From 4652368c8d0c3eb296919fecf32011e721d8a73a Mon Sep 17 00:00:00 2001 From: Alex Davies Date: Tue, 23 Jan 2024 15:06:29 -0400 Subject: [PATCH] Added service to populate user home from /etc/skel/, this will also allow us to update user home files as time goes on, but won't overwrite files the user has modified. --- .gitignore | 1 + Dockerfile | 21 +++++---- README.md | 78 +++++++++++++++++++++++++++++++++- docker-compose.yaml | 67 +++++++++++++++++++++++++++++ kasmvnc.service | 6 ++- kasmpasswd => skel/.kasmpasswd | 0 userhome.service | 16 +++++++ xstartup | 2 + 8 files changed, 178 insertions(+), 13 deletions(-) create mode 100644 .gitignore create mode 100644 docker-compose.yaml rename kasmpasswd => skel/.kasmpasswd (100%) create mode 100644 userhome.service diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ff1c750 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +spiri-sdk-home diff --git a/Dockerfile b/Dockerfile index c92fd41..ac78b8d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,7 +21,8 @@ RUN apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin d RUN apt-get install ros-$ROS_DISTRO-gazebo-ros-pkgs ros-$ROS_DISTRO-gazebo-ros-control gazebo11 -y RUN apt-get install ros-$ROS_DISTRO-mavros -y RUN apt-get install lxqt-core dbus-x11 udisks2- gvfs-daemons- gvfs-backends- gvfs-fuse- -y #A few things related to FUSE need to be explicityly not installed -RUN apt-get install vim nano htop git mesa-utils -y +RUN apt-get install vim nano htop git mesa-utils rsync -y +RUN apt-get install firefox -y RUN apt-get remove gnome-shell -y RUN apt-get autoremove -y @@ -31,6 +32,8 @@ RUN apt-get install ./kasmvncserver_focal_1.2.0_amd64.deb --yes RUN rm ./kasmvncserver_focal_1.2.0_amd64.deb COPY ./kasmvnc.yaml /etc/kasmvnc/kasmvnc.yaml +COPY ./userhome.service /etc/systemd/system/ +RUN systemctl enable userhome COPY ./kasmvnc.service /etc/systemd/system/ RUN systemctl enable kasmvnc @@ -51,8 +54,7 @@ RUN echo "$USERNAME ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/$USERNAME RUN chmod 0440 /etc/sudoers.d/$USERNAME RUN echo "${USERNAME}:spiri-friend" | chpasswd -COPY --chown=$USER_UID:$USER_GID ./kasmpasswd /home/$USERNAME/.kasmpasswd -COPY --chown=$USER_UID:$USER_GID --chmod=0755 ./xstartup /home/$USERNAME/.vnc/xstartup +COPY --chown=$USER_UID:$USER_GID --chmod=0755 ./xstartup /opt/xstartup COPY ./background.png /opt/spiri-wallpaper.png run sed -i 's|/usr/share/lxqt/themes/debian/wallpaper.svg|/opt/spiri-wallpaper.png|' /etc/xdg/pcmanfm-qt/lxqt/settings.conf @@ -64,9 +66,10 @@ COPY --link --from=git.spirirobotics.com/spiri/gazebo-resources:latest /models / COPY --link --from=git.spirirobotics.com/spiri/gazebo-resources:latest /worlds /usr/share/gazebo-11/worlds/ COPY --link --from=git.spirirobotics.com/spiri/gazebo-resources:latest /plugins /usr/lib/x86_64-linux-gnu/gazebo-11/plugins -USER $USERNAME -# #Install nix, for easy mixin packages. Homebrew would also work... -RUN curl -L https://nixos.org/nix/install | sh -s -- --no-daemon -COPY ./nix.conf /etc/nix/nix.conf -# # RUN nix flake init -USER 0 +VOLUME /home/spiri/ + +# # #Install nix, for easy mixin packages. Homebrew would also work... +# RUN curl -L https://nixos.org/nix/install | sh -s -- --no-daemon +# COPY ./nix.conf /etc/nix/nix.conf +# # # RUN nix flake init +# USER 0 diff --git a/README.md b/README.md index 61be858..7bff7f4 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,82 @@ -Make sure sysbox is installed and run +Make sure sysbox and docker are installed and run ```sh - docker run --runtime=sysbox-runc -it git.spirirobotics.com/spiri/spiri-sdk-desktop:master +docker run -p 127.0.0.1:8466:8466 \ + --volume ./spiri-sdk-home:/home/spiri:rw \ + --runtime=sysbox-runc -it \ + git.spirirobotics.com/spiri/spiri-sdk-desktop:master ``` Navigate to http://localhost:8466, and log in using the username `spiri` and the password `spiri-friend` + +For a complete example try this: + +```yaml +version: "3.3" + +#Due to a bug in moby's libnetwork DNS resolver single domains like `gazebo` +# don't get resolved properly, even when we have ndots set to 0 like we're +# supposed to. So we need to reference `gazebo.compose-name_network-name`. +# We explicitly set the name variable so that changing folders doesn't break +# the install. +name: "spiri-sdk" + +volumes: + user-home: + dockeradmin: + docker-cache: + +services: + + drone-stack: + #The drone runs docker, so ultimately our drone stack is just a docker-in-docker container. + ## This can make it difficult to deal with GPU acceleration, but remember that ROS *is* + ## distributed. You don't need to run your GPU-accelerated rosnode on the drone-stack, + ## just make sure you can contact the ROS_MASTER. + runtime: sysbox-runc + image: docker:24-dind + command: dockerd -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375 --tls=false + healthcheck: + test: docker info + start_interval: 1s + ports: + - "127.0.0.1:5760:5760" #Ground control + - "127.0.0.1:4560:4560" # Simulation + - "127.0.0.1:14560:14560" # Simulation + - "127.0.0.1:11311:11311" #Ros master + + volumes: + - docker-cache:/var/lib/docker/ + + #Madness, setting a low ulimit here fixes memory leaks + # https://answers.ros.org/question/336963/rosout-high-memory-usage/ + ulimits: + nofile: + soft: 1024 + hard: 524288 + + gazebo: + image: git.spirirobotics.com/spiri/gazebo-classic:main + # command: gzserver --verbose /usr/share/gazebo-11/worlds/empty.world + command: gzserver --verbose /usr/share/gazebo-11/worlds/citadel_hill_world.world + ports: + - "127.0.0.1:11345:11345" #Ros master + + desktop: + image: git.spirirobotics.com/spiri/spiri-sdk-desktop:master + runtime: sysbox-runc + tty: true + environment: + DOCKER_HOST: tcp://drone-stack:2375 + ROS_MASTER_URI: http://drone-stack:11311 + GAZEBO_MASTER_URI: http://gazebo.spiri-sdk_default:11345 + + ports: + - 127.0.0.1:8466:8466 + volumes: + - ./spiri-sdk-home:/home/spiri + depends_on: + drone-stack: + condition: service_healthy +``` diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..0d4cbfe --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,67 @@ +version: "3.3" + +#Due to a bug in moby's libnetwork DNS resolver single domains like `gazebo` +# don't get resolved properly, even when we have ndots set to 0 like we're +# supposed to. So we need to reference `gazebo.compose-name_network-name`. +# We explicitly set the name variable so that changing folders doesn't break +# the install. +name: "spiri-sdk" + +volumes: + user-home: + dockeradmin: + docker-cache: + +services: + + drone-stack: + #The drone runs docker, so ultimately our drone stack is just a docker-in-docker container. + ## This can make it difficult to deal with GPU acceleration, but remember that ROS *is* + ## distributed. You don't need to run your GPU-accelerated rosnode on the drone-stack, + ## just make sure you can contact the ROS_MASTER. + runtime: sysbox-runc + image: docker:24-dind + command: dockerd -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375 --tls=false + healthcheck: + test: docker info + start_interval: 1s + ports: + - "127.0.0.1:5760:5760" #Ground control + - "127.0.0.1:4560:4560" # Simulation + - "127.0.0.1:14560:14560" # Simulation + - "127.0.0.1:11311:11311" #Ros master + + volumes: + - docker-cache:/var/lib/docker/ + + #Madness, setting a low ulimit here fixes memory leaks + # https://answers.ros.org/question/336963/rosout-high-memory-usage/ + ulimits: + nofile: + soft: 1024 + hard: 524288 + + gazebo: + image: git.spirirobotics.com/spiri/gazebo-classic:main + # command: gzserver --verbose /usr/share/gazebo-11/worlds/empty.world + command: gzserver --verbose /usr/share/gazebo-11/worlds/citadel_hill_world.world + ports: + - "127.0.0.1:11345:11345" #Ros master + + desktop: + image: git.spirirobotics.com/spiri/spiri-sdk-desktop:master + runtime: sysbox-runc + tty: true + environment: + DOCKER_HOST: tcp://drone-stack:2375 + ROS_MASTER_URI: http://drone-stack:11311 + GAZEBO_MASTER_URI: http://gazebo.spiri-sdk_default:11345 + + ports: + - "127.0.0.1:8466:8466" + volumes: + - ./spiri-sdk-home:/home/spiri + depends_on: + drone-stack: + condition: service_healthy + diff --git a/kasmvnc.service b/kasmvnc.service index b2c5f7a..d14b87b 100644 --- a/kasmvnc.service +++ b/kasmvnc.service @@ -4,10 +4,12 @@ After=network.target [Service] Type=simple -ExecStart=kasmvncserver :23 -fg -select-de LXQT -ExectStop kasmvncserver -kill :23 +ExecStart=kasmvncserver :23 -fg -select-de LXQT -xstartup /opt/xstartup +ExectStop=kasmvncserver -kill :23 User=spiri Group=spiri +Requires=userhome.service +After=userhome.service Restart=on-failure RestartSec=3 diff --git a/kasmpasswd b/skel/.kasmpasswd similarity index 100% rename from kasmpasswd rename to skel/.kasmpasswd diff --git a/userhome.service b/userhome.service new file mode 100644 index 0000000..acece21 --- /dev/null +++ b/userhome.service @@ -0,0 +1,16 @@ +[Unit] +Description=Sets permissions on user home, in case user home is a docker mount +After=network.target + +[Service] +Type=oneshot +ExecStart=sh -c "rsync /etc/skel/ /home/spiri -r --update && chown spiri:spiri /home/spiri -R" +User=root +Group=root + +Restart=on-failure +RestartSec=3 + +[Install] +WantedBy=default.target + diff --git a/xstartup b/xstartup index 1d774a2..ac47a2b 100644 --- a/xstartup +++ b/xstartup @@ -1,3 +1,5 @@ #!/bin/sh export QT_X11_NO_MITSHM=1 +#Set up the users home folder +xdg-user-dirs-update exec startlxqt