From d8521ece9224fb0e87cec6636426366059f50722 Mon Sep 17 00:00:00 2001
From: Seungmin Kim <8457324+ehfd@users.noreply.github.com>
Date: Thu, 4 Jul 2024 21:14:45 +0900
Subject: [PATCH] Fix race condition

---
 kasmvnc-entrypoint.sh           | 52 ++++++++++++++++-----------------
 selkies-gstreamer-entrypoint.sh | 44 ++++++++++++++--------------
 2 files changed, 48 insertions(+), 48 deletions(-)

diff --git a/kasmvnc-entrypoint.sh b/kasmvnc-entrypoint.sh
index 773462a..5c65c0f 100644
--- a/kasmvnc-entrypoint.sh
+++ b/kasmvnc-entrypoint.sh
@@ -18,6 +18,32 @@ export PIPEWIRE_RUNTIME_DIR="${PIPEWIRE_RUNTIME_DIR:-${XDG_RUNTIME_DIR:-/tmp}}"
 export PULSE_RUNTIME_PATH="${PULSE_RUNTIME_PATH:-${XDG_RUNTIME_DIR:-/tmp}/pulse}"
 export PULSE_SERVER="${PULSE_SERVER:-unix:${PULSE_RUNTIME_PATH:-${XDG_RUNTIME_DIR:-/tmp}/pulse}/native}"
 
+# Configure KasmVNC
+export KASM_DISPLAY=":21"
+yq -i "
+.command_line.prompt = false |
+.desktop.resolution.width = ${DISPLAY_SIZEW} |
+.desktop.resolution.height = ${DISPLAY_SIZEH} |
+.desktop.allow_resize = $(echo ${SELKIES_ENABLE_RESIZE-false} | tr '[:upper:]' '[:lower:]') |
+.desktop.pixel_depth = ${DISPLAY_CDEPTH} |
+.network.interface = \"127.0.0.1\" |
+.network.websocket_port = 8082 |
+.network.ssl.require_ssl = $(echo ${SELKIES_ENABLE_HTTPS-false} | tr '[:upper:]' '[:lower:]') |
+.encoding.max_frame_rate = ${DISPLAY_REFRESH}
+" /etc/kasmvnc/kasmvnc.yaml
+
+if [ -n "${SELKIES_HTTPS_CERT}" ]; then yq -i ".network.ssl.pem_certificate = \"${SELKIES_HTTPS_CERT-/etc/ssl/certs/ssl-cert-snakeoil.pem}\"" /etc/kasmvnc/kasmvnc.yaml; fi
+if [ -n "${SELKIES_HTTPS_KEY}" ]; then yq -i ".network.ssl.pem_key = \"${SELKIES_HTTPS_KEY-/etc/ssl/private/ssl-cert-snakeoil.key}\"" /etc/kasmvnc/kasmvnc.yaml; fi
+
+if [ "$(echo ${SELKIES_ENABLE_RESIZE} | tr '[:upper:]' '[:lower:]')" = "true" ]; then export KASM_PROXY_FLAG="${KASM_PROXY_FLAG} -r"; fi
+
+mkdir -pm700 ~/.vnc
+(echo "${SELKIES_BASIC_AUTH_PASSWORD:-${PASSWD}}"; echo "${SELKIES_BASIC_AUTH_PASSWORD:-${PASSWD}}";) | kasmvncpasswd -u "${SELKIES_BASIC_AUTH_USER:-${USER}}" -ow ~/.kasmpasswd
+touch ~/.vnc/.de-was-selected
+
+# Wait for X server to start
+echo 'Waiting for X Socket' && until [ -S "/tmp/.X11-unix/X${DISPLAY#*:}" ]; do sleep 0.5; done && echo 'X Server is ready'
+
 # Configure NGINX
 if [ "$(echo ${SELKIES_ENABLE_BASIC_AUTH} | tr '[:upper:]' '[:lower:]')" != "false" ]; then htpasswd -bcm "${XDG_RUNTIME_DIR}/.htpasswd" "${SELKIES_BASIC_AUTH_USER:-${USER}}" "${SELKIES_BASIC_AUTH_PASSWORD:-${PASSWD}}"; fi
 echo "# Selkies KasmVNC NGINX Configuration
@@ -51,32 +77,6 @@ server {
     }
 }" | tee /etc/nginx/sites-available/default > /dev/null
 
-# Configure KasmVNC
-export KASM_DISPLAY=":21"
-yq -i "
-.command_line.prompt = false |
-.desktop.resolution.width = ${DISPLAY_SIZEW} |
-.desktop.resolution.height = ${DISPLAY_SIZEH} |
-.desktop.allow_resize = $(echo ${SELKIES_ENABLE_RESIZE-false} | tr '[:upper:]' '[:lower:]') |
-.desktop.pixel_depth = ${DISPLAY_CDEPTH} |
-.network.interface = \"127.0.0.1\" |
-.network.websocket_port = 8082 |
-.network.ssl.require_ssl = $(echo ${SELKIES_ENABLE_HTTPS-false} | tr '[:upper:]' '[:lower:]') |
-.encoding.max_frame_rate = ${DISPLAY_REFRESH}
-" /etc/kasmvnc/kasmvnc.yaml
-
-if [ -n "${SELKIES_HTTPS_CERT}" ]; then yq -i ".network.ssl.pem_certificate = \"${SELKIES_HTTPS_CERT-/etc/ssl/certs/ssl-cert-snakeoil.pem}\"" /etc/kasmvnc/kasmvnc.yaml; fi
-if [ -n "${SELKIES_HTTPS_KEY}" ]; then yq -i ".network.ssl.pem_key = \"${SELKIES_HTTPS_KEY-/etc/ssl/private/ssl-cert-snakeoil.key}\"" /etc/kasmvnc/kasmvnc.yaml; fi
-
-if [ "$(echo ${SELKIES_ENABLE_RESIZE} | tr '[:upper:]' '[:lower:]')" = "true" ]; then export KASM_PROXY_FLAG="${KASM_PROXY_FLAG} -r"; fi
-
-mkdir -pm700 ~/.vnc
-(echo "${SELKIES_BASIC_AUTH_PASSWORD:-${PASSWD}}"; echo "${SELKIES_BASIC_AUTH_PASSWORD:-${PASSWD}}";) | kasmvncpasswd -u "${SELKIES_BASIC_AUTH_USER:-${USER}}" -ow ~/.kasmpasswd
-touch ~/.vnc/.de-was-selected
-
-# Wait for X server to start
-echo 'Waiting for X Socket' && until [ -S "/tmp/.X11-unix/X${DISPLAY#*:}" ]; do sleep 0.5; done && echo 'X Server is ready'
-
 # Run KasmVNC
 if ls ~/.vnc/*\:"${KASM_DISPLAY#*:}".pid >/dev/null 2>&1; then kasmvncserver -kill "${KASM_DISPLAY}"; fi
 kasmvncserver "${KASM_DISPLAY}" -geometry "${DISPLAY_SIZEW}x${DISPLAY_SIZEH}" -depth "${DISPLAY_CDEPTH}" -noxstartup -FrameRate "${DISPLAY_REFRESH}" -interface 127.0.0.1 -rfbport 9082 -websocketPort 8082 -disableBasicAuth -AlwaysShared -BlacklistTimeout 0 ${KASM_FLAG}
diff --git a/selkies-gstreamer-entrypoint.sh b/selkies-gstreamer-entrypoint.sh
index e47ef6d..79b464a 100755
--- a/selkies-gstreamer-entrypoint.sh
+++ b/selkies-gstreamer-entrypoint.sh
@@ -23,6 +23,28 @@ export PIPEWIRE_RUNTIME_DIR="${PIPEWIRE_RUNTIME_DIR:-${XDG_RUNTIME_DIR:-/tmp}}"
 export PULSE_RUNTIME_PATH="${PULSE_RUNTIME_PATH:-${XDG_RUNTIME_DIR:-/tmp}/pulse}"
 export PULSE_SERVER="${PULSE_SERVER:-unix:${PULSE_RUNTIME_PATH:-${XDG_RUNTIME_DIR:-/tmp}/pulse}/native}"
 
+# Export environment variables required for Selkies-GStreamer
+export GST_DEBUG="${GST_DEBUG:-*:2}"
+export GSTREAMER_PATH=/opt/gstreamer
+
+# Source environment for GStreamer
+. /opt/gstreamer/gst-env
+
+export SELKIES_ENCODER="${SELKIES_ENCODER:-x264enc}"
+export SELKIES_ENABLE_RESIZE="${SELKIES_ENABLE_RESIZE:-false}"
+if ( [ -z "${SELKIES_TURN_USERNAME}" ] || [ -z "${SELKIES_TURN_PASSWORD}" ] ) && [ -z "${SELKIES_TURN_SHARED_SECRET}" ] || [ -z "${SELKIES_TURN_HOST}" ] || [ -z "${SELKIES_TURN_PORT}" ]; then
+  export TURN_RANDOM_PASSWORD="$(tr -dc 'A-Za-z0-9' < /dev/urandom 2>/dev/null | head -c 24)"
+  export SELKIES_TURN_HOST="$(curl -fsSL checkip.amazonaws.com)"
+  export SELKIES_TURN_PORT="3478"
+  export SELKIES_TURN_USERNAME="selkies"
+  export SELKIES_TURN_PASSWORD="${TURN_RANDOM_PASSWORD}"
+  export SELKIES_TURN_PROTOCOL="${SELKIES_TURN_PROTOCOL:-tcp}"
+  /etc/start-turnserver.sh &
+fi
+
+# Wait for X server to start
+echo 'Waiting for X Socket' && until [ -S "/tmp/.X11-unix/X${DISPLAY#*:}" ]; do sleep 0.5; done && echo 'X Server is ready'
+
 # Configure NGINX
 if [ "$(echo ${SELKIES_ENABLE_BASIC_AUTH} | tr '[:upper:]' '[:lower:]')" != "false" ]; then htpasswd -bcm "${XDG_RUNTIME_DIR}/.htpasswd" "${SELKIES_BASIC_AUTH_USER:-${USER}}" "${SELKIES_BASIC_AUTH_PASSWORD:-${PASSWD}}"; fi
 echo "# Selkies-GStreamer NGINX Configuration
@@ -122,28 +144,6 @@ server {
     }
 }" | tee /etc/nginx/sites-available/default > /dev/null
 
-# Export environment variables required for Selkies-GStreamer
-export GST_DEBUG="${GST_DEBUG:-*:2}"
-export GSTREAMER_PATH=/opt/gstreamer
-
-# Source environment for GStreamer
-. /opt/gstreamer/gst-env
-
-export SELKIES_ENCODER="${SELKIES_ENCODER:-x264enc}"
-export SELKIES_ENABLE_RESIZE="${SELKIES_ENABLE_RESIZE:-false}"
-if ( [ -z "${SELKIES_TURN_USERNAME}" ] || [ -z "${SELKIES_TURN_PASSWORD}" ] ) && [ -z "${SELKIES_TURN_SHARED_SECRET}" ] || [ -z "${SELKIES_TURN_HOST}" ] || [ -z "${SELKIES_TURN_PORT}" ]; then
-  export TURN_RANDOM_PASSWORD="$(tr -dc 'A-Za-z0-9' < /dev/urandom 2>/dev/null | head -c 24)"
-  export SELKIES_TURN_HOST="$(curl -fsSL checkip.amazonaws.com)"
-  export SELKIES_TURN_PORT="3478"
-  export SELKIES_TURN_USERNAME="selkies"
-  export SELKIES_TURN_PASSWORD="${TURN_RANDOM_PASSWORD}"
-  export SELKIES_TURN_PROTOCOL="${SELKIES_TURN_PROTOCOL:-tcp}"
-  /etc/start-turnserver.sh &
-fi
-
-# Wait for X server to start
-echo 'Waiting for X Socket' && until [ -S "/tmp/.X11-unix/X${DISPLAY#*:}" ]; do sleep 0.5; done && echo 'X Server is ready'
-
 # Clear the cache registry
 rm -rf "${HOME}/.cache/gstreamer-1.0"