From 53c36e67b4899c991ee4e608f68beb7fbc6759a3 Mon Sep 17 00:00:00 2001
From: Teja Swaroop Pothala <tejaswaroop.pothala@kasmweb.com>
Date: Wed, 4 Jun 2025 12:31:26 -0400
Subject: [PATCH] fix startup, dockerfile, add to pipeline

---
 ci-scripts/template-vars.yaml                 |  8 +++
 dockerfile-kasm-cyberbro                      | 62 +++++++++----------
 docs/cyberbro/README.md                       | 12 ++--
 src/ubuntu/install/cyberbro/custom_startup.sh | 44 ++++++++-----
 .../install/cyberbro/install_cyberbro.sh      | 47 +++++++++++++-
 5 files changed, 116 insertions(+), 57 deletions(-)

diff --git a/ci-scripts/template-vars.yaml b/ci-scripts/template-vars.yaml
index 6ce7a4a..796f429 100644
--- a/ci-scripts/template-vars.yaml
+++ b/ci-scripts/template-vars.yaml
@@ -20,6 +20,14 @@ multiImages:
       - src/ubuntu/install/gtk/**
       - src/ubuntu/install/chromium/**
       - src/ubuntu/install/certificates/**
+  - name: cyberbro
+    singleapp: true
+    base: core-ubuntu-noble
+    dockerfile: dockerfile-kasm-cyberbro
+    changeFiles:
+      - dockerfile-kasm-cyberbro
+      - src/ubuntu/install/firefox/**
+      - src/ubuntu/install/cyberbro/**
   - name: deluge
     singleapp: true
     base: core-ubuntu-jammy
diff --git a/dockerfile-kasm-cyberbro b/dockerfile-kasm-cyberbro
index 5fc114a..6505857 100644
--- a/dockerfile-kasm-cyberbro
+++ b/dockerfile-kasm-cyberbro
@@ -1,48 +1,44 @@
 ARG BASE_TAG="develop"
-ARG BASE_IMAGE="core-ubuntu-noble"
+ARG BASE_IMAGE="core-ubuntu-jammy"
 FROM kasmweb/$BASE_IMAGE:$BASE_TAG
-
 USER root
 
-ENV HOME=/home/kasm-default-profile
-ENV STARTUPDIR=/dockerstartup
-ENV LAUNCH_URL=http://127.0.0.1:5000
+ENV HOME /home/kasm-default-profile
+ENV STARTUPDIR /dockerstartup
+ENV INST_SCRIPTS $STARTUPDIR/install
 WORKDIR $HOME
 
-### Envrionment config
-ENV DEBIAN_FRONTEND=noninteractive \
-    SKIP_CLEAN=true \
-    KASM_RX_HOME=$STARTUPDIR/kasmrx \
-    DONT_PROMPT_WSL_INSTALL="No_Prompt_please" \
-    INST_DIR=$STARTUPDIR/install \
-    INST_SCRIPTS="/ubuntu/install/tools/install_tools_deluxe.sh \
-                  /ubuntu/install/firefox/install_firefox.sh \
-                  /ubuntu/install/cyberbro/install_cyberbro.sh \
-                  /ubuntu/install/cleanup/cleanup.sh"
+######### Customize Container Here ###########
 
-# Copy install scripts
-COPY ./src/ $INST_DIR
+# Cyberbro requires a browser, install Firefox
+COPY ./src/ubuntu/install/firefox/ $INST_SCRIPTS/firefox/
+COPY ./src/ubuntu/install/firefox/firefox.desktop $HOME/Desktop/
+RUN bash $INST_SCRIPTS/firefox/install_firefox.sh && rm -rf $INST_SCRIPTS/firefox/
+
+# Install Cyberbro
+COPY ./src/ubuntu/install/cyberbro $INST_SCRIPTS/cyberbro/
+RUN bash $INST_SCRIPTS/cyberbro/install_cyberbro.sh  && rm -rf $INST_SCRIPTS/cyberbro/
 
-RUN cp /usr/share/backgrounds/bg_kasm.png /usr/share/backgrounds/bg_default.png
 COPY ./src/ubuntu/install/cyberbro/custom_startup.sh $STARTUPDIR/custom_startup.sh
 RUN chmod +x $STARTUPDIR/custom_startup.sh
 RUN chmod 755 $STARTUPDIR/custom_startup.sh
 
-# Run installations
-RUN \
-  for SCRIPT in $INST_SCRIPTS; do \
-    bash ${INST_DIR}${SCRIPT} || exit 1; \
-  done && \
-  $STARTUPDIR/set_user_permission.sh $HOME && \
-  rm -f /etc/X11/xinit/Xclients && \
-  chown 1000:0 $HOME && \
-  mkdir -p /home/kasm-user && \
-  chown -R 1000:0 /home/kasm-user && \
-  rm -Rf ${INST_DIR}
 
-# Userspace Runtime
-ENV HOME=/home/kasm-user
+# Update the desktop environment to be optimized for a single application
+RUN cp $HOME/.config/xfce4/xfconf/single-application-xfce-perchannel-xml/* $HOME/.config/xfce4/xfconf/xfce-perchannel-xml/
+RUN cp /usr/share/backgrounds/bg_kasm.png /usr/share/backgrounds/bg_default.png
+RUN apt-get remove -y xfce4-panel
+
+
+######### End Customizations ###########
+
+#ADD ./src/common/scripts $STARTUPDIR
+RUN $STARTUPDIR/set_user_permission.sh $HOME
+
+RUN chown 1000:0 $HOME
+
+ENV HOME /home/kasm-user
 WORKDIR $HOME
-USER 1000
+RUN mkdir -p $HOME && chown -R 1000:0 $HOME
 
-CMD ["--tail-log"]
+USER 1000
diff --git a/docs/cyberbro/README.md b/docs/cyberbro/README.md
index 35652e7..0b28bfc 100644
--- a/docs/cyberbro/README.md
+++ b/docs/cyberbro/README.md
@@ -10,7 +10,7 @@ This Image contains a browser-accessible version of [Cyberbro](https://github.co
 
 ## Firefox Configuration
 
-* `FIREFOX_APP_ARGS` - Additional arguments to pass to firefox when launched.
+* `APP_ARGS` - Additional arguments to pass to firefox when launched (e.g `--no-sandbox`).
 
 ## Cyberbro Configuration
 
@@ -33,11 +33,11 @@ GUI_ENABLED_ENGINES=reverse_dns,rdap,hudsonrock,mde,shodan,opencti,virustotal
 CONFIG_PAGE_ENABLED=true
 ```
 
+You can pass these environment variables to your Cyberbro Workspace with **Docker Run Config Override (JSON)** in your Workspace settings.
+
+![image](https://github.com/user-attachments/assets/33125248-31e8-4315-a772-e0546a8be659)
+
 > Note: if you set `GUI_ENABLED_ENGINES` to `""` then all engines will be enabled in the GUI. \
 > By default, all **free engines** will be enabled in the GUI.
 
-Refer to [Cyberbro Wiki](https://github.com/stanfrbd/cyberbro/wiki) for more information.
-
-You must edit the config in your KASM Cyberbro Workspace settings to add these environment variables, according to [KASM official doc](https://kasmweb.com/docs/latest/guide/workspaces.html#examples)
-
-![image](https://github.com/user-attachments/assets/33125248-31e8-4315-a772-e0546a8be659)
\ No newline at end of file
+Refer to [Cyberbro Wiki](https://github.com/stanfrbd/cyberbro/wiki) for more information.
\ No newline at end of file
diff --git a/src/ubuntu/install/cyberbro/custom_startup.sh b/src/ubuntu/install/cyberbro/custom_startup.sh
index 25914db..6c45bff 100644
--- a/src/ubuntu/install/cyberbro/custom_startup.sh
+++ b/src/ubuntu/install/cyberbro/custom_startup.sh
@@ -1,18 +1,18 @@
 #!/usr/bin/env bash
 set -ex
-START_COMMAND="firefox"
+START_COMMAND="cyberbro"
 PGREP="firefox"
 export MAXIMIZE="true"
 export MAXIMIZE_NAME="Mozilla Firefox"
 MAXIMIZE_SCRIPT=$STARTUPDIR/maximize_window.sh
-DEFAULT_FIREFOX_ARGS=""
-FIREFOX_ARGS=${FIREFOX_APP_ARGS:-$DEFAULT_FIREFOX_ARGS}
+DEFAULT_ARGS=""
+ARGS=${APP_ARGS:-$DEFAULT_ARGS}
 
-CYBERBRO_SERVER="127.0.0.1:5000"
 
 # Check if GUI_ENABLED_ENGINES is set else apply default
 if [ -z ${GUI_ENABLED_ENGINES+x} ]; then
-  GUI_ENABLED_ENGINES=reverse_dns,rdap,ipquery,spur,phishtank,threatfox,urlscan,google,github,ioc_one_html,ioc_one_pdf,abusix,hudsonrock
+    # Add all engines by default
+    GUI_ENABLED_ENGINES=""
 fi
 
 # Make GUI_ENABLED_ENGINES an environment variable
@@ -43,10 +43,26 @@ if [ -f /opt/VirtualGL/bin/vglrun ] && [ ! -z "${KASM_EGL_CARD}" ] && [ ! -z "${
     START_COMMAND="/opt/VirtualGL/bin/vglrun -d ${KASM_EGL_CARD} $START_COMMAND"
 fi
 
-check_web_server() {
-    curl -s -o /dev/null http://$CYBERBRO_SERVER && return 0 || return 1
+kasm_exec() {
+    if [ -n "$OPT_URL" ] ; then
+        URL=$OPT_URL
+    elif [ -n "$1" ] ; then
+        URL=$1
+    fi 
+    
+    # Since we are execing into a container that already has the browser running from startup, 
+    #  when we don't have a URL to open we want to do nothing. Otherwise a second browser instance would open. 
+    if [ -n "$URL" ] ; then
+        /usr/bin/filter_ready
+        /usr/bin/desktop_ready
+        bash ${MAXIMIZE_SCRIPT} &
+        $START_COMMAND $ARGS $OPT_URL
+    else
+        echo "No URL specified for exec command. Doing nothing."
+    fi
 }
 
+
 kasm_startup() {
     if [ -n "$KASM_URL" ] ; then
         URL=$KASM_URL
@@ -64,15 +80,9 @@ kasm_startup() {
             then
                 /usr/bin/filter_ready
                 /usr/bin/desktop_ready
-                cd $HOME/cyberbro/cyberbro-*
-                # Start Cyberbro server in background
-                bash -c "source venv/bin/activate && gunicorn -b 0.0.0.0:5000 app:app &"
-                while ! check_web_server; do
-                    sleep 1
-                done
                 set +e
                 bash ${MAXIMIZE_SCRIPT} &
-                $START_COMMAND $FIREFOX_ARGS $URL
+                $START_COMMAND $ARGS $URL
                 set -e
             fi
             sleep 1
@@ -82,4 +92,8 @@ kasm_startup() {
     fi
 }
 
-kasm_startup
\ No newline at end of file
+if [ -n "$GO" ] || [ -n "$ASSIGN" ] ; then
+    kasm_exec
+else
+    kasm_startup
+fi
\ No newline at end of file
diff --git a/src/ubuntu/install/cyberbro/install_cyberbro.sh b/src/ubuntu/install/cyberbro/install_cyberbro.sh
index 0271e5d..83fde92 100644
--- a/src/ubuntu/install/cyberbro/install_cyberbro.sh
+++ b/src/ubuntu/install/cyberbro/install_cyberbro.sh
@@ -8,7 +8,8 @@ CYBERBRO_VERSION=$(curl -sX GET "https://api.github.com/repos/stanfrbd/cyberbro/
 echo "Install Cyberbro"
 apt-get update
 apt-get install -y python3-pip git virtualenv
-CYBERBRO_HOME=$HOME/cyberbro
+CYBERBRO_HOME=/opt/cyberbro
+CYBERBRO_SERVER="http://127.0.0.1:5000"
 mkdir -p $CYBERBRO_HOME
 cd $CYBERBRO_HOME
 wget https://github.com/stanfrbd/cyberbro/archive/${CYBERBRO_VERSION}.tar.gz
@@ -19,11 +20,51 @@ cd cyberbro-*
 # Enter virtualenv to avoid conflicts with system packages
 virtualenv venv
 source venv/bin/activate
-
 pip3 install -r requirements.txt
-
 deactivate
 
+# Set appropriate permissions
+chown -R 1000:0 $CYBERBRO_HOME
+
+# Create a launch script
+LAUNCH_SCRIPT="$CYBERBRO_HOME/cyberbro-launch.sh"
+cat <<EOF > "$LAUNCH_SCRIPT"
+#!/usr/bin/env bash
+set -ex
+
+check_web_server() {
+    curl -s -o /dev/null ${CYBERBRO_SERVER} && return 0 || return 1
+}
+
+# Launch Cyberbro server
+cd ${CYBERBRO_HOME}/cyberbro-*
+source venv/bin/activate
+gunicorn -b 0.0.0.0:5000 app:app &
+
+retries=5
+count=0
+while ! check_web_server && [ \$count -lt \$retries ]; do
+  echo "Waiting for web server to start..."
+  sleep 1
+  count=\$((count + 1))
+done
+
+if ! check_web_server; then
+  echo "Web server did not start within the expected time."
+  exit 1
+fi
+
+if [[ "\$#" -gt 0 ]]; then
+  firefox ${CYBERBRO_SERVER} "\$@"
+else
+  firefox ${CYBERBRO_SERVER}
+fi
+EOF
+
+
+chmod +x $LAUNCH_SCRIPT
+mv $LAUNCH_SCRIPT /usr/local/bin/cyberbro
+
 # Cleanup for app layer
 chown -R 1000:0 $HOME
 find /usr/share/ -name "icon-theme.cache" -exec rm -f {} \;