Allow setting username and id

README.md

@@ -1,19 +1,23 @@
 # NOVNC-BASE
 
-A desktop environment with sound in docker
+A desktop environment with sound in docker.
 
 Can be used as a base file for application specific containers.
 
+- `thomasloven/novnc-ubuntu`
+- `thomasloven/novnc-debuan`
+- `thomasloven/novnc-alpine`
+
 To just get a desktop environment at `http://localhost:8080`:
 
 ```bash
-docker run --rm thomasloven/novnc-base -p 8080:8080
+docker run --rm -p 8080:8080 thomasloven/novnc-ubuntu
 ```
 
 Or used as a base for specific applications:
 
 ```dockerfile
-FROM thomasloven/novnc-base
+FROM thomasloven/novnc-ubuntu
 
 RUN sudo apt-get update \
   && DEBIAN_FRONTEND=noninteractive \
@@ -24,6 +28,10 @@ CMD ["blender"]
 
 See more examples in `apps/`.
 
+
+The container will run as user `$USERNAME` (default `novnc`) with uid `${UUID}` (default `1000`) and group id `${GUID}` (default `1000`).
+The user has sudo privileges with no password(!).
+
 ### Bonus functionality - dotfiles installation.
 If the environment variable `DOTFILES_REPO` is set, the container will `git
 clone` that into `~/dotfiles` and then run `~/dotfiles/install.sh` if it

alpine.Dockerfile

@@ -50,17 +50,12 @@ COPY entrypoint.sh /opt/noVNC/entrypoint.sh
 ENTRYPOINT ["/opt/noVNC/entrypoint.sh"]
 EXPOSE 8080
 
-RUN adduser --home /home/novnc --shell /bin/bash --system --disabled-password novnc \
-    && echo "novnc ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
-
 # Add a custom version of vncserver which discards all arguments but the display
 RUN mv /usr/bin/vncserver /usr/bin/vncserver-orig \
   && echo -e "#!/bin/bash \n \
   /usr/bin/vncserver-orig \$1" > /usr/bin/vncserver \
   && chmod +x /usr/bin/vncserver
 
-USER novnc
+RUN mkdir -p /etc/skel/.vnc/ \
-RUN mkdir -p /home/novnc/.vnc/ \
+  && echo -e "-Securitytypes=none" > /etc/skel/.vnc/config \
-    && echo -e "-Securitytypes=none" > /home/novnc/.vnc/config \
+  && touch /etc/skel/.vnc/passwd && chmod 0600 /etc/skel/.vnc/passwd
-    && touch /home/novnc/.vnc/passwd && chmod 0600 /home/novnc/.vnc/passwd
-WORKDIR /home/novnc

debian.Dockerfile

@@ -57,8 +57,3 @@ COPY entrypoint.sh /opt/noVNC/entrypoint.sh
 
 ENTRYPOINT ["/opt/noVNC/entrypoint.sh"]
 EXPOSE 8080
-
-RUN adduser --home /home/novnc --shell /bin/bash --system --disabled-password novnc \
-    && echo "novnc ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
-USER novnc
-WORKDIR /home/novnc

entrypoint.sh

@@ -18,10 +18,13 @@ kill_pid ~/.tcp-pid
 kill_pid ~/.ws-pid
 
 
+user_entrypoint() {
+  cd ~
+
   # Clone and install dotfiles if DOTFILES_REPO is defined
   if [ -n "$DOTFILES_REPO" ]; then
     if [ ! -d ~/dotfiles ]; then
-    git clone $DOTFILES_REPO ~/dotfiles
+      git clone --depth 1 --recurse-submodules --shallow-submodules $DOTFILES_REPO ~/dotfiles
       if [ -f ~/dotfiles/install.sh ]; then
         /bin/bash ~/dotfiles/install.sh
       fi
@@ -57,4 +60,21 @@ if [ -n "$@" ]; then
   fi
 
   wait
+}
 
+uname=${USERNAME:-novnc}
+uid=${UUID:-1000}
+gid=${GUID:-1000}
+
+if ! id -u ${uname} > /dev/null 2>&1; then
+  addgroup --gid ${gid} ${uname}
+  adduser --home /home/${uname} --shell /bin/bash --system --disabled-password --uid ${uid} --ingroup ${uname} ${uname}
+  echo "${uname} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
+  mkdir -p /home/${uname}
+  chown ${uname}:${uname} /home/${uname}
+fi
+
+export -f user_entrypoint
+su ${uname} -c "bash -c user_entrypoint ${@}" &
+
+wait

ubuntu.Dockerfile

@@ -57,8 +57,3 @@ COPY entrypoint.sh /opt/noVNC/entrypoint.sh
 
 ENTRYPOINT ["/opt/noVNC/entrypoint.sh"]
 EXPOSE 8080
-
-RUN adduser --home /home/novnc --shell /bin/bash --system --disabled-password novnc \
-    && echo "novnc ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
-USER novnc
-WORKDIR /home/novnc