添加 WEB 终端和以下 Docker 环境变量

NOAUTH 禁用身份认证
NOWEBTERMWRITE 禁用 WEB 终端输入
NOWEBTERM 禁用 WEB 终端
NOVNC 禁用 VNC
NOIPMI 禁用 IPMI

build/Dockerfile

@@ -48,6 +48,7 @@ COPY --from=builder /tmp/ustreamer/ustreamer /tmp/ustreamer/ustreamer-dump /usr/
 COPY --from=builder /tmp/wheel/*.whl /tmp/wheel/
 COPY --from=builder /tmp/ustreamer/libjanus_ustreamer.so /usr/lib/ustreamer/janus/
 
+ARG TARGETARCH
 
 ENV PYTHONDONTWRITEBYTECODE 1
 ENV PYTHONUNBUFFERED 1
@@ -59,10 +60,15 @@ RUN cp /tmp/lib/* /lib/*-linux-*/ \
 
 RUN sed -i 's/deb.debian.org/mirrors.tuna.tsinghua.edu.cn/' /etc/apt/sources.list.d/debian.sources \
     && apt-get update \
-    && apt-get install -y --no-install-recommends libxkbcommon-x11-0 nginx tesseract-ocr tesseract-ocr-eng tesseract-ocr-chi-sim iptables sudo janus \
+    && apt-get install -y --no-install-recommends libxkbcommon-x11-0 nginx tesseract-ocr tesseract-ocr-eng tesseract-ocr-chi-sim iptables sudo janus curl\
     && rm -rf /var/lib/apt/lists/*
 
-RUN mkdir -p \
+RUN if [ ${TARGETARCH} = arm ]; then ARCH=armhf; elif [ ${TARGETARCH} = arm64 ]; then ARCH=aarch64; elif [ ${TARGETARCH} = amd64 ]; then ARCH=x86_64; fi \
+    && curl https://github.com/tsl0922/ttyd/releases/download/1.7.7/ttyd.$ARCH -L -o /usr/local/bin/ttyd \
+    && chmod +x /usr/local/bin/ttyd \
+    && adduser kvmd --gecos "" --disabled-password \
+    && ln -sf /usr/share/tesseract-ocr/*/tessdata /usr/share/tessdata \
+    && mkdir -p \
     /etc/kvmd/nginx \
     /etc/kvmd/vnc \
     /etc/kvmd/override.d\
@@ -71,7 +77,9 @@ RUN mkdir -p \
     /var/lib/kvmd/pst/data \
     /opt/vc/bin \
     /run/kvmd \
-    /tmp/kvmd-nginx
+    /tmp/kvmd-nginx \
+    && touch /run/kvmd/ustreamer.sock /etc/kvmd/.docker_flag
+
 
 COPY testenv/fakes/vcgencmd /usr/bin/
 COPY extras/ /usr/share/kvmd/extras/
@@ -87,11 +95,4 @@ COPY build/v2-hdmiusb-rpi4.override.yaml /etc/kvmd/override.yaml
 COPY configs/kvmd/main/v2-hdmiusb-rpi4.yaml /etc/kvmd/main.yaml
 COPY testenv/js/* /usr/share/janus/javascript/
 
-RUN touch /run/kvmd/ustreamer.sock /etc/kvmd/.docker_flag \
-    && adduser kvmd --gecos "" --disabled-password \
-    && ln -sf /usr/share/tesseract-ocr/*/tessdata /usr/share/tessdata
-
-#RUN bash /etc/kvmd/init.sh
-
-EXPOSE 4430
 CMD ["/etc/kvmd/init.sh"]

build/v2-hdmiusb-rpi4.override.yaml

@@ -1,4 +1,7 @@
 kvmd:
+    auth:
+        enabled: true
+
     server:
         unix_mode: 0666
 

configs/kvmd/armbain-motd

@@ -0,0 +1,28 @@
+#!/bin/bash 
+ 
+if [ -e /etc/update-motd.d/10-armbian-header ]; then /etc/update-motd.d/10-armbian-header; fi
+if [ -e /etc/update-motd.d/30-armbian-sysinfo ]; then /etc/update-motd.d/30-armbian-sysinfo; fi
+if [ -e /etc/update-motd.d/41-armbian-config ]; then /etc/update-motd.d/41-armbian-config; fi
+ 
+printf "
+
+ ██████╗ ███╗   ██╗███████╗    ██╗  ██╗██╗   ██╗███╗   ███╗
+██╔═══██╗████╗  ██║██╔════╝    ██║ ██╔╝██║   ██║████╗ ████║
+██║   ██║██╔██╗ ██║█████╗█████╗█████╔╝ ██║   ██║██╔████╔██║
+██║   ██║██║╚██╗██║██╔══╝╚════╝██╔═██╗ ╚██╗ ██╔╝██║╚██╔╝██║
+╚██████╔╝██║ ╚████║███████╗    ██║  ██╗ ╚████╔╝ ██║ ╚═╝ ██║
+ ╚═════╝ ╚═╝  ╚═══╝╚══════╝    ╚═╝  ╚═╝  ╚═══╝  ╚═╝     ╚═╝
+
+____________________________________________________________________________
+
+欢迎使用 One-KVM，基于开源程序 PiKVM 的 IP-KVM 应用
+
+项目链接：
+    * One-KVM：https://github.com/mofeng-git/One-KVM
+
+文档链接：
+    * One-KVM：https://one-kvm.mofeng.run
+
+____________________________________________________________________________
+
+"

configs/kvmd/init.sh

@@ -10,15 +10,88 @@ echo -e "${GREEN}One-KVM pre-starting...${NC}"
 
 #仅首次运行，用于初始化配置文件
 if [ ! -f /etc/kvmd/.init_flag ]; then
+
     #生成 ssl 证书 和 vnc 证书
     /usr/share/kvmd/kvmd-gencert --do-the-thing
     /usr/share/kvmd/kvmd-gencert --do-the-thing --vnc
+
     #生成 nginx 配置文件
     if [ "$NOSSL" = 1 ]; then
+         echo -e "${GREEN}One-KVM SSL is disabled.${NC}"
         python -m kvmd.apps.ngxmkconf /etc/kvmd/nginx/nginx.conf.mako /etc/kvmd/nginx/nginx.conf  -o nginx/https/enabled=false
     else
         python -m kvmd.apps.ngxmkconf /etc/kvmd/nginx/nginx.conf.mako /etc/kvmd/nginx/nginx.conf
     fi
+
+    #生成 supervisord 配置文件是否添加扩展服务
+
+    if [ "$NOAUTH" == "1" ]; then
+        sed -i "s/enabled: true/enabled: false/g" /etc/kvmd/override.yaml
+    fi
+
+    if [ "$NOWEBTERMWRITE" == "1" ]; then
+        WEBTERMWRITE == ""
+    else
+        WEBTERMWRITE == "-W"
+    fi
+
+    if [ "$NOWEBTERM" == "1" ]; then
+        echo -e "${GREEN}One-KVM webterm is disabled.${NC}"
+        rm -r /usr/share/kvmd/extras/webterm
+    else
+        cat >> /etc/kvmd/supervisord.conf  << EOF
+
+[program:kvmd-webterm]
+command=/usr/local/bin/ttyd --interface=/run/kvmd/ttyd.sock --port=0 $WEBTERMWRITE /bin/bash -c '/etc/kvmd/armbain-motd; bash'
+directory=/
+autostart=true
+autorestart=true
+priority=14
+stopasgroup=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes = 0
+redirect_stderr=true
+EOF
+    fi
+
+    if [  "&NOVNC" == "1" ]; then
+        echo -e "${GREEN}One-KVM VNC is disabled.${NC}"
+        rm -r /usr/share/kvmd/extras/vnc
+    else
+        cat >> /etc/kvmd/supervisord.conf << EOF
+
+[program:kvmd-vnc]
+command=python -m kvmd.apps.vnc --run
+directory=/
+autostart=true
+autorestart=true
+priority=11
+stopasgroup=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes = 0
+redirect_stderr=true
+EOF
+    fi
+
+    if [  "$NOIPMI" == "1" ]; then
+        echo -e "${GREEN}One-KVM IPMI is disabled.${NC}"
+        rm -r /usr/share/kvmd/extras/ipmi
+    else
+        cat >> /etc/kvmd/supervisord.conf << EOF
+
+[program:kvmd-ipmi]
+command=python -m kvmd.apps.ipmi --run
+directory=/
+autostart=true
+autorestart=true
+priority=12
+stopasgroup=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes = 0
+redirect_stderr=true
+EOF
+    fi
+
     #OTG 初始化修改默认配置文件
     if [ "$OTG" == "1" ]; then
         echo -e "${GREEN}One-KVM OTG is enabled.${NC}"
@@ -38,11 +111,13 @@ stdout_logfile_maxbytes = 0
 redirect_stderr=true
 EOF
     fi
+
     #/dev/video0 设备优先级高于 /dev/kvmd-video
     if [ -f /dev/video0 ]; then
         echo -e "${GREEN}Found /dev/video0, use it as kvmd video device.${NC}"
         sed -i "s/\/dev\/kvmd-video/\/dev\/video0/g" /etc/kvmd/override.yaml
     fi
+
     #设置用户账号密码
     if [ ! -z "$USERNAME" ] && [ ! -z "$PASSWORD" ]; then
         python -m kvmd.apps.htpasswd del admin
@@ -52,6 +127,7 @@ EOF
     else
         echo -e "${YELLOW} USERNAME and PASSWORD environment variables is not set, using defalut(admin/admin).${NC}"
     fi
+
     #新建 flag 标记文件
     touch /etc/kvmd/.init_flag
 fi

configs/kvmd/supervisord.conf

@@ -25,28 +25,6 @@ stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes = 0
 redirect_stderr=true
 
-[program:kvmd-vnc]
-command=python -m kvmd.apps.vnc --run
-directory=/
-autostart=true
-autorestart=true
-priority=11
-stopasgroup=true
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes = 0
-redirect_stderr=true
-
-[program:kvmd-ipmi]
-command=python -m kvmd.apps.ipmi --run
-directory=/
-autostart=true
-autorestart=true
-priority=12
-stopasgroup=true
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes = 0
-redirect_stderr=true
-
 [program:kvmd-janus]
 command=python -m kvmd.apps.janus --run
 autostart=true
@@ -61,6 +39,7 @@ redirect_stderr=true
 command=nginx -c /etc/kvmd/nginx/nginx.conf -g 'daemon off;user root; error_log stderr;'
 autostart=true
 autorestart=true
+startsecs=10
 priority=100
 stopasgroup=true
 stdout_logfile=/dev/stdout

extras/webterm/manifest.yaml

@@ -0,0 +1,6 @@
+name: Terminal
+description: Open terminal in a web browser
+icon: extras/webterm/terminal.svg
+path: extras/webterm/ttyd
+daemon: kvmd-webterm
+place: 10

extras/webterm/nginx.ctx-http.conf

@@ -0,0 +1,3 @@
+upstream ttyd {
+	server unix:/run/kvmd/ttyd.sock fail_timeout=0s max_fails=0;
+}

extras/webterm/nginx.ctx-server.conf

@@ -0,0 +1,11 @@
+location /extras/webterm/ttyd {
+	rewrite ^([^.\?]*[^/(/ws)])$ $1/ permanent;
+	rewrite ^/extras/webterm/ttyd$ / break;
+	rewrite ^/extras/webterm/ttyd\?(.*)$ ?$1 break;
+	rewrite ^/extras/webterm/ttyd/(.*)$ /$1 break;
+	proxy_pass http://ttyd;
+	include /etc/kvmd/nginx/loc-proxy.conf;
+	include /etc/kvmd/nginx/loc-websocket.conf;
+	include /etc/kvmd/nginx/loc-login.conf;
+	include /etc/kvmd/nginx/loc-nocache.conf;
+}

web/extras/webterm/terminal.svg

@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!-- Generator: Adobe Illustrator 18.1.1, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Capa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 31.586 31.586" style="enable-background:new 0 0 31.586 31.586;" xml:space="preserve">
+<g>
+	<path d="M29.331,2.256H2.259C1.01,2.256,0,3.265,0,4.511v22.565c0,1.244,1.01,2.255,2.259,2.255h27.072
+		c1.242,0,2.255-1.011,2.255-2.255V4.511C31.586,3.265,30.573,2.256,29.331,2.256z M10.788,3.95c0.623,0,1.126,0.502,1.126,1.128
+		c0,0.623-0.503,1.125-1.126,1.125S9.659,5.701,9.659,5.078C9.659,4.452,10.165,3.95,10.788,3.95z M7.334,3.95
+		c0.623,0,1.129,0.502,1.129,1.128c0,0.623-0.506,1.125-1.129,1.125c-0.625,0-1.131-0.503-1.131-1.125
+		C6.203,4.452,6.709,3.95,7.334,3.95z M3.947,3.95c0.623,0,1.129,0.502,1.129,1.128c0,0.623-0.506,1.125-1.129,1.125
+		c-0.621,0-1.126-0.503-1.126-1.125C2.821,4.452,3.326,3.95,3.947,3.95z M29.331,27.076H2.259V7.922h27.072
+		C29.331,7.922,29.331,27.076,29.331,27.076z M29.331,5.665H13.536V4.537h15.795C29.331,4.537,29.331,5.665,29.331,5.665z"/>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+	<g>
+	</g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+<g>
+</g>
+</svg>