Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
userdata script for setting up freenx-server on ubuntu ec2
#!/bin/sh
# us-east-1 ami-42916c2b canonical ebs/ubuntu-natty-daily-i386-desktop-20110327
# ec2-run-instances --instance-type t1.micro --user-data-file /home/smoser/t/nx-setup.ud ami-42916c2b
{
set -x
iusername="nxtest"
ipasswd="foo.bar-NX"
lp_auth="smoser" # auth the user '${lp_auth}' to 'ubuntu' with ssh-import-id
[ -z "${lp_auth}" ] || sudo -Hu ubuntu ssh-import-id ${lp_auth}
sudo -Hu ubuntu byobu-launcher-install
export DEBIAN_FRONTEND=noninteractive
if [ -e /etc/apt/sources.list.d/freenx-team-ppa.list ]; then
rm -f /etc/apt/sources.list.d/freenx-team-ppa.list
apt-get --purge remove neatx-server
apt-get --purge autoremove
fi
apt-add-repository ppa:awstrial-dev/nx
apt-get update
apt-get install --assume-yes freenx-server
rel=$(lsb_release --short --codename)
[ "$rel" = "natty" ] && apt-get install --assume-yes unity-2d
# FIXME: maverick connections will fail without this, permission denied
# trying (as nx user) to write to /var/lib/nx/db
chown -R nx /var/lib/nxserver/
pwa="PasswordAuthentication"
sed -i "s,#*${pwa}.*,${pwa} yes," /etc/ssh/sshd_config
restart ssh
adduser --force-badname --gecos "Demo User,,," \
--disabled-password "${iusername}" ||
fail "failed to add ${iusername}"
echo "${iusername}:${ipasswd}" | chpasswd
adduser "${iusername}" "admin"
[ -d /etc/nxserver ] || mkdir /etc/nxserver
nxd=/etc/nxserver/node.conf.d
echo "NX_LOG_LEVEL=6" > "$nxd/verbose-log.conf"
echo "SESSION_LOG_CLEAN=0" > "$nxd/keep-logs.conf"
echo "COMMAND_START_GNOME='gnome-terminal'" > "${nxd}/gnome-as-xterm.conf"
hdir="/home/${iusername}"
cat > "${hdir}/nxpasswd.pl" <<"EOF"
#!/usr/bin/perl
##
## http://www.nomachine.com/ar/view.php?ar_id=AR01C00125
## no license available on page
use strict;
use Time::localtime;
$::numValidCharList = 85;
$::dummyString = "{{{{";
#
#FOR TEST
#
my $password = @ARGV[0];
#print $password,"\n";
my $scrambled_string = scrambleString($password);
print $scrambled_string; #,"\n";
sub getvalidCharList
{
my $pos = shift;
my @validCharList =
(
"!", "#", "\$", "%", "&", "(", ")", "*", "+", "-",
".", "0", "1", "2", "3", "4", "5", "6", "7", "8",
"9", ":", ";", "<", ">", "?", "@", "A", "B", "C",
"D", "E", "F", "G", "H", "I", "J", "K", "L", "M",
"N", "O", "P", "Q", "R", "S", "T", "U", "V", "W",
"X", "Y", "Z", "[", "]", "_", "a", "b", "c", "d",
"e", "f", "g", "h", "i", "j", "k", "l", "m", "n",
"o", "p", "q", "r", "s", "t", "u", "v", "w", "x",
"y", "z", "{", "|", "}"
);
return $validCharList[$pos];
}
sub encodePassword
{
my $p = shift;
my $sPass = ":";
my $sTmp = "";
if (!$p)
{
return "";
}
for (my $i = 0; $i < length($p); $i++)
{
my $c = substr($p,$i,1);
my $a=ord($c);
$sTmp=($a+$i+1).":";
$sPass .=$sTmp;
$sTmp = "";
}
return $sPass;
}
sub findCharInList
{
my $c = shift;
my $i = -1;
for (my $j = 0; $j < $::numValidCharList; $j++)
{
my $randchar = getvalidCharList($j);
if ($randchar eq $c)
{
$i = $j;
return $i;
}
}
return $i;
}
sub getRandomValidCharFromList
{
my $tm = localtime;
my $k = ($tm->sec);
return getvalidCharList($k);
}
sub scrambleString
{
my $s = shift;
my $sRet = "";
if (!$s)
{
return $s;
}
my $str = encodePassword($s);
if (length($str) < 32)
{
$sRet .= $::dummyString;
}
for ( my $iR = (length($str) - 1); $iR >= 0; $iR--)
{
#
#Reverse string.
#
$sRet .= substr($str,$iR,1);
}
if (length($sRet) < 32)
{
$sRet .= $::dummyString;
}
my $app=getRandomValidCharFromList();
my $k=ord($app);
my $l=$k + length($sRet) -2;
$sRet= $app.$sRet;
for (my $i1 = 1; $i1 < length($sRet); $i1++)
{
my $app2=substr($sRet,$i1,1);
my $j = findCharInList($app2);
if ($j == -1)
{
return $sRet;
}
my $i = ($j + $l * ($i1 + 1)) % $::numValidCharList;
my $car=getvalidCharList($i);
$sRet=substr_replace($sRet,$car,$i1,1);
}
my $c = (ord(getRandomValidCharFromList())) + 2;
my $c2=chr($c);
$sRet=$sRet.$c2;
return URLEncode($sRet);
}
sub URLEncode
{
my $theURL = $_[0];
$theURL =~ s/&/&amp;/g;
$theURL =~ s/\"\"/&quot;/g;
$theURL =~ s/\'/&apos;/g;
$theURL =~ s/</&lt;/g;
$theURL =~ s/>/&gt;/g;
return $theURL;
}
sub substr_replace
{
my $str = shift;
my $ch = shift;
my $pos = shift;
my $qt = shift;
my @list = split (//,$str);
my $count = 0;
my $tmp_str = '';
foreach my $key(@list)
{
if ($count != $pos)
{
$tmp_str .= $key;
}
else
{
$tmp_str .= $ch;
}
$count++;
}
return $tmp_str;
}
EOF
chmod 755 "${hdir}/nxpasswd.pl"
cat > "${hdir}/nx.nxs.dist" <<"EOF"
<!DOCTYPE NXClientSettings>
<NXClientSettings application="nxclient" version="1.3" >
<group name="Advanced" >
<option key="Cache size" value="16" />
<option key="Cache size on disk" value="64" />
<option key="Current keyboard" value="true" />
<option key="Custom keyboard layout" value="" />
<option key="Disable DirectDraw" value="false" />
<option key="Disable ZLIB stream compression" value="false" />
<option key="Disable deferred updates" value="false" />
<option key="Enable HTTP proxy" value="false" />
<option key="Enable SSL encryption" value="true" />
<option key="Enable response time optimisations" value="false" />
<option key="Grab keyboard" value="false" />
<option key="HTTP proxy host" value="" />
<option key="HTTP proxy port" value="8080" />
<option key="HTTP proxy username" value="" />
<option key="Remember HTTP proxy password" value="false" />
<option key="Restore cache" value="true" />
<option key="Shadow cursor tracking" value="shadow" />
<option key="StreamCompression" value="" />
</group>
<group name="Environment" >
<option key="CUPSD path" value="/usr/sbin/cupsd" />
<option key="Font server host" value="" />
<option key="Font server port" value="7100" />
<option key="Use font server" value="false" />
</group>
<group name="General" >
<option key="Automatic reconnect" value="true" />
<!-- value of Command line can be '2d-ubuntu' or '2d-gnome' -->
<option key="Command line" value="env gnome-session --session=2d-gnome" />
<option key="Connection service" value="SSH" />
<option key="Custom Unix Desktop" value="application" />
<option key="Custom server command" value="/etc/NX/nxserver" />
<!-- Desktop value is 'gnome' or 'kde' or 'console' if console
then 'Command line' above is used -->
<option key="Desktop" value="gnome" />
<option key="Disable SHM" value="false" />
<option key="Disable emulate shared pixmaps" value="false" />
<option key="Link quality" value="5" />
<option key="Link speed" value="adsl" />
<option key="NX daemon port" value="4000" />
<option key="Remember password" value="true" />
<option key="Remember username" value="false" />
<option key="Resolution" value="1024x768" />
<option key="Resolution height" value="600" />
<option key="Resolution width" value="800" />
<option key="Server host" value="__X_PUBLIC_IP" />
<option key="Server port" value="22" />
<option key="Session" value="unix" />
<option key="Session resize mode" value="viewport" />
<option key="Spread over monitors" value="false" />
<option key="Use custom server" value="false" />
<option key="Use default image encoding" value="0" />
<option key="Use render" value="true" />
<option key="Use taint" value="true" />
<option key="Virtual desktop" value="true" />
<option key="XAgent encoding" value="true" />
<option key="displaySaveOnExit" value="true" />
<option key="xdm broadcast port" value="177" />
<option key="xdm list host" value="localhost" />
<option key="xdm list port" value="177" />
<option key="xdm mode" value="server decide" />
<option key="xdm query host" value="localhost" />
<option key="xdm query port" value="177" />
</group>
<group name="Images" >
<option key="Disable JPEG Compression" value="0" />
<option key="Disable all image optimisations" value="false" />
<option key="Disable backingstore" value="false" />
<option key="Disable composite" value="false" />
<option key="Encode all screen as video" value="false" />
<option key="Image Compression Type" value="3" />
<option key="Image Encoding Type" value="0" />
<option key="Image JPEG Encoding" value="false" />
<option key="Image encoding method" value="bitmap" />
<option key="Image encoding quality" value="5" />
<option key="JPEG Quality" value="6" />
<option key="Number of colors" value="16M" />
<option key="RDP Image Encoding" value="3" />
<option key="RDP JPEG Quality" value="6" />
<option key="RDP optimization for low-bandwidth link" value="false" />
<option key="Reduce colors to" value="" />
<option key="Use PNG Compression" value="true" />
<option key="Use custom number of colors" value="false" />
<option key="VNC JPEG Quality" value="6" />
<option key="VNC images compression" value="3" />
<option key="Video encoding method" value="theora" />
<option key="Video encoding quality" value="5" />
</group>
<group name="Login" >
<option key="Alternative NX Key" value="" />
<option key="Auth" value="__X_NXPASSWD"/>
<option key="Guest Mode" value="false" />
<option key="Guest password" value="" />
<option key="Guest username" value="" />
<option key="Login Method" value="nx" />
<option key="Private key" value="" />
<option key="Public Key" value="-----BEGIN DSA PRIVATE KEY-----
MIIBuwIBAAKBgQCXv9AzQXjxvXWC1qu3CdEqskX9YomTfyG865gb4D02ZwWuRU/9
C3I9/bEWLdaWgJYXIcFJsMCIkmWjjeSZyTmeoypI1iLifTHUxn3b7WNWi8AzKcVF
aBsBGiljsop9NiD1mEpA0G+nHHrhvTXz7pUvYrsrXcdMyM6rxqn77nbbnwIVALCi
xFdHZADw5KAVZI7r6QatEkqLAoGBAI4L1TQGFkq5xQ/nIIciW8setAAIyrcWdK/z
5/ZPeELdq70KDJxoLf81NL/8uIc4PoNyTRJjtT3R4f8Az1TsZWeh2+ReCEJxDWgG
fbk2YhRqoQTtXPFsI4qvzBWct42WonWqyyb1bPBHk+JmXFscJu5yFQ+JUVNsENpY
+Gkz3HqTAoGANlgcCuA4wrC+3Cic9CFkqiwO/Rn1vk8dvGuEQqFJ6f6LVfPfRTfa
QU7TGVLk2CzY4dasrwxJ1f6FsT8DHTNGnxELPKRuLstGrFY/PR7KeafeFZDf+fJ3
mbX5nxrld3wi5titTnX+8s4IKv29HJguPvOK/SI7cjzA+SqNfD7qEo8CFDIm1xRf
8xAPsSKs6yZ6j1FNklfu
-----END DSA PRIVATE KEY-----
" />
<option key="System auth" value="" />
<option key="Use alternative NX Key" value="false" />
<option key="User" value="__X_USERNAME"/>
</group>
<group name="Services" >
<option key="Audio" value="true" />
<option key="Enable devices sharing" value="true" />
<option key="IPPPort" value="631" />
<option key="IPPPrinting" value="false" />
<option key="Input voice device" value="autodetect" />
<option key="Output audio device" value="autodetect" />
<option key="Output voice device" value="disabled" />
<option key="Shares" value="false" />
</group>
<group name="VNC Session" >
<option key="Display" value="0" />
<option key="Remember" value="false" />
<option key="Server" value="" />
</group>
<group name="Windows Session" >
<option key="Application" value="" />
<option key="Authentication" value="2" />
<option key="Color Depth" value="16" />
<option key="Domain" value="" />
<option key="Image Cache" value="true" />
<option key="Remember" value="false" />
<option key="Run application" value="false" />
<option key="Server" value="" />
<option key="User" value="" />
</group>
<group name="share chosen" >
<option key="Share number" value="0" />
</group>
</NXClientSettings>
EOF
PUBLIC_IP=$(ec2metadata --public-ip)
NXPASSWD=$("${hdir}/nxpasswd.pl" "${ipasswd}")
NXPASSWD_EX=$(echo "${NXPASSWD}" | sed -e 's,\([&|]\),\\\1,g')
sed -e "s,__X_PUBLIC_IP,$PUBLIC_IP," \
-e "s|__X_NXPASSWD|${NXPASSWD_EX}|" -e "s,__X_USERNAME,${iusername}," \
"${hdir}/nx.nxs.dist" > "${hdir}/nx.nxs"
grep -v 'key="Auth"' "${hdir}/nx.nxs" > "${hdir}/nx-prompt.nxs"
cat > "${hdir}/README.nx.txt" <<EOF
You can connect to this instance to run NX.
You will need an nx client
* qtnx (in the archive in natty in universe)
Hostname: ${PUBLIC_IP}
Username: ${iusername}
Password: ${ipasswd}
* nxclient from nomachine
http://www.nomachine.com/download-client-linux.php
Download the nx.nxs file and then run:
/usr/NX/bin/nxclient --session /tmp/nx.nxs
or
* cp /tmp/nx.nxs ~/.nx/config
* /usr/NX/bin/nxclient
* select the nx config, you can modify its config, including
changing the command that is run when you connect.
The instance has been modified so that when you select 'Gnome' as the desktop
it will simply run a gnome-terminal, from that terminal, you can
then launch unity however you would like.
The commands you want to run are either:
gnome-session --session=2d-gnome
or
gnome-session --session=2d-ubuntu
EOF
chown -R "${iusername}:${iusername}" "${hdir}"
# that is painful on a t1.micro
[ "$(ec2metadata --instance-type)" = "t1.micro" ] &&
chmod -x /usr/sbin/update-apt-xapian-index
echo "Finished. set up ${iusername} on ${PUBLIC_IP} with $ipasswd!"
} > /home/ubuntu/nx-setup.txt 2>&1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment