[remote-access] Add Module

8 files changed, 186 insertions, 0 deletions

diff --git a/core/modules/remote-access/data/etc/X11/Xsetup.d/50-launch-vncserver b/core/modules/remote-access/data/etc/X11/Xsetup.d/50-launch-vncserver
new file mode 100755
index 00000000..09142eed
--- /dev/null
+++ b/core/modules/remote-access/data/etc/X11/Xsetup.d/50-launch-vncserver
@@ -0,0 +1,87 @@
+#!/bin/sh sourced
+
+[ -z "$SLX_KCL_SERVERS" ] && . /opt/openslx/config
+
+[ "$DISPLAY" = :0 ] && [ -n "$SLX_REMOTE_VNC" ] && {
+	# TODO GET
+	srchost="$SLX_REMOTE_HOST_ACCESS"
+	if [ -n "$srchost" ]; then
+		# IPTABLES
+		rule="/opt/openslx/iptables/rules.d/80-remote-access"
+		if ! [ -e "$rule" ]; then
+			(
+				echo "#!/bin/sh"
+				echo "iptables -A INPUT \! -s "'"'"$srchost"'"'" -p tcp --dport 5900 -j DROP"
+				echo "iptables -A INPUT \! -s "'"'"$srchost"'"'" -p tcp --dport 5901 -j DROP"
+			) > "$rule"
+			chmod +x "$rule"
+		fi
+	fi
+	set -x
+	exec &> /tmp/fooooooooooooo
+	# dd since busybox head doesn't know -c
+	passwd="$( < /dev/urandom  tr -c -d 'a-zA-Z0-9#&/=()[]{}' | dd bs=8 count=1 status=none )"
+	printf "%s" "$passwd" > "/tmp/vnc-passwd"
+	url="http://${SLX_PXE_SERVER_IP}/slx-admin/api.php?do=remoteaccess"
+	curl -L --retry 4 --retry-connrefused --max-time 3 --retry-max-time 10 \
+		--data-urlencode "password=$passwd" "$url"
+	killall x11vnc
+	(
+		fails=0
+		while true; do
+			s="$( date +%s )"
+			# skip keycode stuff fixes altgr for vmware
+			x11vnc -rfbport 5900 -shared -forever -passwd -xkb -skip_keycodes 92,187,188 -remap DEAD=gac,U20AC-EuroSign "$passwd"
+			e="$( date +%s )"
+			d="$(( e - s ))"
+			if [ "$d" -gt 5 ]; then
+				fails=0
+			else
+				fails="$(( fails + 1 ))"
+				[ "$fails" -gt 10 ] && break
+				[ "$fails" -gt 3 ] && usleep 333333
+			fi
+		done
+	) &> "/tmp/x11vnc-log-$$" &
+	vncpid=$!
+	gotone=false
+	vmvnc=false
+	idle=0
+	# In case of stale entry
+	iptables -t nat -D PREROUTING -p tcp --dport 5900 -j REDIRECT --to-ports 5901
+	while [ -d "/proc/${vncpid}" ]; do
+		sleep 5
+		if netstat -tn | awk 'BEGIN{ e=1 } { if ($4 ~ /:590[0123]$/) e=0 } END{ exit e }'; then
+			gotone=true
+			idle=0
+		else
+			idle=$(( idle + 1 ))
+		fi
+		if $gotone && [ "$idle" -gt 120 ]; then # 120 * 5 = 10 mins
+			kill "$vncpid"
+			break
+		fi
+		# In case we access vmplayer via x11vnc; vmplayer won't leave the keymap alone >:(
+		# TODO: Currently everything needs to be set to DE for this to work - X11 and
+		# the OS in the VM.
+		#setxkbmap -query | grep -q '^layout:\s*de$' || \ # NO, always reports 'de'
+		setxkbmap de
+		# Check if we should redirect to vmware
+		if netstat -tnl | awk 'BEGIN{ e=1 } { if ($4 ~ /:5901$/) e=0 } END{ exit e }'; then
+			#enable
+			if ! $vmvnc; then
+				killall x11vnc
+				usleep 10000
+				iptables -t nat -I PREROUTING 1 -p tcp --dport 5900 -j REDIRECT --to-ports 5901
+			fi
+			vmvnc=true
+		else
+			# disable
+			if $vmvnc; then
+				iptables -t nat -D PREROUTING -p tcp --dport 5900 -j REDIRECT --to-ports 5901
+			fi
+			vmvnc=false
+		fi
+	done
+	systemctl restart lightdm
+} &
diff --git a/core/modules/remote-access/data/etc/systemd/system/graphical.target.wants/remote-access.service b/core/modules/remote-access/data/etc/systemd/system/graphical.target.wants/remote-access.service
new file mode 120000
index 00000000..7ee2fe30
--- /dev/null
+++ b/core/modules/remote-access/data/etc/systemd/system/graphical.target.wants/remote-access.service
@@ -0,0 +1 @@
+../remote-access.service
\ No newline at end of file
diff --git a/core/modules/remote-access/data/etc/systemd/system/remote-access.service b/core/modules/remote-access/data/etc/systemd/system/remote-access.service
new file mode 100644
index 00000000..2a21919e
--- /dev/null
+++ b/core/modules/remote-access/data/etc/systemd/system/remote-access.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Check if remote access is desired, configure system
+Before=lightdm.service display-manager.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+Exec=/opt/openslx/scripts/systemd-remote_x_config
+
diff --git a/core/modules/remote-access/data/opt/openslx/remote-access/xorg.conf b/core/modules/remote-access/data/opt/openslx/remote-access/xorg.conf
new file mode 100644
index 00000000..549400f5
--- /dev/null
+++ b/core/modules/remote-access/data/opt/openslx/remote-access/xorg.conf
@@ -0,0 +1,57 @@
+Section "Monitor"
+	Identifier "disable"
+	Option "Ignore" "true"
+EndSection
+
+Section "Monitor"
+	Identifier "virt"
+	Option "DefaultModes" "false"
+	Modeline "1664x936"  128.50  1664 1768 1936 2208  936 939 944 972 -hsync +vsync
+	Option "Mode" "1664x936"
+	Option "PreferredMode" "1664x936"
+	Option "Enable" "true"
+EndSection
+
+Section "Device"
+	Identifier "whatever"
+	Option "VirtualHeads" "1"
+	Option "Monitor-HDMI1" "disable"
+	Option "Monitor-HDMI2" "disable"
+	Option "Monitor-HDMI3" "disable"
+	Option "Monitor-HDMI-1" "disable"
+	Option "Monitor-HDMI-2" "disable"
+	Option "Monitor-HDMI-3" "disable"
+	Option "Monitor-VGA1" "disable"
+	Option "Monitor-VGA2" "disable"
+	Option "Monitor-VGA3" "disable"
+	Option "Monitor-VGA-1" "disable"
+	Option "Monitor-VGA-2" "disable"
+	Option "Monitor-VGA-3" "disable"
+	Option "Monitor-DP1" "disable"
+	Option "Monitor-DP2" "disable"
+	Option "Monitor-DP3" "disable"
+	Option "Monitor-DP-1" "disable"
+	Option "Monitor-DP-2" "disable"
+	Option "Monitor-DP-3" "disable"
+	Option "Monitor-eDP1" "disable"
+	Option "Monitor-eDP2" "disable"
+	Option "Monitor-eDP3" "disable"
+	Option "Monitor-eDP-1" "disable"
+	Option "Monitor-eDP-2" "disable"
+	Option "Monitor-eDP-3" "disable"
+	Option "Monitor-DVI1" "disable"
+	Option "Monitor-DVI2" "disable"
+	Option "Monitor-DVI3" "disable"
+	Option "Monitor-DVI-1" "disable"
+	Option "Monitor-DVI-2" "disable"
+	Option "Monitor-DVI-3" "disable"
+	Option "Monitor-DVI-I-1-1" "disable"
+	Option "Monitor-DVI-I-1-2" "disable"
+	Option "Monitor-DVI-I-1-3" "disable"
+	Option "Monitor-DVI-I-2-1" "disable"
+	Option "Monitor-DVI-I-2-2" "disable"
+	Option "Monitor-DVI-I-2-3" "disable"
+	Option "Monitor-VIRTUAL1" "virt"
+	Option "Monitor-VIRTUAL-1" "virt"
+EndSection
+
diff --git a/core/modules/remote-access/data/opt/openslx/scripts/lightdm-Xvnc b/core/modules/remote-access/data/opt/openslx/scripts/lightdm-Xvnc
new file mode 100755
index 00000000..738500b0
--- /dev/null
+++ b/core/modules/remote-access/data/opt/openslx/scripts/lightdm-Xvnc
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+# Put xserver-command=<this> in lightdm-*.conf
+exec Xtigervnc :0 -rfbauth /root/.vnc/passwd -auth /var/run/lightdm/root/:0 -SecurityTypes VncAuth -geometry 1024x768 > /tmp/sasasa-$$ 2>&1
diff --git a/core/modules/remote-access/data/opt/openslx/scripts/systemd-remote_x_config b/core/modules/remote-access/data/opt/openslx/scripts/systemd-remote_x_config
new file mode 100755
index 00000000..203324ca
--- /dev/null
+++ b/core/modules/remote-access/data/opt/openslx/scripts/systemd-remote_x_config
@@ -0,0 +1,8 @@
+#!/bin/ash
+
+. /opt/openslx/config
+
+[ -n "$SLX_REMOTE_VNC" ] || exit 0 # Nothing to do
+
+ln -nfs /opt/openslx/remote-access/xorg.conf /etc/X11/xorg.conf.d/16-remote-access.conf
+
diff --git a/core/modules/remote-access/module.build b/core/modules/remote-access/module.build
new file mode 100644
index 00000000..a183dc1f
--- /dev/null
+++ b/core/modules/remote-access/module.build
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+fetch_source() {
+	:
+}
+
+build() {
+	:
+}
+
+post_copy() {
+	:
+}
+
diff --git a/core/modules/remote-access/module.conf b/core/modules/remote-access/module.conf
new file mode 100644
index 00000000..9a6a9a64
--- /dev/null
+++ b/core/modules/remote-access/module.conf
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+REQUIRED_MODULES="
+	x11vnc
+"
+