[CentOS] Private Browse With Docker, Centos, Mate Desktop, VNC, OpenVPN and Tor
Andreas Benzler
andreas at benzlerweb.de
Sun Oct 15 10:34:25 UTC 2017
Here is my complete setup with Docker for example.
what I use: CentOS and Mate Desktop,systemd and VNC. It provides additional OpenVPN and Tor.
Mate works better as gnome desktop. If somebody is interested.
Downloaded adobe and nux repo for VLC (needs to be hacked to run as root).
https://github.com/CentOS/sig-cloud-instance-images/tree/66add29c188e42d4d855f4d4acdb2b73d547edb6/docker <https://github.com/CentOS/sig-cloud-instance-images/tree/66add29c188e42d4d855f4d4acdb2b73d547edb6/docker>
Everything runs as root as a test case.
Cheers
Andy
Sample setup:
FROM scratch
ADD centos-7.4.1708-docker.tar.xz /
LABEL name="CentOS Base Image" \
vendor="CentOS" \
license="GPLv2" \
build-date="20170911"
COPY adobe-release-x86_64-1.0-1.noarch.rpm /root/adobeflash.rpm
COPY nux-dextop-release-0-5.el7.nux.noarch.rpm /root/nux.rpm
RUN yum -y install /root/adobeflash.rpm; \
yum -y install epel-release; \
yum -y install /root/nux.rpm; \
rm -f /root/adobeflash.rpm /root/nux.rpm; \
yum -y update; \
yum install -y tigervnc-server xterm ; \
yum install -y mate-applets mate-backgrounds.noarch mate-control-center mate-control-center-filesystem mate-desktop mate-desktop-libs mate-icon-theme mate-menus mate-menus-libs mate-notification-daemon mate-panel mate-panel-libs mate-polkit mate-session-manager mate-settings-daemon mate-system-monitor mate-terminal mate-themes mate-user-guide caja-open-terminal caja-wallpaper pluma engrampa unrar p7zip; \
yum -y install gnome-icon-theme.noarch gnome-keyring gnome-themes-standard;
RUN yum install -y bind-utils net-tools traceroute tor openvpn openssh-server openssh-clients;
RUN yum install -y firefox thunderbird vlc eog ; sed -i 's/geteuid/getppid/' /usr/bin/vlc;
RUN rm -f /etc/localtime;cd /etc; ln -s ln -s ../usr/share/zoneinfo/Europe/Amsterdam localtime
RUN yum -y install ntp; systemctl enable ntpd
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*;\
rm -f /etc/systemd/system/*.wants/*;\
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/anaconda.target.wants/*; \
systemctl enable tor; systemctl enable sshd
VOLUME [ "/sys/fs/cgroup" ]
RUN echo -e 'vncpassword\vncpassword\n' | vncpasswd
RUN cp /lib/systemd/system/vncserver at .service /etc/systemd/system/vncserver@:0.service
RUN sed 's/<USER>/root/g' -i /etc/systemd/system/vncserver@:0.service
RUN sed 's/\/usr\/bin\/vncserver %i/\/usr\/bin\/vncserver %i -geometry 1280x1024/g' -i /etc/systemd/system/vncserver@:0.service
RUN sed 's/\/home\/root/\/root/g' -i /etc/systemd/system/vncserver@:0.service
RUN systemctl enable vncserver@:0.service
RUN echo "#!/bin/sh" > /root/.vnc/xstartup
RUN echo "unset SESSION_MANAGER" >> /root/.vnc/xstartup
RUN echo "unset DBUS_SESSION_BUS_ADDRESS" >> /root/.vnc/xstartup
RUN echo "#exec /etc/X11/xinit/xinitrc" >> /root/.vnc/xstartup
RUN echo "/usr/bin/mate-session" >> /root/.vnc/xstartup
RUN chmod +x /root/.vnc/xstartup
EXPOSE 5900
CMD ["/usr/sbin/init"]
# docker build --squash --rm --no-cache -t 'centos/mate‘ .
#example of runs versions...
# docker run --privileged --device=/dev/tun0:/dev/net/tun -p 24:22 -p 5901:5900 -d 'centos/mate'
# docker run --rm -it --net=host --name docker-myimage -v /sys/fs/cgroup:/sys/fs/cgroup:ro -d 'centos7.4.1708/systemd' -p 5901:5901
More information about the CentOS
mailing list