diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 000000000..fff26910f
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+.github/** @dannielshalev @eladso @stav-uveye @it-uveye
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
new file mode 100644
index 000000000..0a5ddc075
--- /dev/null
+++ b/.github/workflows/main.yaml
@@ -0,0 +1,38 @@
+name: Build and push Docker Image to ECR
+
+on:
+ push:
+ branches:
+ - main
+ - 'release_v**'
+env:
+ REPOSITORY_NAME: "vnc-desktop"
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v2
+ with:
+ submodules: recursive
+
+ - name: Configure AWS Credentials
+ uses: aws-actions/configure-aws-credentials@v1-node16
+ with:
+ aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ aws-region: eu-west-1
+
+ - name: Login to Amazon ECR
+ id: login-ecr
+ uses: aws-actions/amazon-ecr-login@v1
+
+
+ - name: Build Docker Image
+ uses: docker/build-push-action@v3
+ with:
+ context: .
+ push: true
+ tags: "${{ secrets.AWS_REGISTRY }}/${{ env.REPOSITORY_NAME }}:${{ github.ref_name }}.${{ github.run_number }}"
diff --git a/.gitignore b/.gitignore
index 1580e0c54..c80e94960 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
*.pyc
tags
cscope*
+.idea
\ No newline at end of file
diff --git a/Dockerfile.amd64 b/Dockerfile.amd64
index f36e07d6d..2ec0c29b6 100644
--- a/Dockerfile.amd64
+++ b/Dockerfile.amd64
@@ -121,6 +121,10 @@ COPY rootfs /
RUN ln -sf /usr/local/lib/web/frontend/static/websockify /usr/local/lib/web/frontend/static/novnc/utils/websockify && \
chmod +x /usr/local/lib/web/frontend/static/websockify/run
+# Copy
+COPY icons/applications/* /usr/share/applications/
+COPY icons/*.desktop /home/uvdesk/Desktop/
+
EXPOSE 80
WORKDIR /root
ENV HOME=/home/ubuntu \
diff --git a/SEC_README.md b/SEC_README.md
new file mode 100644
index 000000000..c9bf776e9
--- /dev/null
+++ b/SEC_README.md
@@ -0,0 +1,132 @@
+Snyk has created this PR to fix one or more vulnerable packages in the `pip` dependencies of this project.
+
+
+
+#### Changes included in this PR
+
+- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
+ - rootfs/usr/local/lib/web/backend/requirements.txt
+
+
+
+⚠️ Warning
+
+```
+Werkzeug 2.2.3 has requirement MarkupSafe>=2.1.1, but you have MarkupSafe 1.1.1.
+requests 2.22.0 has requirement urllib3!=1.25.0,!=1.25.1,<1.26,>=1.21.1, but you have urllib3 1.26.5.
+
+```
+
+
+
+#### Vulnerabilities that will be fixed
+
+
+
+
+
+##### By pinning:
+Severity | Priority Score (*) | Issue | Upgrade | Breaking Change | Exploit Maturity
+:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------|:-------------------------
+ | **554/1000**
**Why?** Has a fix available, CVSS 6.8 | Insufficient Verification of Data Authenticity
[SNYK-PYTHON-CERTIFI-3164749](https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749) | `certifi:`
`2019.9.11 -> 2022.12.7`
| No | No Known Exploit
+ | **599/1000**
**Why?** Has a fix available, CVSS 7.7 | HTTP Header Injection
[SNYK-PYTHON-URLLIB3-1014645](https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1014645) | `urllib3:`
`1.25.6 -> 1.26.5`
| No | No Known Exploit
+ | **479/1000**
**Why?** Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-PYTHON-URLLIB3-1533435](https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435) | `urllib3:`
`1.25.6 -> 1.26.5`
| No | No Known Exploit
+ | **509/1000**
**Why?** Has a fix available, CVSS 5.9 | Denial of Service (DoS)
[SNYK-PYTHON-URLLIB3-559452](https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-559452) | `urllib3:`
`1.25.6 -> 1.26.5`
| No | No Known Exploit
+ | **344/1000**
**Why?** Has a fix available, CVSS 2.6 | Access Restriction Bypass
[SNYK-PYTHON-WERKZEUG-3319935](https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935) | `werkzeug:`
`0.16.0 -> 2.2.3`
| No | No Known Exploit
+ | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Denial of Service (DoS)
[SNYK-PYTHON-WERKZEUG-3319936](https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936) | `werkzeug:`
`0.16.0 -> 2.2.3`
| No | No Known Exploit
+
+(*) Note that the real score may have changed since the PR was raised.
+
+
+
+
+Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.
+
+
+Check the changes in this PR to ensure they won't cause issues with your project.
+
+
+
+------------
+
+
+
+**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
+
+For more information: 
+🧐 [View latest project report](https://app.snyk.io/org/dannielshalev/project/2d42f184-efd7-4f3b-a34b-39b7fd0e450d?utm_source=github&utm_medium=referral&page=fix-pr)
+
+🛠 [Adjust project settings](https://app.snyk.io/org/dannielshalev/project/2d42f184-efd7-4f3b-a34b-39b7fd0e450d?utm_source=github&utm_medium=referral&page=fix-pr/settings)
+
+📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
+
+[//]: # (snyk:metadata:{"prId":"50e79aa3-c4ad-4624-9632-249206290dc3","prPublicId":"50e79aa3-c4ad-4624-9632-249206290dc3","dependencies":[{"name":"certifi","from":"2019.9.11","to":"2022.12.7"},{"name":"urllib3","from":"1.25.6","to":"1.26.5"},{"name":"werkzeug","from":"0.16.0","to":"2.2.3"}],"packageManager":"pip","projectPublicId":"2d42f184-efd7-4f3b-a34b-39b7fd0e450d","projectUrl":"https://app.snyk.io/org/dannielshalev/project/2d42f184-efd7-4f3b-a34b-39b7fd0e450d?utm_source=github&utm_medium=referral&page=fix-pr","type":"user-initiated","patch":[],"vulns":["SNYK-PYTHON-CERTIFI-3164749","SNYK-PYTHON-URLLIB3-1014645","SNYK-PYTHON-URLLIB3-1533435","SNYK-PYTHON-URLLIB3-559452","SNYK-PYTHON-WERKZEUG-3319935","SNYK-PYTHON-WERKZEUG-3319936"],"upgrade":[],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["pr-warning-shown","priorityScore"],"priorityScoreList":[554,599,479,509,344,589],"remediationStrategy":"vuln"})
+
+---
+
+**Learn how to fix vulnerabilities with free interactive lessons:**
+
+ 🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr)
+ 🦉 [Access Restriction Bypass](https://learn.snyk.io/lessons/broken-access-control/python/?loc=fix-pr)
+ 🦉 [Denial of Service (DoS)](https://learn.snyk.io/lessons/no-rate-limiting/python/?loc=fix-pr)
+
+
+ Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.
+
+
+
+#### Changes included in this PR
+
+- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
+ - web/package.json
+ - web/yarn.lock
+
+
+#### Note for [zero-installs](https://yarnpkg.com/features/zero-installs) users
+
+If you are using the Yarn feature [zero-installs](https://yarnpkg.com/features/zero-installs) that was introduced in Yarn V2, note that this PR does not update the `.yarn/cache/` directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run `yarn` to update the contents of the `./yarn/cache` directory.
+If you are not using zero-install you can ignore this as your flow should likely be unchanged.
+
+
+#### Vulnerabilities that will be fixed
+##### With an upgrade:
+Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
+:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
+ | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-AXIOS-1579269](https://snyk.io/vuln/SNYK-JS-AXIOS-1579269) | No | Proof of Concept
+
+(*) Note that the real score may have changed since the PR was raised.
+
+
+
+
+
+
+
+
+
+
+
+Check the changes in this PR to ensure they won't cause issues with your project.
+
+
+
+------------
+
+
+
+**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
+
+For more information: 
+🧐 [View latest project report](https://app.snyk.io/org/dannielshalev/project/1f02abc0-324a-411b-ba42-2a338069ae7d?utm_source=github&utm_medium=referral&page=fix-pr)
+
+🛠 [Adjust project settings](https://app.snyk.io/org/dannielshalev/project/1f02abc0-324a-411b-ba42-2a338069ae7d?utm_source=github&utm_medium=referral&page=fix-pr/settings)
+
+📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
+
+[//]: # (snyk:metadata:{"prId":"5ffbe3be-d303-4ab9-acd2-b873b01f7cdb","prPublicId":"5ffbe3be-d303-4ab9-acd2-b873b01f7cdb","dependencies":[{"name":"axios","from":"0.21.1","to":"0.21.3"}],"packageManager":"yarn","projectPublicId":"1f02abc0-324a-411b-ba42-2a338069ae7d","projectUrl":"https://app.snyk.io/org/dannielshalev/project/1f02abc0-324a-411b-ba42-2a338069ae7d?utm_source=github&utm_medium=referral&page=fix-pr","type":"user-initiated","patch":[],"vulns":["SNYK-JS-AXIOS-1579269"],"upgrade":["SNYK-JS-AXIOS-1579269"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[696],"remediationStrategy":"vuln"})
+
+---
+
+**Learn how to fix vulnerabilities with free interactive lessons:**
+
+ 🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr)
diff --git a/helm/.helmignore b/helm/.helmignore
new file mode 100644
index 000000000..0e8a0eb36
--- /dev/null
+++ b/helm/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/helm/Chart.yaml b/helm/Chart.yaml
new file mode 100644
index 000000000..ee40f7e91
--- /dev/null
+++ b/helm/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+name: uv-portal-desktop
+description: A Helm chart for Kubernetes
+type: application
+version: 0.0.1
+appVersion: "0.0.1"
diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt
new file mode 100644
index 000000000..7d790da08
--- /dev/null
+++ b/helm/templates/NOTES.txt
@@ -0,0 +1 @@
+1. Get the application URL by running these commands:
diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl
new file mode 100644
index 000000000..d91acb7ed
--- /dev/null
+++ b/helm/templates/_helpers.tpl
@@ -0,0 +1,71 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "uv-portal-desktop.name" -}}
+uv-portal-desktop
+{{- end }}
+
+{{- define "uv-portal-desktop.db.name" -}}
+uvportal-postgres
+{{- end }}
+
+{{- define "uv-portal-desktop.namespace" -}}
+ {{- default .Release.Namespace .Values.namespace -}}
+{{- end }}
+
+{{- define "uv-portal-desktop.matchLabels" -}}
+k8s-app: {{ include "uv-portal-desktop.name" . }}
+app.kubernetes.io/name: {{ include "uv-portal-desktop.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end -}}
+
+{{- define "uv-portal-desktop.common.metaLabels" -}}
+app.kubernetes.io/version: {{ .Chart.AppVersion }}
+helm.sh/chart: {{ include "uv-portal-desktop.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/part-of: {{ include "uv-portal-desktop.name" . }}
+{{- with .Values.commonMetaLabels}}
+{{ toYaml . }}
+{{- end }}
+{{- end -}}
+
+{{- define "uv-portal-desktop.labels" -}}
+{{ include "uv-portal-desktop.matchLabels" . }}
+{{ include "uv-portal-desktop.common.metaLabels" . }}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "uv-portal-desktop.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "uv-portal-desktop.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "uv-portal-desktop.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "uv-portal-desktop.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
diff --git a/helm/templates/cm.yaml b/helm/templates/cm.yaml
new file mode 100644
index 000000000..125a74dda
--- /dev/null
+++ b/helm/templates/cm.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ annotations:
+ "helm.sh/hook-weight": "-5"
+ labels:
+ {{- include "uv-portal-desktop.labels" . | nindent 4 }}
+ name: {{ include "uv-portal-desktop.name" . }}
+ namespace: {{ include "uv-portal-desktop.namespace" . }}
+data:
+{{- .Values.configMapData | toYaml | nindent 2 }}
diff --git a/helm/templates/deploy.yaml b/helm/templates/deploy.yaml
new file mode 100644
index 000000000..e404a72aa
--- /dev/null
+++ b/helm/templates/deploy.yaml
@@ -0,0 +1,85 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ {{- include "uv-portal-desktop.labels" . | nindent 4 }}
+ {{- if .Values.labels }}
+ {{ toYaml .Values.labels | nindent 4 }}
+ {{- end}}
+ name: {{ include "uv-portal-desktop.name" . }}
+ namespace: {{ include "uv-portal-desktop.namespace" . }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ {{- include "uv-portal-desktop.matchLabels" . | nindent 6 }}
+ template:
+ metadata:
+ labels:
+ {{- include "uv-portal-desktop.matchLabels" . | nindent 8 }}
+ name: {{ include "uv-portal-desktop.name" . }}
+ spec:
+ {{- with .Values.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ hostAliases:
+ - ip: 10.43.100.100
+ hostnames:
+ - uvportal.uveye.local
+ containers:
+ - name: {{ include "uv-portal-desktop.name" . }}
+ ports:
+ - containerPort: 5900
+ name: vnc
+ - containerPort: 6080
+ name: http
+ env:
+ {{- toYaml .Values.env | nindent 10 }}
+ image: "{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+ imagePullPolicy: IfNotPresent
+ {{- with .Values.livenessProbe }}
+ livenessProbe:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.readinessProbe }}
+ readinessProbe:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- with .Values.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ - name: x11-unix
+ mountPath: /tmp/.X11-unix
+ - name: x11-xkb
+ mountPath: /usr/share/X11/xkb
+ - name: xserver
+ mountPath: /root/.Xauthority
+ - name: {{ include "uv-portal-desktop.name" . }}
+ mountPath: /etc/supervisor/conf.d/
+ - name: cache-volume
+ mountPath: /dev/shm
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: x11-unix
+ hostPath:
+ path: /tmp/.X11-unix
+ - name: x11-xkb
+ hostPath:
+ path: /usr/share/X11/xkb
+ - configMap:
+ name: {{ include "uv-portal-desktop.name" . }}
+ name: {{ include "uv-portal-desktop.name" . }}
+ - name: xserver
+ hostPath:
+ path: /home/uvadmin/.Xauthority
+ type: File
+ - name: cache-volume
+ emptyDir:
+ medium: Memory
+ sizeLimit: 512Mi
diff --git a/helm/templates/svc.yaml b/helm/templates/svc.yaml
new file mode 100644
index 000000000..7b2dd9bed
--- /dev/null
+++ b/helm/templates/svc.yaml
@@ -0,0 +1,29 @@
+{{- if .Values.service.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.service.annotations }}
+ annotations:
+{{ toYaml .Values.service.annotations | indent 4 }}
+{{- end }}
+ labels:
+ {{- include "uv-portal-desktop.labels" . | nindent 4 }}
+{{- if .Values.service.labels }}
+{{ toYaml .Values.service.labels | indent 4 }}
+{{- end }}
+ name: {{ include "uv-portal-desktop.name" . }}
+ namespace: {{ include "uv-portal-desktop.namespace" . }}
+spec:
+ ports:
+ - name: http
+ port: 30080
+ nodePort: 30080
+ targetPort: http
+ - name: vnc
+ port: 5900
+ nodePort: 30590
+ targetPort: vnc
+ selector:
+ {{- include "uv-portal-desktop.matchLabels" . | nindent 4 }}
+ type: "{{ .Values.service.type }}"
+{{- end -}}
diff --git a/helm/values.yaml b/helm/values.yaml
new file mode 100644
index 000000000..50ac6e905
--- /dev/null
+++ b/helm/values.yaml
@@ -0,0 +1,117 @@
+replicaCount: 1
+
+imagePullSecrets:
+ - name: regcred
+
+image:
+ repository: 230690759643.dkr.ecr.eu-west-1.amazonaws.com
+ name: vnc-desktop
+ tag: ''
+
+namespace: uveye
+
+resources:
+ limits:
+ memory: 4096Mi
+ cpu: "2"
+ requests:
+ memory: 512Mi
+ cpu: "0.4"
+
+affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: node-role.kubernetes.io/master
+ operator: In
+ values:
+ - "true"
+
+service:
+ enabled: true
+ type: LoadBalancer
+
+env:
+ - name: USER
+ value: uvdesk
+ - name: VNC_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: secrets-uv-portal-vnc-desktop
+ key: password
+ - name: HTTP_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: secrets-uv-portal-vnc-desktop
+ key: password
+ - name: PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: secrets-uv-portal-vnc-desktop
+ key: password
+ - name: DISPLAY
+ value: ":1.0"
+
+livenessProbe: {}
+readinessProbe: {}
+
+configMapData:
+ supervisord.conf: |-
+ [supervisord]
+ redirect_stderr=true
+ stopsignal=QUIT
+ autorestart=true
+ directory=/root
+ #
+ [program:nginx]
+ priority=10
+ command=nginx -c /etc/nginx/nginx.conf -g 'daemon off;'
+ #
+ [program:web]
+ priority=10
+ directory=/usr/local/lib/web/backend
+ command=/usr/local/lib/web/backend/run.py
+ stdout_logfile=/dev/fd/1
+ stdout_logfile_maxbytes=0
+ stderr_logfile=/dev/fd/1
+ stderr_logfile_maxbytes=0
+ #
+ #
+ [group:x]
+ programs=xvfb,wm,lxpanel,pcmanfm,x11vnc,novnc
+ #
+ [program:wm]
+ priority=15
+ command=/usr/bin/openbox
+ environment=DISPLAY=":1",HOME="/root",USER="root"
+ #
+ [program:lxpanel]
+ priority=15
+ directory=/home/uvdesk
+ command=/usr/bin/lxpanel --profile LXDE
+ user=uvdesk
+ environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk"
+ #
+ [program:pcmanfm]
+ priority=15
+ directory=/home/uvdesk
+ command=/usr/bin/pcmanfm --desktop --profile LXDE
+ user=uvdesk
+ environment=DISPLAY=":1",HOME="/home/uvdesk",USER="uvdesk"
+ #
+ [program:xvfb]
+ priority=10
+ command=/usr/local/bin/xvfb.sh
+ stopsignal=KILL
+ #
+ [program:x11vnc]
+ priority=20
+ command=x11vnc -display :1 -xkb -forever -shared -repeat -capslock -rfbauth /.password2
+ #
+ [program:novnc]
+ priority=25
+ directory=/usr/local/lib/web/frontend/static/novnc
+ command=bash /usr/local/lib/web/frontend/static/novnc/utils/launch.sh --listen 6081
+ stopasgroup=true
+ #
diff --git a/icons/applications/lpr.desktop b/icons/applications/lpr.desktop
new file mode 100644
index 000000000..bb01ff507
--- /dev/null
+++ b/icons/applications/lpr.desktop
@@ -0,0 +1,6 @@
+[Desktop Entry]
+Name=lpr
+Type=Application
+Icon=google-chrome
+Exec=/usr/bin/google-chrome http://192.168.5.245
+Terminal=false
\ No newline at end of file
diff --git a/icons/applications/uvportal.desktop b/icons/applications/uvportal.desktop
new file mode 100644
index 000000000..2c370570d
--- /dev/null
+++ b/icons/applications/uvportal.desktop
@@ -0,0 +1,6 @@
+[Desktop Entry]
+Name=UVportal
+Type=Application
+Icon=google-chrome
+Exec=/usr/bin/google-chrome http://uvportal.uveye.local
+Terminal=false
\ No newline at end of file
diff --git a/icons/lpr.desktop b/icons/lpr.desktop
new file mode 100644
index 000000000..78ddc92a3
--- /dev/null
+++ b/icons/lpr.desktop
@@ -0,0 +1,5 @@
+[Desktop Entry]
+Type=Link
+Name=lpr
+Icon=google-chrome
+URL=/usr/share/applications/lpr.desktop
\ No newline at end of file
diff --git a/icons/uvportal.desktop b/icons/uvportal.desktop
new file mode 100644
index 000000000..3c45e0c65
--- /dev/null
+++ b/icons/uvportal.desktop
@@ -0,0 +1,5 @@
+[Desktop Entry]
+Type=Link
+Name=UVportal
+Icon=google-chrome
+URL=/usr/share/applications/uvportal.desktop
\ No newline at end of file
diff --git a/rootfs/usr/local/lib/web/backend/requirements.txt b/rootfs/usr/local/lib/web/backend/requirements.txt
index 0590bd421..e04a69172 100644
--- a/rootfs/usr/local/lib/web/backend/requirements.txt
+++ b/rootfs/usr/local/lib/web/backend/requirements.txt
@@ -1,5 +1,5 @@
backports.ssl-match-hostname==3.7.0.1
-certifi==2019.9.11
+certifi==2022.12.7
chardet==3.0.4
Click==7.0
Flask==1.1.1
@@ -14,6 +14,6 @@ MarkupSafe==1.1.1
meld3==2.0.0
requests==2.22.0
six==1.12.0
-urllib3==1.25.6
+urllib3==1.26.5
websocket-client==0.47.0
-Werkzeug==0.16.0
+Werkzeug==2.0.3
diff --git a/web/package.json b/web/package.json
index b844f41e9..91cf3d1a6 100644
--- a/web/package.json
+++ b/web/package.json
@@ -13,7 +13,7 @@
"build": "node build/build.js"
},
"dependencies": {
- "axios": "^0.21.1",
+ "axios": "^0.21.3",
"vue": "^2.5.2",
"vue-material": "^1.0.0-beta-10.2",
"vue-router": "^3.0.1"
diff --git a/web/yarn.lock b/web/yarn.lock
index 60581fede..3f8673ecc 100644
--- a/web/yarn.lock
+++ b/web/yarn.lock
@@ -374,11 +374,12 @@ aws4@^1.8.0:
version "1.8.0"
resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.8.0.tgz#f0e003d9ca9e7f59c7a508945d7b2ef9a04a542f"
-axios@^0.21.1:
- version "0.21.1"
- resolved "https://registry.yarnpkg.com/axios/-/axios-0.21.1.tgz#22563481962f4d6bde9a76d516ef0e5d3c09b2b8"
+axios@^0.21.3:
+ version "0.21.4"
+ resolved "https://registry.yarnpkg.com/axios/-/axios-0.21.4.tgz#c67b90dc0568e5c1cf2b0b858c43ba28e2eda575"
+ integrity sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==
dependencies:
- follow-redirects "^1.10.0"
+ follow-redirects "^1.14.0"
babel-code-frame@^6.22.0, babel-code-frame@^6.26.0:
version "6.26.0"
@@ -3023,10 +3024,15 @@ flush-write-stream@^1.0.0:
inherits "^2.0.3"
readable-stream "^2.3.6"
-follow-redirects@^1.0.0, follow-redirects@^1.10.0:
+follow-redirects@^1.0.0:
version "1.13.3"
resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.13.3.tgz#e5598ad50174c1bc4e872301e82ac2cd97f90267"
+follow-redirects@^1.14.0:
+ version "1.15.2"
+ resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.2.tgz#b460864144ba63f2681096f274c4e57026da2c13"
+ integrity sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==
+
for-in@^1.0.2:
version "1.0.2"
resolved "https://registry.yarnpkg.com/for-in/-/for-in-1.0.2.tgz#81068d295a8142ec0ac726c6e2200c30fb6d5e80"