-
-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathDockerfile
More file actions
207 lines (175 loc) · 6.98 KB
/
Dockerfile
File metadata and controls
207 lines (175 loc) · 6.98 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
# Use Ubuntu 22.04 LTS as the base image
FROM ubuntu:22.04
# Set Arguments
ARG CLIENT_VERSION=10781.19.0.1214
ARG ZIP_FILE_REL_PATH=bin/univpn-linux-64-${CLIENT_VERSION}.zip
ARG INSTALLER_SOURCE_DIR=/home/UniVPN
ARG ACTUAL_INSTALL_DIR=/usr/local/UniVPN
ARG GUI_APP_PATH=${ACTUAL_INSTALL_DIR}
ARG GUI_APP_EXEC=UniVPN
ARG INSTALL_LOG_DIR=${ACTUAL_INSTALL_DIR}/log
ARG INSTALL_LOG_FILE=${INSTALL_LOG_DIR}/install.log
ARG FONTS_DIR=/usr/share/fonts
ARG USERNAME=vpnuser
ARG USER_UID=1000
ARG USER_GID=1000
ARG VNC_PASSWORD=univpn
ARG VNC_RESOLUTION=1280x800
ARG VNC_DEPTH=24
# Set environment variables
ENV DEBIAN_FRONTEND=noninteractive
ENV LANG=C.UTF-8
ENV LC_ALL=C.UTF-8
ENV USER=${USERNAME}
ENV HOME=/home/${USERNAME}
ENV DISPLAY=:1
ENV VNC_RESOLUTION=${VNC_RESOLUTION}
ENV VNC_PW=${VNC_PASSWORD}
ENV VNC_DEPTH=${VNC_DEPTH}
ENV TZ=Asia/Shanghai
# --- Auto Reconnect Configuration ---
ENV AUTO_RECONNECT=false
ENV RECONNECT_PING_TARGET=8.8.8.8
ENV RECONNECT_GRACE_PERIOD=60
# --- Pre-configure debconf for keyboard-configuration ---
RUN echo "keyboard-configuration keyboard-configuration/layoutcode string us" | debconf-set-selections && \
echo "keyboard-configuration keyboard-configuration/modelcode string pc105" | debconf-set-selections && \
echo "keyboard-configuration keyboard-configuration/variantcode string ''" | debconf-set-selections && \
echo "keyboard-configuration keyboard-configuration/xkb-keymap select us" | debconf-set-selections
# Install dependencies
RUN apt-get update && \
apt-get install -y --no-install-recommends \
unzip \
locales \
ca-certificates \
sudo \
net-tools \
iproute2 \
iputils-ping \
dante-server \
tinyproxy \
dbus \
tzdata \
libx11-6 \
libxext6 \
libxrender1 \
libxtst6 \
libqt5widgets5 \
libqt5gui5 \
libqt5core5a \
libqt5dbus5 \
fonts-liberation \
fonts-noto-core \
fonts-wqy-zenhei \
tigervnc-standalone-server \
tigervnc-tools \
fluxbox \
supervisor \
novnc \
websockify \
&& \
locale-gen C.UTF-8 && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Configure timezone and fix dbus directory permissions
RUN ln -fs /usr/share/zoneinfo/$TZ /etc/localtime && \
dpkg-reconfigure -f noninteractive tzdata && \
mkdir -p /var/run/dbus && \
chown messagebus:messagebus /var/run/dbus
# --- Add Font Cache Update Step ---
RUN echo "Updating font cache..." && \
fc-cache -fv && \
echo "Font cache updated."
# --- Create a Helper Reconnect Command ---
RUN echo '#!/bin/bash' > /usr/local/bin/reconnect && \
echo 'echo "Killing UniVPN process to trigger restart..."' >> /usr/local/bin/reconnect && \
echo 'pkill -f "/usr/local/UniVPN/UniVPN"' >> /usr/local/bin/reconnect && \
chmod +x /usr/local/bin/reconnect
# Create the non-root user and group, add to sudoers
RUN groupadd --gid ${USER_GID} ${USERNAME} && \
useradd --uid ${USER_UID} --gid ${USER_GID} --shell /bin/bash --create-home ${USERNAME} && \
adduser ${USERNAME} sudo && \
echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
# Verify home directory ownership and permissions
RUN echo "Verifying ${USERNAME} home directory..." && \
ls -ld /home/${USERNAME} && \
chown ${USERNAME}:${USERNAME} /home/${USERNAME} && \
chmod 750 /home/${USERNAME} && \
echo "Ownership/permissions verified for /home/${USERNAME}"
# Create installer source directory owned by user
RUN mkdir -p ${INSTALLER_SOURCE_DIR} && \
chown ${USERNAME}:${USERNAME} ${INSTALLER_SOURCE_DIR}
# Copy the installer zip file into that directory
COPY ${ZIP_FILE_REL_PATH} ${INSTALLER_SOURCE_DIR}/installer.zip
# Set the working directory TO the installer source directory
WORKDIR ${INSTALLER_SOURCE_DIR}
# Unzip the installer within this directory and remove the zip file
RUN unzip installer.zip && \
rm installer.zip && \
echo "Listing extracted files in ${INSTALLER_SOURCE_DIR}:" && \
ls -l
# Find and verify the installer file (supports both univpn-linux-64 and univpn-linux-amd64 patterns)
RUN INSTALLER_RUN_FILE=$(ls univpn-linux-*-*.run 2>/dev/null | head -1) && \
if [ -z "$INSTALLER_RUN_FILE" ]; then \
echo "Error: No installer file matching pattern 'univpn-linux-*-*.run' found in ${INSTALLER_SOURCE_DIR}."; \
exit 1; \
fi && \
chmod +x "$INSTALLER_RUN_FILE" && \
echo "Found and made executable: $INSTALLER_RUN_FILE" && \
echo "INSTALLER_RUN_FILE=$INSTALLER_RUN_FILE" > /tmp/installer_env.sh
# Ensure the target log directory exists BEFORE running the installer
RUN mkdir -p ${INSTALL_LOG_DIR}
# Ensure the target fonts directory exists BEFORE running the installer
RUN mkdir -p ${FONTS_DIR} && \
echo "Ensured directory ${FONTS_DIR} exists."
# Run the installer FROM the current directory, redirecting output to the log file
RUN . /tmp/installer_env.sh && \
echo "Running installer as root from $(pwd)... Output logged to ${INSTALL_LOG_FILE}" && \
./$INSTALLER_RUN_FILE > ${INSTALL_LOG_FILE} 2>&1 \
&& \
echo "Installation finished. Check ${INSTALL_LOG_FILE} for details."
# Clean up the installer file after successful execution
RUN . /tmp/installer_env.sh && \
rm $INSTALLER_RUN_FILE && \
rm /tmp/installer_env.sh && \
echo "Removed installer file and environment script."
# --- VNC/Supervisor/noVNC Setup ---
# Create supervisor log directory
RUN mkdir -p /var/log/supervisor
# Copy supervisor configuration
COPY supervisord.conf /etc/supervisor/supervisord.conf
# Copy Dante configuration
COPY danted.conf /etc/danted.conf
RUN chown ${USERNAME}:${USERNAME} /etc/danted.conf
# Copy Tinyproxy configuration
COPY tinyproxy.conf /etc/tinyproxy/tinyproxy.conf
# Copy VNC startup script and Fluxbox config
COPY vnc_startup.sh /usr/local/bin/vnc_startup.sh
RUN mkdir -p /home/${USERNAME}/.fluxbox && \
chown -R ${USERNAME}:${USERNAME} /home/${USERNAME}/.fluxbox
COPY fluxbox_keys /home/${USERNAME}/.fluxbox/keys
COPY fluxbox_menu /home/${USERNAME}/.fluxbox/menu
RUN chmod +x /usr/local/bin/vnc_startup.sh && \
chown ${USERNAME}:${USERNAME} /home/${USERNAME}/.fluxbox/*
# Copy Dante wrapper script
COPY wait_and_start_dante.sh /usr/local/bin/wait_and_start_dante.sh
RUN chmod +x /usr/local/bin/wait_and_start_dante.sh
# Copy noVNC launch script
COPY novnc_launch.sh /usr/local/bin/novnc_launch.sh
RUN chmod +x /usr/local/bin/novnc_launch.sh
# --- Copy the UniVPN Keeper Script ---
COPY univpn-keeper.sh /usr/local/bin/univpn-keeper.sh
RUN chmod +x /usr/local/bin/univpn-keeper.sh
# --- Copy the Xtigervnc-session Script ---
COPY Xtigervnc-session /etc/X11/Xtigervnc-session
RUN chmod +x /etc/X11/Xtigervnc-session
# Set final working directory to user's home
WORKDIR /home/${USERNAME}
# Expose VNC and noVNC ports
EXPOSE 5901 6901
# Run Supervisor as the main process
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
# --- Optional Metadata ---
LABEL maintainer="Xavier Xiong <zx900930@gmail.com>"
LABEL version="${CLIENT_VERSION}"
LABEL description="Docker container with VNC access for Huawei UniVPN GUI Client (v${CLIENT_VERSION})"