Console3 #786

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

georgejhunt wants to merge 41 commits into XSCE:master from georgejhunt:console3

roles/xsce-admin/defaults/main.yml

-Original file line number
+Diff line change
@@ Expand Up / @@ -6,3 +6,6 @@ admin_console_path: "{{ xsce_base }}/admin_console" @@
     cmdsrv_path: "{{ xsce_base }}/xsce_cmdsrv"
     xsce_cmdsrv_dbname : "xsce_cmdsrv.0.2.db"
     gui_version: 4
+    novnc_version: noVNC-0.6.1
+    novnc_install: True
+    novnc_enabled: False

roles/xsce-admin/files/cmdsrv/passwd

Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		�+��pr

roles/xsce-admin/files/cmdsrv/scripts/display-desktop.sh

-Original file line number
+Diff line change
@@ -0,0 +1,14 @@
+    #!/bin/bash
+    # start the vnc server and websockify server
+    /etc/init.d/vnc start
+    # if a parameter was passed it is the remote  addr
+    if [ $# -eq 1 ]; then
+       iptables -I INPUT -p tcp -s $1 --dport 6080 -j ACCEPT
+    else
+       # open the new port for direct access to the websocket
+       iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
+    fi
+    # launch the websocket server
+    systemctl start websockify.service

roles/xsce-admin/files/cmdsrv/scripts/secure-desktop.sh

-Original file line number
+Diff line change
@@ -0,0 +1,12 @@
+    #!/bin/bash
+    # close down the vnc remote desktop
+    # delete any rules permitting 6080
+    iptables -L INPUT |grep 6080
+    while [ $? -eq 0 ];do
+      iptables -D INPUT 1
+      iptables -L INPUT  |grep 6080
+    done
+    /etc/init.d/vnc stop
+    systemctl stop websockify.service

roles/xsce-admin/files/cmdsrv/scripts/test.sh

100755 → 100644

Empty file.

roles/xsce-admin/files/cmdsrv/xsce-cmdsrv

-Original file line number
+Diff line change
@@ Expand Up / @@ -578,6 +578,8 @@ def cmd_handler(cmd_msg): @@
             "INST-RACHEL": install_rachel,
             "DEL-DOWNLOADS": del_downloads,
             "RESTART-KIWIX": restart_kiwix,
+            "START-VNC": start_vnc,
+            "STOP-VNC": stop_vnc,
             "REBOOT": reboot_server,
             "POWEROFF": poweroff_server,
             "CHGPW": change_password
@@ Expand Down Expand Up / @@ -1160,6 +1162,28 @@ def restart_kiwix(cmd_info): @@
             resp = cmd_error(cmd_info['cmd'])
         return (resp)
+    def start_vnc(cmd_info):
+        if "cmd_args" in cmd_info.keys() and "REMOTE_ADDR" in cmd_info["cmd_args"].keys():
+            remote_addr =  cmd_info["cmd_args"]["REMOTE_ADDR"]
+            rc = subprocess.call(["scripts/display-desktop.sh", remote_addr])
+        else:
+            rc = subprocess.call(["scripts/display-desktop.sh"])
+        #print rc
+        if rc == 0:
+            resp = cmd_success(cmd_info['cmd'])
+        else:
+            resp = cmd_error(cmd_info['cmd'])
+        return (resp)
+    def stop_vnc(cmd_info):
+        rc = subprocess.call(["scripts/secure-desktop.sh"])
+        #print rc
+        if rc == 0:
+            resp = cmd_success(cmd_info['cmd'])
+        else:
+            resp = cmd_error(cmd_info['cmd'])
+        return (resp)
     def reboot_server(cmd_info):
         resp = cmd_success_msg(cmd_info['cmd'], 'Reboot Initiated')
         outp = subprocess.Popen(["scripts/reboot.sh"])
@@ Expand Down @@

roles/xsce-admin/files/console/index.html

-Original file line number
+Diff line change
@@ Expand Up / @@ -57,6 +57,8 @@ <h2>Actions</h2> @@
     									<div class="action-buttons">
     									  <button id="REBOOT" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>REBOOT Server</button>
     									  <button id="POWEROFF" type="button" class="btn btn-lg btn-danger" style="opacity:0.5" disabled>POWER OFF Server</button>
+    									  <button id="START-VNC" type="button" class="btn btn-lg btn-danger"  enabled>View Server (Insecure)</button>
+    									  <button id="STOP-VNC" type="button" class="btn btn-lg btn-success" style="opacity:0.5" disabled>Make More Secure</button>
     									</div>
     								</div> <!-- left column -->
     								<div class="col-md-9"> <!-- Start right column -->
@@ Expand Down @@

roles/xsce-admin/files/console/js/admin_console.js

-Original file line number
+Diff line change
@@ Expand Up / @@ -102,6 +102,19 @@ function controlButtonsEvents() { @@
       $("#POWEROFF").click(function(){
         poweroffServer();
       });
+      $("#START-VNC").click(function(){
+      	make_button_disabled("#START-VNC", true);
+      	startVnc();
+      	make_button_disabled("#STOP-VNC", false);
+      });
+      $("#STOP-VNC").click(function(){
+      	make_button_disabled("#STOP-VNC", true);
+      	stopVnc();
+      	make_button_disabled("#START-VNC", false);
+      });
       console.log(' REBOOT and POWEROFF set');
     }
@@ Expand Down Expand Up / @@ -1500,6 +1513,32 @@ function poweroffServer() @@
       return true;
     }
+    function startVnc()
+    {
+      var command = "START-VNC";
+      sendCmdSrvCmd(command, genericCmdHandler);
+      var loc = window.location;
+      var url = "http://" + loc.hostname + ":6080/vnc_auto.html?password=desktop";
+      var w = 1152;
+      var h = 864;
+      if (w > screen.width){
+         w = screen.width;
+      }
+      if (h > screen.height){
+         h = screen.height;
+      }
+      var win = window.open(url,"Server","menubar=no,resizeable=yes,scrollbars=yes,width=" + w + ",height=" + h);
+      win.focus();
+      return false;
+    }
+    function stopVnc()
+    {
+      var command = "STOP-VNC";
+      sendCmdSrvCmd(command, genericCmdHandler);
+      return true;
+    }
     function getHelp(arg)
     {
       $.get( "help/" + arg, function( data ) {
@@ Expand Down @@

roles/xsce-admin/tasks/main.yml

-Original file line number
+Diff line change
@@ Expand Up / @@ -17,6 +17,12 @@ @@
         - base
         - console
+    - include: vnc.yml
+      tags:
+        - base
+        - console
+      when: novnc_install
     - name: Add xsce-admin parameters to ini file
       ini_file: dest='{{ service_filelist }}'
                 section=xsce-admin
@@ Expand Down @@

roles/xsce-admin/tasks/vnc.yml

-Original file line number
+Diff line change
@@ -0,0 +1,49 @@
+    - name: Install vnc packages
+      yum: name={{ item }}
+               state=present
+      with_items:
+            - tigervnc-server
+            - python-websockify
+      when: ansible_distribution == "Fedora" or ansible_distribution == "CentOS"
+      tags: download
+    - name: Download the noVNC source from our copy
+      get_url: url={{ xsce_download_url }}/{{ novnc_version }}.tar.gz
+               dest={{ downloads_dir }}
+      tags: download2
+    - name: Expand novnc to our root directory
+      unarchive: src={{ downloads_dir }}/{{ novnc_version }}.tar.gz
+               dest={{ xsce_base }}
+               owner=xsce-admin
+    - name: Create a link pointing to the current version
+      file: src={{ xsce_base }}/{{ novnc_version }}
+            dest={{ xsce_base }}/novnc
+            state=link
+    - name: Install the mate desktop for use with VNC
+      shell: 'yum -y groupinstall "MATE Desktop"'
+      when: ansible_distribution == "Fedora" or ansible_distribution == "CentOS"
+      tags: download
+    - name: make the vnc directory
+      file: path=/home/xsce-admin/.vnc
+            owner=xsce-admin
+            state=directory
+    - name: Put templated files in place
+      template: src={{ item.src }}
+                dest={{ item.dest }}
+                owner=xsce-admin
+                mode=0755
+      with_items:
+         - { src: 'cmdsrv/xstartup', dest: '/home/xsce-admin/.vnc/' }
+         - { src: 'cmdsrv/vnc', dest: '/etc/init.d/' }
+         - { src: 'cmdsrv/websockify.service', dest: '/etc/systemd/system/' }
+    - name: copy the password file -- binary confuses template module
+      copy: src=cmdsrv/passwd
+            dest=/home/xsce-admin/.vnc
+            mode=0700
+            owner=xsce-admin

roles/xsce-admin/templates/cmdsrv/vnc

-Original file line number
+Diff line change
@@ -0,0 +1,69 @@
+    #!/bin/bash
+    #
+    # description: Starts and stops vncserver. \
+    #	       used to provide remote X administration services.
+    source /etc/init.d/functions
+    unset VNCSERVERARGS
+    VNCSERVERS="1:xsce-admin"
+    VNCSERVERARGS[1]=" -localhost -geometry 1152x864"
+    VNCSERVERARGS[2]="-geometry 1152x864"
+    VNCSERVERARGS[3]="-geometry 1152x864"
+    start() {
+        echo -n $"Starting VNC server: "
+        ulimit -S -c 0 >/dev/null 2>&1
+        if [ ! -d /tmp/.X11-unix ]
+        then
+            mkdir -m 1777 /tmp/.X11-unix || :
+        fi
+        for display in ${VNCSERVERS}
+        do
+            echo -n "${display} "
+    	unset BASH_ENV ENV
+    	DISP="${display%%:*}"
+    	export USER="${display##*:}"
+    	export VNCUSERARGS="${VNCSERVERARGS[${DISP}]}"
+            su - ${USER} -c "cd ~${USER} && [ -f .vnc/passwd ] && vncserver :${DISP} ${VNCUSERARGS}"
+        done
+    }
+    stop() {
+        echo -n $"Shutting down VNC server: "
+        for display in ${VNCSERVERS}
+        do
+            echo -n "${display} "
+    	unset BASH_ENV ENV
+    	export USER="${display##*:}"
+    	su ${USER} -c "vncserver -kill :${display%%:*}" >/dev/null 2>&1
+        done
+    }
+    # See how we were called.
+    case "$1" in
+      start)
+    	start
+    	;;
+      stop)
+    	stop
+    	;;
+      restart|reload)
+    	stop
+    	sleep 3
+    	start
+    	;;
+      condrestart)
+    	if [ -f /var/lock/subsys/vncserver ]; then
+    	    stop
+    	    sleep 3
+    	    start
+    	fi
+    	;;
+      status)
+    	status Xvnc
+    	;;
+      *)
+    	echo $"Usage: $0 {start|stop|restart|condrestart|status}"
+    	exit 1
+    esac

roles/xsce-admin/templates/cmdsrv/websockify.service

-Original file line number
+Diff line change
@@ -0,0 +1,11 @@
+    [Unit]
+    Description=provides a TCP to web protocol proxy
+    After=syslog.target network.target
+    [Service]
+    Type=simple
+    ExecStart=/usr/bin/websockify --web={{ xsce_base}}/novnc 6080 localhost:5901
+    [Install]
+    WantedBy=multi-user.target

roles/xsce-admin/templates/cmdsrv/xstartup

-Original file line number
+Diff line change
@@ -0,0 +1,6 @@
+    #!/bin/sh
+    vncconfig -iconic &
+    unset SESSION_MANAGER
+    unset DBUS_SESSION_BUS_ADDRESS
+    exec mate-session

roles/xsce-admin/templates/console/cmd-service.php

-Original file line number
+Diff line change
@@ Expand Up / @@ -10,6 +10,10 @@ @@
     $command = $_POST['command'];
     //$command = "TEST";
     // echo "Command: $command <BR>";
+    if (trim($command) == "START-VNC"){
+      $remote_addr = $_SERVER['REMOTE_ADDR'];
+      $command = $command . " {\"REMOTE_ADDR\": \"" . $remote_addr . "\"}";
+    }
     $alert_param = ',"Alert": "True"';
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Console3 #786

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Console3 #786

Are you sure you want to change the base?

Uh oh!

Console3 #786

Uh oh!

Uh oh!

Diff view

Diff view

There are no files selected for viewing