CloudTk FAQ
| CloudTk FAQ |
| |
CloudTk is based on WebSockit2me - a TCP to WebSocket gateway that uses a noVNC to display Tk applications in modern Web Browser. It runs on Linux and requires Xvnc server (Tigervnc) to be loaded. Tk applications are listed on a web page. TclHttpd dynamically launches an Xdisplay via Xvnc and then starts a matchbox window manager and launches the Tk application.
TclHttpd is a pure Tcl implementation of a Web server. See
A Tclkit is a single-file executable that provides a complete Tcl and Tk runtime and can execute both normal Tcl scripts or script archive files known as StarKits. Tclkit is provided pre-built for a number of platforms and is updated to track Tcl releases for the major platforms (Windows, Linux and MacOS X).
For pre-built files see the Tclkit Downloads page.
See also Brent Welch's sample book chapters from Practical Programming in Tcl and TK.
A Starkit is a single-file packaging of a directory hierarchy containing Tcl scripts, platform-specific compiled code, and application data. A starkit leverages Tcls virtual filesystem to provide writeable filesystem, meaning that a starkit is modified at runtime as data is saved by the program.
Starkits facilitate simple deployment of cross platform applications.The name comes from STandAlone Runtime.See also Brent Welch's sample book chapters from Practical Programming in Tcl and TK.
The default http port is 8015.
The default https port is 8016.
OpenSSL 1.0.2d 9 Jul 2015
CloudTk is configured to use TLS 1.2 only. Modern browsers that support WebSockets will support TLS 1.2 also.
On startup CloudTk creates a directory Tk/TkPool in the same directory CloudTk.kit is installed. A sample application TkPool.tcl and a startup script TkStartup.tcl are copied into this directory.
Point your browser to http://<<Your IP Address>>:8015/cloudtk/
A web page with a radio button with TkPool is display. Select the radio button and click submit. The TkPool application is displayed. Click below the white line and start to play.
Create a directory with the Tk or X11 application name in the Tk/ directory like TkPool. The directory name is what is displayed in the webpage but this can be anything really. Copy the TkStartup.tcl file from the TkPool directory into your directory. Open TkStartup.tcl file in a text editor and edit the line starting with the command "source" and adjust the path to where your Tk application is. TclHttpd does not need to be restarted as the web page is generated on the fly. The web page should display two radio buttons. TkPool and the directory name you created. If you do not want TkPool to be displayed just delete the TkPool directory.
N.B. If you are running an X11 application (or older Tk app less than Tcl8.6) replace the "source" command with an "exec" command and the full path of your application.
e.g. exec /usr/bin/python3 /usr/local/cloudtk/Tk/FeetToMeters/FeetToMeters.py
e.g. exec /usr/bin/xclock
e.g. exec /usr/local/tclkit-8.4.18 /usr/local/cloudtk/Tk/GooWee/GooWee.tcl
Put a link to your Tk application like for example TkPool
http://<<Your IP Address>>:8015/cloudtk/VNC?session=new&Tk=TkPool
Make sure the first query parameter is "session=new"
By using inline frame <iframe> HTML tag in your Web page.
Put a link to your Tk application like for example TkPool
<iframe height="600" width="600" src="http://<<Your IP Address>>:8015/cloudtk/VNC?session=new&Tk=TkPool" allowfullscreen></iframe>
Make sure the first query parameter is "session=new"
CloudTk has the ability to turn on Authentication for any combination of Tk Application page and the rest of CloudTk website pages.
In the directory where CloudTk.kit is installed an "auth" directory is created. In this directory there is an "AuthTarget.txt" file. The following is written to "AuthTarget.txt" file by default:
VNC 0
Website 0
"1" equals Authentication is "ON" and "0" is "OFF".
Just edit this file to your requirements.
To change the http port use -port <port no.> on the command line.
To change the https port use -https_port <port no.> on the command line.
e.g. ./tclkit CloudTk.kit -port 8080 -https_port 8443
Don't turn off HTTP by setting -port 0 on the command like
e.g. ./tclkit CloudTk.kit -port 0
This actually lets the OS choose a random high port to listen on.
To stop access to the HTTP port I would suggest filtering via a firewall or router and only allow access to HTTPS port.
To setup HTTPS, a Server certificate (server.pem) and a Server key (skey.pem) file need to be installed in the "certs" directory that is created where CloudTk.kit is installed. Openssl needs to be installed to generate a self signed certificate. On most Linux distributions this is usually standard.
/usr/local/cloudtk/certs# openssl req -new -x509 -days 365 -nodes -out server.pem -keyout skey.pem
Hit the "Enter" key to accept the defaults to the questions.
This creates a server.pem and a skey.pem file in the "certs" directory. Restart CloudTk and now HTTPS should be configured.
Point your browser to https://<<Your IP Address>>:8016/
To use Let's Encrypt copy from the let's encrypt the fullchain.pem file to server.pem and privkey.pem file to skey.pem in the "certs" directory. Restart CloudTk and now HTTPS should be configured.
In the directory where CloudTk.kit is installed an "auth" directory is created. In this directory an AuthUserFile exists which has the webmaster username and password. Copy the contents of your htpasswd file and paste into the AuthUserFile. If you go to the Access Control Editor you should see the new users added.
In the directory where CloudTk.kit is installed, create a "noVNC" directory. In the "noVNC" directory, install the new version of noVNC with the "include/", "images/" "vnc.html" etc... files and directories. Restart CloudTk and it should detect the created "noVNC" directory and use the new version of noVNC. To go back to the inbuilt version of noVNC included with CloudTk just delete the "noVNC" directory you just created.
You need to be familiar with how to create an "rc" script on your Linux distribution. The "rc" script would execute a shell script that you create usually in /usr/local/bin.
Create a shell script in /usr/local/bin with the following
#!/bin/sh
exec /usr/local/cloudtk/tclkit /usr/local/cloudtk/CloudTk.kit -port 8080 -https_port 8443
Most modern Linux distributions use Systemd. Refer to the man page.
The mesages that appear like below:
can't find package limit
Running with default file descriptor limit
/debug user "debug" password "XXXXXXXXXX"
httpd started on port 8015
secure httpd started on SSL port 8016
The first two lines can be ignored as they are just informational messages.
The /debug line shows the username and password for the user "debug". This is used when the server encounters an error in a Tcl script, the server requires authorisation from the user "debug" before the error message is displayed.
The "httpd started on port 8015" informs that the server started and is listening on port 8015.
The "secure httpd started on SSL port 8016", this message appears if there is a server.pem file present in the "certs" directory. It informs that the server will be listenining for https connections on port 8016.
| |||
| Home | /kanaka/noVNC | FAQ | Access Control |