-
-
Notifications
You must be signed in to change notification settings - Fork 32
/
Copy pathreadme-vars.yml
158 lines (142 loc) · 8.6 KB
/
readme-vars.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
# project information
project_name: kasm
project_url: "https://www.kasmweb.com/?utm_campaign=LinuxServer&utm_source=listing"
project_logo: "https://kasm-ci.s3.amazonaws.com/kasm_wide.png"
project_blurb: |
[{{ project_name|capitalize }}]({{ project_url }}) Workspaces is a docker container streaming platform for delivering browser-based access to desktops, applications, and web services. Kasm uses devops-enabled Containerized Desktop Infrastructure (CDI) to create on-demand, disposable, docker containers that are accessible via web browser. Example use-cases include Remote Browser Isolation (RBI), Data Loss Prevention (DLP), Desktop as a Service (DaaS), Secure Remote Access Services (RAS), and Open Source Intelligence (OSINT) collections.
The rendering of the graphical-based containers is powered by the open-source project [KasmVNC](https://www.kasmweb.com/kasmvnc.html?utm_campaign=LinuxServer&utm_source=kasmvnc).
project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_name }}"
project_categories: "Remote Desktop,Business"
project_blurb_optional_extras_enabled: false
project_blurb_optional_extras: []
# supported architectures
available_architectures:
- {arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
- {arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
# development version
development_versions: true
development_versions_items:
- {tag: "latest", desc: "Stable Kasm releases"}
- {tag: "develop", desc: "Tip of develop"}
# container parameters
common_param_env_vars_enabled: false
param_container_name: "{{ project_name }}"
param_usage_include_net: false
param_usage_include_env: true
param_env_vars:
- {env_var: "KASM_PORT", env_value: "443", desc: "Specify the port you bind to the outside for Kasm Workspaces."}
- {env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London."}
param_usage_include_vols: true
param_volumes:
- {vol_path: "/opt", vol_host_path: "/path/to/data", desc: "Docker and installation storage."}
param_device_map: false
param_devices: []
param_usage_include_ports: true
param_ports:
- {external_port: "3000", internal_port: "3000", port_desc: "Kasm Installation wizard. (https)"}
- {external_port: "443", internal_port: "443", port_desc: "Kasm Workspaces interface. (https)"}
# optional container parameters
opt_param_usage_include_env: true
opt_param_env_vars:
- {env_var: "DOCKER_HUB_USERNAME", env_value: "USER", desc: "Optionally specify a DockerHub Username to pull private images."}
- {env_var: "DOCKER_HUB_PASSWORD", env_value: "PASS", desc: "Optionally specify a DockerHub password to pull private images."}
- {env_var: "DOCKER_MTU", env_value: "1500", desc: "Optionally specify the mtu options passed to dockerd."}
opt_param_usage_include_vols: true
opt_param_volumes:
- {vol_path: "/profiles", vol_host_path: "/path/to/profiles", desc: "Optionally specify a path for persistent profile storage."}
- {vol_path: "/dev/input", vol_host_path: "/dev/input", desc: "Optional for gamepad support."}
- {vol_path: "/run/udev/data", vol_host_path: "/run/udev/data", desc: "Optional for gamepad support."}
opt_security_opt_param: true
opt_security_opt_param_vars:
- {run_var: "apparmor=rootlesskit", compose_var: "apparmor:rootlesskit", desc: "Some hosts require this on top of privileged for namespacing to work properly inside the DinD layer."}
opt_param_usage_include_ports: false
opt_param_ports: []
opt_param_device_map: false
opt_param_devices: []
cap_add_param: false
cap_add_param_vars: []
opt_cap_add_param: false
opt_cap_add_param_vars: []
optional_block_1: false
optional_block_1_items: ""
unraid_template: false
privileged: true
# application setup block
app_setup_block_enabled: true
app_setup_block: |
This container uses [Docker in Docker](https://www.docker.com/blog/docker-can-now-run-within-docker/) and requires being run in `privileged` mode. This container also requires an initial setup that runs on port 3000.
**Unlike other containers the web interface port (default 443) needs to be set for the env variable `KASM_PORT` and both the inside and outside port IE for 4443 `KASM_PORT=4443` `-p 4443:4443`**
**Unraid users due to the DinD storage layer `/opt/` should be mounted directly to a disk IE `/mnt/disk1/appdata/path` or optimally with a cache disk at `/mnt/cache/appdata/path`**
Access the installation wizard at https://`your ip`:3000 and follow the instructions there. Once setup is complete access https://`your ip`:443 and login with the credentials you entered during setup. The default users are:
* admin@kasm.local
* user@kasm.local
Currently Synology systems are not supported due to them blocking CPU scheduling in their Kernel.
### Updating KASM
In order to update kasm, first make sure you are using the latest docker image, and then perform the in app update in the admin panel. Docker image update and recreation of container alone won't update kasm.
### GPU Support
During installation an option will be presented to force all Workspace containers to mount in and use a specific GPU. If using an NVIDIA GPU you will need to pass `-e NVIDIA_VISIBLE_DEVICES=all` or `--gpus all` and have the [NVIDIA Container Runtime](https://github.com/NVIDIA/nvidia-container-runtime) installed on the host. Also if using NVIDIA, Kasm Workspaces has [native NVIDIA support](https://www.kasmweb.com/docs/latest/how_to/gpu.html) so you can optionally opt to simply use that instead of he manual override during installation.
### Gamepad support
In order to properly create virtual Gamepads you will need to mount from your host `/dev/input` and `/run/udev/data`. Please see [HERE](https://www.kasmweb.com/docs/develop/guide/gamepad_passthrough.html) for instructions on enabling gamepad support.
### Persistant profiles
In order to use persistant profiles in Workspaces you will need to mount in a folder to use from your host to `/profiles`. From there when configuring a workspace you can set the `Persistant Profile Path` to IE `/profiles/ubuntu-focal/{username}/`, more infomation can be found [HERE](https://www.kasmweb.com/docs/latest/how_to/persistent_profiles.html).
### Reverse proxy
A sample for [SWAG](https://github.com/linuxserver/docker-swag) can be found [here](https://raw.githubusercontent.com/linuxserver/reverse-proxy-confs/master/kasm.subdomain.conf.sample). Post installation you will need to modify the "Proxy Port" setting under the default zone to 0 as outlined [here](https://www.kasmweb.com/docs/latest/how_to/reverse_proxy.html#update-zones) to launch Workspaces sessions.
# init diagram
init_diagram: |
"kasm:latest": {
docker-mods
base {
fix-attr +\nlegacy cont-init
}
docker-mods -> base
legacy-services
custom services
init-services -> legacy-services
init-services -> custom services
custom services -> legacy-services
legacy-services -> ci-service-check
init-migrations -> init-adduser
init-os-end -> init-config
init-config -> init-config-end
init-config-kasm -> init-config-end
init-config -> init-config-kasm
init-os-end -> init-crontab-config
init-mods-end -> init-custom-files
base -> init-envfile
base -> init-migrations
base -> init-mods
init-config-end -> init-mods
init-mods -> init-mods-end
init-mods-package-install -> init-mods-end
init-mods -> init-mods-package-install
base -> init-os-end
init-adduser -> init-os-end
init-envfile -> init-os-end
init-migrations -> init-os-end
init-custom-files -> init-services
init-mods-end -> init-services
init-services -> svc-cron
svc-cron -> legacy-services
init-config-kasm -> svc-docker
init-services -> svc-docker
svc-docker -> legacy-services
init-config-kasm -> svc-kasm-wizard
init-services -> svc-kasm-wizard
svc-kasm-wizard -> legacy-services
}
Base Images: {
"baseimage-ubuntu:jammy"
}
"kasm:latest" <- Base Images
# changelog
changelogs:
- {date: "09.11.24:", desc: "Update base image for 1.16.1 release."}
- {date: "24.09.24:", desc: "Add base users in docker build logic to survive container upgrades."}
- {date: "17.09.24:", desc: "Update base image for 1.16.0 release and fix Nvidia support."}
- {date: "16.02.24:", desc: "Update base image for 1.15.0 release."}
- {date: "22.08.23:", desc: "Update base image for 1.14.0 release."}
- {date: "07.04.23:", desc: "Add mod layer for ingesting LSIO images for 1.13.0 release."}
- {date: "28.03.23:", desc: "Pin compose to 2.5.0 to be in sync with upstream requirements."}
- {date: "05.11.22:", desc: "Rebase to Jammy, add support for GPUs, add support for Gamepads."}
- {date: "23.09.22:", desc: "Migrate to s6v3."}
- {date: "02.07.22:", desc: "Initial Release."}