-md-9"> <!-- Start right column -->
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
index 9418b147..888d7243 100644
--- a/roles/xsce-admin/templates/cmdsrv/vnc
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -6,7 +6,7 @@ source /etc/init.d/functions
 
 unset VNCSERVERARGS
 VNCSERVERS="1:xsce-admin"
-VNCSERVERARGS[1]="-localhost -geometry 1152x864"
+VNCSERVERARGS[1]="-SecurityTypes None -localhost -geometry 1152x864"
 VNCSERVERARGS[2]="-geometry 1152x864"
 VNCSERVERARGS[3]="-geometry 1152x864"
 

From 05711bd2ec5aeab556e1612c6519a1579cc9cabb Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 14:55:09 -0400
Subject: [PATCH 17/40] improve secure-desktop.sh until it works

---
 roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
index 9eebff78..b4a4d9c6 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
@@ -3,8 +3,8 @@
 
 # delete any rules permitting 6080
 rules=`iptables -L INPUT --line-numbers |grep 6080|cut -d" " -f1`
-for rulenum in rules; do
-  iptables -D $rulenum
+for rulenum in $rules; do
+  iptables -D INPUT $rulenum
 done
 
 /etc/init.d/vnc stop

From 16e7f8ddb107c11310995ed48e82012527ca347a Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 14:59:49 -0400
Subject: [PATCH 18/40] attempt to defeat the second tab

---
 roles/xsce-admin/files/console/js/admin_console.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index f82a3694..4887e6e0 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1496,7 +1496,8 @@ function startVnc()
   sendCmdSrvCmd(command, genericCmdHandler);
   var loc = window.location;
   var url = "http://" + loc.hostname + ":6080/vnc.html";
-  var resp = window.open(url);
+  var win = window.open(url,'_blank');
+  win.focus();
   return true;
 }
 

From 02f3ee434d33364c592e1f9a14747872f980e881 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 18:44:03 -0400
Subject: [PATCH 19/40] fix double popup, define window to be no larger than
 screen, delete all iptables entries

---
 .../files/cmdsrv/scripts/secure-desktop.sh         |  7 ++++---
 roles/xsce-admin/files/console/js/admin_console.js | 14 +++++++++++---
 roles/xsce-admin/templates/cmdsrv/vnc              |  2 +-
 3 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
index b4a4d9c6..a8800b4a 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
@@ -2,9 +2,10 @@
 # close down the vnc remote desktop
 
 # delete any rules permitting 6080
-rules=`iptables -L INPUT --line-numbers |grep 6080|cut -d" " -f1`
-for rulenum in $rules; do
-  iptables -D INPUT $rulenum
+iptables -L INPUT |grep 6080
+while [ $? -eq 0 ];do
+  iptables -D INPUT 1
+  iptables -L INPUT  |grep 6080
 done
 
 /etc/init.d/vnc stop
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 4887e6e0..5ff18dc4 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1495,10 +1495,18 @@ function startVnc()
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   var loc = window.location;
-  var url = "http://" + loc.hostname + ":6080/vnc.html";
-  var win = window.open(url,'_blank');
+  var url = "http://" + loc.hostname + ":6080/vnc_auto.html?password=desktop";
+  var w = 1152;
+  var h = 864;
+  if (w > screen.width){
+     w = screen.width;
+  }
+  if (h > screen.height){
+     h = screen.height;
+  }
+  var win = window.open(url,"Server","menubar=no,resizeable=yes,scrollbars=yes,width=" + w + ",height=" + h);
   win.focus();
-  return true;
+  return false;
 }
 
 function stopVnc()
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
index 888d7243..2e709ced 100644
--- a/roles/xsce-admin/templates/cmdsrv/vnc
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -6,7 +6,7 @@ source /etc/init.d/functions
 
 unset VNCSERVERARGS
 VNCSERVERS="1:xsce-admin"
-VNCSERVERARGS[1]="-SecurityTypes None -localhost -geometry 1152x864"
+VNCSERVERARGS[1]=" -localhost -geometry 1152x864"
 VNCSERVERARGS[2]="-geometry 1152x864"
 VNCSERVERARGS[3]="-geometry 1152x864"
 

From 6295067917aecb0d333419c5b4d3860caf42eee3 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Fri, 19 Aug 2016 20:29:17 -0400
Subject: [PATCH 20/40] initial checkin

---
 roles/xsce-admin/defaults/main.yml            |  3 +
 roles/xsce-admin/files/cmdsrv/passwd          |  1 +
 .../files/console/htmlf/70-utilities.html     |  7 +-
 roles/xsce-admin/tasks/vnc.yml                | 53 ++++++++++++++
 .../templates/cmdsrv/display-desktop          |  9 +++
 .../templates/cmdsrv/secure-desktop           |  6 ++
 roles/xsce-admin/templates/cmdsrv/vnc         | 69 +++++++++++++++++++
 roles/xsce-admin/templates/cmdsrv/xstartup    |  6 ++
 8 files changed, 152 insertions(+), 2 deletions(-)
 create mode 100644 roles/xsce-admin/files/cmdsrv/passwd
 create mode 100644 roles/xsce-admin/tasks/vnc.yml
 create mode 100755 roles/xsce-admin/templates/cmdsrv/display-desktop
 create mode 100755 roles/xsce-admin/templates/cmdsrv/secure-desktop
 create mode 100644 roles/xsce-admin/templates/cmdsrv/vnc
 create mode 100755 roles/xsce-admin/templates/cmdsrv/xstartup

diff --git a/roles/xsce-admin/defaults/main.yml b/roles/xsce-admin/defaults/main.yml
index 11b2ef8c..06965b0c 100644
--- a/roles/xsce-admin/defaults/main.yml
+++ b/roles/xsce-admin/defaults/main.yml
@@ -6,3 +6,6 @@ admin_console_path: "{{ xsce_base }}/admin_console"
 cmdsrv_path: "{{ xsce_base }}/xsce_cmdsrv"
 xsce_cmdsrv_dbname : "xsce_cmdsrv.0.2.db"
 gui_version: 4
+novnc_version: noVNC-0.6.1
+novnc_install: True
+novnc_enabled: False
diff --git a/roles/xsce-admin/files/cmdsrv/passwd b/roles/xsce-admin/files/cmdsrv/passwd
new file mode 100644
index 00000000..b89816e8
--- /dev/null
+++ b/roles/xsce-admin/files/cmdsrv/passwd
@@ -0,0 +1 @@
+[IäSó›Õ
\ No newline at end of file
diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 0a5a7e43..d2044efb 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -20,13 +20,16 @@ <h2>Menu Options</h2>
 				<li><a href="#utilsSpeedTest">Perform Internet Speed Test</a></li>
 				<li><a href="#utilsAnsTags">Run Ansible by Tag</a></li>
 			</ul> <!-- End Status Sub Level Menu -->
-			<!--
 			<h2>Actions</h2>
 			<div class="action-buttons">
+				<button id="STARTVNC" type="button" class="btn btn-lg btn-danger">Start Remote Desktop</button>
+				<button id="STOPVNC" type="button" class="btn btn-lg btn-danger">Stop Remote Desktop</button>
+ 			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
 			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button>
-			</div>
+
 			-->
+			</div>
 		</div> <!-- left column -->
 		<div class="col-md-9"> <!-- Start right column -->
 			<div class="tab-content"> <!-- Start Container for Sub Menu Options Panes -->
diff --git a/roles/xsce-admin/tasks/vnc.yml b/roles/xsce-admin/tasks/vnc.yml
new file mode 100644
index 00000000..77bb2bba
--- /dev/null
+++ b/roles/xsce-admin/tasks/vnc.yml
@@ -0,0 +1,53 @@
+- name: Install vnc packages
+  yum: name={{ item }}
+           state=present
+  with_items:
+        - tigervnc-server
+  when: ansible_distribution == "Fedora" or ansible_distribution == "CentOS"
+  tags: download
+
+- name: Download the noVNC source from our copy
+  get_url: url={{ xsce_download_url }}/{{ novnc_version }}.tar.gz
+           dest={{ downloads_dir }}
+  tags: download2
+
+- name: Expand novnc to our root directory
+  unarchive: src={{ downloads_dir }}/{{ novnc_version }}.tar.gz
+           dest={{ xsce_base }}
+           owner=xsce-admin
+
+- name: Create a link pointing to the current version
+  file: src={{ xsce_base }}/{{ novnc_version }}
+        dest={{ xsce_base }}/novnc
+        state=link  
+
+- name: Install the mate desktop for use with VNC
+  shell: 'yum -y groupinstall "MATE Desktop"'
+  when: ansible_distribution == "Fedora" or ansible_distribution == "CentOS"
+  tags: download
+
+- name: make the vnc directory
+  file: path=/home/xsce-admin/.vnc
+        owner=xsce-admin
+        state=directory
+
+- name: make a bin directory for vnc
+  file: path=/home/xsce-admin/bin
+        owner=xsce-admin
+        state=directory
+
+- name: Put templated files in place
+  template: src={{ item.src }}
+            dest={{ item.dest }}
+            owner=xsce-admin
+            mode=0755
+  with_items:
+     - { src: 'xstartup', dest: '/home/xsce-admin/.vnc/' }
+     - { src: 'display-desktop', dest: '/home/xsce-admin/bin/' }
+     - { src: 'secure-desktop', dest: '/home/xsce-admin/bin/' }
+     - { src: 'vnc', dest: '/etc/init.d/' }
+
+- name: copy the password file -- binary confuses template module
+  copy: src=passwd
+        dest=/home/xsce-admin/.vnc
+         
diff --git a/roles/xsce-admin/templates/cmdsrv/display-desktop b/roles/xsce-admin/templates/cmdsrv/display-desktop
new file mode 100755
index 00000000..b421f80f
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/display-desktop
@@ -0,0 +1,9 @@
+#!/bin/bash
+# start the vnc server and websockify server
+/etc/init.d/vnc start
+
+# open the new port for direct access to the websocket
+iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
+
+# launch the websocket server
+{{ xsce_base }}/novnc/utils/launch.sh --vnc {{ xsce_hostname }}.{{ xsce_domain }}:5901
diff --git a/roles/xsce-admin/templates/cmdsrv/secure-desktop b/roles/xsce-admin/templates/cmdsrv/secure-desktop
new file mode 100755
index 00000000..0b80d246
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/secure-desktop
@@ -0,0 +1,6 @@
+#!/bin/bash
+# close down the vnc remote desktop
+
+/etc/init.d/vnc stop
+killall websockify
+iptables -D INPUT -p tcp --dport 6080 -j ACCEPT
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
new file mode 100644
index 00000000..b7c7cc45
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -0,0 +1,69 @@
+#!/bin/bash
+#
+# description: Starts and stops vncserver. \
+#	       used to provide remote X administration services.
+source /etc/init.d/functions
+
+unset VNCSERVERARGS
+VNCSERVERS="1:xsce-admin"
+VNCSERVERARGS[1]="-geometry 1024x768"
+VNCSERVERARGS[2]="-geometry 1152x864"
+VNCSERVERARGS[3]="-geometry 1152x864"
+
+start() {
+    echo -n $"Starting VNC server: "
+    ulimit -S -c 0 >/dev/null 2>&1
+
+    if [ ! -d /tmp/.X11-unix ]
+    then
+        mkdir -m 1777 /tmp/.X11-unix || :
+    fi
+    for display in ${VNCSERVERS}
+    do
+        echo -n "${display} "
+	unset BASH_ENV ENV
+	DISP="${display%%:*}"
+	export USER="${display##*:}"
+	export VNCUSERARGS="${VNCSERVERARGS[${DISP}]}"
+        su - ${USER} -c "cd ~${USER} && [ -f .vnc/passwd ] && vncserver :${DISP} ${VNCUSERARGS}"
+    done
+}
+
+stop() {
+    echo -n $"Shutting down VNC server: "
+    for display in ${VNCSERVERS}
+    do
+        echo -n "${display} "
+	unset BASH_ENV ENV
+	export USER="${display##*:}"
+	su ${USER} -c "vncserver -kill :${display%%:*}" >/dev/null 2>&1
+    done
+}
+
+# See how we were called.
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	stop
+	;;
+  restart|reload)
+	stop
+	sleep 3
+	start
+	;;
+  condrestart)
+	if [ -f /var/lock/subsys/vncserver ]; then
+	    stop
+	    sleep 3
+	    start
+	fi
+	;;
+  status)
+	status Xvnc
+	;;
+  *)
+	echo $"Usage: $0 {start|stop|restart|condrestart|status}"
+	exit 1
+esac
diff --git a/roles/xsce-admin/templates/cmdsrv/xstartup b/roles/xsce-admin/templates/cmdsrv/xstartup
new file mode 100755
index 00000000..f0e2cd4d
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/xstartup
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+vncconfig -iconic &
+unset SESSION_MANAGER
+unset DBUS_SESSION_BUS_ADDRESS
+exec mate-session

From b7dcdb473053d3607f280892b6d7776f5fab0e6a Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Fri, 19 Aug 2016 20:53:05 -0400
Subject: [PATCH 21/40] merge vnc into console and cmdsrv

---
 .../cmdsrv/scripts}/display-desktop           |  0
 .../cmdsrv/scripts}/secure-desktop            |  0
 roles/xsce-admin/files/cmdsrv/xsce-cmdsrv     | 20 +++++++++++++++++++
 roles/xsce-admin/tasks/main.yml               |  6 ++++++
 roles/xsce-admin/tasks/vnc.yml                | 10 ++--------
 5 files changed, 28 insertions(+), 8 deletions(-)
 rename roles/xsce-admin/{templates/cmdsrv => files/cmdsrv/scripts}/display-desktop (100%)
 rename roles/xsce-admin/{templates/cmdsrv => files/cmdsrv/scripts}/secure-desktop (100%)

diff --git a/roles/xsce-admin/templates/cmdsrv/display-desktop b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop
similarity index 100%
rename from roles/xsce-admin/templates/cmdsrv/display-desktop
rename to roles/xsce-admin/files/cmdsrv/scripts/display-desktop
diff --git a/roles/xsce-admin/templates/cmdsrv/secure-desktop b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop
similarity index 100%
rename from roles/xsce-admin/templates/cmdsrv/secure-desktop
rename to roles/xsce-admin/files/cmdsrv/scripts/secure-desktop
diff --git a/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv b/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
index 5975e005..90300c32 100644
--- a/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
+++ b/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
@@ -578,6 +578,8 @@ def cmd_handler(cmd_msg):
         "INST-RACHEL": install_rachel,
         "DEL-DOWNLOADS": del_downloads,
         "RESTART-KIWIX": restart_kiwix,
+        "START-VNC": start_vnc,
+        "STOP-VNC": stop_vnc,
         "REBOOT": reboot_server,
         "POWEROFF": poweroff_server,
         "CHGPW": change_password
@@ -1160,6 +1162,24 @@ def restart_kiwix(cmd_info):
         resp = cmd_error(cmd_info['cmd'])
     return (resp)
 
+def start_vnc(cmd_info):
+    rc = subprocess.call(["/opt/schoolserver/xsce_cmdsrv/scripts/display-desktop.sh"])
+    #print rc
+    if rc == 0:
+        resp = cmd_success(cmd_info['cmd'])
+    else:
+        resp = cmd_error(cmd_info['cmd'])
+    return (resp)
+
+def stop_vnc(cmd_info):
+    rc = subprocess.call(["/opt/schoolserver/xsce_cmdsrv/scripts/secure-desktop.sh"])
+    #print rc
+    if rc == 0:
+        resp = cmd_success(cmd_info['cmd'])
+    else:
+        resp = cmd_error(cmd_info['cmd'])
+    return (resp)
+
 def reboot_server(cmd_info):
     resp = cmd_success_msg(cmd_info['cmd'], 'Reboot Initiated')
     outp = subprocess.Popen(["scripts/reboot.sh"])
diff --git a/roles/xsce-admin/tasks/main.yml b/roles/xsce-admin/tasks/main.yml
index c06c7633..1391e37e 100644
--- a/roles/xsce-admin/tasks/main.yml
+++ b/roles/xsce-admin/tasks/main.yml
@@ -17,6 +17,12 @@
     - base
     - console
 
+- include: vnc.yml
+  tags:
+    - base
+    - console
+  when: novnc_install
+
 - name: Add xsce-admin parameters to ini file
   ini_file: dest='{{ service_filelist }}'
             section=xsce-admin
diff --git a/roles/xsce-admin/tasks/vnc.yml b/roles/xsce-admin/tasks/vnc.yml
index 77bb2bba..a02e0901 100644
--- a/roles/xsce-admin/tasks/vnc.yml
+++ b/roles/xsce-admin/tasks/vnc.yml
@@ -31,11 +31,6 @@
         owner=xsce-admin
         state=directory
 
-- name: make a bin directory for vnc
-  file: path=/home/xsce-admin/bin
-        owner=xsce-admin
-        state=directory
-
 - name: Put templated files in place
   template: src={{ item.src }}
             dest={{ item.dest }}
@@ -43,11 +38,10 @@
             mode=0755
   with_items:
      - { src: 'xstartup', dest: '/home/xsce-admin/.vnc/' }
-     - { src: 'display-desktop', dest: '/home/xsce-admin/bin/' }
-     - { src: 'secure-desktop', dest: '/home/xsce-admin/bin/' }
      - { src: 'vnc', dest: '/etc/init.d/' }
 
 - name: copy the password file -- binary confuses template module
   copy: src=passwd
         dest=/home/xsce-admin/.vnc
-         
+        mode=0700
+        owner=xsce-admin 

From 51de7c7cd7ff556751cbe32f6a975a453e8bf682 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Fri, 19 Aug 2016 20:56:25 -0400
Subject: [PATCH 22/40] conform with conventions for scripts (.sh)

---
 .../files/cmdsrv/scripts/{display-desktop => display-desktop.sh}  | 0
 .../files/cmdsrv/scripts/{secure-desktop => secure-desktop.sh}    | 0
 roles/xsce-admin/files/cmdsrv/scripts/test.sh                     | 0
 3 files changed, 0 insertions(+), 0 deletions(-)
 rename roles/xsce-admin/files/cmdsrv/scripts/{display-desktop => display-desktop.sh} (100%)
 mode change 100755 => 100644
 rename roles/xsce-admin/files/cmdsrv/scripts/{secure-desktop => secure-desktop.sh} (100%)
 mode change 100755 => 100644
 mode change 100755 => 100644 roles/xsce-admin/files/cmdsrv/scripts/test.sh

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/display-desktop b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
old mode 100755
new mode 100644
similarity index 100%
rename from roles/xsce-admin/files/cmdsrv/scripts/display-desktop
rename to roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
diff --git a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
old mode 100755
new mode 100644
similarity index 100%
rename from roles/xsce-admin/files/cmdsrv/scripts/secure-desktop
rename to roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
diff --git a/roles/xsce-admin/files/cmdsrv/scripts/test.sh b/roles/xsce-admin/files/cmdsrv/scripts/test.sh
old mode 100755
new mode 100644

From 1a4b4901594f710b64d947e121ec864996f41bc2 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sat, 20 Aug 2016 00:13:08 -0400
Subject: [PATCH 23/40] backend seems to work, some button function

---
 .../files/cmdsrv/scripts/display-desktop.sh   |  2 +-
 .../files/cmdsrv/scripts/secure-desktop.sh    |  2 +-
 .../files/console/js/admin_console.js         | 28 +++++++++++++++++++
 roles/xsce-admin/tasks/vnc.yml                |  8 ++++--
 .../templates/cmdsrv/websockify.service       | 11 ++++++++
 5 files changed, 46 insertions(+), 5 deletions(-)
 create mode 100644 roles/xsce-admin/templates/cmdsrv/websockify.service

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
index b421f80f..b3cdd0f1 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
@@ -6,4 +6,4 @@
 iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
 
 # launch the websocket server
-{{ xsce_base }}/novnc/utils/launch.sh --vnc {{ xsce_hostname }}.{{ xsce_domain }}:5901
+systemctl start websockify.service
diff --git a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
index 0b80d246..ac6fd240 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
@@ -2,5 +2,5 @@
 # close down the vnc remote desktop
 
 /etc/init.d/vnc stop
-killall websockify
+systemctl stop websockify.service
 iptables -D INPUT -p tcp --dport 6080 -j ACCEPT
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index d4506d41..892037a6 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -252,6 +252,18 @@ function utilButtonsEvents() {
   	changePassword();
   });
 
+  $("#START-VNC").click(function(){
+  	make_button_disabled("#START-VNC", true);
+  	startVnc();
+  	make_button_disabled("#STOP-VNC", false);
+  });
+
+  $("#STOP-VNC").click(function(){
+  	make_button_disabled("#STOP-VNC", true);
+  	stopVnc();
+  	make_button_disabled("#START-VNC", false);
+  });
+
   $("#JOB-STATUS-REFRESH").click(function(){
   	make_button_disabled("#JOB-STATUS-REFRESH", true);
     getJobStat();
@@ -1500,6 +1512,22 @@ function poweroffServer()
   return true;
 }
 
+function startVnc()
+{
+  var command = "START-VNC";
+  sendCmdSrvCmd(command, genericCmdHandler);
+  alert ("VNC desktop started");
+  return true;
+}
+
+function stopVnc()
+{
+  var command = "STOP-VNC";
+  sendCmdSrvCmd(command, genericCmdHandler);
+  alert ("Desktop no longer available remotely");
+  return true;
+}
+
 function getHelp(arg)
 {
   $.get( "help/" + arg, function( data ) {
diff --git a/roles/xsce-admin/tasks/vnc.yml b/roles/xsce-admin/tasks/vnc.yml
index a02e0901..37bf8fd8 100644
--- a/roles/xsce-admin/tasks/vnc.yml
+++ b/roles/xsce-admin/tasks/vnc.yml
@@ -3,6 +3,7 @@
            state=present
   with_items:
         - tigervnc-server
+        - python-websockify
   when: ansible_distribution == "Fedora" or ansible_distribution == "CentOS"
   tags: download
 
@@ -37,11 +38,12 @@
             owner=xsce-admin
             mode=0755
   with_items:
-     - { src: 'xstartup', dest: '/home/xsce-admin/.vnc/' }
-     - { src: 'vnc', dest: '/etc/init.d/' }
+     - { src: 'cmdsrv/xstartup', dest: '/home/xsce-admin/.vnc/' }
+     - { src: 'cmdsrv/vnc', dest: '/etc/init.d/' }
+     - { src: 'cmdsrv/websockify.service', dest: '/etc/systemd/system/' }
 
 - name: copy the password file -- binary confuses template module
-  copy: src=passwd
+  copy: src=cmdsrv/passwd
         dest=/home/xsce-admin/.vnc
         mode=0700
         owner=xsce-admin 
diff --git a/roles/xsce-admin/templates/cmdsrv/websockify.service b/roles/xsce-admin/templates/cmdsrv/websockify.service
new file mode 100644
index 00000000..3f342c36
--- /dev/null
+++ b/roles/xsce-admin/templates/cmdsrv/websockify.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=provides a TCP to web protocol proxy
+After=syslog.target network.target 
+
+
+[Service]
+Type=simple
+ExecStart=/bin/websockify -D 6080 {{ xsce_hostname }}.{{ xsce_domain }}:5901
+
+[Install]
+WantedBy=multi-user.target

From c31f0767f3fb1c2074f5dd33dfc2582516e4c0dd Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sat, 20 Aug 2016 15:07:55 -0400
Subject: [PATCH 24/40] add iframe to the console

---
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 2 ++
 roles/xsce-admin/files/console/js/admin_console.js     | 4 ++++
 roles/xsce-admin/templates/cmdsrv/websockify.service   | 2 +-
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index d2044efb..0b734640 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -134,6 +134,8 @@ <h2>Ansible Tags</h2>
 					</form>
 					<button id="RUN-TAGS" type="button" class="btn btn-lg btn-danger">Run Ansible with Checked Tags</button>
 				</div> <!--  End utilsAnsTags pane -->
+				<div class="tab-pane" id="desktop"> <!-- Start desktop Pane -->
+				</div> <!--  End desktop pane -->
 			</div> <!-- End Container for Status Sub Menu Options Panes -->
 		</div> <!-- right column -->
 	</div> <!-- End containing row -->
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 892037a6..ddee3206 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1517,6 +1517,8 @@ function startVnc()
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("VNC desktop started");
+  var vncIframe = "<iframe id=\"vncIframe\" src=\"/vnc/vnc.html\"></iframe>";
+  $(#desktop).append(vncIframe);
   return true;
 }
 
@@ -1525,6 +1527,8 @@ function stopVnc()
   var command = "STOP-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("Desktop no longer available remotely");
+  $(#vncIframe).src="about.blank";
+  $(#vncIframe).remove();
   return true;
 }
 
diff --git a/roles/xsce-admin/templates/cmdsrv/websockify.service b/roles/xsce-admin/templates/cmdsrv/websockify.service
index 3f342c36..aae6442a 100644
--- a/roles/xsce-admin/templates/cmdsrv/websockify.service
+++ b/roles/xsce-admin/templates/cmdsrv/websockify.service
@@ -5,7 +5,7 @@ After=syslog.target network.target
 
 [Service]
 Type=simple
-ExecStart=/bin/websockify -D 6080 {{ xsce_hostname }}.{{ xsce_domain }}:5901
+ExecStart=/bin/websockify --web {{ xsce_base}}/novnc 6080 {{ xsce_hostname }}.{{ xsce_domain }}:5901
 
 [Install]
 WantedBy=multi-user.target

From 05d64398c88f35edcdfdb654d70c586581c236e9 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sat, 20 Aug 2016 18:25:13 -0400
Subject: [PATCH 25/40] add desktop to the utils nav list

---
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 5 +++--
 roles/xsce-admin/files/console/js/admin_console.js     | 6 +++---
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 0b734640..0e5798ef 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -19,11 +19,12 @@ <h2>Menu Options</h2>
 				<li><a href="#utilsStorage" call-after="getSysStorage">Display System Storage</a></li>
 				<li><a href="#utilsSpeedTest">Perform Internet Speed Test</a></li>
 				<li><a href="#utilsAnsTags">Run Ansible by Tag</a></li>
+				<li><a href="#utilsDesktop">Server Desktop</a></li>
 			</ul> <!-- End Status Sub Level Menu -->
 			<h2>Actions</h2>
 			<div class="action-buttons">
-				<button id="STARTVNC" type="button" class="btn btn-lg btn-danger">Start Remote Desktop</button>
-				<button id="STOPVNC" type="button" class="btn btn-lg btn-danger">Stop Remote Desktop</button>
+				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">Start Remote Desktop</button>
+				<button id="STOP-VNC" type="button" class="btn btn-lg btn-danger">Stop Remote Desktop</button>
  			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
 			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button>
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index ddee3206..61f5758d 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1518,7 +1518,7 @@ function startVnc()
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("VNC desktop started");
   var vncIframe = "<iframe id=\"vncIframe\" src=\"/vnc/vnc.html\"></iframe>";
-  $(#desktop).append(vncIframe);
+  $( "#desktop" ).append(vncIframe);
   return true;
 }
 
@@ -1527,8 +1527,8 @@ function stopVnc()
   var command = "STOP-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("Desktop no longer available remotely");
-  $(#vncIframe).src="about.blank";
-  $(#vncIframe).remove();
+  $( "#vncIframe" ).src="about.blank";
+  $( "vncIframe" ).remove();
   return true;
 }
 

From 77a500771a269d9c3d94e98ced4274d6e91ffb8e Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sat, 20 Aug 2016 18:48:42 -0400
Subject: [PATCH 26/40] tweaks to desktop pane

---
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 4 +++-
 roles/xsce-admin/files/console/js/admin_console.js     | 3 +--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 0e5798ef..8fa19879 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -135,7 +135,9 @@ <h2>Ansible Tags</h2>
 					</form>
 					<button id="RUN-TAGS" type="button" class="btn btn-lg btn-danger">Run Ansible with Checked Tags</button>
 				</div> <!--  End utilsAnsTags pane -->
-				<div class="tab-pane" id="desktop"> <!-- Start desktop Pane -->
+				<div class="tab-pane" id="utilsDesktop"> <!-- Start desktop Pane -->
+					<h2>Local Version of Server's Desktop</h2>
+                                        <iframe id="vncIframe" src="about:blank"></iframe>
 				</div> <!--  End desktop pane -->
 			</div> <!-- End Container for Status Sub Menu Options Panes -->
 		</div> <!-- right column -->
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 61f5758d..10e59b07 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1517,8 +1517,7 @@ function startVnc()
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("VNC desktop started");
-  var vncIframe = "<iframe id=\"vncIframe\" src=\"/vnc/vnc.html\"></iframe>";
-  $( "#desktop" ).append(vncIframe);
+  $( "#vncIframe" ).src = "/vnc/vnc.html";
   return true;
 }
 

From 0cdad367550f7aa8cd7327e4076c5db4a9be8de1 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sun, 21 Aug 2016 00:44:35 -0400
Subject: [PATCH 27/40] iframe now works, width set

---
 .../files/console/htmlf/70-utilities.html           | 13 ++++++-------
 roles/xsce-admin/files/console/js/admin_console.js  |  5 ++++-
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 8fa19879..1e31709d 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -19,16 +19,15 @@ <h2>Menu Options</h2>
 				<li><a href="#utilsStorage" call-after="getSysStorage">Display System Storage</a></li>
 				<li><a href="#utilsSpeedTest">Perform Internet Speed Test</a></li>
 				<li><a href="#utilsAnsTags">Run Ansible by Tag</a></li>
-				<li><a href="#utilsDesktop">Server Desktop</a></li>
+				<li><a href="#utilsDesktop">View Server's Screen</a></li>
 			</ul> <!-- End Status Sub Level Menu -->
 			<h2>Actions</h2>
 			<div class="action-buttons">
-				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">Start Remote Desktop</button>
-				<button id="STOP-VNC" type="button" class="btn btn-lg btn-danger">Stop Remote Desktop</button>
+				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">View Desktop (insecure)</button>
+				<button id="STOP-VNC" type="button" class="btn btn-lg btn-danger">Make Server Secure</button>
  			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
-			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button>
-
+			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button> 
 			-->
 			</div>
 		</div> <!-- left column -->
@@ -136,8 +135,8 @@ <h2>Ansible Tags</h2>
 					<button id="RUN-TAGS" type="button" class="btn btn-lg btn-danger">Run Ansible with Checked Tags</button>
 				</div> <!--  End utilsAnsTags pane -->
 				<div class="tab-pane" id="utilsDesktop"> <!-- Start desktop Pane -->
-					<h2>Local Version of Server's Desktop</h2>
-                                        <iframe id="vncIframe" src="about:blank"></iframe>
+					<h2>View of Server's Screen</h2>
+                                        <iframe id="vncIframe" src="about:blank"style="width:100%;height:768px"></iframe>
 				</div> <!--  End desktop pane -->
 			</div> <!-- End Container for Status Sub Menu Options Panes -->
 		</div> <!-- right column -->
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 10e59b07..dcb70720 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1517,7 +1517,10 @@ function startVnc()
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("VNC desktop started");
-  $( "#vncIframe" ).src = "/vnc/vnc.html";
+  var loc = window.location;
+  var url = "http://" + loc.hostname + ":6080/vnc.html";
+  $( "#vncIframe" ).prop("src", url); 
+  alert(url);
   return true;
 }
 

From 3f11d5c7e3242cbe24562159f8b2b7c48439444b Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Sun, 21 Aug 2016 10:41:29 -0400
Subject: [PATCH 28/40] make buttons clearer--stop->green

---
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 4 ++--
 roles/xsce-admin/files/console/js/admin_console.js     | 4 +---
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 1e31709d..c3aa6b71 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -21,10 +21,10 @@ <h2>Menu Options</h2>
 				<li><a href="#utilsAnsTags">Run Ansible by Tag</a></li>
 				<li><a href="#utilsDesktop">View Server's Screen</a></li>
 			</ul> <!-- End Status Sub Level Menu -->
-			<h2>Actions</h2>
+			<h2>Server Visability</h2>
 			<div class="action-buttons">
 				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">View Desktop (insecure)</button>
-				<button id="STOP-VNC" type="button" class="btn btn-lg btn-danger">Make Server Secure</button>
+				<button id="STOP-VNC" type="button" class="btn btn-lg btn-primary">Make Server Secure</button>
  			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
 			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button> 
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index dcb70720..23039603 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1516,11 +1516,9 @@ function startVnc()
 {
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
-  alert ("VNC desktop started");
   var loc = window.location;
   var url = "http://" + loc.hostname + ":6080/vnc.html";
   $( "#vncIframe" ).prop("src", url); 
-  alert(url);
   return true;
 }
 
@@ -1529,7 +1527,7 @@ function stopVnc()
   var command = "STOP-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   alert ("Desktop no longer available remotely");
-  $( "#vncIframe" ).src="about.blank";
+  $( "#vncIframe" ).prop("src","about.blank");
   $( "vncIframe" ).remove();
   return true;
 }

From 5830c04943086fcd6c991a39febf725f703b9b9c Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Tue, 23 Aug 2016 00:06:47 -0400
Subject: [PATCH 29/40] change vnc password to desktop, and put on view page

---
 roles/xsce-admin/files/cmdsrv/passwd                   | 2 +-
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 3 ++-
 roles/xsce-admin/templates/cmdsrv/vnc                  | 2 +-
 roles/xsce-admin/templates/cmdsrv/websockify.service   | 2 +-
 4 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/roles/xsce-admin/files/cmdsrv/passwd b/roles/xsce-admin/files/cmdsrv/passwd
index b89816e8..7a9dd98c 100644
--- a/roles/xsce-admin/files/cmdsrv/passwd
+++ b/roles/xsce-admin/files/cmdsrv/passwd
@@ -1 +1 @@
-[IäSó›Õ
\ No newline at end of file
+¸+ŠÁpr
\ No newline at end of file
diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index c3aa6b71..94689d30 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -24,7 +24,7 @@ <h2>Menu Options</h2>
 			<h2>Server Visability</h2>
 			<div class="action-buttons">
 				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">View Desktop (insecure)</button>
-				<button id="STOP-VNC" type="button" class="btn btn-lg btn-primary">Make Server Secure</button>
+				<button id="STOP-VNC" type="button" class="btn btn-lg btn-success">Make Server Secure</button>
  			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
 			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button> 
@@ -136,6 +136,7 @@ <h2>Ansible Tags</h2>
 				</div> <!--  End utilsAnsTags pane -->
 				<div class="tab-pane" id="utilsDesktop"> <!-- Start desktop Pane -->
 					<h2>View of Server's Screen</h2>
+                                        <p>The noVNC password is <b>desktop</b></p>
                                         <iframe id="vncIframe" src="about:blank"style="width:100%;height:768px"></iframe>
 				</div> <!--  End desktop pane -->
 			</div> <!-- End Container for Status Sub Menu Options Panes -->
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
index b7c7cc45..dedaf4b7 100644
--- a/roles/xsce-admin/templates/cmdsrv/vnc
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -6,7 +6,7 @@ source /etc/init.d/functions
 
 unset VNCSERVERARGS
 VNCSERVERS="1:xsce-admin"
-VNCSERVERARGS[1]="-geometry 1024x768"
+VNCSERVERARGS[1]="-geometry 800x600"
 VNCSERVERARGS[2]="-geometry 1152x864"
 VNCSERVERARGS[3]="-geometry 1152x864"
 
diff --git a/roles/xsce-admin/templates/cmdsrv/websockify.service b/roles/xsce-admin/templates/cmdsrv/websockify.service
index aae6442a..f7981254 100644
--- a/roles/xsce-admin/templates/cmdsrv/websockify.service
+++ b/roles/xsce-admin/templates/cmdsrv/websockify.service
@@ -5,7 +5,7 @@ After=syslog.target network.target
 
 [Service]
 Type=simple
-ExecStart=/bin/websockify --web {{ xsce_base}}/novnc 6080 {{ xsce_hostname }}.{{ xsce_domain }}:5901
+ExecStart=/usr/bin/websockify --web={{ xsce_base}}/novnc 6080 localhost:5901
 
 [Install]
 WantedBy=multi-user.target

From 6c7e6d3da0c881c6002acd4e1b04e3a35b50299f Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Tue, 23 Aug 2016 00:10:24 -0400
Subject: [PATCH 30/40] when disabling vnc, just blank it, no alert

---
 roles/xsce-admin/files/console/js/admin_console.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 23039603..6ae6a12d 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1526,8 +1526,7 @@ function stopVnc()
 {
   var command = "STOP-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
-  alert ("Desktop no longer available remotely");
-  $( "#vncIframe" ).prop("src","about.blank");
+  $( "#vncIframe" ).prop("src","about:blank");
   $( "vncIframe" ).remove();
   return true;
 }

From f5c649a48263ca3e376262b79856691bb7c337fa Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Wed, 31 Aug 2016 15:29:09 -0400
Subject: [PATCH 31/40] add ip of source to the spec of websocket, and have vnc
 only listen to localhost

---
 roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh | 9 +++++++--
 roles/xsce-admin/files/cmdsrv/xsce-cmdsrv                | 8 ++++++--
 roles/xsce-admin/templates/cmdsrv/vnc                    | 2 +-
 roles/xsce-admin/templates/console/cmd-service.php       | 4 ++++
 4 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
index b3cdd0f1..1b6d6aa3 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh
@@ -2,8 +2,13 @@
 # start the vnc server and websockify server
 /etc/init.d/vnc start
 
-# open the new port for direct access to the websocket
-iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
+# if a parameter was passed it is the remote  addr
+if [ $# -eq 1 ]; then
+   iptables -I INPUT -p tcp -s $1 --dport 6080 -j ACCEPT
+else
+   # open the new port for direct access to the websocket
+   iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
+fi
 
 # launch the websocket server
 systemctl start websockify.service
diff --git a/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv b/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
index 90300c32..5e7e8698 100644
--- a/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
+++ b/roles/xsce-admin/files/cmdsrv/xsce-cmdsrv
@@ -1163,7 +1163,11 @@ def restart_kiwix(cmd_info):
     return (resp)
 
 def start_vnc(cmd_info):
-    rc = subprocess.call(["/opt/schoolserver/xsce_cmdsrv/scripts/display-desktop.sh"])
+    if "cmd_args" in cmd_info.keys() and "REMOTE_ADDR" in cmd_info["cmd_args"].keys():
+        remote_addr =  cmd_info["cmd_args"]["REMOTE_ADDR"]
+        rc = subprocess.call(["scripts/display-desktop.sh", remote_addr])
+    else:
+        rc = subprocess.call(["scripts/display-desktop.sh"])
     #print rc
     if rc == 0:
         resp = cmd_success(cmd_info['cmd'])
@@ -1172,7 +1176,7 @@ def start_vnc(cmd_info):
     return (resp)
 
 def stop_vnc(cmd_info):
-    rc = subprocess.call(["/opt/schoolserver/xsce_cmdsrv/scripts/secure-desktop.sh"])
+    rc = subprocess.call(["scripts/secure-desktop.sh"])
     #print rc
     if rc == 0:
         resp = cmd_success(cmd_info['cmd'])
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
index dedaf4b7..945181ab 100644
--- a/roles/xsce-admin/templates/cmdsrv/vnc
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -6,7 +6,7 @@ source /etc/init.d/functions
 
 unset VNCSERVERARGS
 VNCSERVERS="1:xsce-admin"
-VNCSERVERARGS[1]="-geometry 800x600"
+VNCSERVERARGS[1]="-localhost -geometry 800x600"
 VNCSERVERARGS[2]="-geometry 1152x864"
 VNCSERVERARGS[3]="-geometry 1152x864"
 
diff --git a/roles/xsce-admin/templates/console/cmd-service.php b/roles/xsce-admin/templates/console/cmd-service.php
index 0058358d..b48b016d 100644
--- a/roles/xsce-admin/templates/console/cmd-service.php
+++ b/roles/xsce-admin/templates/console/cmd-service.php
@@ -10,6 +10,10 @@
 $command = $_POST['command'];
 //$command = "TEST";
 // echo "Command: $command <BR>";
+if (trim($command) == "START-VNC"){
+  $remote_addr = $_SERVER['REMOTE_ADDR'];
+  $command = $command . " {\"REMOTE_ADDR\": \"" . $remote_addr . "\"}";
+}
 
 $alert_param = ',"Alert": "True"';
 

From 299716720bb3eabe2bc0db933fbf8c2eaab5ab7d Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 13:18:18 -0400
Subject: [PATCH 32/40] move vnc to contol page

---
 roles/xsce-admin/files/console/htmlf/70-utilities.html | 6 ------
 roles/xsce-admin/files/console/index.html              | 1 +
 roles/xsce-admin/files/console/js/admin_console.js     | 8 ++++++--
 3 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 94689d30..757e75dc 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -19,17 +19,11 @@ <h2>Menu Options</h2>
 				<li><a href="#utilsStorage" call-after="getSysStorage">Display System Storage</a></li>
 				<li><a href="#utilsSpeedTest">Perform Internet Speed Test</a></li>
 				<li><a href="#utilsAnsTags">Run Ansible by Tag</a></li>
-				<li><a href="#utilsDesktop">View Server's Screen</a></li>
 			</ul> <!-- End Status Sub Level Menu -->
-			<h2>Server Visability</h2>
-			<div class="action-buttons">
-				<button id="START-VNC" type="button" class="btn btn-lg btn-danger">View Desktop (insecure)</button>
-				<button id="STOP-VNC" type="button" class="btn btn-lg btn-success">Make Server Secure</button>
  			<!--
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
 			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button> 
 			-->
-			</div>
 		</div> <!-- left column -->
 		<div class="col-md-9"> <!-- Start right column -->
 			<div class="tab-content"> <!-- Start Container for Sub Menu Options Panes -->
diff --git a/roles/xsce-admin/files/console/index.html b/roles/xsce-admin/files/console/index.html
index bfd9d8bd..136f0a7d 100644
--- a/roles/xsce-admin/files/console/index.html
+++ b/roles/xsce-admin/files/console/index.html
@@ -57,6 +57,7 @@ <h2>Actions</h2>
 									<div class="action-buttons">
 									  <button id="REBOOT" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>REBOOT Server</button>
 									  <button id="POWEROFF" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>POWER OFF Server</button>
+									  <button id="START-VNC" type="button" class="btn btn-lg btn-success" style="opacity:0.5" disabled>View Server Screen</button>
 									</div>
 								</div> <!-- left column -->
 								<div class="col-md-9"> <!-- Start right column -->
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 6ae6a12d..ce63ce76 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -102,6 +102,11 @@ function controlButtonsEvents() {
   $("#POWEROFF").click(function(){
     poweroffServer();
   });
+
+  $("#START-VNC").click(function(){
+    startVnc();
+  });
+
   console.log(' REBOOT and POWEROFF set');
 }
 
@@ -1516,9 +1521,8 @@ function startVnc()
 {
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
-  var loc = window.location;
   var url = "http://" + loc.hostname + ":6080/vnc.html";
-  $( "#vncIframe" ).prop("src", url); 
+  var loc = window.open(url,"_blank");
   return true;
 }
 

From 006cc65a59652ec34f278cc8be64b69d446403b2 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 13:52:35 -0400
Subject: [PATCH 33/40] increase vnc screen, add stop button

---
 roles/xsce-admin/files/console/index.html          | 3 ++-
 roles/xsce-admin/files/console/js/admin_console.js | 3 ++-
 roles/xsce-admin/templates/cmdsrv/vnc              | 2 +-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/roles/xsce-admin/files/console/index.html b/roles/xsce-admin/files/console/index.html
index 136f0a7d..57591f7d 100644
--- a/roles/xsce-admin/files/console/index.html
+++ b/roles/xsce-admin/files/console/index.html
@@ -57,7 +57,8 @@ <h2>Actions</h2>
 									<div class="action-buttons">
 									  <button id="REBOOT" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>REBOOT Server</button>
 									  <button id="POWEROFF" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>POWER OFF Server</button>
-									  <button id="START-VNC" type="button" class="btn btn-lg btn-success" style="opacity:0.5" disabled>View Server Screen</button>
+									  <button id="START-VNC" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" enabled>View Server (Insecure)</button>
+									  <button id="STOP-VNC" type="button" class="btn btn-lg btn-success" style="opacity:0.5" enabled>Make More Secure</button>
 									</div>
 								</div> <!-- left column -->
 								<div class="col-md-9"> <!-- Start right column -->
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index ce63ce76..558b0f78 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1521,8 +1521,9 @@ function startVnc()
 {
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
+  var loc = window.location;
   var url = "http://" + loc.hostname + ":6080/vnc.html";
-  var loc = window.open(url,"_blank");
+  var resp = window.open(url,"_blank");
   return true;
 }
 
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
index 945181ab..9418b147 100644
--- a/roles/xsce-admin/templates/cmdsrv/vnc
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -6,7 +6,7 @@ source /etc/init.d/functions
 
 unset VNCSERVERARGS
 VNCSERVERS="1:xsce-admin"
-VNCSERVERARGS[1]="-localhost -geometry 800x600"
+VNCSERVERARGS[1]="-localhost -geometry 1152x864"
 VNCSERVERARGS[2]="-geometry 1152x864"
 VNCSERVERARGS[3]="-geometry 1152x864"
 

From e4ba55a48ec58afee90800492d73c1a5aca41baa Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 14:01:09 -0400
Subject: [PATCH 34/40] remove _blank from window.open

---
 roles/xsce-admin/files/console/js/admin_console.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 558b0f78..6cc7afc2 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1523,7 +1523,7 @@ function startVnc()
   sendCmdSrvCmd(command, genericCmdHandler);
   var loc = window.location;
   var url = "http://" + loc.hostname + ":6080/vnc.html";
-  var resp = window.open(url,"_blank");
+  var resp = window.open(url);
   return true;
 }
 

From c04c0170557e77ecb6e82136313e9549daab1595 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 14:45:25 -0400
Subject: [PATCH 35/40] delete iptables rules by linenumber, full opacity on
 button

---
 roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh | 7 ++++++-
 roles/xsce-admin/files/console/index.html               | 4 ++--
 roles/xsce-admin/templates/cmdsrv/vnc                   | 2 +-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
index ac6fd240..9eebff78 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
@@ -1,6 +1,11 @@
 #!/bin/bash
 # close down the vnc remote desktop
 
+# delete any rules permitting 6080
+rules=`iptables -L INPUT --line-numbers |grep 6080|cut -d" " -f1`
+for rulenum in rules; do
+  iptables -D $rulenum
+done
+
 /etc/init.d/vnc stop
 systemctl stop websockify.service
-iptables -D INPUT -p tcp --dport 6080 -j ACCEPT
diff --git a/roles/xsce-admin/files/console/index.html b/roles/xsce-admin/files/console/index.html
index 57591f7d..8dac9044 100644
--- a/roles/xsce-admin/files/console/index.html
+++ b/roles/xsce-admin/files/console/index.html
@@ -57,8 +57,8 @@ <h2>Actions</h2>
 									<div class="action-buttons">
 									  <button id="REBOOT" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>REBOOT Server</button>
 									  <button id="POWEROFF" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>POWER OFF Server</button>
-									  <button id="START-VNC" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" enabled>View Server (Insecure)</button>
-									  <button id="STOP-VNC" type="button" class="btn btn-lg btn-success" style="opacity:0.5" enabled>Make More Secure</button>
+									  <button id="START-VNC" type="button" class="btn btn-lg btn-danger"  enabled>View Server (Insecure)</button>
+									  <button id="STOP-VNC" type="button" class="btn btn-lg btn-success" style="opacity:0.5" disabled>Make More Secure</button>
 									</div>
 								</div> <!-- left column -->
 								<div class="col-md-9"> <!-- Start right column -->
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
index 9418b147..888d7243 100644
--- a/roles/xsce-admin/templates/cmdsrv/vnc
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -6,7 +6,7 @@ source /etc/init.d/functions
 
 unset VNCSERVERARGS
 VNCSERVERS="1:xsce-admin"
-VNCSERVERARGS[1]="-localhost -geometry 1152x864"
+VNCSERVERARGS[1]="-SecurityTypes None -localhost -geometry 1152x864"
 VNCSERVERARGS[2]="-geometry 1152x864"
 VNCSERVERARGS[3]="-geometry 1152x864"
 

From 440fa805f4aed1d330e5efd399eab65bf6bfef2d Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 14:55:09 -0400
Subject: [PATCH 36/40] improve secure-desktop.sh until it works

---
 roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
index 9eebff78..b4a4d9c6 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
@@ -3,8 +3,8 @@
 
 # delete any rules permitting 6080
 rules=`iptables -L INPUT --line-numbers |grep 6080|cut -d" " -f1`
-for rulenum in rules; do
-  iptables -D $rulenum
+for rulenum in $rules; do
+  iptables -D INPUT $rulenum
 done
 
 /etc/init.d/vnc stop

From 97c5018f1370c12f931d022f2facaaadfd8ed501 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 14:59:49 -0400
Subject: [PATCH 37/40] attempt to defeat the second tab

---
 roles/xsce-admin/files/console/js/admin_console.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 6cc7afc2..56292397 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1523,7 +1523,8 @@ function startVnc()
   sendCmdSrvCmd(command, genericCmdHandler);
   var loc = window.location;
   var url = "http://" + loc.hostname + ":6080/vnc.html";
-  var resp = window.open(url);
+  var win = window.open(url,'_blank');
+  win.focus();
   return true;
 }
 

From f88eed5670805bfee8ae61347fa1191f03917ebb Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 18:44:03 -0400
Subject: [PATCH 38/40] fix double popup, define window to be no larger than
 screen, delete all iptables entries

---
 .../files/cmdsrv/scripts/secure-desktop.sh         |  7 ++++---
 roles/xsce-admin/files/console/js/admin_console.js | 14 +++++++++++---
 roles/xsce-admin/templates/cmdsrv/vnc              |  2 +-
 3 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
index b4a4d9c6..a8800b4a 100644
--- a/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
+++ b/roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh
@@ -2,9 +2,10 @@
 # close down the vnc remote desktop
 
 # delete any rules permitting 6080
-rules=`iptables -L INPUT --line-numbers |grep 6080|cut -d" " -f1`
-for rulenum in $rules; do
-  iptables -D INPUT $rulenum
+iptables -L INPUT |grep 6080
+while [ $? -eq 0 ];do
+  iptables -D INPUT 1
+  iptables -L INPUT  |grep 6080
 done
 
 /etc/init.d/vnc stop
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 56292397..44c76dca 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1522,10 +1522,18 @@ function startVnc()
   var command = "START-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
   var loc = window.location;
-  var url = "http://" + loc.hostname + ":6080/vnc.html";
-  var win = window.open(url,'_blank');
+  var url = "http://" + loc.hostname + ":6080/vnc_auto.html?password=desktop";
+  var w = 1152;
+  var h = 864;
+  if (w > screen.width){
+     w = screen.width;
+  }
+  if (h > screen.height){
+     h = screen.height;
+  }
+  var win = window.open(url,"Server","menubar=no,resizeable=yes,scrollbars=yes,width=" + w + ",height=" + h);
   win.focus();
-  return true;
+  return false;
 }
 
 function stopVnc()
diff --git a/roles/xsce-admin/templates/cmdsrv/vnc b/roles/xsce-admin/templates/cmdsrv/vnc
index 888d7243..2e709ced 100644
--- a/roles/xsce-admin/templates/cmdsrv/vnc
+++ b/roles/xsce-admin/templates/cmdsrv/vnc
@@ -6,7 +6,7 @@ source /etc/init.d/functions
 
 unset VNCSERVERARGS
 VNCSERVERS="1:xsce-admin"
-VNCSERVERARGS[1]="-SecurityTypes None -localhost -geometry 1152x864"
+VNCSERVERARGS[1]=" -localhost -geometry 1152x864"
 VNCSERVERARGS[2]="-geometry 1152x864"
 VNCSERVERARGS[3]="-geometry 1152x864"
 

From aa4d680a13e5858e17d9a840bc12888f5d7eda78 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 21:22:16 -0400
Subject: [PATCH 39/40] rework the PR -- little details

---
 .../files/console/htmlf/70-utilities.html     | 12 +++++-----
 .../files/console/js/admin_console.js         | 22 ++++++++-----------
 2 files changed, 14 insertions(+), 20 deletions(-)

diff --git a/roles/xsce-admin/files/console/htmlf/70-utilities.html b/roles/xsce-admin/files/console/htmlf/70-utilities.html
index 757e75dc..0a5a7e43 100644
--- a/roles/xsce-admin/files/console/htmlf/70-utilities.html
+++ b/roles/xsce-admin/files/console/htmlf/70-utilities.html
@@ -20,9 +20,12 @@ <h2>Menu Options</h2>
 				<li><a href="#utilsSpeedTest">Perform Internet Speed Test</a></li>
 				<li><a href="#utilsAnsTags">Run Ansible by Tag</a></li>
 			</ul> <!-- End Status Sub Level Menu -->
- 			<!--
+			<!--
+			<h2>Actions</h2>
+			<div class="action-buttons">
 			<button id="REBOOT" type="button" class="btn btn-lg btn-danger">REBOOT Server</button>
-			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button> 
+			<button id="POWEROFF" type="button" class="btn btn-lg btn-danger">POWER OFF Server</button>
+			</div>
 			-->
 		</div> <!-- left column -->
 		<div class="col-md-9"> <!-- Start right column -->
@@ -128,11 +131,6 @@ <h2>Ansible Tags</h2>
 					</form>
 					<button id="RUN-TAGS" type="button" class="btn btn-lg btn-danger">Run Ansible with Checked Tags</button>
 				</div> <!--  End utilsAnsTags pane -->
-				<div class="tab-pane" id="utilsDesktop"> <!-- Start desktop Pane -->
-					<h2>View of Server's Screen</h2>
-                                        <p>The noVNC password is <b>desktop</b></p>
-                                        <iframe id="vncIframe" src="about:blank"style="width:100%;height:768px"></iframe>
-				</div> <!--  End desktop pane -->
 			</div> <!-- End Container for Status Sub Menu Options Panes -->
 		</div> <!-- right column -->
 	</div> <!-- End containing row -->
diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 44c76dca..7d7709de 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -104,7 +104,15 @@ function controlButtonsEvents() {
   });
 
   $("#START-VNC").click(function(){
-    startVnc();
+  	make_button_disabled("#START-VNC", true);
+  	startVnc();
+  	make_button_disabled("#STOP-VNC", false);
+  });
+
+  $("#STOP-VNC").click(function(){
+  	make_button_disabled("#STOP-VNC", true);
+  	stopVnc();
+  	make_button_disabled("#START-VNC", false);
   });
 
   console.log(' REBOOT and POWEROFF set');
@@ -257,18 +265,6 @@ function utilButtonsEvents() {
   	changePassword();
   });
 
-  $("#START-VNC").click(function(){
-  	make_button_disabled("#START-VNC", true);
-  	startVnc();
-  	make_button_disabled("#STOP-VNC", false);
-  });
-
-  $("#STOP-VNC").click(function(){
-  	make_button_disabled("#STOP-VNC", true);
-  	stopVnc();
-  	make_button_disabled("#START-VNC", false);
-  });
-
   $("#JOB-STATUS-REFRESH").click(function(){
   	make_button_disabled("#JOB-STATUS-REFRESH", true);
     getJobStat();

From ff2033610cfee0d4c6df0e7594c22f6d997c6472 Mon Sep 17 00:00:00 2001
From: George Hunt <georgejhunt@gmail.com>
Date: Thu, 1 Sep 2016 21:26:34 -0400
Subject: [PATCH 40/40] remove referenc to non existent iframe

---
 roles/xsce-admin/files/console/js/admin_console.js | 2 --
 1 file changed, 2 deletions(-)

diff --git a/roles/xsce-admin/files/console/js/admin_console.js b/roles/xsce-admin/files/console/js/admin_console.js
index 7d7709de..347c28cd 100644
--- a/roles/xsce-admin/files/console/js/admin_console.js
+++ b/roles/xsce-admin/files/console/js/admin_console.js
@@ -1536,8 +1536,6 @@ function stopVnc()
 {
   var command = "STOP-VNC";
   sendCmdSrvCmd(command, genericCmdHandler);
-  $( "#vncIframe" ).prop("src","about:blank");
-  $( "vncIframe" ).remove();
   return true;
 }