ruslan/Stend_mont
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: ruslan/Stend_mont:feature/web-dynamic-resolution
Branches Tags
ruslan/Stend_mont:main ruslan/Stend_mont:refactor/split-main-py ruslan/Stend_mont:feature/web-dynamic-resolution
...
compare: ruslan/Stend_mont:40fd9ac64de6d691de6f889a85ef0a154245b9bd
Branches Tags
ruslan/Stend_mont:main ruslan/Stend_mont:refactor/split-main-py ruslan/Stend_mont:feature/web-dynamic-resolution

3 Commits
feature/web-dynamic-resolution ... 40fd9ac64d

Author SHA1 Message Date
ruslan 40fd9ac64d chore: remove obsolete local backup files 2026-04-25 17:28:12 +00:00
ruslan 6871ea6b67 fix: improve web runtime resolution and restore x11vnc ncache 2026-04-25 17:28:04 +00:00
ruslan ebc5c12a23 Merge pull request 'feature/web-dynamic-resolution' (#1) from feature/web-dynamic-resolution into main 
Reviewed-on: #1
 2026-04-25 08:28:27 +00:00
7 changed files with 94 additions and 107 deletions
Expand all files Collapse all files
.env.example
-13
View File
@@ -1,13 +0,0 @@
PUBLIC_HOST=stend.4mont.ru
LETSENCRYPT_EMAIL=admin@4mont.ru
POSTGRES_DB=portal
POSTGRES_USER=portal
POSTGRES_PASSWORD=change_me
SIGNING_KEY=replace_with_long_random_key
ADMIN_USERNAME=admin
ADMIN_PASSWORD=StrongAdminPassword!
PREWARM_POOL_SIZE=2
UNIVERSAL_POOL_SIZE=5
LOG_LEVEL=INFO
app/main.py
+15 -1
View File
@@ -57,6 +57,7 @@ PREWARM_POOL_SIZE = int(os.getenv("PREWARM_POOL_SIZE", "0"))
UNIVERSAL_POOL_SIZE = int(os.getenv("UNIVERSAL_POOL_SIZE", "0")) UNIVERSAL_POOL_SIZE = int(os.getenv("UNIVERSAL_POOL_SIZE", "0"))
WEB_POOL_SIZE = int(os.getenv("WEB_POOL_SIZE", "5")) WEB_POOL_SIZE = int(os.getenv("WEB_POOL_SIZE", "5"))
WEB_POOL_BUFFER = int(os.getenv("WEB_POOL_BUFFER", "2")) WEB_POOL_BUFFER = int(os.getenv("WEB_POOL_BUFFER", "2"))
X11VNC_FLAGS = os.getenv("X11VNC_FLAGS", "-wait 5 -defer 5 -ncache 10 -threads")
MAX_ACTIVE_SERVICES_PER_USER = int(os.getenv("MAX_ACTIVE_SERVICES_PER_USER", "4")) MAX_ACTIVE_SERVICES_PER_USER = int(os.getenv("MAX_ACTIVE_SERVICES_PER_USER", "4"))
WEB_RESOLUTION_MIN_WIDTH = int(os.getenv("WEB_RESOLUTION_MIN_WIDTH", "1024")) WEB_RESOLUTION_MIN_WIDTH = int(os.getenv("WEB_RESOLUTION_MIN_WIDTH", "1024"))
WEB_RESOLUTION_MIN_HEIGHT = int(os.getenv("WEB_RESOLUTION_MIN_HEIGHT", "720")) WEB_RESOLUTION_MIN_HEIGHT = int(os.getenv("WEB_RESOLUTION_MIN_HEIGHT", "720"))
@@ -573,6 +574,7 @@ def ensure_universal_pool() -> None:
"IDLE_TIMEOUT": str(SESSION_IDLE_SECONDS), "IDLE_TIMEOUT": str(SESSION_IDLE_SECONDS),
"ENABLE_HEARTBEAT": "0", "ENABLE_HEARTBEAT": "0",
"SESSION_ID": f"universal-{i}", "SESSION_ID": f"universal-{i}",
"X11VNC_FLAGS": X11VNC_FLAGS,
} }
try: try:
c = d.containers.get(name) c = d.containers.get(name)
@@ -634,6 +636,7 @@ def ensure_web_pool(target_size: Optional[int] = None) -> None:
"IDLE_TIMEOUT": str(SESSION_IDLE_SECONDS), "IDLE_TIMEOUT": str(SESSION_IDLE_SECONDS),
"ENABLE_HEARTBEAT": "0", "ENABLE_HEARTBEAT": "0",
"SESSION_ID": f"webpool-{i}", "SESSION_ID": f"webpool-{i}",
"X11VNC_FLAGS": X11VNC_FLAGS,
} }
should_create = False should_create = False
try: try:
@@ -869,6 +872,7 @@ def create_runtime_container(service: Service, session_id: str):
"IDLE_TIMEOUT": str(SESSION_IDLE_SECONDS), "IDLE_TIMEOUT": str(SESSION_IDLE_SECONDS),
"ENABLE_HEARTBEAT": "1", "ENABLE_HEARTBEAT": "1",
"TOUCH_PATH": f"/api/sessions/{session_id}/touch", "TOUCH_PATH": f"/api/sessions/{session_id}/touch",
"X11VNC_FLAGS": X11VNC_FLAGS,
} }
image = "portal-kiosk:latest" image = "portal-kiosk:latest"
@@ -929,6 +933,7 @@ def ensure_warm_pool(service: Service, pool_size: Optional[int] = None) -> None:
"IDLE_TIMEOUT": str(SESSION_IDLE_SECONDS), "IDLE_TIMEOUT": str(SESSION_IDLE_SECONDS),
"ENABLE_HEARTBEAT": "0", "ENABLE_HEARTBEAT": "0",
"TOUCH_PATH": "", "TOUCH_PATH": "",
"X11VNC_FLAGS": X11VNC_FLAGS,
} }
if service.type == ServiceType.WEB: if service.type == ServiceType.WEB:
base_env["UNIVERSAL_WEB"] = "1" base_env["UNIVERSAL_WEB"] = "1"
@@ -1903,7 +1908,7 @@ def go_service(
payload.update(extra) payload.update(extra)
log_event("go_service_timing", **payload) log_event("go_service_timing", **payload)
log_event("session_open_requested", user_id=user.id, service_slug=slug) log_event("session_open_requested", user_id=user.id, service_slug=slug, sw=sw, sh=sh)
service = db.scalar(select(Service).where(Service.slug == slug, Service.active == True)) service = db.scalar(select(Service).where(Service.slug == slug, Service.active == True))
if not service: if not service:
raise HTTPException(status_code=404, detail="Service not found") raise HTTPException(status_code=404, detail="Service not found")
@@ -1913,6 +1918,15 @@ def go_service(
raise HTTPException(status_code=403, detail="ACL denied") raise HTTPException(status_code=403, detail="ACL denied")
client_width, client_height = sanitize_client_resolution(sw, sh) client_width, client_height = sanitize_client_resolution(sw, sh)
log_event(
"session_open_resolution",
user_id=user.id,
service_slug=slug,
sw=sw,
sh=sh,
client_width=client_width,
client_height=client_height,
)
user_lock_started = time.perf_counter() user_lock_started = time.perf_counter()
try: try:
app/templates/dashboard.html
+21 -2
View File
@@ -107,8 +107,27 @@
} }
function currentScreenParams() { function currentScreenParams() {
const width = clamp(window.innerWidth || document.documentElement.clientWidth || 1280, 320, 7680); const screenWidth =
const height = clamp(window.innerHeight || document.documentElement.clientHeight || 720, 240, 4320); window.screen && Number.isFinite(window.screen.width) && window.screen.width > 0
? window.screen.width
: null;
const screenHeight =
window.screen && Number.isFinite(window.screen.height) && window.screen.height > 0
? window.screen.height
: null;
const viewportWidth =
(window.visualViewport && window.visualViewport.width) ||
window.innerWidth ||
document.documentElement.clientWidth ||
1280;
const viewportHeight =
(window.visualViewport && window.visualViewport.height) ||
window.innerHeight ||
document.documentElement.clientHeight ||
720;
// Prefer stable screen dimensions; viewport is fallback.
const width = clamp(Math.round(screenWidth || viewportWidth), 320, 7680);
const height = clamp(Math.round(screenHeight || viewportHeight), 240, 4320);
const sp = new URLSearchParams(); const sp = new URLSearchParams();
sp.set('sw', String(width)); sp.set('sw', String(width));
sp.set('sh', String(height)); sp.set('sh', String(height));
docker-compose.yml.pre-npm-bind.20260414142535
-85
View File
@@ -1,85 +0,0 @@
services:
traefik:
image: traefik:v3.2
command:
- --configFile=/etc/traefik/traefik.yml
ports:
- "127.0.0.1:8288:80"
- "127.0.0.1:2288:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik/traefik.yml:/etc/traefik/traefik.yml:ro
- ./traefik/dynamic:/etc/traefik/dynamic
- ./traefik/letsencrypt:/letsencrypt
networks:
- portal_net
restart: unless-stopped
db:
image: postgres:16
environment:
POSTGRES_DB: ${POSTGRES_DB}
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
volumes:
- pg_data:/var/lib/postgresql/data
networks:
- portal_net
restart: unless-stopped
api:
build:
context: ./app
environment:
DATABASE_URL: postgresql+psycopg2://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB}
SIGNING_KEY: ${SIGNING_KEY}
PUBLIC_HOST: ${PUBLIC_HOST}
ADMIN_USERNAME: ${ADMIN_USERNAME}
ADMIN_PASSWORD: ${ADMIN_PASSWORD}
SESSION_IDLE_SECONDS: 1800
PREWARM_POOL_SIZE: ${PREWARM_POOL_SIZE:-2}
UNIVERSAL_POOL_SIZE: ${UNIVERSAL_POOL_SIZE:-5}
LOG_LEVEL: ${LOG_LEVEL:-INFO}
depends_on:
- db
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./app/static/service-icons:/app/static/service-icons
labels:
- traefik.enable=true
- traefik.docker.network=portal_net
- traefik.http.routers.portal.rule=Host(`${PUBLIC_HOST}`)
- traefik.http.routers.portal.entrypoints=websecure
- traefik.http.routers.portal.tls=true
- traefik.http.routers.portal.tls.certresolver=letsencrypt
- traefik.http.routers.portal.priority=1
- traefik.http.services.portal.loadbalancer.server.port=8000
- traefik.http.routers.portal.middlewares=secure-headers@file
networks:
- portal_net
restart: unless-stopped
kiosk-image:
image: portal-kiosk:latest
build:
context: ./kiosk
profiles: ["build-only"]
rdp-proxy-image:
image: portal-rdp-proxy:latest
build:
context: ./rdp-proxy
profiles: ["build-only"]
universal-runtime-image:
image: portal-universal-runtime:latest
build:
context: ./universal-runtime
profiles: ["build-only"]
networks:
portal_net:
name: portal_net
volumes:
pg_data:
kiosk/entrypoint.sh
+18 -2
View File
@@ -4,7 +4,7 @@ set -euo pipefail
TARGET_URL="${TARGET_URL:-https://example.com}" TARGET_URL="${TARGET_URL:-https://example.com}"
SESSION_ID="${SESSION_ID:-unknown}" SESSION_ID="${SESSION_ID:-unknown}"
IDLE_TIMEOUT="${IDLE_TIMEOUT:-1800}" IDLE_TIMEOUT="${IDLE_TIMEOUT:-1800}"
X11VNC_FLAGS="${X11VNC_FLAGS:--wait 5 -defer 5 -ncache 10 -ncache_cr -threads}" X11VNC_FLAGS="${X11VNC_FLAGS:--wait 5 -defer 5 -ncache 10 -threads}"
ENABLE_HEARTBEAT="${ENABLE_HEARTBEAT:-1}" ENABLE_HEARTBEAT="${ENABLE_HEARTBEAT:-1}"
TOUCH_PATH="${TOUCH_PATH:-/api/sessions/${SESSION_ID}/touch}" TOUCH_PATH="${TOUCH_PATH:-/api/sessions/${SESSION_ID}/touch}"
UNIVERSAL_WEB="${UNIVERSAL_WEB:-0}" UNIVERSAL_WEB="${UNIVERSAL_WEB:-0}"
@@ -183,6 +183,22 @@ else
>/tmp/chromium.log 2>&1 & >/tmp/chromium.log 2>&1 &
fi fi
x11vnc -display :1 -rfbport 5900 -forever -shared -nopw -noxdamage $X11VNC_FLAGS >/tmp/x11vnc.log 2>&1 & start_x11vnc_with_retry() {
local display_arg="$1"
local attempt=0
while [ "$attempt" -lt 12 ]; do
x11vnc -display "$display_arg" -rfbport 5900 -forever -shared -nopw -noxdamage $X11VNC_FLAGS >/tmp/x11vnc.log 2>&1 &
local pid=$!
sleep 1
if kill -0 "$pid" 2>/dev/null; then
return 0
fi
attempt=$((attempt + 1))
sleep 0.5
done
return 1
}
start_x11vnc_with_retry ":1" || true
exec websockify --verbose --idle-timeout="$IDLE_TIMEOUT" --web=/opt/portal 6080 localhost:5900 exec websockify --verbose --idle-timeout="$IDLE_TIMEOUT" --web=/opt/portal 6080 localhost:5900
universal-runtime/entrypoint.sh
+18 -2
View File
@@ -2,7 +2,7 @@
set -euo pipefail set -euo pipefail
IDLE_TIMEOUT="${IDLE_TIMEOUT:-1800}" IDLE_TIMEOUT="${IDLE_TIMEOUT:-1800}"
X11VNC_FLAGS="${X11VNC_FLAGS:--wait 5 -defer 5 -ncache 10 -ncache_cr -threads}" X11VNC_FLAGS="${X11VNC_FLAGS:--wait 5 -defer 5 -ncache 10 -threads}"
SCREEN_GEOMETRY="${SCREEN_GEOMETRY:-1920x1080x24}" SCREEN_GEOMETRY="${SCREEN_GEOMETRY:-1920x1080x24}"
CHROME_WINDOW_SIZE="${CHROME_WINDOW_SIZE:-1920,1080}" CHROME_WINDOW_SIZE="${CHROME_WINDOW_SIZE:-1920,1080}"
ENABLE_HEARTBEAT="${ENABLE_HEARTBEAT:-1}" ENABLE_HEARTBEAT="${ENABLE_HEARTBEAT:-1}"
@@ -264,6 +264,22 @@ export CHROME_WINDOW_SIZE
Xvfb "$DISPLAY_NUM" -screen 0 "$SCREEN_GEOMETRY" >/tmp/xvfb.log 2>&1 & Xvfb "$DISPLAY_NUM" -screen 0 "$SCREEN_GEOMETRY" >/tmp/xvfb.log 2>&1 &
fluxbox >/tmp/fluxbox.log 2>&1 & fluxbox >/tmp/fluxbox.log 2>&1 &
python3 /manager.py >/tmp/manager.log 2>&1 & python3 /manager.py >/tmp/manager.log 2>&1 &
x11vnc -display "$DISPLAY_NUM" -rfbport 5900 -forever -shared -nopw -noxdamage $X11VNC_FLAGS >/tmp/x11vnc.log 2>&1 & start_x11vnc_with_retry() {
local display_arg="$1"
local attempt=0
while [ "$attempt" -lt 12 ]; do
x11vnc -display "$display_arg" -rfbport 5900 -forever -shared -nopw -noxdamage $X11VNC_FLAGS >/tmp/x11vnc.log 2>&1 &
local pid=$!
sleep 1
if kill -0 "$pid" 2>/dev/null; then
return 0
fi
attempt=$((attempt + 1))
sleep 0.5
done
return 1
}
start_x11vnc_with_retry "$DISPLAY_NUM" || true
exec websockify --verbose --idle-timeout="$IDLE_TIMEOUT" --web=/opt/portal 6080 localhost:5900 exec websockify --verbose --idle-timeout="$IDLE_TIMEOUT" --web=/opt/portal 6080 localhost:5900
universal-runtime/manager.py
+22 -2
View File
@@ -71,15 +71,35 @@ def _sanitize_resolution(width: int | None, height: int | None) -> tuple[int, in
def apply_resolution(width: int | None, height: int | None) -> tuple[int, int]: def apply_resolution(width: int | None, height: int | None) -> tuple[int, int]:
safe_w, safe_h = _sanitize_resolution(width, height) safe_w, safe_h = _sanitize_resolution(width, height)
# Best effort: Xvfb usually exposes RandR and accepts xrandr -s. # Best effort: Xvfb usually exposes RandR and accepts xrandr -s.
applied = False
try: try:
subprocess.run( # noqa: S603 result = subprocess.run( # noqa: S603
["xrandr", "-display", DISPLAY, "-s", f"{safe_w}x{safe_h}"], ["xrandr", "-display", DISPLAY, "-s", f"{safe_w}x{safe_h}"],
check=False, check=False,
stdout=subprocess.DEVNULL, stdout=subprocess.DEVNULL,
stderr=subprocess.DEVNULL, stderr=subprocess.DEVNULL,
) )
applied = result.returncode == 0
except Exception: except Exception:
pass applied = False
if not applied:
# Fallback to default geometry if requested mode is unsupported.
try:
fallback_w, fallback_h = [int(x) for x in CHROME_WINDOW_SIZE.split(",", 1)]
except Exception:
fallback_w, fallback_h = 1920, 1080
safe_w, safe_h = _sanitize_resolution(fallback_w, fallback_h)
try:
subprocess.run( # noqa: S603
["xrandr", "-display", DISPLAY, "-s", f"{safe_w}x{safe_h}"],
check=False,
stdout=subprocess.DEVNULL,
stderr=subprocess.DEVNULL,
)
except Exception:
pass
_state["resolution"] = f"{safe_w},{safe_h}" _state["resolution"] = f"{safe_w},{safe_h}"
return safe_w, safe_h return safe_w, safe_h