From 9332d7c8031eaa1cc5f095a5d8f5dcceb8672e1c Mon Sep 17 00:00:00 2001
From: Nathan Rodet <nrodet@grandlyon.com>
Date: Fri, 13 Jan 2023 16:19:05 +0100
Subject: [PATCH] Added ttyd service

---
 instance-scripts/cloud-init.yml            | 13 ++++++++-----
 instance-scripts/config-files/atrium.yaml  | 17 ++++++++++++++++-
 instance-scripts/config-files/ttyd.service |  9 +++++++++
 instance-scripts/scripts/atrium.sh         | 21 ++++++++++++++++-----
 instance-scripts/scripts/code-server.sh    |  4 ++--
 instance-scripts/scripts/ttyd.sh           | 13 +++++++++++++
 instance-scripts/scripts/webtop.sh         |  1 +
 7 files changed, 65 insertions(+), 13 deletions(-)
 create mode 100644 instance-scripts/config-files/ttyd.service
 create mode 100644 instance-scripts/scripts/ttyd.sh

diff --git a/instance-scripts/cloud-init.yml b/instance-scripts/cloud-init.yml
index af2f28e..c255c0a 100644
--- a/instance-scripts/cloud-init.yml
+++ b/instance-scripts/cloud-init.yml
@@ -8,10 +8,11 @@ package_upgrade: true
 packages:
   - curl
   - git
+  - argon2
 
 runcmd:
 #
-# cloud-init execute cmd before HOME and USER are set.
+# Cloud-init execute cmd before HOME and USER are set.
 #
   - "export HOME=/root"
   - "export USER=root"
@@ -26,18 +27,20 @@ runcmd:
 #
 # Install Atrium
 #
-  - "curl https://forge.grandlyon.com/systemes-dinformation/alpha/projects/labo-rust/-/raw/develop/instance-scripts/config-files/atrium.yaml -o root/atrium.yaml"
   - "curl https://forge.grandlyon.com/systemes-dinformation/alpha/projects/labo-rust/-/raw/develop/instance-scripts/scripts/atrium.sh | bash"
 #
-# Install And Run Code Server
+# Install Code Server
 #
-  - "curl https://forge.grandlyon.com/systemes-dinformation/alpha/projects/labo-rust/-/raw/develop/instance-scripts/config-files/config.yaml -o root/config.yaml"
   - "curl https://forge.grandlyon.com/systemes-dinformation/alpha/projects/labo-rust/-/raw/develop/instance-scripts/scripts/code-server.sh | bash"
 #
-# Run Webtop Container
+# Install Webtop
 #
   - "curl https://forge.grandlyon.com/systemes-dinformation/alpha/projects/labo-rust/-/raw/develop/instance-scripts/scripts/webtop.sh | sh"
 #
+# Install ttyd
+#
+  - "curl https://forge.grandlyon.com/systemes-dinformation/alpha/projects/labo-rust/-/raw/develop/instance-scripts/scripts/ttyd.sh | bash"
+#
 # Install Repository
 #
   - "git clone https://github.com/NathanRodet/rust-axum-demo /root/rust-axum-demo"
\ No newline at end of file
diff --git a/instance-scripts/config-files/atrium.yaml b/instance-scripts/config-files/atrium.yaml
index 4aff5a3..af50a7c 100644
--- a/instance-scripts/config-files/atrium.yaml
+++ b/instance-scripts/config-files/atrium.yaml
@@ -17,4 +17,19 @@ apps: # optional : applications served by atrium
     color: 4292030255
     is_proxy: true
     host: desktop-%atrium_count_index%
-    target: localhost:8081
\ No newline at end of file
+    target: localhost:8081
+  - id: 3
+    name: Terminal %atrium_count_index%
+    icon: terminal
+    color: 4292030255
+    is_proxy: true
+    host: terminal-%atrium_count_index%
+    target: localhost:8082
+    secured: true
+    login: admin
+    password: %user_password%
+users:
+  - login: admin
+    password: %user_password_hash%
+    roles:
+      - ADMINS
\ No newline at end of file
diff --git a/instance-scripts/config-files/ttyd.service b/instance-scripts/config-files/ttyd.service
new file mode 100644
index 0000000..9779f72
--- /dev/null
+++ b/instance-scripts/config-files/ttyd.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=ttyd web server to allow remote access to terminal
+After=network.target
+
+[Service]
+ExecStart=/root/ttyd/ttyd.86_64 -p 8082 -i lo -c admin:%user_password% -T xterm bash
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/instance-scripts/scripts/atrium.sh b/instance-scripts/scripts/atrium.sh
index 53ccdcc..d522bc8 100644
--- a/instance-scripts/scripts/atrium.sh
+++ b/instance-scripts/scripts/atrium.sh
@@ -4,12 +4,17 @@
 # Install Atrium
 #
 
+export USER_PASSWORD_HASH=$(echo "$(scw-userdata user_password)" | argon2 "$(echo $RANDOM | md5sum | head -c 12)" -i -l 32 -e)
+
 mkdir -p /root/atrium/data && mkdir -p /root/atrium/letsencrypt_cache
-sed -i "s/%atrium_hostname%/$(scw-userdata atrium_hostname)/g" /root/atrium.yaml
-sed -i "s/%project_domain%/$(scw-userdata project_domain)/g" /root/atrium.yaml
-sed -i "s/%atrium_letsencrypt_email%/$(scw-userdata atrium_letsencrypt_email)/g" /root/atrium.yaml
-sed -i "s/%atrium_count_index%/$(scw-userdata atrium_count_index)/g" /root/atrium.yaml
-mv /root/atrium.yaml /root/atrium/atrium.yaml
+curl https://forge.grandlyon.com/systemes-dinformation/alpha/projects/labo-rust/-/raw/develop/instance-scripts/config-files/atrium.yaml -o root/atrium/atrium.yaml
+
+sed -i "s|%atrium_hostname%|$(scw-userdata atrium_hostname)|g" /root/atrium/atrium.yaml
+sed -i "s|%project_domain%|$(scw-userdata project_domain)|g" /root/atrium/atrium.yaml
+sed -i "s|%atrium_letsencrypt_email%|$(scw-userdata atrium_letsencrypt_email)|g" /root/atrium/atrium.yaml
+sed -i "s|%atrium_count_index%|$(scw-userdata atrium_count_index)|g" /root/atrium/atrium.yaml
+sed -i "s|%user_password_hash%|$USER_PASSWORD_HASH|g" /root/atrium/atrium.yaml
+sed -i "s|%user_password%|$(scw-userdata atrium_count_index)|g" /root/atrium/atrium.yaml
 chown -Rf 1000:1000 /root/atrium
 
 #
@@ -22,3 +27,9 @@ docker run -d --name atrium \
        -v /root/atrium/atrium.yaml:/app/atrium.yaml \
        -v /root/atrium/letsencrypt_cache:/app/letsencrypt_cache \
        -v /root/atrium/data:/app/data nicolaspernoud/atrium:latest
+
+#
+# Example : Generate user_password Argon2 encoded hash for Atrium
+#
+
+# echo $(scw-userdata user_password) | argon2 $(echo $RANDOM | md5sum | head -c 12) -i -l 32 -e
diff --git a/instance-scripts/scripts/code-server.sh b/instance-scripts/scripts/code-server.sh
index 7b0ee1c..8c267c0 100644
--- a/instance-scripts/scripts/code-server.sh
+++ b/instance-scripts/scripts/code-server.sh
@@ -5,8 +5,8 @@
 #
 
 mkdir -p  /root/.config/code-server/
-sed -i "s/%user_password%/$(scw-userdata user_password)/g" /root/config.yaml
-mv /root/config.yaml /root/.config/code-server/config.yaml
+curl https://forge.grandlyon.com/systemes-dinformation/alpha/projects/labo-rust/-/raw/develop/instance-scripts/config-files/config.yaml -o root/.config/code-server/config.yaml
+sed -i "s/%user_password%/$(scw-userdata user_password)/g" /root/.config/code-server/config.yaml
 curl -fsSL https://code-server.dev/install.sh | sh
 
 #
diff --git a/instance-scripts/scripts/ttyd.sh b/instance-scripts/scripts/ttyd.sh
new file mode 100644
index 0000000..cbe1607
--- /dev/null
+++ b/instance-scripts/scripts/ttyd.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+#
+# Run ttyd service
+#
+
+mkdir -p /root/ttyd
+curl https://github.com/tsl0922/ttyd/releases/download/1.7.2/ttyd.x86_64 -o root/ttyd/ttyd.x86_64
+chmod +x /root/ttyd/ttyd.x86_64
+curl https://forge.grandlyon.com/systemes-dinformation/alpha/projects/labo-rust/-/raw/develop/instance-scripts/config-files/ttyd.service -o etc/systemd/system/ttyd.service
+sed -i "s|%user_password%|$(scw-userdata atrium_count_index)|g" /etc/systemd/system/ttyd.service
+
+systemctl enable ttyd.service && systemctl start ttyd.service
\ No newline at end of file
diff --git a/instance-scripts/scripts/webtop.sh b/instance-scripts/scripts/webtop.sh
index af8685b..badf7d0 100644
--- a/instance-scripts/scripts/webtop.sh
+++ b/instance-scripts/scripts/webtop.sh
@@ -3,6 +3,7 @@
 #
 # Run Webtop Container
 #
+
 docker run -d --name=webtop \
        --security-opt seccomp=unconfined \
        -e PUID=0 \
-- 
GitLab