misterunknown · March 29, 2019 13:47 · Mar 29, 2019
diff --git a/alpine-virtual-desktop.sh b/alpine-virtual-desktop.sh
@@ -0,0 +1,128 @@
+#!/bin/sh
+#
+# This script installs a virtual desktop using Xvfb, x11vnc, mate-desktop,
+# mate-session-manager and Apache Guacamole. It runs on Alpine Linux Edge.
+#
+# See also:
+# https://www.reddit.com/r/selfhosted/comments/b6k8go/poc_a_desktop_in_a_container_on_a_server/
+
+# This is the user, under which the MATE desktop will run
+# Notice: For several reasons this shouldn't be root
+USERNAME="myuser"
+
+# Ensure the user exists
+getent passwd $USERNAME >/dev/null || adduser -D $USERNAME
+
+# Add my own repository, which provides guacamole-server and guacamole-client
+wget -O /etc/apk/keys/marco-5b505a5e.rsa.pub "https://marco.alpinelinux.de/keys/marco-5b505a5e.rsa.pub"
+echo "https://marco.alpinelinux.de/repo/edge/marco" >> /etc/apk/repositories
+
+# Install necessary packages
+apk add --upgrade-cache \
+	dbus-x11 \
+	guacamole-server \
+	guacamole-server-openrc \
+	guacamole-client \
+	libguac-client-vnc \
+	mate-desktop \
+	mate-desktop-environment \
+	mate-session-manager \
+	x11vnc \
+	xvfb \
+
+# Deploy configuration
+cat <<EOF > /etc/conf.d/xvfb
+# xvfb config
+
+# display
+command_args="-screen :0 1280x800x24 -ac +extension GLX +render -noreset -shmem"
+EOF
+
+cat <<EOF > /etc/init.d/xvfb
+#!/sbin/openrc-run
+
+name="Xvfb framebuffer"
+pidfile="/var/run/xvfb.pid"
+command="/usr/bin/Xvfb"
+command_args="${command_args:-}"
+command_background="yes"
+EOF
+
+cat <<EOF > /etc/conf.d/x11vnc
+# x11vnc config
+# display
+command_args="$command_args -display :0"
+# listen only local
+command_args="$command_args -localhost"
+# persistent, shared server
+command_args="$command_args -forever -shared -loop"
+# X settings
+command_args="$command_args -xrandr -cursor arrow"
+# Logfile
+command_args="$command_args -o /var/log/x11vnc.log"
+# password
+#command_args="$command_args -passwd verysecret123"
+EOF
+
+cat <<EOF > /etc/init.d/x11vnc
+#!/sbin/openrc-run
+
+name="x11vnc server"
+pidfile="/var/run/x11vnc.pid"
+command="/usr/bin/x11vnc"
+command_args="${command_args:-}"
+command_background="yes"
+EOF
+
+cat <<EOF > /etc/init.d/mate-session
+#!/sbin/openrc-run
+
+name="MATE session for $USERNAME"
+pidfile="/var/run/mate-session.pid"
+command_user="$USERNAME"
+command="/usr/bin/mate-session"
+command_args="${command_args:-}"
+command_background="yes"
+
+depend() {
+        need xvfb
+}
+EOF
+
+cat <<EOF > /etc/conf.d/mate-session
+# mate-session config
+export DISPLAY=":0"
+EOF
+
+cat <<EOF > /etc/guacamole/user-mapping.xml
+<?xml version="1.0" encoding="UTF-8"?>
+<user-mapping>
+    <authorize username="admin" password="21232f297a57a5a743894a0e4a801fc3" encoding="md5">
+        <protocol>vnc</protocol>
+        <param name="hostname">localhost</param>
+        <param name="port">5900</param>
+        <!-- <param name="password">verysecret123</param> -->
+    </authorize>
+</user-mapping>
+EOF
+
+# This is a workaround for a flaw in the package
+mkdir -p /var/log/jetty/guacamole-{client,server}
+
+for i in xvfb x11vnc mate-session
+do
+	chmod +x /etc/init.d/${i}
+	rc-update add ${i}
+done
+
+for i in dbus guacamole-client guacamole-server
+do
+	rc-update add ${i}
+done
+
+rc-service xvfb start
+rc-service x11vnc start
+rc-service dbus start
+rc-service mate-session start
+rc-service guacamole-server start
+rc-service guacamole-client start