1  #!/usr/bin/env bash
 2  set -euo pipefail
 3  
 4  export DISPLAY=:1
 5  export HOME=/tmp/swarmclaw-browser-home
 6  export XDG_CONFIG_HOME="${HOME}/.config"
 7  export XDG_CACHE_HOME="${HOME}/.cache"
 8  
 9  CDP_PORT="${SWARMCLAW_BROWSER_CDP_PORT:-9222}"
10  VNC_PORT="${SWARMCLAW_BROWSER_VNC_PORT:-5900}"
11  NOVNC_PORT="${SWARMCLAW_BROWSER_NOVNC_PORT:-6080}"
12  HEADLESS="${SWARMCLAW_BROWSER_HEADLESS:-1}"
13  ENABLE_NOVNC="${SWARMCLAW_BROWSER_ENABLE_NOVNC:-1}"
14  ALLOW_NO_SANDBOX="${SWARMCLAW_BROWSER_NO_SANDBOX:-1}"
15  NOVNC_PASSWORD="${SWARMCLAW_BROWSER_NOVNC_PASSWORD:-}"
16  
17  mkdir -p "${HOME}" "${HOME}/.chrome" "${XDG_CONFIG_HOME}" "${XDG_CACHE_HOME}"
18  
19  Xvfb :1 -screen 0 1280x800x24 -ac -nolisten tcp &
20  
21  CHROME_ARGS=(
22    "--remote-debugging-address=127.0.0.1"
23    "--user-data-dir=${HOME}/.chrome"
24    "--no-first-run"
25    "--no-default-browser-check"
26    "--disable-dev-shm-usage"
27    "--disable-background-networking"
28    "--disable-features=TranslateUI"
29    "--disable-breakpad"
30    "--disable-crash-reporter"
31    "--disable-extensions"
32    "--no-zygote"
33    "--metrics-recording-only"
34  )
35  
36  if [[ "${HEADLESS}" == "1" ]]; then
37    CHROME_ARGS+=("--headless=new")
38  fi
39  
40  if [[ "${ALLOW_NO_SANDBOX}" == "1" ]]; then
41    CHROME_ARGS+=(
42      "--no-sandbox"
43      "--disable-setuid-sandbox"
44    )
45  fi
46  
47  if [[ "${CDP_PORT}" -ge 65535 ]]; then
48    CHROME_CDP_PORT="$((CDP_PORT - 1))"
49  else
50    CHROME_CDP_PORT="$((CDP_PORT + 1))"
51  fi
52  
53  CHROME_ARGS+=("--remote-debugging-port=${CHROME_CDP_PORT}")
54  
55  chromium "${CHROME_ARGS[@]}" about:blank &
56  
57  for _ in $(seq 1 60); do
58    if curl -sS --max-time 1 "http://127.0.0.1:${CHROME_CDP_PORT}/json/version" >/dev/null; then
59      break
60    fi
61    sleep 0.1
62  done
63  
64  # Keep the public endpoint bound to all interfaces inside the container,
65  # while Docker publishes it to loopback on the host.
66  socat "TCP-LISTEN:${CDP_PORT},fork,reuseaddr,bind=0.0.0.0" "TCP:127.0.0.1:${CHROME_CDP_PORT}" &
67  
68  if [[ "${ENABLE_NOVNC}" == "1" && "${HEADLESS}" != "1" ]]; then
69    if [[ -z "${NOVNC_PASSWORD}" ]]; then
70      NOVNC_PASSWORD="$(< /proc/sys/kernel/random/uuid)"
71      NOVNC_PASSWORD="${NOVNC_PASSWORD//-/}"
72      NOVNC_PASSWORD="${NOVNC_PASSWORD:0:8}"
73    fi
74    NOVNC_PASSWD_FILE="${HOME}/.vnc/passwd"
75    mkdir -p "${HOME}/.vnc"
76    x11vnc -storepasswd "${NOVNC_PASSWORD}" "${NOVNC_PASSWD_FILE}" >/dev/null
77    chmod 600 "${NOVNC_PASSWD_FILE}"
78    x11vnc -display :1 -rfbport "${VNC_PORT}" -shared -forever -rfbauth "${NOVNC_PASSWD_FILE}" -localhost &
79    websockify --web /usr/share/novnc/ "${NOVNC_PORT}" "localhost:${VNC_PORT}" &
80  fi
81  
82  wait -n