From 15abe20289b6be802db008f74bc148ef2c7329cc Mon Sep 17 00:00:00 2001
From: Gerard Braad <me@gbraad.nl>
Date: Sat, 1 Feb 2025 13:00:29 +0800
Subject: [PATCH] Add audio support to rdesktop

---
 .../workflows/build-diskimages-release.yaml   |  4 +-
 assets/generate-certs.service                 | 12 ++++
 assets/generate-certs.sh                      | 10 ++++
 assets/kasmvnc.yaml                           | 22 ++++++++
 assets/kclient.service                        | 11 ++++
 assets/pulseaudio.service                     | 10 ++++
 assets/rdesktop.ini                           |  5 ++
 assets/rdesktopexec                           |  6 ++
 containers/Containerfile-rdesktop             | 56 ++++++++++++++++++-
 9 files changed, 132 insertions(+), 4 deletions(-)
 create mode 100644 assets/generate-certs.service
 create mode 100755 assets/generate-certs.sh
 create mode 100644 assets/kasmvnc.yaml
 create mode 100644 assets/kclient.service
 create mode 100644 assets/pulseaudio.service
 create mode 100644 assets/rdesktop.ini
 create mode 100755 assets/rdesktopexec

diff --git a/.github/workflows/build-diskimages-release.yaml b/.github/workflows/build-diskimages-release.yaml
index 8f49658..67291b8 100644
--- a/.github/workflows/build-diskimages-release.yaml
+++ b/.github/workflows/build-diskimages-release.yaml
@@ -123,7 +123,7 @@ jobs:
     - name: Create a GitHub release
       uses: ncipollo/release-action@v1
       with:
-        tag: 41
+        tag: latest
         name: Latest disk images
         body: ${{ env.BODY }}
-        artifacts: "output/bootiso/*.iso,./output/qcow2/*,"
\ No newline at end of file
+        artifacts: "output/bootiso/*.iso,./output/qcow2/*,"
diff --git a/assets/generate-certs.service b/assets/generate-certs.service
new file mode 100644
index 0000000..f986714
--- /dev/null
+++ b/assets/generate-certs.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Generate certificates for rdesktop services
+Before=kasnvncservice.service
+Before=kclient.service
+
+[Service]
+Type=oneshot
+ExecStart=/bin/bash -c 'if [ ! -f /opt/rdesktop/certificate.pem ]; then /etc/rdesktop/generate-certs.sh ; fi'
+
+[Install]
+WantedBy=kasmvncserver.service
+WantedBy=kclient.service
diff --git a/assets/generate-certs.sh b/assets/generate-certs.sh
new file mode 100755
index 0000000..7af424a
--- /dev/null
+++ b/assets/generate-certs.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+openssl req -new -x509 -days 3650 -nodes \
+    -out /etc/rdesktop/certificate.pem \
+    -keyout /etc/rdesktop/privatekey.key \
+    -subj "/C=NL/ST=none/L=none/O=SpotSnel/OU=RDesktop/CN=*"
+
+chown :users /etc/rdesktop/certificate.pem /etc/rdesktop/privatekey.key
+chmod g+r /etc/rdesktop/certificate.pem /etc/rdesktop/privatekey.key
+
diff --git a/assets/kasmvnc.yaml b/assets/kasmvnc.yaml
new file mode 100644
index 0000000..350e06e
--- /dev/null
+++ b/assets/kasmvnc.yaml
@@ -0,0 +1,22 @@
+network:
+  protocol: http
+  interface: 0.0.0.0
+  websocket_port: 8445
+  use_ipv4: true
+  use_ipv6: true
+  udp:
+    public_ip: auto
+    port: auto
+    stun_server: auto
+  ssl:
+    pem_certificate: /etc/rdesktop/certificate.pem
+    pem_key: /etc/rdesktop/privatekey.key
+    require_ssl: false
+
+logging:
+  log_writer_name: all
+  log_dest: logfile
+  level: 1
+
+command_line:
+  prompt: false
diff --git a/assets/kclient.service b/assets/kclient.service
new file mode 100644
index 0000000..31fa0ef
--- /dev/null
+++ b/assets/kclient.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=kclient wrapper
+
+[Service]
+Type=notify
+User=gbraad
+ExecStart=/usr/bin/env node /opt/kclient/index.js
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
diff --git a/assets/pulseaudio.service b/assets/pulseaudio.service
new file mode 100644
index 0000000..087d59a
--- /dev/null
+++ b/assets/pulseaudio.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=PulseAudio system server
+
+[Service]
+Type=notify
+ExecStart=pulseaudio --daemonize=no --system --realtime --log-target=journal
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
diff --git a/assets/rdesktop.ini b/assets/rdesktop.ini
new file mode 100644
index 0000000..bccef6e
--- /dev/null
+++ b/assets/rdesktop.ini
@@ -0,0 +1,5 @@
+[rdesktop]
+    title = "KasmVNC Client"
+    exec = ""
+    fmhome = "/"
+    subfolder = "/"	
diff --git a/assets/rdesktopexec b/assets/rdesktopexec
new file mode 100755
index 0000000..999a9ad
--- /dev/null
+++ b/assets/rdesktopexec
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+CONFIG="/etc/rdesktop/rdesktop.ini"
+alias rdesktopini="git config -f $CONFIG"
+
+eval $(rdesktopini --get rdesktop.exec)
diff --git a/containers/Containerfile-rdesktop b/containers/Containerfile-rdesktop
index 46c0f81..26f3612 100644
--- a/containers/Containerfile-rdesktop
+++ b/containers/Containerfile-rdesktop
@@ -1,10 +1,32 @@
 ARG BASE_IMAGE="ghcr.io/gbraad-devenv/fedora/systemd"
 ARG BASE_VERSION="41"
 
+FROM ${BASE_IMAGE}:${BASE_VERSION} as kclient-build
+
+RUN dnf install -y \
+	"@development-tools" \
+	gcc-c++ \
+	nodejs \
+	nodejs-devel \
+	pulseaudio-libs-devel
+
+RUN cd /opt \
+	&& git clone https://github.com/gbraad-devenv/kclient \
+	&& cd kclient \
+	&& npm install .
+
+
 FROM ${BASE_IMAGE}:${BASE_VERSION}
 
 LABEL org.opencontainers.image.source = "https://github.com/gbraad-devenv/fedora"
 
+# audio support
+RUN dnf install -y \
+	pulseaudio \
+	alsa-plugins-pulseaudio \
+    && dnf clean all \
+    && rm -rf /var/cache/yum
+
 # graphical
 RUN dnf install -y \
         novnc \
@@ -25,27 +47,57 @@ RUN dnf install -y \
     && dnf clean all \
     && rm -rf /var/cache/yum
 
+# kasmvnc
 RUN dnf install -y https://github.com/spotsnel/AltRPMS-KasmVNC/releases/download/1.3.3/kasmvncserver-1.3.3-1.fc41.x86_64.rpm \
     && dnf clean all \
     && rm -rf /var/cache/yum \
     && usermod -a -G kasmvnc-cert gbraad
 
 COPY assets/kasmvncserver.service /etc/systemd/system
+COPY assets/kasmvnc.yaml /etc/kasmvnc/
+
+COPY assets/pulseaudio.service /etc/systemd/system
+
+RUN usermod -aG pulse-access gbraad \
+    && mkdir -p /etc/rdesktop
+
+COPY assets/rdesktop.ini /etc/rdesktop/rdesktop.ini
+COPY assets/rdesktopexec /usr/bin
+
+RUN chown :users /etc/rdesktop/rdesktop.ini \
+    && chmod g+w /etc/rdesktop/rdesktop.ini \
+    && chown :users /etc/rdesktop \
+    && chmod g+w /etc/rdesktop
+
+RUN dnf install -y \
+	nodejs \
+    && dnf clean all \
+    && rm -rf /var/cache/yum
+
+COPY --from=kclient-build /opt/kclient /opt/kclient
+COPY assets/kclient.service /etc/systemd/system
 
 # Userspace does not expose 100.100.100.100
 #RUN sed -i 's/^FLAGS=".*"/FLAGS="--tun=userspace-networking"/' /etc/default/tailscaled
 
+COPY assets/generate-certs.service /etc/systemd/system
+COPY assets/generate-certs.sh /etc/rdesktop
+
 USER gbraad
 
 RUN mkdir -p ~/.vnc \
     && echo $'#!/bin/sh\ni3 &' > ~/.vnc/xstartup \
     && chmod +x ~/.vnc/xstartup \
     && /bin/bash -c "echo -e 'password\npassword\n\n' | kasmvncpasswd -u gbraad -w" \
-    && touch ~/.vnc/.de-was-selected    
+    && touch ~/.vnc/.de-was-selected 
 
 # systemd is already set up in systemd image; make sure to use root
 USER root
 
-RUN systemctl enable kasmvncserver
+RUN systemctl enable kasmvncserver \
+    && systemctl enable pulseaudio \
+    && systemctl enable kclient \
+    && systemctl enable generate-certs
 
 #ENTRYPOINT ["/sbin/init"]
+