├── .ci
    ├── build.sh
    ├── check_cla.sh
    └── check_container.sh
├── .dockerignore
├── .gitlab-ci.yml
├── .travis.yml
├── 01-wsproxy.patch
├── 02-forwardssl.patch
├── CHANGELOG.md
├── CONTRIBUTORS
├── Dockerfile
├── LICENSE
├── readme.md
└── startinit.sh


/.ci/build.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | 
3 | [ -n "$TEMP_IMAGE" ] || TEMP_IMAGE="mplx/webvirtcloud"
4 | 
5 | docker build --tag $TEMP_IMAGE .
6 | 


--------------------------------------------------------------------------------
/.ci/check_cla.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | # check_cla()
 4 | # https://jameshunt.us/writings/travis-cla.html
 5 | check_cla() {
 6 |   local passchar="\xe2\x9c\x94" # U+2714 - ballot check
 7 |   local failchar="\xe2\x9c\x98" # U+2718 - ballot x
 8 |   local rc=0
 9 |   local IFS=$'\n'
10 | 
11 |   echo "Checking CONTRIBUTOR status..."
12 |   for x in $(git log --pretty=format:'%aE %h - %s (%aN <%aE>)' \
13 |                  ${TRAVIS_COMMIT_RANGE}); do
14 |     email=${x%% *}
15 |     desc=${x#* }
16 |     if grep -q '^[^#].*<'${email}'>' CONTRIBUTORS; then
17 |       echo -e "\033[32m${passchar}\033[0m $desc"
18 |     else
19 |       echo -e "\033[31m${failchar}\033[0m $desc"
20 |       echo -e "  \033[31m<${email}> not listed in CONTRIBUTORS file!\033[0m"
21 |       rc=1
22 |     fi
23 |   done
24 |   echo
25 | 
26 |   return $rc
27 | }
28 | 
29 | check_cla
30 | 


--------------------------------------------------------------------------------
/.ci/check_container.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | 
3 | # to be done
4 | exit 0
5 | 
6 | 


--------------------------------------------------------------------------------
/.dockerignore:
--------------------------------------------------------------------------------
1 | .git
2 | .gitignore
3 | *.md
4 | .ci
5 | 


--------------------------------------------------------------------------------
/.gitlab-ci.yml:
--------------------------------------------------------------------------------
 1 | before_script:
 2 |   - apk add --no-cache --update bash ca-certificates curl openssl git
 3 |   - /bin/bash -c 'echo $BASH_VERSION'
 4 |   - mkdir -p build
 5 | 
 6 | variables:
 7 |   DOCKER_DIND_SERVICE: $CI_REGISTRY/docker/dind:latest
 8 |   TEMP_IMAGE: ci-build/$CI_PROJECT_PATH:$CI_PIPELINE_ID
 9 |   BUILD_PATH: build/
10 |   TEMP_IMAGE_LOCAL: $BUILD_PATH/wvc-image.tar
11 |   TEMP_IMAGE_LOCAL_COMPRESSED: $BUILD_PATH/wvc-image.tar.bz2
12 | 
13 | .semver-tags-regex: &semver-tags-regex
14 |   - /^([0-9]+)\.([0-9]+)\.([0-9]+)$/
15 | 
16 | stages:
17 |   - contribution
18 |   - build
19 |   - test
20 |   - release
21 | 
22 | clacheck:
23 |   stage: contribution
24 |   image: docker:latest
25 |   script:
26 |     - .ci/check_cla.sh
27 |   tags:
28 |     - docker-build
29 | 
30 | containerbuild:
31 |   stage: build
32 |   image: docker:latest
33 |   services:
34 |     - name: $DOCKER_DIND_SERVICE
35 |       alias: docker
36 |   artifacts:
37 |     expire_in: 1 hour
38 |     paths:
39 |       - $TEMP_IMAGE_LOCAL_COMPRESSED
40 |   dependencies:
41 |     - clacheck
42 |   script:
43 |     - mkdir -p $BUILD_PATH
44 |     - .ci/build.sh
45 |     - .ci/check_container.sh $TEMP_IMAGE
46 |     - docker save --output $TEMP_IMAGE_LOCAL $TEMP_IMAGE
47 |     - nice -n 19 bzip2 -v -9 $TEMP_IMAGE_LOCAL
48 |     - ls -laih $TEMP_IMAGE_LOCAL_COMPRESSED
49 |   tags:
50 |     - docker-build
51 | 
52 | containertest:
53 |   stage: test
54 |   image: docker:latest
55 |   services:
56 |     - name: $DOCKER_DIND_SERVICE
57 |       alias: docker
58 |   dependencies:
59 |     - containerbuild
60 |   script:
61 |     - .ci/check_container.sh $TEMP_IMAGE $CI_JOB_TOKEN $CI_REGISTRY
62 |   tags:
63 |     - docker-build
64 | 
65 | release:
66 |   stage: release
67 |   image: docker:latest
68 |   services:
69 |     - name: $DOCKER_DIND_SERVICE
70 |       alias: docker
71 |   dependencies:
72 |     - containertest
73 |   script:
74 |     - ls -laih $BUILD_PATH
75 |     - nice -n 19 bzip2 -d $TEMP_IMAGE_LOCAL_COMPRESSED
76 |     - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
77 |     - docker load --input $TEMP_IMAGE_LOCAL --quiet
78 |     - docker tag $TEMP_IMAGE $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
79 |     - docker tag $TEMP_IMAGE $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
80 |     - docker push $CI_REGISTRY_IMAGE
81 |   only: *semver-tags-regex
82 |   tags:
83 |     - docker-build
84 | 
85 | 


--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
 1 | language: go
 2 | 
 3 | sudo: required
 4 | 
 5 | services:
 6 |   - docker
 7 | 
 8 | install:
 9 |   - docker --version
10 | 
11 | script:
12 |   - .ci/check_cla.sh
13 |   - .ci/build.sh
14 |   - .ci/check_container.sh
15 | 


--------------------------------------------------------------------------------
/01-wsproxy.patch:
--------------------------------------------------------------------------------
  1 | diff --git a/conf/nginx/webvirtcloud.conf b/conf/nginx/webvirtcloud.conf
  2 | index 70b8e0e..2eae863 100644
  3 | --- a/conf/nginx/webvirtcloud.conf
  4 | +++ b/conf/nginx/webvirtcloud.conf
  5 | @@ -20,4 +20,15 @@ server {
  6 |          proxy_send_timeout 600;
  7 |          client_max_body_size 1024M;
  8 |      }
  9 | +
 10 | +    location /novncd/ {
 11 | +        proxy_pass http://wsnovncd;
 12 | +        proxy_http_version 1.1;
 13 | +        proxy_set_header Upgrade $http_upgrade;
 14 | +        proxy_set_header Connection "upgrade";
 15 | +    }
 16 | +}
 17 | +
 18 | +upstream wsnovncd {
 19 | +       server 127.0.0.1:6080;
 20 |  }
 21 | diff --git a/console/templates/console-spice-full.html b/console/templates/console-spice-full.html
 22 | index 5accf4d..118f243 100644
 23 | --- a/console/templates/console-spice-full.html
 24 | +++ b/console/templates/console-spice-full.html
 25 | @@ -115,7 +115,7 @@
 26 |                      sc.stop();
 27 |                  }
 28 | 
 29 | -                uri = scheme + host + ":" + port;
 30 | +                   uri = scheme + "{{ ws_host }}:{{ ws_port }}{{ ws_path }}";
 31 | 
 32 |                  document.getElementById('connectButton').innerHTML = "Stop";
 33 |                  document.getElementById('connectButton').onclick = disconnect;
 34 | diff --git a/console/templates/console-spice-lite.html b/console/templates/console-spice-lite.html
 35 | index 8f89678..f4968ad 100644
 36 | --- a/console/templates/console-spice-lite.html
 37 | +++ b/console/templates/console-spice-lite.html
 38 | @@ -142,7 +142,7 @@
 39 |                  password = '{{ console_passwd | safe }}';
 40 |                  if (password === 'None') password = '';
 41 | 
 42 | -                path = spice_query_var('path', 'websockify');
 43 | +                path = spice_query_var('path', '{{ ws_path }}');
 44 | 
 45 |                  if ((!host) || (!port)) {
 46 |                      console.log("must specify host and port in URL");
 47 | diff --git a/console/templates/console-vnc-full.html b/console/templates/console-vnc-full.html
 48 | index 6149289..ab30c62 100755
 49 | --- a/console/templates/console-vnc-full.html
 50 | +++ b/console/templates/console-vnc-full.html
 51 | @@ -241,7 +241,7 @@
 52 |                                      </li>
 53 |                                      <li>
 54 |                                          <label for="noVNC_setting_path">Path:</label>
 55 | -                                        <input id="noVNC_setting_path" type="input" value="websockify" />
 56 | +                                       <input id="noVNC_setting_path" type="input" value="{{ ws_path }}" />
 57 |                                      </li>
 58 |                                  </ul></div>
 59 |                              </li>
 60 | @@ -332,4 +332,4 @@
 61 |          <source src="{% static "js/novnc/app/sounds/bell.oga" %}" type="audio/ogg">
 62 |          <source src="{% static "js/novnc/app/sounds/bell.mp3" %}" type="audio/mpeg">
 63 |      </audio>
 64 | -{% endblock %}
 65 | \ No newline at end of file
 66 | +{% endblock %}
 67 | diff --git a/console/templates/console-vnc-lite.html b/console/templates/console-vnc-lite.html
 68 | index 4dd7bfe..0cc011d 100755
 69 | --- a/console/templates/console-vnc-lite.html
 70 | +++ b/console/templates/console-vnc-lite.html
 71 | @@ -235,14 +235,14 @@
 72 |          //var password = WebUtil.getConfigVar('password', '');
 73 |          var password = '{{ console_passwd }}';
 74 | 
 75 | -        var path = WebUtil.getConfigVar('path', 'websockify');
 76 | +        var path = WebUtil.getConfigVar('path', '{{ ws_path }}');
 77 | 
 78 |          // If a token variable is passed in, set the parameter in a cookie.
 79 |          // This is used by nova-novncproxy.
 80 |          var token = WebUtil.getConfigVar('token', null);
 81 |          if (token) {
 82 |              // if token is already present in the path we should use it
 83 | -            path = WebUtil.injectParamIfMissing(path, "token", token);
 84 | +            path = path + WebUtil.injectParamIfMissing(path, "token", token);
 85 | 
 86 |              WebUtil.createCookie('token', token, 1)
 87 |          }
 88 | diff --git a/console/views.py b/console/views.py
 89 | index 4196ff0..cac6208 100644
 90 | --- a/console/views.py
 91 | +++ b/console/views.py
 92 | @@ -7,6 +7,8 @@ from instances.models import Instance
 93 |  from vrtManager.instance import wvmInstance
 94 |  from webvirtcloud.settings import WS_PORT
 95 |  from webvirtcloud.settings import WS_PUBLIC_HOST
 96 | +from webvirtcloud.settings import WS_PUBLIC_PATH
 97 | +from webvirtcloud.settings import WS_PUBLIC_PORT
 98 |  from libvirt import libvirtError
 99 | 
100 | 
101 | @@ -40,8 +42,9 @@ def console(request):
102 |          console_websocket_port = None
103 |          console_passwd = None
104 | 
105 | -    ws_port = console_websocket_port if console_websocket_port else WS_PORT
106 | +    ws_port = console_websocket_port if console_websocket_port else WS_PUBLIC_PORT
107 |      ws_host = WS_PUBLIC_HOST if WS_PUBLIC_HOST else request.get_host()
108 | +    ws_path = WS_PUBLIC_PATH if WS_PUBLIC_PATH else '/'
109 | 
110 |      if ':' in ws_host:
111 |          ws_host = re.sub(':[0-9]+', '', ws_host)
112 | diff --git a/webvirtcloud/settings.py.template b/webvirtcloud/settings.py.template
113 | index 5e59e92..4b0368a 100644
114 | --- a/webvirtcloud/settings.py
115 | +++ b/webvirtcloud/settings.py
116 | @@ -97,15 +97,21 @@ TEMPLATES = [
117 | 
118 |  ## WebVirtCloud settings
119 | 
120 | -# Wobsock port
121 | +# Websock port
122 |  WS_PORT = 6080
123 | 
124 |  # Websock host
125 |  WS_HOST = '0.0.0.0'
126 | 
127 | -# Websock public port
128 | +# Websock public host
129 |  WS_PUBLIC_HOST = None
130 | 
131 | +# Websock public port
132 | +WS_PUBLIC_PORT = 80
133 | +
134 | +# Websock public path
135 | +WS_PUBLIC_PATH = '/novncd/'
136 | +
137 |  # Websock SSL connection
138 |  WS_CERT = None
139 | 


--------------------------------------------------------------------------------
/02-forwardssl.patch:
--------------------------------------------------------------------------------
 1 | diff --git a/conf/nginx/webvirtcloud.conf b/conf/nginx/webvirtcloud.conf
 2 | index 9aa1408..efcdf71 100644
 3 | --- a/conf/nginx/webvirtcloud.conf
 4 | +++ b/conf/nginx/webvirtcloud.conf
 5 | @@ -15,6 +15,7 @@ server {
 6 |          proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
 7 |          proxy_set_header Host $host:$server_port;
 8 |          proxy_set_header X-Forwarded-Proto $remote_addr;
 9 | +        proxy_set_header X-Forwarded-Ssl off;
10 |          proxy_connect_timeout 600;
11 |          proxy_read_timeout 600;
12 |          proxy_send_timeout 600;
13 | 
14 | 


--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
 1 | # Changelog
 2 | 
 3 | ## [Master]
 4 | 
 5 | ## [0.8.0] (2019-03-06)
 6 | 
 7 | - update upstream
 8 | - add `VNC_HOST` to allow setting external host in proxy environments (thanks @Aphris-Karu)
 9 | - fix `lite` vnc/spice consoles
10 | 
11 | ## [0.7.0] (2018-11-23)
12 | 
13 | - update upstream (thanks @Intellium)
14 | 
15 | ## [0.6.0]
16 | 
17 | - update upstream
18 | - update baseimage to phusion 0.11
19 | 
20 | ## [0.5.0]
21 | 
22 | - update upstream
23 | - added PUBLIC_PORT (thanks @jkellerer)
24 | - MIT license
25 | - mandatory CLA
26 | - gitlab pipeline, travis
27 | 
28 | ## [0.4.2]
29 | 
30 | - update baseimage to phusion 0.9.22
31 | 
32 | ## [0.4.0]
33 | 
34 | - disable X-Forwarded-Ssl
35 | 
36 | ## [0.3.0]
37 | 
38 | - update upstream
39 | - proxy novncd through nginx
40 | 
41 | ## [0.2.0]
42 | 
43 | - update upstream
44 | 
45 | ## 0.1.0
46 | 
47 | - initial public release
48 | 
49 | [Master]: https://github.com/mplx/docker-webvirtcloud/compare/0.7.0...HEAD
50 | [0.7.0]: https://github.com/mplx/docker-webvirtcloud/compare/0.6.0...0.7.0
51 | [0.6.0]: https://github.com/mplx/docker-webvirtcloud/compare/0.5.0...0.6.0
52 | [0.5.0]: https://github.com/mplx/docker-webvirtcloud/compare/0.4.2...0.5.0
53 | [0.4.2]: https://github.com/mplx/docker-webvirtcloud/compare/0.4.0...0.4.2
54 | [0.4.0]: https://github.com/mplx/docker-webvirtcloud/compare/0.3.0...0.4.0
55 | [0.3.0]: https://github.com/mplx/docker-webvirtcloud/compare/0.2.0...0.3.0
56 | [0.2.0]: https://github.com/mplx/docker-webvirtcloud/compare/0.1.0...0.2.0
57 | 


--------------------------------------------------------------------------------
/CONTRIBUTORS:
--------------------------------------------------------------------------------
 1 | # mplx/webvirtcloud
 2 | mplx <developer@mplx.eu> <mplx+coding@donotreply.at> <mplx@donotreply.at>
 3 | 
 4 | # Contributor License Agreement (CLA)
 5 | #
 6 | # By making a contribution to this project, I certify that:
 7 | #
 8 | # (a) The contribution was created in whole or in part by me and I have the right to submit it under the MIT license; or
 9 | #
10 | # (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the MIT license; or
11 | #
12 | # (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.
13 | #
14 | # (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved.
15 | #
16 | # The text of this license is available under the Creative Commons Attribution-ShareAlike 3.0 Unported License.
17 | # It is based on the Linux Developer Certificate Of Origin, but is modified to explicitly use the MIT license and not mention sign-off.
18 | #
19 | 
20 | # sign CLA below "name <author@sample.tld>"
21 | 
22 | juergen kellerer <juergen@k123.eu>
23 | intellium <w.moeken@moeken.eu>
24 | 


--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
 1 | # docker build -t mplx/webvirtcloud .
 2 | FROM phusion/baseimage:0.11
 3 | 
 4 | LABEL maintainer="geki007"
 5 | LABEL maintainer="mplx <mplx+docker@donotreply.at>"
 6 | 
 7 | EXPOSE 80
 8 | 
 9 | CMD ["/sbin/my_init"]
10 | 
11 | RUN apt-get update -qqy && \
12 |     DEBIAN_FRONTEND=noninteractive apt-get -qyy install \
13 |     -o APT::Install-Suggests=false \
14 |     python-virtualenv \
15 |     python-dev \
16 |     libxml2-dev \
17 |     libvirt-dev \
18 |     zlib1g-dev \
19 |     nginx \
20 |     supervisor \
21 |     libsasl2-modules \
22 |     unzip \
23 |     curl && \
24 |     apt-get clean && \
25 |     rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \
26 |     mkdir -p /srv
27 | 
28 | WORKDIR /srv
29 | 
30 | ENV COMMITID=a9a2e1167bfae652186e905d6b226c75022b45e9
31 | 
32 | RUN curl -L -o $COMMITID.zip https://github.com/retspen/webvirtcloud/archive/$COMMITID.zip && \
33 |     unzip $COMMITID.zip && \
34 |     rm -f $COMMITID.zip && \
35 |     mv webvirtcloud-$COMMITID webvirtcloud && \
36 |     rm -Rf webvirtcloud/doc/ webvirtcloud/Vagrantfile && \
37 |     cp webvirtcloud/conf/supervisor/webvirtcloud.conf /etc/supervisor/conf.d && \
38 |     cp webvirtcloud/conf/nginx/webvirtcloud.conf /etc/nginx/conf.d && \
39 |     chown -R www-data:www-data /srv/webvirtcloud/ && \
40 |     cd /srv/webvirtcloud/ && \
41 |     mkdir data && \
42 |     cp webvirtcloud/settings.py.template webvirtcloud/settings.py && \
43 |     sed -i "s|'db.sqlite3'|'data/db.sqlite3'|" webvirtcloud/settings.py && \
44 |     virtualenv venv && \
45 |     . venv/bin/activate && \
46 |     venv/bin/pip install -r conf/requirements.txt && \
47 |     chown -R www-data:www-data /srv/webvirtcloud/ && \
48 |     rm /etc/nginx/sites-enabled/default && \
49 |     echo "\ndaemon off;" >> /etc/nginx/nginx.conf && \
50 |     chown -R www-data:www-data /var/lib/nginx && \
51 |     mkdir /etc/service/nginx && \
52 |     mkdir /etc/service/nginx-log-forwarder && \
53 |     mkdir /etc/service/webvirtcloud && \
54 |     mkdir /etc/service/novnc && \
55 |     cp conf/runit/nginx /etc/service/nginx/run && \
56 |     cp conf/runit/nginx-log-forwarder /etc/service/nginx-log-forwarder/run && \
57 |     cp conf/runit/novncd.sh /etc/service/novnc/run && \
58 |     cp conf/runit/webvirtcloud.sh /etc/service/webvirtcloud/run && \
59 |     rm -rf /tmp/* /var/tmp/*
60 | 
61 | WORKDIR /srv/webvirtcloud
62 | 
63 | ADD 01-wsproxy.patch /srv/webvirtcloud/01-wsproxy.patch
64 | ADD 02-forwardssl.patch /srv/webvirtcloud/02-forwardssl.patch
65 | 
66 | RUN patch -p1 -u <01-wsproxy.patch && \
67 |     patch -p1 -u <02-forwardssl.patch && \
68 |     cp conf/nginx/webvirtcloud.conf /etc/nginx/conf.d && \
69 |     chown -R www-data:www-data /etc/nginx/conf.d/webvirtcloud.conf && \
70 |     rm 01-wsproxy.patch && \
71 |     rm 02-forwardssl.patch
72 | 
73 | COPY startinit.sh /etc/my_init.d/startinit.sh
74 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2016-2019 geki007, mplx 
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/readme.md:
--------------------------------------------------------------------------------
  1 | # WebVirtCloud on Docker
  2 | 
  3 | retspen's WebVirtCloud is a web interface to Linux KVM virtualization and can be found on [github](https://github.com/retspen/webvirtcloud).
  4 | 
  5 | ## [Docker Hub](https://hub.docker.com/r/mplx/docker-webvirtcloud/) Version Tag
  6 | 
  7 | Tag                                                                           | Description
  8 | ----------------------------------------------------------------------------- | -----------
  9 | [x.y.z](https://github.com/mplx/docker-webvirtcloud/blob/master/CHANGELOG.md) | images matching git tags; semantic versioning
 10 | latest                                                                        | build with latest semver tag
 11 | master                                                                        | build from latest commit in master branch
 12 | 
 13 | ## Persistent Data
 14 | 
 15 | To get persistent data (database, ssh key) you need to mount container side directories `/srv/webvirtcloud/data` and `/var/www/.ssh` (i.e. `-v /srv/webvirtcloud/data:/srv/webvirtcloud/data`).
 16 | 
 17 | - an existing database (`db.sqlite3`) will be used and upgraded by webvirtcloud's migrations
 18 | - an existing ssh key will be used otherwise one will be created (4096 bit RSA)
 19 | - warning: do not mount your ~/.ssh as key source - permissions will be updated to container needs!
 20 | 
 21 | ## Run Container
 22 | 
 23 | ### pull/update
 24 | 
 25 | ```bash
 26 | docker pull mplx/docker-webvirtcloud:latest
 27 | ```
 28 | 
 29 | ### docker cli
 30 | 
 31 | ```bash    
 32 | docker run -d \
 33 |     -p 80:80 \
 34 |     -v /srv/webvirtcloud/data:/srv/webvirtcloud/data \
 35 |     -v /srv/webvirtcloud/ssh:/var/www/.ssh \
 36 |     --name webvirtcloud \
 37 |     mplx/docker-webvirtcloud:latest
 38 | ```
 39 | 
 40 | ### docker compose
 41 | 
 42 | ```yml
 43 | version: '2'
 44 | services:
 45 |   webvirtcloud:
 46 |     image: mplx/docker-webvirtcloud
 47 |     ports:
 48 |       - "80:80"
 49 |     volumes:
 50 |       - /srv/webvirtcloud/data:/srv/webvirtcloud/data
 51 |       - /srv/webvirtcloud/ssh:/var/www/.ssh
 52 | ```
 53 | 
 54 | ## Strict Host Checking
 55 | 
 56 | Before adding a KVM target system ("Computes" > "SSH Connection") you have to add the public key to the target system and establish a test connection so the host key is added to `known_hosts` file. Failing to do so will result in error `Host key verification failed`.
 57 | 
 58 | ```bash
 59 | docker exec -i -t <container> /sbin/setuser www-data ssh <user>@<fqdn>
 60 | ```
 61 | 
 62 | If you don't care about strict host checking you might disable it by adding these settings to file `config` in your ssh target volume instead:
 63 | 
 64 | ```
 65 | StrictHostKeyChecking=no
 66 | UserKnownHostsFile=/dev/null
 67 | ```
 68 | 
 69 | ## Public Port `PUBLIC_PORT`
 70 | 
 71 | nginx uses port 80 by default. If you require another port you can change this via `PUBLIC_PORT` (e.g. `docker run ... -e PUBLIC_PORT=443 ...`). Webvirtcloud uses `PUBLIC_PORT` for redirections (e.g. to login page) therefore it should be set when the web UI is accessed via a port other than 80 or 443.
 72 | 
 73 | ## novncd `VNC_HOST`, `VNC_PORT`
 74 | 
 75 | External websocket host (`VNC_HOST`) and/or port (`VNC_PORT`) to proxy websocket connects for vnc/spice. Port defaults to port 80 (or `PUBLIC_PORT` if set). If you require another host/port (i.e. you're using webvirtcloud behind a SSL proxy ) you'll have to set up the appropiate host and/or port (`docker run ... -e VNC_PORT=443 ...`).
 76 | 
 77 | ## Proxy
 78 | 
 79 | webvirtcloud is fully operational behind a proxy.
 80 | 
 81 | i.e. `jwilder/nginx-proxy` with `jrcs/letsencrypt-nginx-proxy-companion`:
 82 | 
 83 | ```bash
 84 | ...
 85 |     environment:
 86 |       - VNC_HOST=external-host.domain.tld
 87 |       - VNC_PORT=443
 88 |       - VIRTUAL_HOST=webvirtcloud.domain.tld
 89 |       - VIRTUAL_PORT=80
 90 |       - LETSENCRYPT_HOST=webvirtcloud.domain.tld
 91 |       - LETSENCRYPT_EMAIL=some@email.tld
 92 | ...
 93 | ```
 94 | 
 95 | ## Contributing Guidelines
 96 | 
 97 | Contributions welcome! When submitting your first pull request please add your _author email_ (the one you use to make commits) to the [contributors](CONTRIBUTORS) file which contains a Contributor License Agreement (CLA).
 98 | 
 99 | ## License
100 | 
101 | Licensed under [MIT License](LICENSE).
102 | 


--------------------------------------------------------------------------------
/startinit.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | # fix database permissions
 4 | echo "Fixing permissions..."
 5 | chown -R www-data:www-data /srv/webvirtcloud/data/
 6 | 
 7 | # disabling django debug
 8 | echo "Disable debug mode..."
 9 | sed -i 's/DEBUG = True/DEBUG = False/' /srv/webvirtcloud/webvirtcloud/settings.py
10 | 
11 | # generate and set secret key if empty
12 | echo "Secret key..."
13 | SECRETKEY=$(cat /proc/sys/kernel/random/uuid)
14 | sed -i "s/SECRET_KEY = ''/SECRET_KEY = '$SECRETKEY'/" /srv/webvirtcloud/webvirtcloud/settings.py
15 | 
16 | # execute migrations
17 | echo "Executing migrations..."
18 | /sbin/setuser www-data /srv/webvirtcloud/venv/bin/python /srv/webvirtcloud/manage.py migrate
19 | 
20 | # generate ssh keys if necessary
21 | if [ ! -f /var/www/.ssh/id_rsa ]; then
22 | 	mkdir -p /var/www/.ssh/
23 | 	ssh-keygen -b 4096 -t rsa -C webvirtcloud -N '' -f /var/www/.ssh/id_rsa
24 | fi
25 | echo ""
26 | echo "Your WebVirtCloud public key:"
27 | cat /var/www/.ssh/id_rsa.pub
28 | echo ""
29 | 
30 | # set public port
31 | if [ -n "$PUBLIC_PORT" ]; then
32 | 	echo "Setting public port..."
33 | 	sed -r -i "s/(\\s*listen )[0-9]+;/\\1${PUBLIC_PORT};/" /etc/nginx/conf.d/webvirtcloud.conf
34 | 	[ -n "$VNC_PORT" ] || VNC_PORT=$PUBLIC_PORT
35 | fi
36 | 
37 | # set vnc host
38 | echo "Setting VNC external host..."
39 | if [ -n "$VNC_HOST" ]; then
40 | 	sed -i "s/WS_PUBLIC_HOST = None/WS_PUBLIC_HOST = '$VNC_HOST'/" /srv/webvirtcloud/webvirtcloud/settings.py
41 | fi
42 | 
43 | # set vnc port
44 | echo "Setting VNC port..."
45 | if [ -n "$VNC_PORT" ]; then
46 | 	sed -i "s/WS_PUBLIC_PORT = [0-9]\+/WS_PUBLIC_PORT = $VNC_PORT/" /srv/webvirtcloud/webvirtcloud/settings.py
47 | else
48 | 	sed -i 's/WS_PUBLIC_PORT = [0-9]\+/WS_PUBLIC_PORT = 80/' /srv/webvirtcloud/webvirtcloud/settings.py
49 | fi
50 | 
51 | # fix ssh permissions
52 | echo "Fixing ssh permissions..."
53 | chown -R www-data:www-data /var/www/.ssh/
54 | chmod 0700 /var/www/.ssh
55 | chmod 0600 /var/www/.ssh/*
56 | 


--------------------------------------------------------------------------------