# SPDX-FileCopyrightText: Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES. All rights reserved. 
# SPDX-License-Identifier: LicenseRef-NvidiaProprietary
#
# NVIDIA CORPORATION, its affiliates and licensors retain all intellectual
# property and proprietary rights in and to this material, related
# documentation and any modifications thereto. Any use, reproduction, 
# disclosure or distribution of this material and related documentation 
# without an express license agreement from NVIDIA CORPORATION or 
# its affiliates is strictly prohibited.

FROM ubuntu:20.04

ARG HOST_FOLDER_NAME_ARG
ARG WITH_TIGERVNC_ARG=no
ARG WITH_NOVNC_ARG=no
ARG WITH_RDP_ARG=no
ARG WINDOW_WIDTH_ARG=1920
ARG WINDOW_HEIGHT_ARG=1080

ENV HOST_FOLDER_NAME="$HOST_FOLDER_NAME_ARG"
ENV NSYS_WINDOW_WIDTH="$WINDOW_WIDTH_ARG"
ENV NSYS_WINDOW_HEIGHT="$WINDOW_HEIGHT_ARG"
ENV WITH_TIGERVNC="$WITH_TIGERVNC_ARG"
ENV WITH_NOVNC="$WITH_NOVNC_ARG"
ENV WITH_RDP="$WITH_RDP_ARG"
ENV NSYS_WORKSPACE=/workspace
ENV NSYS_USER=nonrootuser
ENV SHARED_FOLDER=/mnt/host
ENV NSYS_LOG_DIR=/mnt/host/logs
ENV NSYS_VNC_PORT=5900
ENV NSYS_HTTP_PORT=80
ENV VNC_PASSWORD=

RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
       # other docker packages
       xvfb \
       # window manager to show correct decorations for child windows
       jwm \
       # to generate xauth files
       xxd \
       # to check if Xvfb is started on the specific display
       x11-utils \
       # service to start, monitor and restart components
       supervisor \
       # for nsys-ui window maximizing
       python3-xlib

RUN if [ "$WITH_TIGERVNC" = "yes" ]; then \
       DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
       tigervnc-scraping-server \
       tigervnc-common ; \
       else \
       DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
       x11vnc ; \
       fi

RUN if [ "$WITH_NOVNC" = "yes" ]; then \
       DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
       novnc \
       websockify ; \
       fi

# currently, only for noVNC
COPY usr /usr

RUN if [ "$WITH_RDP" = "yes" ]]; then \
       DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
       xrdp ; \
       fi

COPY Configs/system.jwmrc /etc/jwm/

RUN adduser --disabled-password --gecos '' "$NSYS_USER"

COPY --chown="$NSYS_USER" Configs/xrdp.ini /etc/xrdp/xrdp.ini
RUN chmod 755 /etc/xrdp/xrdp.ini
RUN chown -R "$NSYS_USER" /etc/xrdp

RUN mkdir -p "$NSYS_WORKSPACE"
RUN chown -R "$NSYS_USER" "$NSYS_WORKSPACE"

USER "$NSYS_USER"

COPY --chown="$NSYS_USER" Configs/nsys/.config "/home/$NSYS_USER/.config"

WORKDIR "$NSYS_WORKSPACE"

COPY --chown="$NSYS_USER" Configs/supervisord.conf ./
RUN mkdir -p ./conf.d

# config files are copied later to force re-read of environment variables
COPY --chown="$NSYS_USER" Configs/conf.d ./conf.d.later

COPY --chown="$NSYS_USER" Scripts/runall.sh Scripts/runnsysui.sh \
       Scripts/runvnc.sh Scripts/maximize_window.py \
       Scripts/runallasuser.sh Scripts/runxvfb.sh ./

RUN chmod +x runall.sh runnsysui.sh runvnc.sh runallasuser.sh runxvfb.sh

ENV LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$NSYS_WORKSPACE/$HOST_FOLDER_NAME_ARG/lib"

USER root

# noVNC main page icon
RUN if [ "$WITH_NOVNC" = "yes" ]; then \
       ln -s "$NSYS_WORKSPACE/$HOST_FOLDER_NAME_ARG/nsys-ui.png" /usr/share/novnc/app/images/nsys-ui.png ; \
       fi

ADD "$HOST_FOLDER_NAME_ARG.tar.gz" ./
# $$TARGET_FOLDERS_COPY$$ #

# install nsys dependencies
RUN "$HOST_FOLDER_NAME_ARG/Scripts/DependenciesInstaller/install-dependencies.sh"

RUN chown -R "$NSYS_USER" "$HOST_FOLDER_NAME_ARG"
# $$TARGET_FOLDERS_CHOWN$$ #

ARG VNC_DEFAULT_PASSWORD_SECRET_SEED
RUN --mount=type=secret,id=vnc_password_arg \
       export VNC_PASS_SECRET=$(cat /run/secrets/vnc_password_arg) \
       && if [ -n "$VNC_PASS_SECRET" ]; then \
              if [ "$WITH_TIGERVNC" = "yes" ]; then \
                     printf "$VNC_PASS_SECRET\n$VNC_PASS_SECRET\n\n" | su - "$NSYS_USER" -c "vncpasswd /home/$NSYS_USER/vnc.pass"; \
              else \
                     x11vnc -storepasswd "$VNC_PASS_SECRET" "/home/$NSYS_USER/vnc.pass" && \
                     chown -R "$NSYS_USER" "/home/$NSYS_USER/vnc.pass" && \
                     chmod ugo+r "/home/$NSYS_USER/vnc.pass" \
              ; fi \
       ; fi

ENTRYPOINT "./runall.sh"
