-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
68 lines (57 loc) · 2.69 KB
/
Dockerfile
File metadata and controls
68 lines (57 loc) · 2.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# Dockerfile for Debian Bookworm with XFCE and TigerVNC
FROM debian:bookworm-slim
# Prevent debconf from asking questions during package installation
ENV DEBIAN_FRONTEND=noninteractive
# Default VNC password and user settings
# IMPORTANT: Override VNC_PASSWORD at runtime for security, e.g., -e VNC_PASSWORD=yoursecurepassword
ENV VNC_PASSWORD=123456
ENV USER_NAME=debian
ENV HOME_DIR=/home/debian
# Install dependencies: XFCE, TigerVNC, sudo, and other utilities
RUN apt-get update && \
apt-get install -y --no-install-recommends \
tigervnc-standalone-server \
tigervnc-common \
tigervnc-tools \
firefox-esr \
xfce4 \
xfce4-goodies \
dbus-x11 \
sudo \
iproute2 && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Create a non-root user and set its password (using VNC_PASSWORD)
# Grant sudo privileges to the user (useful for debugging within the container)
RUN useradd -m -s /bin/bash ${USER_NAME} && \
echo "${USER_NAME}:${VNC_PASSWORD}" | chpasswd && \
echo "${USER_NAME} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
RUN mkdir -pv /etc/tigervnc && \
echo ":1=debian" > /etc/tigervnc/vncserver.users && \
echo '1;' > /etc/tigervnc/vncserver-config-defaults && \
echo '$localhost="no";' >> /etc/tigervnc/vncserver-config-defaults && \
echo '$SecurityTypes="VncAuth,Plain";' >> /etc/tigervnc/vncserver-config-defaults && \
echo '$geometry="800x600";' >> /etc/tigervnc/vncserver-config-defaults && \
echo 'alwaysshared;' >> /etc/tigervnc/vncserver-config-defaults # Allow multiple viewers to connect
# Switch to the non-root user
USER ${USER_NAME}
WORKDIR ${HOME_DIR}
# Configure VNC server for the user
RUN mkdir -p ${HOME_DIR}/.vnc && \
# Set VNC password
echo "${VNC_PASSWORD}\n\n" | vncpasswd -f > ${HOME_DIR}/.vnc/passwd && \
chmod 600 ${HOME_DIR}/.vnc/passwd
# Create VNC xstartup script to launch XFCE desktop environment
RUN echo '#!/bin/sh' > ${HOME_DIR}/.vnc/xstartup && \
echo '# Ensure Xresources are loaded if they exist' >> ${HOME_DIR}/.vnc/xstartup && \
echo '[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources' >> ${HOME_DIR}/.vnc/xstartup && \
echo '# Start vncconfig for clipboard integration etc.' >> ${HOME_DIR}/.vnc/xstartup && \
echo 'vncconfig -iconic &' >> ${HOME_DIR}/.vnc/xstartup && \
echo '# Launch XFCE session with D-Bus' >> ${HOME_DIR}/.vnc/xstartup && \
echo 'dbus-launch --exit-with-session startxfce4' >> ${HOME_DIR}/.vnc/xstartup && \
chmod +x ${HOME_DIR}/.vnc/xstartup
# Expose VNC port (default for display :1 is 5901)
EXPOSE 5901
# Default command to run VNC server on display :1 in the foreground
# This will use settings from ${HOME_DIR}/.vnc/config
CMD ["/usr/bin/vncserver", ":1", "-fg"]