Browse Source

from kasmweb 1.6.0

master
bengt@fredhs.net 2 years ago
parent
commit
a4c95b34d2
  1. 18
      bin/start
  2. 18
      bin/stop
  3. 72
      bin/utils/db_backup
  4. 75
      bin/utils/db_init
  5. 115
      bin/utils/db_restore
  6. 63
      bin/utils/db_upgrade
  7. 64
      conf/app/agent.app.config.yaml
  8. 235
      conf/app/api.app.config.yaml
  9. 2
      conf/database/data.sql
  10. 441
      conf/database/seed_data/default_properties.yaml
  11. 16
      conf/nginx/orchestrator.conf
  12. 11
      conf/nginx/services.d/admin_api.conf
  13. 11
      conf/nginx/services.d/agent.conf
  14. 10
      conf/nginx/services.d/client_api.conf
  15. 11
      conf/nginx/services.d/manager_api.conf
  16. 10
      conf/nginx/services.d/share_api.conf
  17. 11
      conf/nginx/services.d/subscription_api.conf
  18. 19
      conf/nginx/services.d/upstream_proxy.conf
  19. 6
      conf/nginx/services.d/website.conf
  20. 3
      conf/nginx/upstream_agent.conf
  21. 3
      conf/nginx/upstream_api.conf
  22. 3
      conf/nginx/upstream_manager.conf
  23. 3
      conf/nginx/upstream_share.conf
  24. 34
      docker/docker-compose-agent.yaml
  25. 113
      docker/docker-compose-all.yaml
  26. 42
      docker/docker-compose-api.yaml
  27. 93
      docker/docker-compose-db-manager.yaml
  28. 39
      docker/docker-compose-db.yaml
  29. 55
      docker/docker-compose-manager.yaml
  30. 703
      install.sh
  31. 135
      install_dependencies.sh
  32. 163
      licenses/LICENSE.txt
  33. 12
      licenses/README.txt
  34. 30
      licenses/alpine_docker.license
  35. 35
      licenses/cherrypy.license
  36. 19
      licenses/docker_ce.copyright
  37. 193
      licenses/docker_ce.license
  38. 195
      licenses/docker_compose.license
  39. 31
      licenses/nginx.license
  40. 27
      licenses/nginx_docker.license
  41. 16
      licenses/postgres.license
  42. 27
      licenses/postgres_docker.license
  43. 45
      licenses/python3.license
  44. 209
      licenses/tornado.license
  45. 207
      licenses/ubuntu_docker.license
  46. BIN
      www/audio/member_joined.e4c851362653bd6c13b669b747a5c718.mp3
  47. BIN
      www/audio/message_recieved.ca4db1bbac5a4fac41aa3b5409ab0f75.mp3
  48. BIN
      www/fonts/Simple-Line-Icons.0cb0b9c589c0624c9c78dd3d83e946f6.woff2
  49. 200
      www/fonts/Simple-Line-Icons.2fe2efe63441d830b1acd106c1fe8734.svg
  50. BIN
      www/fonts/Simple-Line-Icons.78f07e2c2a535c26ef21d95e41bd7175.woff
  51. BIN
      www/fonts/Simple-Line-Icons.d2285965fe34b05465047401b8595dd0.ttf
  52. BIN
      www/fonts/Simple-Line-Icons.f33df365d6d0255b586f2920355e94d7.eot
  53. 150
      www/fonts/ad.d42274826fceb5a1b786df1cfeb5a5ef.svg
  54. 148
      www/fonts/ad.e15ddeabbfce297178193b7858043ebd.svg
  55. 6
      www/fonts/ae.7847726d0663899a3e31b3e21b6d2b68.svg
  56. 6
      www/fonts/ae.9fd1fcbfedb5ace0e6e61a88b3fc3402.svg
  57. 81
      www/fonts/af.008dc3229529b5e6be2aa03ce93fc03e.svg
  58. 81
      www/fonts/af.fa735e43100e6ba7d02afc2d27ff088c.svg
  59. 14
      www/fonts/ag.53a600867bab3b2284da8445e7d9cc93.svg
  60. 14
      www/fonts/ag.5c33e55d155844898cddc1b33b3fb7eb.svg
  61. 763
      www/fonts/ai.853ec4f8ac2e56095ab5cf45ca862b8b.svg
  62. 763
      www/fonts/ai.9fe4d6b75d40228a802475e855522ad0.svg
  63. 5
      www/fonts/al.46612c2737ddd5ca906721aeb63aa7c0.svg
  64. 5
      www/fonts/al.4eb491e7412fcc678a29741fdc941eba.svg
  65. 5
      www/fonts/am.06509258e6113e2e0e54592337ac8171.svg
  66. 5
      www/fonts/am.c86a9e1691e7ab36234a070301467f01.svg
  67. 13
      www/fonts/ao.8b6f2ec29629876f9c00839932ded057.svg
  68. 13
      www/fonts/ao.ab8cc21b5392f6d7b213e6349c7237c2.svg
  69. 5
      www/fonts/aq.20f6cacaf926264103c1d6357aaf2f1f.svg
  70. 5
      www/fonts/aq.b0717486c7bedd5d4b9f628db9b06a66.svg
  71. 31
      www/fonts/ar.78827b0be4fd4c4f4fb458b2501309d1.svg
  72. 31
      www/fonts/ar.d205ca1376dbe5ce35b5b926fe739959.svg
  73. 33
      www/fonts/as.27f3e372f5d36da8c96a4eca50e6fb57.svg
  74. 33
      www/fonts/as.c4acda79244e1856c7afa7c0a2a8c126.svg
  75. 6
      www/fonts/at.5ab33f744e92b143361e951c81f0f60d.svg
  76. 6
      www/fonts/at.e2634e96c9ad4694d5133cc83e2c6564.svg
  77. 9
      www/fonts/au.503a3a980ccbc651a8acc57b6f6d2dab.svg
  78. 11
      www/fonts/au.9b18ee0449e1b5cd1c783fda310eed4f.svg
  79. 186
      www/fonts/aw.29aeb3f91f4da71e6766492ca2de716d.svg
  80. 186
      www/fonts/aw.f159ec168ea083c41505dce64eb31923.svg
  81. 18
      www/fonts/ax.1aaab70377fb8b75181cdf72b459e716.svg
  82. 18
      www/fonts/ax.fdd00c438df18b3216076ae0e145673b.svg
  83. 8
      www/fonts/az.0b4258df02490e0504d93c20984c467d.svg
  84. 8
      www/fonts/az.451284cedf7277f87440e014c3c11557.svg
  85. 12
      www/fonts/ba.71010dff44cc2c8dfb46906c7add051f.svg
  86. 12
      www/fonts/ba.a9dbadd71245f7d220448c10b6939fd1.svg
  87. 6
      www/fonts/bb.45c62450e2d60784a4f02d25e80e0b78.svg
  88. 6
      www/fonts/bb.9873885f352c415ad25c32ecf69e5cd3.svg
  89. 4
      www/fonts/bd.5102bab03db6e13a165043eedab1e332.svg
  90. 4
      www/fonts/bd.c4a1485f3606f93b55fa19d86ec3219c.svg
  91. 7
      www/fonts/be.27d8ca49197f90010475d2b3646ce6b5.svg
  92. 7
      www/fonts/be.f1e78c8b3266b110a4a523c4cde8d7f2.svg
  93. 7
      www/fonts/bf.48eb94de0b25013f341693acc2abb3b2.svg
  94. 7
      www/fonts/bf.9a958401fd126a3c08686ece9477cea3.svg
  95. 7
      www/fonts/bg.3d762564b2be000f52ca9038e8f42ad4.svg
  96. 7
      www/fonts/bg.7163fe7683bf09611884f33ebf512d6a.svg
  97. 11
      www/fonts/bh.290519a3ed05bbfa54c4d8bd7490706a.svg
  98. 11
      www/fonts/bh.392927ca04d16448d14ec44908cc41c5.svg
  99. 15
      www/fonts/bi.75d5af3debe2895f5eb256ea01ab2458.svg
  100. 15
      www/fonts/bi.d1b41a2c98e33b94ef20059083ad28f4.svg
  101. Some files were not shown because too many files have changed in this diff Show More

18
bin/start

@ -0,0 +1,18 @@
#!/usr/bin/env bash
set -e
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
KASM_VERSION="1.6.0"
KASM_INSTALL_BASE="/opt/kasm/${KASM_VERSION}"
pushd ${KASM_INSTALL_BASE}/docker > /dev/null
# TODO: Start in daemon mode, run connectivity tests, tell the user how to access website
echo "Starting Kasm Services"
export KASM_UID=$(id kasm -u)
export KASM_GID=$(id kasm -g)
docker-compose up -d
popd > /dev/null

18
bin/stop

@ -0,0 +1,18 @@
#!/usr/bin/env bash
set -e
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
KASM_VERSION="1.6.0"
KASM_INSTALL_BASE="/opt/kasm/${KASM_VERSION}"
pushd ${KASM_INSTALL_BASE}/docker > /dev/null
echo "Stopping Kasm Services"
export KASM_UID=$(id kasm -u)
export KASM_GID=$(id kasm -g)
docker-compose stop
popd > /dev/null

72
bin/utils/db_backup

@ -0,0 +1,72 @@
#!/usr/bin/env bash
set -e
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
function display_help() {
echo "Usage: ${0}"
echo "-f Path to kasm db backup file (tar)"
echo "-p Path to kasm installation desired for backup e.g /opt/kasm/1.0.0"
echo "-v Verbose output"
}
while getopts 'vf:p:' flag; do
case "${flag}" in
f)
DB_FILE=$OPTARG
;;
p)
KASM_INSTALL_BASE=$OPTARG
;;
v)
set -x
;;
*)
error "Unexpected option ${flag}"
display_help
;;
esac
done
if [ -z "$DB_FILE" ]; then
echo "Error - No database file specified ! "
echo ""
display_help
exit 1
fi
if [ -z "$KASM_INSTALL_BASE" ]; then
echo "Error - No kasm installation path specified ! "
echo ""
display_help
exit 1
fi
export KASM_UID=$(id kasm -u)
export KASM_GID=$(id kasm -g)
TEMP_DB_CONTAINER_NAME=temp_kasm_db_backup
DB_BACKUP_DIR=$(dirname "${DB_FILE}")
DB_BACKUP_FILE_NAME=$(basename "${DB_FILE}")
pushd ${KASM_INSTALL_BASE}/docker > /dev/null
echo "Removing Existing Database container"
docker-compose rm -f db > /dev/null
docker stop ${TEMP_DB_CONTAINER_NAME} || true && docker rm ${TEMP_DB_CONTAINER_NAME} || true
echo "Creating temporary database backup container..."
docker-compose run -v ${DB_BACKUP_DIR}:/tmp -d --name ${TEMP_DB_CONTAINER_NAME} db
sleep 10
echo "Executing Backup"
docker exec ${TEMP_DB_CONTAINER_NAME} pg_dump -b -C -U kasmapp -Ft kasm -f /tmp/${DB_BACKUP_FILE_NAME}
echo "Removing Temporary Backup Container"
docker rm -f ${TEMP_DB_CONTAINER_NAME}
echo "Database backup is at the following location: ${DB_FILE}"
popd > /dev/null

75
bin/utils/db_init

@ -0,0 +1,75 @@
#!/usr/bin/env bash
set -e
KASM_VERSION="1.6.0"
KASM_INSTALL_BASE="/opt/kasm/${KASM_VERSION}"
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
function display_help() {
echo "Usage: ${0}"
echo "-h Display this help menu"
echo "-i initialize the database (delete and recreated schema)"
echo "-s Absolute path to the seed file (yaml)"
echo "-v Verbose output"
}
while getopts 'vihs:' flag; do
case "${flag}" in
h)
display_help
exit 0
;;
s)
SEED_FILE=$OPTARG
SEED_FILE_NAME=$(basename ${SEED_FILE})
echo "Setting Seed file as ${SEED_FILE}"
;;
i)
INITIALIZE_DATABASE="--initialize-database"
;;
v)
set -x
;;
*)
error "Unexpected option ${flag}"
display_help
;;
esac
done
if [ -z "${SEED_FILE}" ]; then
echo "Error - No seed file specified ! "
echo ""
display_help
exit 1
fi
export KASM_UID=$(id kasm -u)
export KASM_GID=$(id kasm -g)
pushd ${KASM_INSTALL_BASE}/docker > /dev/null
# TODO Check of the db already exists or not
set +e
docker-compose stop
docker kill kasm_db
docker container rm kasm_db
set -e
if [ ! -z "${INITIALIZE_DATABASE}" ]; then
set +e
docker volume rm kasm_db_${KASM_VERSION}
set -e
docker volume create kasm_db_${KASM_VERSION}
fi
docker-compose up -d db
sleep 5
docker-compose -f ${KASM_INSTALL_BASE}/docker/.conf/docker-compose-api.yaml run -v ${SEED_FILE}:/tmp/${SEED_FILE_NAME} --rm --entrypoint "/usr/bin/kasm_server.so ${INITIALIZE_DATABASE} --cfg /opt/kasm/current/conf/app/api.app.config.yaml --populate-production --seed-file /tmp/${SEED_FILE_NAME}" kasm_api
docker-compose stop
echo "Database Initialization Complete"
popd > /dev/null

115
bin/utils/db_restore

@ -0,0 +1,115 @@
#!/usr/bin/env bash
set -e
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
function verify() {
printf "\n\n"
echo "WARNING!!!"
echo "__________________________"
printf "\n\n"
echo "Contents of the existing database will be removed. This is irreversible!"
printf "\n"
read -p "Continue? (y/n) " choice
case "$choice" in
y|Y )
return
;;
n|N )
echo "Exiting"
exit 1
;;
* )
echo "Invalid Response"
echo "Exiting"
exit 1
;;
esac
}
function display_help() {
echo "Usage: ${0}"
echo "-f Path to kasm db backup file (tar)"
echo "-p Path to kasm installation desired for restore e.g /opt/kasm/1.0.0"
echo "-v Verbose output"
}
while getopts 'vaf:p:' flag; do
case "${flag}" in
a)
ACCEPT_WARNING=true
;;
f)
DB_FILE=$OPTARG
;;
p)
KASM_INSTALL_BASE=$OPTARG
;;
v)
set -x
;;
*)
error "Unexpected option ${flag}"
display_help
;;
esac
done
if [ -z "$DB_FILE" ]; then
echo "Error - No database file specified ! "
echo ""
display_help
exit 1
fi
if [ -z "$KASM_INSTALL_BASE" ]; then
echo "Error - No kasm installation path specified ! "
echo ""
display_help
exit 1
fi
if [ ! "${ACCEPT_WARNING}" = true ]
then
verify
fi
TEMP_DB_BACKUP_PATH=${KASM_INSTALL_BASE}/conf/database/
DB_BACKUP_DIR=$(dirname "${DB_FILE}")
DB_BACKUP_FILE_NAME=$(basename "${DB_FILE}")
cp ${DB_FILE} ${TEMP_DB_BACKUP_PATH}/${DB_BACKUP_FILE_NAME}
pushd ${KASM_INSTALL_BASE}/docker > /dev/null
export KASM_UID=$(id kasm -u)
export KASM_GID=$(id kasm -g)
echo "Stopping Services"
sudo ${KASM_INSTALL_BASE}/bin/stop
echo "Starting DB Service"
docker-compose up -d db
sleep 10
echo "Executing restore"
docker-compose exec db psql -e -U kasmapp -c "drop database if exists kasm;" postgres
docker-compose exec db pg_restore -e -U kasmapp -Ft -C -d postgres /tmp/${DB_BACKUP_FILE_NAME}
rm ${TEMP_DB_BACKUP_PATH}/${DB_BACKUP_FILE_NAME}
echo "Stopping Services"
sudo ${KASM_INSTALL_BASE}/bin/stop
echo "Restore Complete"
popd > /dev/null

63
bin/utils/db_upgrade

@ -0,0 +1,63 @@
#!/usr/bin/env bash
set -e
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
export KASM_UID=$(id kasm -u)
export KASM_GID=$(id kasm -g)
function display_help() {
echo "Usage: ${0}"
echo "-p Path to kasm installation to upgrade e.g /opt/kasm/1.0.0"
echo "-v Verbose output"
}
while getopts 'vp:' flag; do
case "${flag}" in
p)
KASM_INSTALL_BASE=$OPTARG
;;
v)
set -x
;;
*)
error "Unexpected option ${flag}"
display_help
;;
esac
done
if [ -z "$KASM_INSTALL_BASE" ]; then
echo "Error - No kasm installation path specified ! "
echo ""
display_help
exit 1
fi
pushd ${KASM_INSTALL_BASE}/docker > /dev/null
echo "Removing Existing Database container"
echo "Stopping Services"
${KASM_INSTALL_BASE}/bin/stop
docker-compose rm -f db
docker-compose -f ${KASM_INSTALL_BASE}/docker/.conf/docker-compose-all.yaml rm -f db
docker-compose -f ${KASM_INSTALL_BASE}/docker/.conf/docker-compose-all.yaml up -d db
sleep 10
set +e
docker-compose -f ${KASM_INSTALL_BASE}/docker/.conf/docker-compose-all.yaml run --rm --entrypoint "/usr/bin/kasm_server.so --upgrade-database --cfg /opt/kasm/current/conf/app/api.app.config.yaml" kasm_api
set -e
docker-compose -f ${KASM_INSTALL_BASE}/docker/.conf/docker-compose-all.yaml stop
docker-compose -f ${KASM_INSTALL_BASE}/docker/.conf/docker-compose-all.yaml rm -f kasm_api
docker-compose -f ${KASM_INSTALL_BASE}/docker/.conf/docker-compose-all.yaml rm -f db
echo "Database Upgrade Complete"
popd > /dev/null

64
conf/app/agent.app.config.yaml

@ -0,0 +1,64 @@
agent:
default_host_key: 1234
heartbeat_interval: 10000
images_interval: 300
nginx_container_dir: /etc/nginx/conf.d/containers.d/
port: 4444
provider: hardware
public_hostname: proxy
public_port: 443
server_id: A0EEBC99-9C0B-4EF8-BB6D-6BB9BD380A11
starting_nginx_port: 5971
docker_port_listen_addr: 'localhost'
type: host
validate_images: true
auto_generate_kasm_docker_networks: false
remove_failed_containers: true
log_heartbeat_data: false
docker_script_timeout: 180
persist_config_updates: true
persist_config_interval: 100000
manager:
client_cert: /srv/provision_agent/client_cert.pem
heartbeat_path: /manager_api/api/v1/heartbeat
images_path: /manager_api/api/v1/images
hostnames: ['proxy']
public_port: 443
scheme: https
server_cert: /srv/provision_agent/server_cert.pem
token: a5b89ebd-779e-4bcf-9040-115fdab1056a
logging:
agent:
formatters:
logmatic:
(): logmatic.JsonFormatter
standard:
format: '%(asctime)s [%(levelname)s] %(name)s: %(message)s'
handlers:
file_handler:
backupCount: 5
class: logging.handlers.RotatingFileHandler
encoding: utf8
filename: /opt/kasm/current/log/agent.log
formatter: standard
level: DEBUG
maxBytes: 10485760
stream:
class: logging.StreamHandler
formatter: standard
level: DEBUG
syslog:
class: logging.handlers.SysLogHandler
formatter: logmatic
level: DEBUG
loggers:
? ''
: handlers:
- stream
- syslog
- file_handler
level: DEBUG
propagate: true
tornado:
level: INFO
version: 1

235
conf/app/api.app.config.yaml

@ -0,0 +1,235 @@
database:
name: kasm
username: kasmapp
password: changeme
host: db
port: 5432
type: postgres
redis:
host: kasm_redis
port: 6379
redis_password: changeme
logging:
agent:
formatters:
logmatic:
(): logmatic.JsonFormatter
standard:
format: '%(asctime)s [%(levelname)s] %(name)s: %(message)s'
handlers:
file_handler:
backupCount: 20
class: logging.handlers.RotatingFileHandler
encoding: utf8
filename: /opt/kasm/current/log/agent.log
formatter: standard
level: DEBUG
maxBytes: 10485760
stream:
class: logging.StreamHandler
formatter: standard
level: INFO
syslog:
class: logging.handlers.SysLogHandler
formatter: logmatic
level: DEBUG
loggers:
? ''
: handlers:
- stream
- syslog
- file_handler
level: DEBUG
propagate: true
version: 1
kasm_share:
formatters:
logmatic:
(): logmatic.JsonFormatter
standard:
format: '%(asctime)s [%(levelname)s] %(name)s: %(message)s'
handlers:
file_handler:
backupCount: 20
class: logging.handlers.RotatingFileHandler
encoding: utf8
filename: /opt/kasm/current/log/share.log
formatter: standard
level: DEBUG
maxBytes: 10485760
stream:
class: logging.StreamHandler
formatter: standard
level: DEBUG
syslog:
class: logging.handlers.SysLogHandler
formatter: logmatic
level: DEBUG
loggers:
? ''
: handlers:
- stream
- syslog
- file_handler
level: DEBUG
propagate: true
tornado.application:
level: DEBUG
tornado.access:
level: DEBUG
tornado.general:
level: DEBUG
version: 1
manager_api_server:
filters:
forwarded_log_filter:
(): log.handlers.ForwardedLogFilter
formatters:
logmatic:
(): logmatic.JsonFormatter
standard:
format: '%(asctime)s [%(levelname)s] %(name)s: %(message)s'
handlers:
file_handler:
backupCount: 20
class: logging.handlers.RotatingFileHandler
encoding: utf8
filename: /opt/kasm/current/log/manager_api_server.log
formatter: standard
level: DEBUG
maxBytes: 10485760
filters: [ forwarded_log_filter ]
stream:
class: logging.StreamHandler
formatter: standard
level: INFO
filters: [ forwarded_log_filter ]
syslog:
class: logging.handlers.SysLogHandler
formatter: logmatic
level: DEBUG
filters: [ forwarded_log_filter ]
loggers:
? ''
: handlers:
- stream
- syslog
- file_handler
level: DEBUG
propagate: true
__main__.handler:
level: DEBUG
provider_manager:
level: DEBUG
provider:
level: DEBUG
tornado:
level: INFO
sqlalchemy.pool:
level: WARNING
sqlalchemy.engine:
level: WARNING
sqlalchemy.dialects:
level: WARNING
sqlalchemy.orm:
level: WARNING
version: 1
api_server:
filters:
request_context_filter:
(): utils.RequestContextFilter
formatters:
logmatic:
(): logmatic.JsonFormatter
standard:
format: '%(asctime)s [%(levelname)s] %(name)s: %(message)s'
handlers:
file_handler:
backupCount: 20
class: logging.handlers.RotatingFileHandler
encoding: utf8
filename: /opt/kasm/current/log/api_server.log
formatter: standard
level: DEBUG
maxBytes: 10485760
file_handler_json:
backupCount: 20
class: logging.handlers.RotatingFileHandler
encoding: utf8
filename: /opt/kasm/current/log/api_server_json.log
formatter: logmatic
level: DEBUG
maxBytes: 10485760
filters: [request_context_filter]
subscription_file_handler:
backupCount: 20
class: logging.handlers.RotatingFileHandler
encoding: utf8
filename: /opt/kasm/current/log/subscription_api_server.log
formatter: standard
level: DEBUG
maxBytes: 10485760
admin_file_handler:
backupCount: 20
class: logging.handlers.RotatingFileHandler
encoding: utf8
filename: /opt/kasm/current/log/admin_api_server.log
formatter: standard
level: DEBUG
maxBytes: 10485760
client_file_handler:
backupCount: 20
class: logging.handlers.RotatingFileHandler
encoding: utf8
filename: /opt/kasm/current/log/client_api_server.log
formatter: standard
level: DEBUG
maxBytes: 10485760
stream:
class: logging.StreamHandler
formatter: standard
level: DEBUG
syslog:
class: logging.handlers.SysLogHandler
formatter: logmatic
level: DEBUG
loggers:
? ''
: handlers:
- stream
- syslog
- file_handler
- file_handler_json
level: DEBUG
propagate: true
client_api_server:
handlers:
- client_file_handler
admin_api_server:
handlers:
- admin_file_handler
subscription_api_server:
handlers:
- subscription_file_handler
cherrypy.error:
level: INFO
cherrypy.access:
level: INFO
sqlalchemy.pool:
level: WARNING
sqlalchemy.engine:
level: WARNING
sqlalchemy.dialects:
level: WARNING
sqlalchemy.orm:
level: WARNING
version: 1
manager:
manager_id: null
update_timer: 86400
server:
server_id: null
server_hostname: null
zone_name: default
share:
share_id: null

2
conf/database/data.sql

@ -0,0 +1,2 @@
CREATE EXTENSION IF NOT EXISTS "uuid-ossp" WITH SCHEMA public;
COMMENT ON EXTENSION "uuid-ossp" IS 'generate universally unique identifiers (UUIDs)';

441
conf/database/seed_data/default_properties.yaml

@ -0,0 +1,441 @@
global_settings:
logging:
log_protocol:
title: Log Protocol
value: internal
value_type: string
restart: manager,api
description: The logging protocol used, allowed values are internal, https, splunk, and elasticsearch
log_port:
title: Log Port
value: 443
value_type: int
restart: manager,api
description: The port to use for logging communication.
log_host:
title: Log Host
value: None
value_type: string
restart: manager,api
description: The hostname or IP address of the remote logging server, not applicable for internal logging.
hec_token:
title: Splunk HEC Token
value: None
value_type: string
restart: manager,api
description: The Splunk HEC token used for authentication of logs to a Splunk server.
https_insecure:
title: Disable Log Certificate Validation
value: true
value_type: bool
restart: manager,api
description: Set to true if the remote logging server does not have a valid signed cert by a public certificate authority.
http_method:
title: HTTP Method
value: post
value_type: string
restart: manager,api
description: HTTP method to use, valid values are post and put. Splunk uses POST while ElasticSearch API uses PUT
url_endpoint:
title: URL Endpoint
value: /services/collector/event
value_type: string
restart: manager,api
description: The Splunk endpoint, most likely /service/collector/event. For ElasticSearch it would be index/_doc/.
log_retention:
title: Log Retention
value: 7
value_type: int
description: "Number of days to retain local Kasm logs. WARNING - See Kasm documentation before adjusting."
debug_retention:
title: Debug Log Retention
value: 4
value_type: int
description: "Number of hours to retain local Kasm debug logs. WARNING - See Kasm documentation before adjusting."
auth:
notice_message:
value:
value_type: multiline_string
title: Notice Message
description: Login notice banner message.
login_assistance:
value:
title: Login Assistance
value_type: String
description: Enables a Login Assitance link on the login page to the entered URL. Not shown if value is empty.
enable_kasm_auth:
title: Enable Kasm Authorization
value: true
value_type: bool
description: Require client requests to the Kasm for content such as downloads and uploads to be authenticated with the user's current session token.
kasm_auth_domain:
title: Kasm Authorization Domain
value: $request_host$
value_type: string
description: Override the domain used in the Kasm session cookie.
max_login_attempts:
title: Max Login Attempts
name: max_login_attempts
value: 5
value_type: int
description: The number of invalid login attempts before an account is locked out. This setting only applies to local accounts.
session_lifetime:
title: Session Lifetime
value: 288000
value_type: int
description: The number of seconds a session token is valid for.
manager:
update_check:
title: Update Check
value: true
value_type: bool
description: This Setting will stop the manager from checking for Kasm system updates.
agent_version:
title: Agent Version
value: 1
value_type: string
description: This setting is used to restrict which versions of the Kasm Agent are allowed to communicate with the Manager.
primary_manager_timeout:
title: Primary Manager Timeout
restart: manager
value: 180
value_type: int
description: The number of seconds until the primary manager is considered unavailable. If other managers are alive one will take over the primary role.
same_zone_reply:
title: Same Zone Reply
restart: manager
value: true
value_type: bool
description: If set to true, a manager will only reply to agent heartbeats with a list of managers in the same zone as itself. Otherwise a list of all managers is given. This allows Agents to failover to managers in other zones.
token:
title: Token
restart: manager
value: a5b89ebd-779e-4bcf-9040-115fdab1056a
value_type: string
description: An authentication token used the communication between Kasm Agents and the Manager API server.
nginx:
cert_in:
title: Certificate In
value: /opt/kasm/current/certs/kasm_nginx.crt
value_type: string
description: The nginx cert will be read from this location on the Manager API server when automatically provisioning Agents.
cert_out:
title: Certificate Out
value: /opt/kasm/current/certs/kasm_nginx.crt
value_type: string
description: The nginx cert will be placed at this directory path for automatically provisioned Agents
key_in:
title: Key In
value: /opt/kasm/current/certs/kasm_nginx.key
value_type: string
description: The nginx key will be read from this location on the Manager API server when automatically provisioning Agents.
key_out:
title: Key Out
value: /opt/kasm/current/certs/kasm_nginx.key
value_type: string
description: The nginx key will be placed at this directory path for automatically provisioned Agents.
proxy_connections:
title: Proxy Connections
value: true
value_type: bool
description: When creating a Kasm, instruct the client to connect to the Kasm via another proxy server. When false, the client connects directly to the Kasm via the Agent's address.
proxy_hostname:
title: Proxy Hostname
value: $request_host$
value_type: string
description: The IP or DNS name used in the url for proxied connections to the Kasm i.e (https://<proxy_hostname>:<proxy_port>/<proxy_path>) . This setting only applies if proxy_connections is set to true.
proxy_path:
title: Proxy Path
value: desktop
value_type: string
description: The url path used in the proxied connections. i.e (https://<proxy_hostname>:<proxy_port>/<proxy_path>) . This setting only applies if proxy_connections is set to true.
proxy_port:
value: 443
value_type: int
description: The Port used in the proxied connection url. i.e (https://<proxy_hostname>:<proxy_port>/<proxy_path>) . This setting only applies if proxy_connections is set to true.
title: Proxy Port
scale:
default_image_cores:
title: Default Image Cores
value: 1
value_type: float
description: When dynamic agent provisioning is enabled, this system calculates the number of Kasms that could be provisioned at the time. This setting represents the Kasm Image cores configuration that should be used during the calculation.
default_image_memory_gb:
title: Default Image Memory(GB)
value: 1
value_type: float
description: When dynamic agent provisioning is enabled, this system calculates the number of Kasms that could be provisioned at the time. This setting represents the Kasm Image memory configuration , in gigabytes, that should be used during the calculation.
guardian_interval:
title: Guardian Interval
value: 15
value_type: int
description: The number of seconds between the Manager API inspection of existing Agent, and Kasm availability.
guardian_provision_threads:
title: Guardian Provision Threads
value: 10
value_type: int
description: The number of threads the Manager API server uses for teardown and provision tasks.
host_dead_expiration:
title: Host Dead Expiration
value: 240
value_type: int
description: The number of seconds since an Agent's last check-in before marking it as dead. Dead servers are automatically destroyed if they were dynamically provisioned.
host_missing_expiration:
title: Host Missing Expiration
value: 120
value_type: int
description: The number of seconds since an Agent's last check-in before marking it as dead.
keepalive_expiration:
title: Keep Alive Expiration
value: 3600
value_type: int
description: Clients regularly send keepalive requests when logged into a Kasm. This value is the number of seconds a Kasm will remain active after the last keepalive is received.
images:
add_images_to_default_group:
title: Add Images to Default Group
value: true
value_type: bool
description: Automatically add images to default group when new images are added.
group_settings:
administrator:
description: Allows users to see and edit all attributes of the Kasm application.
value: 'True'
value_type: bool
allow_kasm_audio:
description: Allow audio streaming for a Kasm.
value: 'True'
value_type: bool
allow_kasm_clipboard_down:
description: Allows users to paste text from the Kasm to their local computer.
value: 'True'
value_type: bool
allow_kasm_clipboard_seamless:
description: Allows users to copy and paste text without using Kasm control panel.
value: 'True'
value_type: bool
allow_kasm_clipboard_up:
description: Allow users to paste from their local computer to the Kasm.
value: 'True'
value_type: bool
allow_kasm_downloads:
description: Allow users to download files from a Kasm.
value: 'True'
value_type: bool
allow_kasm_uploads:
description: Allow users to upload files to a Kasm.
value: 'True'
value_type: bool
allow_persistent_profile:
description: Allow the use of persistent profiles if configured on the Kasm Image.
value: 'True'
value_type: bool
allow_point_of_presence:
description: Allow the user to use point of presence features for certain Images.
value: 'True'
value_type: bool
allow_kasm_sharing:
description: Allow the user to share access to Kasms with other users.
value: 'True'
value_type: bool
expose_user_environment_vars:
description: Expose KASM_USER and KASM_USER_ID environment variables inside the Kasm.
value: 'False'
value_type: bool
idle_disconnect:
description: Disconnect the Kasm connection if idle for this long. Time specified in minutes.
value: '20'
value_type: float
kasm_audio_default_on:
description: Default to audio enabled on Kasm start
value: 'True'
value_type: bool
keepalive_expiration:
description: The number of seconds a Kasm will stay alive unless a keeplive request is sent from the client.
value: '3600'
value_type: int
max_kasms_per_user:
description: The maximum number of simultaneous Kasms a users is allowed to provision.
value: '2'
value_type: int
enable_webp:
description: Enable webp image compression for compatible browsers. This will increase server side processing requirements but cut bandwidth by 30 percent.
value: 'False'
value_type: bool
run_config:
description: Specify arbitrary docker run params.
value: '{}'
value_type: json
default_image:
description: Sets the Default image for the /go route. Will automatically provision this kasm image.
value: ''
value_type: image
enable_totp_two_factor:
description: "Enables two factor authentication for group. Users will be prompted to set Key on next log on."
value: 'False'
value_type: bool
volume_mapping:
description: "\n \tMap a local server directory to kasm. The format is\
\ in json. \n \tExample: {\"/data/departments/sales\": {\"bind\": \"\
/headless/documents/sales\", \"mode\": \"rw\"} \n \tThis example mounts\
\ a directory on the local server, /data/department/sales to the container \n\
\ \tat the location /shares/sales with read and write permissions. \n\
\ \tIn order for the user in the Kasm to have write permissions on the\
\ mount the permissions \n \ton the server must allow read, write, execute\
\ for ALL users. This is because the \n \tuser running inside the Kasm\
\ is not a valid user on the server.\n \t"
value: ''
value_type: json
auto_login_to_kasm:
description: Sends users directly to kasm using default image after login
value: 'False'
value_type: bool
chat_history_messages:
description: The number of chat history messages to show when a new user connects to a shared Kasm. Set this value to 0 to disable showing chat history.
value: 0
value_type: int
lock_sharing_video_mode:
description: Locks video quality to static resolution of 720p when sharing is enabled. Recomended for best performance.
value: 'True'
value_type: bool
groups:
Administrators:
description: Default Administrators Group
is_system: true
priority: 1
settings:
administrator:
value: 'True'
allow_kasm_audio:
value: 'True'
allow_kasm_clipboard_down:
value: 'True'
allow_kasm_clipboard_seamless:
value: 'True'
allow_kasm_clipboard_up:
value: 'True'
allow_kasm_downloads:
value: 'True'
allow_kasm_uploads:
value: 'True'
allow_persistent_profile:
value: 'True'
allow_point_of_presence:
value: 'True'
allow_kasm_sharing:
value: 'True'
expose_user_environment_vars:
value: 'True'
idle_disconnect:
value: '20'
kasm_audio_default_on:
value: 'True'
keepalive_expiration:
value: '3600'
run_config:
value: '{"environment": {"GROUP": "%s"}}'
images:
Kasm Desktop:
cores: 1.0
description: Kasm Desktop Environment
docker_registry: https://index.docker.io/v1/
enabled: true
image_id: 11111111-1111-1111-1111-111111111111
image_src: img/thumbnails/desktop.png
available: false
memory: 768000000
name: kasmweb/desktop:1.6.0
run_config: '{"hostname": "kasm"}'
x_res: 800
y_res: 600
Kasm Desktop Deluxe:
description: Kasm Desktop Environment with additional productivity Software
docker_registry: https://index.docker.io/v1/
name: kasmweb/desktop-deluxe:1.6.0
run_config: '{"hostname": "kasm"}'
image_src: img/thumbnails/desktop-deluxe.png
available: false
Kasm Firefox:
description: 'Single-Application : Firefox'
docker_registry: https://index.docker.io/v1/
image_id: 22222222-2222-2222-2222-222222222222
image_src: img/thumbnails/firefox.png
available: false
name: kasmweb/firefox:1.6.0
run_config: '{"hostname": "kasm"}'
exec_config: '{"first_launch":{"cmd":"bash -c ''firefox -width ${VNC_RESOLUTION/x*/} -height ${VNC_RESOLUTION/*x/} --new-tab \"$KASM_URL\"''"},"go":{"cmd":"bash -c ''firefox -width ${VNC_RESOLUTION/x*/} -height ${VNC_RESOLUTION/*x/} --new-tab \"$KASM_URL\"''"}}'
Kasm Firefox for Touch:
description: 'Single-Application : Firefox for Touch and Mobile Systems'
docker_registry: https://index.docker.io/v1/
name: kasmweb/firefox-mobile:1.6.0
run_config: '{"hostname": "kasm"}'
image_src: img/thumbnails/touch.png
available: false
Kasm Chrome:
description: 'Single-Application : Chrome'
docker_registry: https://index.docker.io/v1/
image_src: img/thumbnails/chrome.png
available: false
name: kasmweb/chrome:1.6.0
run_config: '{"hostname": "kasm"}'
exec_config: '{"first_launch":{"environment": {"LAUNCH_URL": ""}, "cmd":"bash -c ''google-chrome --start-maximized \"$KASM_URL\"''"},"go":{"cmd":"bash -c ''google-chrome --start-maximized \"$KASM_URL\"''"}}'
Kasm Tor-Browser:
description: 'Single-Application : Tor-Browser'
docker_registry: https://index.docker.io/v1/
image_src: img/thumbnails/tor-browser.png
available: false
name: kasmweb/tor-browser:1.6.0
run_config: '{"hostname": "kasm"}'
exec_config: '{"first_launch":{"environment": {"LAUNCH_URL": ""}, "cmd":"bash -c ''/tmp/tor-browser_en-US/Browser/start-tor-browser --detach --allow-remote --new-tab \"$KASM_URL\"''"},"go":{"cmd":"bash -c ''/tmp/tor-browser_en-US/Browser/start-tor-browser --detach --allow-remote --new-tab --detach \"$KASM_URL\"''"}}'
users:
admin@kasm.local:
groups:
Administrators: {}
password: admin
user@kasm.local:
password: user
zones:
default:
minimum_available_slots: 0
aws_enabled: False
aws_region: us-east-1
aws_access_key_id: changeme
aws_secret_access_key: changeme
ec2_agent_ami_id: ami-aa2ea6d0
ec2_agent_instance_type: t3.micro
ec2_agent_cores_override: 2
ec2_agent_memory_override_gb: 1
ec2_agent_key_pair_name: Production
aws_max_ec2_nodes: 10
ec2_agent_security_group_id: sg-0a0bb97e
ec2_agent_subnet_id: subnet-f8e008f7
ec2_agent_iam: CloudWatchRole
ec2_agent_ebs_volume_type: gp2
ec2_agent_ebs_volume_size_gb: 20
ec2_agent_startup_script: |
#!/bin/bash
echo ''Starting Docker''
set -x
bin/dd if=/dev/zero of=/var/swap.1 bs=1M count=2048
/sbin/mkswap /var/swap.1
chmod 600 /var/swap.1
/sbin/swapon /var/swap.1
cd /tmp
wget {release_url} -O kasm_backend.tar.gz
tar -xf kasm_backend.tar.gz
PUBLIC_DNS=(`curl -s http://169.254.169.254/latest/meta-data/hostname`)
bash kasm_release/install.sh -e -a -p $PUBLIC_DNS -m {manager_hostname} -i {server_id} -r aws
echo -e "{nginx_cert_in}" > {nginx_cert_out}
echo -e "{nginx_key_in}" > {nginx_key_out}

16
conf/nginx/orchestrator.conf

@ -0,0 +1,16 @@
server {
listen 443 ssl;
server_name ubuntu-base;
ssl_certificate /etc/ssl/certs/kasm_nginx.crt;
ssl_certificate_key /etc/ssl/private/kasm_nginx.key;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
include /etc/nginx/conf.d/services.d/*.conf;
include /etc/nginx/conf.d/containers.d/*.conf;
client_max_body_size 1G;
}

11
conf/nginx/services.d/admin_api.conf

@ -0,0 +1,11 @@
location /api/admin/ {
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://kasm_api;
}

11
conf/nginx/services.d/agent.conf

@ -0,0 +1,11 @@
location /agent/ {
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://kasm_agent/;
}

10
conf/nginx/services.d/client_api.conf

@ -0,0 +1,10 @@
location /api/ {
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://kasm_api;
}

11
conf/nginx/services.d/manager_api.conf

@ -0,0 +1,11 @@
location /manager_api/ {
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://kasm_manager/;
}

10
conf/nginx/services.d/share_api.conf

@ -0,0 +1,10 @@
location /api/share/ {
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://kasm_share;
}

11
conf/nginx/services.d/subscription_api.conf

@ -0,0 +1,11 @@
location /api/subscriptions/ {
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://kasm_api;
}

19
conf/nginx/services.d/upstream_proxy.conf

@ -0,0 +1,19 @@
# resolver 172.30.0.2;
location /desktop/ {
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
rewrite ^/desktop/(.*) /$1 break;
proxy_pass https://$cookie_host:$cookie_port;
proxy_read_timeout 1800s;
proxy_send_timeout 1800s;
proxy_connect_timeout 1800s;
proxy_buffering off;
client_max_body_size 1G;
expires 4h;
add_header Cache-Control "private";
}

6
conf/nginx/services.d/website.conf

@ -0,0 +1,6 @@
location / {
expires 4h;
add_header Cache-Control "private";
root /srv/www;
}

3
conf/nginx/upstream_agent.conf

@ -0,0 +1,3 @@
upstream kasm_agent {
server kasm_agent:4444;
}

3
conf/nginx/upstream_api.conf

@ -0,0 +1,3 @@
upstream kasm_api {
server kasm_api:8080;
}

3
conf/nginx/upstream_manager.conf

@ -0,0 +1,3 @@
upstream kasm_manager {
server kasm_manager:8181;
}

3
conf/nginx/upstream_share.conf

@ -0,0 +1,3 @@
upstream kasm_share {
server kasm_share:8182;
}

34
docker/docker-compose-agent.yaml

@ -0,0 +1,34 @@
version: '3'
services:
kasm_agent:
container_name: kasm_agent
user: root
image: "kasmweb/agent:1.6.0"
ports:
- "4444"
networks:
- kasm_default_network
volumes:
- /opt/kasm/1.6.0:/opt/kasm/current
- /var/run/docker.sock:/var/run/docker.sock
- /usr/bin/docker:/usr/bin/docker
- /opt/kasm/1.6.0/conf/nginx:/etc/nginx/conf.d
restart: always
proxy:
container_name: kasm_proxy
image: "nginx:alpine"
ports:
- "443:443"
networks:
- kasm_default_network
volumes:
- /opt/kasm/1.6.0/conf/nginx:/etc/nginx/conf.d:ro
- /opt/kasm/1.6.0/certs/kasm_nginx.key:/etc/ssl/private/kasm_nginx.key
- /opt/kasm/1.6.0/certs/kasm_nginx.crt:/etc/ssl/certs/kasm_nginx.crt
- /opt/kasm/1.6.0/www:/srv/www:ro
restart: always
depends_on:
- kasm_agent
networks:
kasm_default_network:
external: true

113
docker/docker-compose-all.yaml

@ -0,0 +1,113 @@
version: '3'
services:
db:
container_name: kasm_db
image: postgres:9.5-alpine
restart: always
ports:
- "5432:5432"
networks:
- kasm_default_network
environment:
POSTGRES_PASSWORD: changeme
POSTGRES_USER: kasmapp
POSTGRES_DB: kasm
volumes:
- /opt/kasm/1.6.0/conf/database/data.sql:/docker-entrypoint-initdb.d/data.sql
- /opt/kasm/1.6.0/conf/database/:/tmp/
- kasm_db_1.6.0:/var/lib/postgresql/data
restart: always
kasm_redis:
container_name: kasm_redis
command: ["sh", "-c", "redis-server --requirepass $${REDIS_PASSWORD}"]
user: "${KASM_UID?}:${KASM_GID?}"
image: redis:5-alpine
restart: always
ports:
- "6379:6379"
networks:
- kasm_default_network
environment:
REDIS_PASSWORD: changeme
restart: always
kasm_api:
container_name: kasm_api
user: "${KASM_UID?}:${KASM_GID?}"
image: "kasmweb/api:1.6.0"
ports:
- "8080"
networks:
- kasm_default_network
volumes:
- /opt/kasm/1.6.0:/opt/kasm/current
depends_on:
- db
restart: always
kasm_manager:
container_name: kasm_manager
user: "${KASM_UID?}:${KASM_GID?}"
image: "kasmweb/manager:1.6.0"
ports:
- "8181"
networks:
- kasm_default_network
volumes:
- /opt/kasm/1.6.0:/opt/kasm/current
depends_on:
- db
restart: always
kasm_agent:
container_name: kasm_agent
user: root
image: "kasmweb/agent:1.6.0"
ports:
- "4444"
networks:
- kasm_default_network
volumes:
- /opt/kasm/1.6.0:/opt/kasm/current
- /var/run/docker.sock:/var/run/docker.sock
- /usr/bin/docker:/usr/bin/docker
- /opt/kasm/1.6.0/conf/nginx:/etc/nginx/conf.d
depends_on:
- kasm_manager
restart: always
kasm_share:
container_name: kasm_share
user: root
image: "kasmweb/share:1.6.0"
ports:
- "8182"
networks:
- kasm_default_network
volumes:
- /opt/kasm/1.6.0:/opt/kasm/current
restart: always
depends_on:
- db
- kasm_redis
proxy:
container_name: kasm_proxy
image: "nginx:alpine"
ports:
- "443:443"
networks:
- kasm_default_network
volumes:
- /opt/kasm/1.6.0/conf/nginx:/etc/nginx/conf.d:ro
- /opt/kasm/1.6.0/certs/kasm_nginx.key:/etc/ssl/private/kasm_nginx.key
- /opt/kasm/1.6.0/certs/kasm_nginx.crt:/etc/ssl/certs/kasm_nginx.crt
- /opt/kasm/1.6.0/www:/srv/www:ro
depends_on:
- kasm_manager
- kasm_api
- kasm_agent
- kasm_share
restart: always
volumes:
kasm_db_1.6.0:
external: true
networks:
kasm_default_network:
external: true

42
docker/docker-compose-api.yaml

@ -0,0 +1,42 @@
version: '3'
services:
kasm_api:
container_name: kasm_api
user: "${KASM_UID?}:${KASM_GID?}"
image: "kasmweb/api:1.6.0"
ports:
- "8080"
networks:
- kasm_default_network
volumes:
- /opt/kasm/1.6.0:/opt/kasm/current
restart: always
proxy:
container_name: kasm_proxy
image: "nginx:alpine"
ports:
- "443:443"
networks:
- kasm_default_network
volumes:
- /opt/kasm/1.6.0/conf/nginx:/etc/nginx/conf.d:ro
- /opt/kasm/1.6.0/certs/kasm_nginx.key:/etc/ssl/private/kasm_nginx.key
- /opt/kasm/1.6.0/certs/kasm_nginx.crt:/etc/ssl/certs/kasm_nginx.crt
- /opt/kasm/1.6.0/www:/srv/www:ro
depends_on:
- kasm_api
restart: always
kasm_share:
container_name: kasm_share
user: root
image: "kasmweb/share:1.6.0"
ports:
- "8182"
networks:
- kasm_default_network
volumes:
- /opt/kasm/1.6.0:/opt/kasm/current
restart: always
networks:
kasm_default_network:
external: true

93