From 6067e78c185724da69abfc91dc2f14cd49267db6 Mon Sep 17 00:00:00 2001
From: "Rodrigo Rodriguez (Pragmatismo)" <me@rodrigorodriguez.com>
Date: Tue, 17 Jun 2025 22:35:39 -0300
Subject: [PATCH] feat: Update deployment scripts for system and desktop
 containers; adjust paths and configurations

---
 .forgejo/workflows/node.yaml                  |  4 +-
 .../opt/gbo/tenants/default/alm-ci/alm-ci.sh  |  6 +-
 .../gbo/tenants/default/desktop/desktop.sh    | 47 +++++++++++++++
 .../opt/gbo/tenants/default/system/system.sh  | 57 +++++++++++++++++++
 .../default/table-editor/table-editor.sh      |  2 +-
 5 files changed, 110 insertions(+), 6 deletions(-)
 create mode 100644 gb-infra/src/templates/opt/gbo/tenants/default/desktop/desktop.sh
 create mode 100644 gb-infra/src/templates/opt/gbo/tenants/default/system/system.sh

diff --git a/.forgejo/workflows/node.yaml b/.forgejo/workflows/node.yaml
index 39b8952..8f2b803 100644
--- a/.forgejo/workflows/node.yaml
+++ b/.forgejo/workflows/node.yaml
@@ -26,7 +26,7 @@ jobs:
 
     - name: Deploy binary
       run: |
-        sudo cp ./target/release/gbserver /opt/gbo/bin/bot
-        sudo chmod +x /opt/gbo/bin/bot/gbserver
+        sudo cp ./target/release/gbserver /opt/gbo/bin/system
+        sudo chmod +x /opt/gbo/bin/system/gbserver
         
         sudo systemctl restart gbserver
\ No newline at end of file
diff --git a/gb-infra/src/templates/opt/gbo/tenants/default/alm-ci/alm-ci.sh b/gb-infra/src/templates/opt/gbo/tenants/default/alm-ci/alm-ci.sh
index 5852450..160fe85 100644
--- a/gb-infra/src/templates/opt/gbo/tenants/default/alm-ci/alm-ci.sh
+++ b/gb-infra/src/templates/opt/gbo/tenants/default/alm-ci/alm-ci.sh
@@ -123,11 +123,11 @@ lxc config device add "$CONTAINER_NAME" almlogs disk source="$HOST_LOGS" path=/o
 
 LXC_BOT="/opt/gbo/tenants/$PARAM_TENANT/bot/data"
 LXC_PROXY="/opt/gbo/tenants/$PARAM_TENANT/proxy/data/websites"
-#LXC_GB6="/opt/gbo/tenants/$PARAM_TENANT/gb6/bin"
+LXC_GB6="/opt/gbo/tenants/$PARAM_TENANT/system/bin"
 
-lxc config device add "$CONTAINER_NAME" almbot disk source="$LXC_BOT" path=/opt/gbo/bin/bot 
+lxc config device add "$CONTAINER_NAME" almbot disk source="$LXC_BOT" path=/opt/gbo/bin/bot
 lxc config device add "$CONTAINER_NAME" almproxy disk source="$LXC_PROXY" path=/opt/gbo/bin/proxy 
-#lxc config device add "$CONTAINER_NAME" almgb6 disk source="$LXC_GB6" path=/opt/gbo/bin/gb6 || exit 1
+lxc config device add "$CONTAINER_NAME" almsystem disk source="$LXC_GB6" path=/opt/gbo/bin/system || exit 1
 
 
 
diff --git a/gb-infra/src/templates/opt/gbo/tenants/default/desktop/desktop.sh b/gb-infra/src/templates/opt/gbo/tenants/default/desktop/desktop.sh
new file mode 100644
index 0000000..ed5ee28
--- /dev/null
+++ b/gb-infra/src/templates/opt/gbo/tenants/default/desktop/desktop.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+HOST_BASE="/opt/gbo/tenants/$PARAM_TENANT/desktop"
+HOST_DATA="$HOST_BASE/data"
+HOST_CONF="$HOST_BASE/conf"
+HOST_LOGS="$HOST_BASE/logs"
+
+mkdir -p "$HOST_DATA" "$HOST_CONF" "$HOST_LOGS"
+chmod -R 750 "$HOST_BASE"
+
+lxc launch images:debian/12 "$PARAM_TENANT"-desktop -c security.privileged=true
+sleep 15
+
+lxc exec "$PARAM_TENANT"-desktop -- bash -c "
+
+apt-get update
+apt-get install -y xvfb xrdp xfce4 xfce4-goodies
+cat > /etc/xrdp/startwm.sh <<EOF
+#!/bin/sh
+if [ -r /etc/default/locale ]; then
+  . /etc/default/locale
+  export LANG LANGUAGE
+fi
+startxfce4
+EOF
+chmod +x /etc/xrdp/startwm.sh
+systemctl restart xrdp
+systemctl enable xrdp
+
+# For the root user (since you're logging in as root)
+echo "exec startxfce4" > /root/.xsession
+chmod +x /root/.xsession
+
+apt install -y curl apt-transport-https gnupg
+curl -s https://brave-browser-apt-release.s3.brave.com/brave-core.asc | gpg --dearmor > /usr/share/keyrings/brave-browser-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg] https://brave-browser-apt-release.s3.brave.com/ stable main" > /etc/apt/sources.list.d/brave-browser-release.list
+apt update && apt install -y brave-browser
+
+
+
+
+
+"
+
+
+sudo iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to-destination CONTAINER_IP:3389
+sudo iptables -A FORWARD -p tcp -d CONTAINER_IP --dport 3389 -j ACCEPT
\ No newline at end of file
diff --git a/gb-infra/src/templates/opt/gbo/tenants/default/system/system.sh b/gb-infra/src/templates/opt/gbo/tenants/default/system/system.sh
new file mode 100644
index 0000000..3783962
--- /dev/null
+++ b/gb-infra/src/templates/opt/gbo/tenants/default/system/system.sh
@@ -0,0 +1,57 @@
+#!/bin/bash
+STORAGE_PATH="/opt/gbo/tenants/$PARAM_TENANT/system/data"
+LOGS_PATH="/opt/gbo/tenants/$PARAM_TENANT/system/logs"
+
+mkdir -p "${STORAGE_PATH}" "${LOGS_PATH}"
+chmod -R 770 "${STORAGE_PATH}" "${LOGS_PATH}"
+chown -R 100999:100999 "${STORAGE_PATH}" "${LOGS_PATH}"
+
+lxc launch images:debian/12 "${PARAM_TENANT}-system" -c security.privileged=true
+sleep 15
+
+lxc config device add "${PARAM_TENANT}-system" storage disk source="${STORAGE_PATH}" path=/data
+lxc config device add "${PARAM_TENANT}-system" logs disk source="${LOGS_PATH}" path=/var/log/minio
+
+lxc exec "${PARAM_TENANT}-system" -- bash -c '
+
+apt-get update && apt-get install -y wget
+wget https://dl.min.io/server/minio/release/linux-amd64/minio -O /usr/local/bin/minio
+chmod +x /usr/local/bin/minio
+
+useradd -r -s /bin/false minio-user || true
+mkdir -p /var/log/minio /data
+chown -R minio-user:minio-user /var/log/minio /data
+
+cat > /etc/systemd/system/minio.service <<EOF
+[Unit]
+Description=MinIO
+After=network.target
+
+[Service]
+Type=simple
+User=minio-user
+Group=minio-user
+Environment="MINIO_ROOT_USER='"${PARAM_system_USER}"'"
+Environment="MINIO_ROOT_PASSWORD='"${PARAM_system_PASSWORD}"'"
+ExecStart=/usr/local/bin/minio server --console-address ":'"${PARAM_system_PORT}"'" /data
+StandardOutput=append:/var/log/minio/output.log
+StandardError=append:/var/log/minio/error.log
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+systemctl daemon-reload
+systemctl enable minio
+systemctl start minio
+'
+
+lxc config device remove "${PARAM_TENANT}-system" minio-proxy 2>/dev/null || true
+lxc config device add "${PARAM_TENANT}-system" minio-proxy proxy \
+    listen=tcp:0.0.0.0:"${PARAM_system_API_PORT}" \
+    connect=tcp:127.0.0.1:"${PARAM_system_API_PORT}"
+
+lxc config device remove "${PARAM_TENANT}-system" console-proxy 2>/dev/null || true
+lxc config device add "${PARAM_TENANT}-system" console-proxy proxy \
+    listen=tcp:0.0.0.0:"${PARAM_system_PORT}" \
+    connect=tcp:127.0.0.1:"${PARAM_system_PORT}"
\ No newline at end of file
diff --git a/gb-infra/src/templates/opt/gbo/tenants/default/table-editor/table-editor.sh b/gb-infra/src/templates/opt/gbo/tenants/default/table-editor/table-editor.sh
index f9889db..3231f25 100644
--- a/gb-infra/src/templates/opt/gbo/tenants/default/table-editor/table-editor.sh
+++ b/gb-infra/src/templates/opt/gbo/tenants/default/table-editor/table-editor.sh
@@ -6,7 +6,7 @@ CONTAINER_NAME="$PARAM_TENANT-table-editor"
 TABLE_EDITOR_PORT="5757"
 
 # Paths
-HOST_BASE="/opt/gbo/tenants/table-editor"
+HOST_BASE="/opt/gbo/tenants/$PARAM_TENANT/table-editor"
 HOST_DATA="$HOST_BASE/data"
 HOST_CONF="$HOST_BASE/conf"
 HOST_LOGS="$HOST_BASE/logs"