Desktop App

marcusquinn

@murgero Nice - but OS RAM usage nowadays is pale in comparison to that of websites and apps, and we'll be throwing big dedicated servers at this if we can get it all doing what we need, probably budgeting 4-16GB RAM per concurrent user.

Plus, I really like ZorinOS, highly recommended!

doodlemania2

Also check out what Kasm is doing in this space - pretty slick!

murgero

@marcusquinn You're always welcome to customize to your needs - this was made for me to use as more of a lack-of-workspace situation so I can RDP into a windows machine or simply open my email in a better webclient than my mobile client.

marcusquinn

@murgero Thanks. Just gave it a spin, and it is super fast, no problem watching YouTube videos at full framerate!

marcusquinn

@doodlemania2 Looks amazing - links for reference:

murgero

@marcusquinn If only I could get sound working properly lol

Still working out a bunch of kinks like allowing users to change the resolution, sound, flatpak (for the advanced users) and so on

marcusquinn

@murgero Cool - that's always been a PITA with Linux - we'll see if we can too.

murgero

@marcusquinn Switching the desktop to xfce4 which is a little bit heavier than fluxbox BUT will be 1000x more user friendly.

marcusquinn

@murgero Nice, agreed. ZorinOS Lite is based on that (XFCE 4.16) too if you wanna try?

That's what we use for all recommissioned laptops and desktops now: https://blog.zorin.com/2021/12/08/zorin-os-16-lite-is-here/

timconsidine

@marcusquinn : Kasm looks amazing but very interested in how @murgero's package will be

murgero

@marcusquinn Gonna forego Flatpak since it is just broken with the read-only file system. Instead, users can use appimage (ubuntu native!) to get their apps beyond the default installed ones. No root or whatever needed for those. I am going to test this later and see if it works as expected and if so, then the package will be in a state where anyone can test and get back to me with suggestions or questions.

Nevermind - appimage requires fuse, which we can't run in docker as-is with cloudron.

marcusquinn

@timconsidine I actually think that wth a bit more work and collective minds, everything that Kasm offers could be reproduced here for Cloudron. I'm very excited for this concept!

murgero

@marcusquinn Sadly Kasm wont work on cloudron as-is. Cloudron restricts access to the containers file-system to read-only mode. Kasm will require that to be removed + will also need docker running in privileged mode to get stuff like sound, app installs, etc working.

marcusquinn

@murgero I'm thinking Cloudron Dockerised Desktop Apps as an alternative to Kasm.

Although, it does look very well thought out, so might actually be worth supporting and subscribing to for our needs, but really keen to see what we can do here with Cloudron Apps and Desktoping.

marcusquinn

I'm also thinking we'd them make use of Guacamole.

I have seen companies spend $150/user/MONTH on Citrix & Windows Desktops, with nothing more than Microsoft Office and maybe an Accounting app.

Of all the Cloudon Apps, this could very well become the most valuable to enterprises that need to provide Desktops within a walled-garden for data access & storage with thin-clients like iGel.

murgero

@marcusquinn Well the docker image has been updated, you can update / reinstall with the same CloudronManifest.json file as before, it will pull the latest image

marcusquinn

@murgero Thanks, late here, will try in the am.

robi

@marcusquinn said in Desktop App:

ZorinOS Lite is based on that (XFCE 4.16) too if you wanna try?

Does it have a functional OS level dark mode?

robi

@murgero said in Desktop App:

Sadly Kasm wont work on cloudron as-is. Cloudron restricts access to the containers file-system to read-only mode. Kasm will require that to be removed + will also need docker running in privileged mode to get stuff like sound, app installs, etc working.

It would if you used sysbox from nestybox. Much better container isolation where you can even run full system image containers, which would be good for virtual desktop applications.

Find the "sysbox" thread here on the forum.

murgero

@robi docker can run full-system images but cloudron locks down too much of the file system to allow it completely. That's why I am having a challenge getting a basic desktop working.

robi

@murgero said in Desktop App:

cloudron locks down too much of the file system to allow it completely.

That's the part that isn't clear.. if the new system image you're making is done right, it doesn't matter if it's read only as all the parts that need to write have the / system portion and /app/data paths.

Next question is where exactly are you getting stuck?

murgero

@robi Cloudron blocks write access except for /app/data, /tmp, and I think a couple other dirs. but tghe big stuff like in /var, /etc, /lib - you cant write in post build.

I'd like to note that during the building of the app I can write to whatever directory I want. but once it's deployed though it's locked down.

Plus some stuff you can't do in docker unless the image(s) are ran in privileged mode, which cloudron does not allow either. Without privileged mode, a lot of stuff has to get worked around like x11, window manager, and even simple stuff like fuse works differently in docker than in regular linux.

robi

@murgero sysbox allows for more things without using privileged mode.

It's likely a good time to map out the things that you need, vs the things cloudron allows and see what the delta is and how that maps to sysbox capabilities and any changes we might need to look into.

It's these kinds of things that prevent others from seeing an idea can work because of their own limits in knowledge or beliefs, so the immediate response is No, when it could be a YES.

marcusquinn

@robi said in Desktop App:

@marcusquinn said in Desktop App:

ZorinOS Lite is based on that (XFCE 4.16) too if you wanna try?

Does it have a functional OS level dark mode?

Yes

timconsidine

@marcusquinn : I tried out out Kasm.
Generally a good system and an easy install (if you put on its own box not with other stuff).
However, even after increasing the cores and RAM that can be allocated to an app/image, I found it a little slow. Maybe it's the VPS I put it on, despite the VPS having 32Gb RAM and 8 cores.
My expectation level has been set at a middle level remote desktop Workspace from AWS. Although I am trying to get off AWS, I have to say that workspace performs well. Better than Kasm.
So very interested to see what performance a Cloudron Desktop App will be. When it's ready.

timconsidine

@murgero polite enquiry : how's the project going ?
I appreciate there is probably a ton of work to do to get to a release.

plusone-nick

Love the use case...reminds me of KASM : https://forum.cloudron.io/topic/3269/kasm-virtual-desktop-browser-isolation/2?_=1643939053102

murgero

@timconsidine Howdy! It's probably ready for testing tbh. But i worry about security - since I am not an export (though I know a lot) on Linux security - It'd be a good idea to test it, and maybe even have a 3rd party audit of it.

timconsidine

@murgero I'd be interested to test it if you need another set of eyes.
But I'm no expert, and certainly not on security. It's so broad these days. Lots of stuff on reddit/selfhosted on security. trying to absorb this : https://arvind.io/posts/using-fail2ban-to-protect-exposed-services/

necrevistonnezr

@timconsidine maybe do this https://forum.cloudron.io/topic/6224/crowdsec-install-guide-for-cloudron-purposes instead of just fail2ban?

timconsidine

@necrevistonnezr good point

murgero

@necrevistonnezr That seems more for the host than installed in apps? Or am I misreading some of it?

Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.

Desktop App