From b506c323db4360998584b618921ef81307224f22 Mon Sep 17 00:00:00 2001 From: Seungmin Kim <8457324+ehfd@users.noreply.github.com> Date: Fri, 12 Jul 2024 00:24:11 +0900 Subject: [PATCH] Use more reliable external address --- Dockerfile | 3 ++- entrypoint.sh | 2 +- kasmvnc-entrypoint.sh | 2 +- selkies-gstreamer-entrypoint.sh | 3 ++- 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index f0586d5..ce31838 100644 --- a/Dockerfile +++ b/Dockerfile @@ -72,6 +72,7 @@ RUN apt-get update && apt-get install --no-install-recommends -y \ zstd \ gcc \ git \ + dnsutils \ coturn \ jq \ python3 \ @@ -579,7 +580,7 @@ turnserver \ --listening-ip=\"::\" \ --listening-port=\"\${SELKIES_TURN_PORT:-3478}\" \ --realm=\"\${TURN_REALM:-example.com}\" \ - --external-ip=\"\${SELKIES_TURN_HOST:-\$(curl -fsSL checkip.amazonaws.com 2>/dev/null || hostname -I 2>/dev/null | awk '{print \$1}' || echo '127.0.0.1')}\" \ + --external-ip=\"\${TURN_EXTERNAL_IP:-\$(dig TXT +short @ns1.google.com o-o.myaddr.l.google.com 2>/dev/null | { read output; if [ -z \"\$output\" ] || echo \"\$output\" | grep -q '^;;'; then exit 1; else echo \"\$(echo \$output | sed 's,\\\",,g')\"; fi } || dig -6 TXT +short @ns1.google.com o-o.myaddr.l.google.com 2>/dev/null | { read output; if [ -z \"\$output\" ] || echo \"\$output\" | grep -q '^;;'; then exit 1; else echo \"\$(echo \$output | sed 's,\\\",,g')\"; fi } || hostname -I 2>/dev/null | awk '{print \$1; exit}' || echo '127.0.0.1')}\" \ --min-port=\"\${TURN_MIN_PORT:-49152}\" \ --max-port=\"\${TURN_MAX_PORT:-65535}\" \ --channel-lifetime=\"\${TURN_CHANNEL_LIFETIME:--1}\" \ diff --git a/entrypoint.sh b/entrypoint.sh index 6e9da1d..c7109cc 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -125,7 +125,7 @@ BUS_ID="PCI:$((16#${ARR_ID[1]}))@$((16#${ARR_ID[0]})):$((16#${ARR_ID[2]})):$((16 # A custom modeline should be generated because there is no monitor to fetch this information normally export MODELINE="$(cvt -r "${DISPLAY_SIZEW}" "${DISPLAY_SIZEH}" "${DISPLAY_REFRESH}" | sed -n 2p)" # Generate /etc/X11/xorg.conf with nvidia-xconfig -nvidia-xconfig --virtual="${DISPLAY_SIZEW}x${DISPLAY_SIZEH}" --depth="$DISPLAY_CDEPTH" --mode="$(echo "$MODELINE" | awk '{print $2}' | tr -d '\"')" --allow-empty-initial-configuration --no-probe-all-gpus --busid="$BUS_ID" --include-implicit-metamodes --mode-debug --no-sli --no-base-mosaic --only-one-x-screen ${CONNECTED_MONITOR} +nvidia-xconfig --virtual="${DISPLAY_SIZEW}x${DISPLAY_SIZEH}" --depth="$DISPLAY_CDEPTH" --mode="$(echo "$MODELINE" | awk '{print $2; exit}' | tr -d '\"')" --allow-empty-initial-configuration --no-probe-all-gpus --busid="$BUS_ID" --include-implicit-metamodes --mode-debug --no-sli --no-base-mosaic --only-one-x-screen ${CONNECTED_MONITOR} # Guarantee that the X server starts without a monitor by adding more options to the configuration sed -i '/Driver\s\+"nvidia"/a\ Option "ModeValidation" "NoMaxPClkCheck,NoEdidMaxPClkCheck,NoMaxSizeCheck,NoHorizSyncCheck,NoVertRefreshCheck,NoVirtualSizeCheck,NoExtendedGpuCapabilitiesCheck,NoTotalSizeCheck,NoDualLinkDVICheck,NoDisplayPortBandwidthCheck,AllowNon3DVisionModes,AllowNonHDMI3DModes,AllowNonEdidModes,NoEdidHDMI2Check,AllowDpInterlaced"' /etc/X11/xorg.conf sed -i '/Driver\s\+"nvidia"/a\ Option "PrimaryGPU" "yes"' /etc/X11/xorg.conf diff --git a/kasmvnc-entrypoint.sh b/kasmvnc-entrypoint.sh index e327fac..71c6119 100644 --- a/kasmvnc-entrypoint.sh +++ b/kasmvnc-entrypoint.sh @@ -31,7 +31,7 @@ yq -i " .network.interface = \"127.0.0.1\" | .network.websocket_port = 8081 | .network.ssl.require_ssl = $(echo ${SELKIES_ENABLE_HTTPS-false} | tr '[:upper:]' '[:lower:]') | -.network.udp.public_ip = \"$(curl -fsSL checkip.amazonaws.com 2>/dev/null || hostname -I 2>/dev/null | awk '{print $1}' || echo '127.0.0.1')\" +.network.udp.public_ip = \"$(dig TXT +short @ns1.google.com o-o.myaddr.l.google.com 2>/dev/null | { read output; if [ -z "$output" ] || echo "$output" | grep -q '^;;'; then exit 1; else echo "$(echo $output | sed 's,\",,g')"; fi } || dig -6 TXT +short @ns1.google.com o-o.myaddr.l.google.com 2>/dev/null | { read output; if [ -z "$output" ] || echo "$output" | grep -q '^;;'; then exit 1; else echo "$(echo $output | sed 's,\",,g')"; fi } || hostname -I 2>/dev/null | awk '{print $1; exit}' || echo '127.0.0.1')\" " /etc/kasmvnc/kasmvnc.yaml if [ -n "${SELKIES_HTTPS_CERT}" ]; then yq -i ".network.ssl.pem_certificate = \"${SELKIES_HTTPS_CERT-/etc/ssl/certs/ssl-cert-snakeoil.pem}\"" /etc/kasmvnc/kasmvnc.yaml; fi diff --git a/selkies-gstreamer-entrypoint.sh b/selkies-gstreamer-entrypoint.sh index 7629df0..dbfdef5 100755 --- a/selkies-gstreamer-entrypoint.sh +++ b/selkies-gstreamer-entrypoint.sh @@ -34,7 +34,8 @@ export SELKIES_ENCODER="${SELKIES_ENCODER:-x264enc}" export SELKIES_ENABLE_RESIZE="${SELKIES_ENABLE_RESIZE:-false}" if [ -z "${SELKIES_TURN_REST_URI}" ] && { { [ -z "${SELKIES_TURN_USERNAME}" ] || [ -z "${SELKIES_TURN_PASSWORD}" ]; } && [ -z "${SELKIES_TURN_SHARED_SECRET}" ] || [ -z "${SELKIES_TURN_HOST}" ] || [ -z "${SELKIES_TURN_PORT}" ]; }; then export TURN_RANDOM_PASSWORD="$(tr -dc 'A-Za-z0-9' < /dev/urandom 2>/dev/null | head -c 24)" - export SELKIES_TURN_HOST="${SELKIES_TURN_HOST:-$(curl -fsSL checkip.amazonaws.com 2>/dev/null || hostname -I 2>/dev/null | awk '{print $1}' || echo '127.0.0.1')}" + export SELKIES_TURN_HOST="${SELKIES_TURN_HOST:-$(dig TXT +short @ns1.google.com o-o.myaddr.l.google.com 2>/dev/null | { read output; if [ -z "$output" ] || echo "$output" | grep -q '^;;'; then exit 1; else echo "$(echo $output | sed 's,\",,g')"; fi } || dig -6 TXT +short @ns1.google.com o-o.myaddr.l.google.com 2>/dev/null | { read output; if [ -z "$output" ] || echo "$output" | grep -q '^;;'; then exit 1; else echo "$(echo $output | sed 's,\",,g')"; fi } || hostname -I 2>/dev/null | awk '{print $1; exit}' || echo '127.0.0.1')}" + export TURN_EXTERNAL_IP="${TURN_EXTERNAL_IP:-$(getent ahosts ${SELKIES_TURN_HOST} | awk '{print $1; exit}')}" export SELKIES_TURN_PORT="${SELKIES_TURN_PORT:-3478}" export SELKIES_TURN_USERNAME="selkies" export SELKIES_TURN_PASSWORD="${TURN_RANDOM_PASSWORD}"