feat(vnc): 添加批量VNC环境部署脚本

- 新增install.sh脚本实现完整的VNC环境自动化部署 - 添加批量创建用户功能，支持10个用户同时部署 - 集成noVNC和websockify服务配置 - 实现SSL证书自动生成和token配置文件创建 - 添加公共工作目录和用户软链接设置 - 集成爬虫项目自动下载和环境预安装 - 新增start.sh用于启动指定用户的VNC服务 - 添加uninstall.sh用于清理用户和数据 - 实现update.sh用于爬虫项目更新 - 优化VNC启动配置和防火墙设置
2026-05-28 14:22:56 +08:00 · 2026-05-28 14:22:56 +08:00 · 1e06cccd87
parent 272a7c5e4a
commit 1e06cccd87
6 changed files with 320 additions and 201 deletions
--- a/install.sh
+++ b/install.sh
@ -1,201 +0,0 @@
-#!/bin/bash
-# 需要创建的用户数量
-USER_COUNT=10
-# 公共的工作目录
-PUBLIC_DIR="/shared"
-
-# 预安装软件
-pre_install(){
-  sudo apt install -y xfce4 xfce4-goodies
-  sudo apt install -y tigervnc-standalone-server tigervnc-common
-  sudo apt install -y git python3 openssl
-}
-
-# 开放防火墙
-open_firewall(){
-  # 开放防火墙端口（根据实际安全策略调整）
-  sudo ufw allow 6080/tcp   # noVNC 主端口
-  # sudo ufw allow 6081/tcp   # 用户2
-  # sudo ufw allow 6082/tcp   # 用户3
-  # 注意：VNC原生端口(5901等)不需要开放，因为noVNC作为代理不直接暴露它们
-}
-
-# 批量创建用户
-batch_create_user(){
-  # 批量创建用户 user1 到 user100
-  for i in $(seq 1 $USER_COUNT); do
-      username="user$i"
-      # 创建用户
-      sudo useradd -m -s /bin/bash "$username"
-      # 设置默认密码（与用户名相同，建议后续让用户自行修改）
-      echo "$username:$username" | sudo chpasswd
-      echo "用户 $username 创建完成，密码: $username"
-  done
-  echo "所有用户创建完成！"
-}
-
-# 批量删除用户
-batch_delete_user(){
-  for i in $(seq 1 $USER_COUNT); do
-      username="user$i"
-      sudo userdel -r "$username" 2>/dev/null
-      if [ $? -eq 0 ]; then
-          echo "已删除用户: $username"
-      else
-          echo "用户 $username 不存在，跳过"
-      fi
-  done
-  echo "批量删除完成！"
-}
-
-# 批量设置vnc密码
-batch_set_vncpdw(){
-  for i in $(seq 1 $USER_COUNT); do
-      username="user$i"
-      # 使用 -c 参数直接执行命令，避免 heredoc 变量问题
-      sudo su - "$username" -c "mkdir -p ~/.vnc && echo '$username' | vncpasswd -f > ~/.vnc/passwd && chmod 600 ~/.vnc/passwd"
-      echo "正在设置 $username 的VNC密码 "
-  done
-  echo "所有VNC密码设置完成！"
-}
-
-# 创建 VNC 启动配置
-create_xstartup(){
-  for i in $(seq 1 ${USER_COUNT}); do
-      username="user$i"
-      sudo bash -c "cat > /home/$username/.vnc/xstartup << 'EOF'
-#!/bin/sh
-unset SESSION_MANAGER
-unset DBUS_SESSION_BUS_ADDRESS
-startxfce4 &
-wait
-EOF"
-      sudo chmod +x "/home/$username/.vnc/xstartup"
-      echo "✅ 已创建 $username 的 xstartup"
-  done
-}
-
-# 创建公共目录
-cerate_public_dir(){
-    # 创建目录
-    sudo mkdir -p "$PUBLIC_DIR"
-    # 设置权限：所有用户可读、可写、可执行
-    sudo chmod 777 "$PUBLIC_DIR"
-    # 设置粘滞位（用户只能删除自己的文件）
-    sudo chmod +t "$PUBLIC_DIR"
-    # 设置所有者
-    sudo chown root:root "$PUBLIC_DIR"
-    echo "公共文件夹已创建: $PUBLIC_DIR"
-    echo "权限: $(ls -ld $PUBLIC_DIR)"
-}
-
-# 在每个用户home目录创建软连接
-create_shortcut_for_users(){
-    for i in $(seq 1 $USER_COUNT); do
-        username="user$i"
-        # 在用户家目录创建软链接
-        sudo su - "$username" -c "ln -sf $PUBLIC_DIR ~/workspace"
-        echo "正在创建快捷方式 $username"
-    done
-}
-
-# 准备novnc文件
-install_vnc_server(){
-  cd $PUBLIC_DIR
-  sudo git clone https://github.com/novnc/noVNC.git
-  sudo git clone https://github.com/novnc/websockify.git
-}
-
-# 生成ssl证书
-create_ssl_cert(){
-  cd $PUBLIC_DIR/noVNC
-  sudo openssl req -new -x509 -days 3650 -nodes \
-    -out self.pem \
-    -keyout self.pem \
-    -subj "/C=CN/ST=Beijing/L=Beijing/O=Test/CN=localhost"
-  echo "生成ssl证书完成"
-}
-
-# 预安装爬虫
-pre_install_spider(){
- cd $PUBLIC_DIR
- git clone https://git.nps.crabapples.cn/crabapples/learn-spider
- cd learn-spider
- sudo chmod +x ./pre_install.sh
- sudo ./pre_install.sh
-}
-
-# 创建 token.conf 配置文件
-create_token_conf(){
-  sudo tee "$PUBLIC_DIR/websockify/token.conf" > /dev/null << EOF
-# noVNC Token Configuration
-# 格式: token名: VNC服务器地址:端口
-$(for i in $(seq 1 $USER_COUNT); do echo "user$i: 127.0.0.1:$((5900 + i))"; done)
-EOF
-  sudo chmod 644 "$PUBLIC_DIR/websockify/token.conf"
-  echo "✅ token.conf 已创建"
-}
-
-# 创建novnc服务文件
-create_novnc_service(){
-  WEB_ROOT="$PUBLIC_DIR/noVNC"
-  WORKSPACE="$PUBLIC_DIR/websockify"
-  TOKEN_FILE=$WORKSPACE/token.conf
-  CERT_PATH=$WEB_ROOT/self.pem
-  SERVICE_FILE="/etc/systemd/system/novnc.service"
-
-  sudo tee "$SERVICE_FILE" > /dev/null << EOF
-[Unit]
-Description=noVNC WebSocket Proxy
-After=network.target
-After=vncserver.target
-
-[Service]
-Type=simple
-User=root
-WorkingDirectory=$WORKSPACE
-ExecStart=$WORKSPACE/run \
-  --web $WEB_ROOT \
-  --target-config $TOKEN_FILE \
-  --cert $CERT_PATH \
-  6080
-Restart=always
-RestartSec=10
-
-[Install]
-WantedBy=multi-user.target
-EOF
-  # echo "查看日志:   sudo journalctl -u novnc -f"
-  sudo systemctl daemon-reload
-  sudo systemctl stop novnc
-  sudo systemctl enable novnc.service --now
-  echo "noVNC 服务已创建: $SERVICE_FILE"
-}
-
-# 启动vnc服务
-start_vnc_server(){
-  for i in $(seq $USER_COUNT); do
-      username="user$i"
-      sudo su - "$username" -c "vncserver :$i -geometry 1280x800 -depth 24 -localhost no"
-      echo "已启动 $username VNC，端口: $((5900 + $i))"
-  done
-}
-
-
-start_spider(){
-  cd learn-spider
-}
-
-# batch_create_user
-# batch_set_vncpdw
-# cerate_public_dir
-# create_shortcut_for_users
-# install_vnc_server
-# create_ssl_cert
-# pre_install_spider
-create_xstartup
-create_token_conf
-create_novnc_service
-# start_vnc_server
-# batch_delete_user
-sudo su - "user1" -c "vncserver :1 -geometry 1280x800 -depth 24 -localhost no"
--- a/sh/auto_install.sh
+++ b/sh/auto_install.sh
@ -0,0 +1,4 @@
+wget https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
+wget https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
+wget https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
+wget https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
--- a/sh/install.sh
+++ b/sh/install.sh
@ -0,0 +1,235 @@
+#!/bin/bash
+
+# ==================== 配置变量 ====================
+# 需要创建的用户数量
+USER_COUNT=10
+# 公共的工作目录
+PUBLIC_DIR="/shared"
+# git仓库原地址
+GIT_NO_VNC_BAK="https://github.com/novnc/noVNC.git"
+GIT_WEBSOCKIFY_BAK="https://github.com/novnc/websockify.git"
+# git仓库加速地址
+GIT_NO_VNC="https://git.nps.crabapples.cn/crabapples/noVNC.git"
+GIT_WEBSOCKIFY="https://git.nps.crabapples.cn/crabapples/websockify.git"
+GIT_PY_SPIDER="https://git.nps.crabapples.cn/crabapples/learn-spider.git"
+
+# ==================== 函数定义 ====================
+
+# 1. 预安装软件
+pre_install(){
+    echo "当前进度:01.预安装软件"
+    sudo apt update
+    sudo apt install -y xfce4 xfce4-goodies
+    sudo apt install -y tigervnc-standalone-server tigervnc-common
+    sudo apt install -y git python3 openssl
+    echo "✅ [完成] 预安装软件"
+    echo ""
+}
+
+# 2. 开放防火墙
+open_firewall(){
+    echo "当前进度:02.开放防火墙"
+    sudo ufw allow 6080/tcp
+    echo "✅ [完成] 开放防火墙端口 6080"
+    echo ""
+}
+
+# 3. 批量创建用户
+batch_create_user(){
+    echo "当前进度:03.创建用户"
+    for i in $(seq 1 $USER_COUNT); do
+        username="user$i"
+        sudo useradd -m -s /bin/bash "$username"
+        echo "$username:$username" | sudo chpasswd
+        echo "  ✓ 用户 $username 创建完成，密码: $username"
+    done
+    echo "✅ [完成] 共创建 $USER_COUNT 个用户"
+    echo ""
+}
+
+# 4. 批量设置VNC密码
+batch_set_vncpdw(){
+    echo "当前进度:04.设置VNC密码"
+    for i in $(seq 1 $USER_COUNT); do
+        username="user$i"
+        sudo su - "$username" -c "mkdir -p ~/.vnc && echo '$username' | vncpasswd -f > ~/.vnc/passwd && chmod 600 ~/.vnc/passwd"
+        echo "  ✓ 正在设置 $username 的VNC密码"
+    done
+    echo "✅ [完成] 所有VNC密码设置完成"
+    echo ""
+}
+
+# 5. 创建 VNC 启动配置
+create_xstartup(){
+    echo "当前进度:05.创建VNC启动配置"
+    for i in $(seq 1 ${USER_COUNT}); do
+        username="user$i"
+        sudo bash -c "cat > /home/$username/.vnc/xstartup << 'EOF'
+#!/bin/sh
+unset SESSION_MANAGER
+unset DBUS_SESSION_BUS_ADDRESS
+startxfce4 &
+wait
+EOF"
+        sudo chmod +x "/home/$username/.vnc/xstartup"
+        echo "  ✓ 已创建 $username 的 xstartup"
+    done
+    echo "✅ [完成] 所有用户的 VNC 启动配置创建完成"
+    echo ""
+}
+
+# 6. 创建公共目录
+cerate_public_dir(){
+    echo "当前进度:06.创建公共工作目录"
+    sudo mkdir -p "$PUBLIC_DIR"
+    sudo chmod 777 "$PUBLIC_DIR"
+    sudo chmod +t "$PUBLIC_DIR"
+    sudo chown root:root "$PUBLIC_DIR"
+    echo "  公共文件夹已创建: $PUBLIC_DIR"
+    echo "  权限: $(ls -ld $PUBLIC_DIR)"
+    echo "✅ [完成] 公共工作目录创建完成"
+    echo ""
+}
+
+# 7. 在每个用户home目录创建软连接
+create_shortcut_for_users(){
+    echo "当前进度:07.创建公共工作目录软连接"
+    for i in $(seq 1 $USER_COUNT); do
+        username="user$i"
+        sudo su - "$username" -c "ln -sf $PUBLIC_DIR ~/workspace"
+        echo "  ✓ 正在创建 $username 的快捷方式"
+    done
+    echo "✅ [完成] 所有用户的软连接创建完成"
+    echo ""
+}
+
+# 8. 准备novnc文件
+install_vnc_server(){
+    echo "当前进度:08.下载NoVNC源码"
+    cd $PUBLIC_DIR
+    sudo git clone $GIT_NO_VNC
+    sudo git clone $GIT_WEBSOCKIFY
+    echo "✅ [完成] NoVNC 源码下载完成"
+    echo ""
+}
+
+# 9. 生成ssl证书
+create_ssl_cert(){
+    echo "当前进度:09.生成SSL证书,有效期:10年"
+    cd $PUBLIC_DIR/noVNC
+    sudo openssl req -new -x509 -days 3650 -nodes \
+        -out self.pem \
+        -keyout self.pem \
+        -subj "/C=CN/ST=Beijing/L=Beijing/O=Test/CN=localhost"
+    echo "✅ [完成] SSL证书生成完成"
+    echo ""
+}
+
+# 10. 预安装爬虫
+pre_install_spider(){
+    echo "当前进度:10.下载爬虫源码"
+    cd $PUBLIC_DIR
+    sudo git clone $GIT_PY_SPIDER
+    cd learn-spider
+    sudo chmod +x ./pre_install.sh
+    sudo chmod +x ./run.sh
+    sudo ./pre_install.sh
+    echo "✅ [完成] 爬虫环境安装完成"
+    echo ""
+}
+
+# 11. 创建 token.conf 配置文件
+create_token_conf(){
+    echo "当前进度:11.创建token.conf配置文件"
+    sudo tee "$PUBLIC_DIR/websockify/token.conf" > /dev/null << EOF
+# noVNC Token Configuration
+$(for i in $(seq 1 $USER_COUNT); do echo "user$i: 127.0.0.1:$((5900 + i))"; done)
+EOF
+    sudo chmod 644 "$PUBLIC_DIR/websockify/token.conf"
+    echo "  token.conf 内容预览:"
+    sudo cat "$PUBLIC_DIR/websockify/token.conf" | head -5
+    echo "✅ [完成] token.conf 已创建"
+    echo ""
+}
+
+# 12. 创建novnc服务文件
+create_novnc_service(){
+    echo "当前进度:12.创建novnc.service服务配置文件"
+    WEB_ROOT="$PUBLIC_DIR/noVNC"
+    WORKSPACE="$PUBLIC_DIR/websockify"
+    TOKEN_FILE="$WORKSPACE/token.conf"
+    CERT_PATH="$WEB_ROOT/self.pem"
+    SERVICE_FILE="/etc/systemd/system/novnc.service"
+
+    sudo tee "$SERVICE_FILE" > /dev/null << EOF
+[Unit]
+Description=noVNC WebSocket Proxy
+After=network.target
+
+[Service]
+Type=simple
+User=root
+WorkingDirectory=$WORKSPACE
+ExecStart=$WORKSPACE/run \
+  --web $WEB_ROOT \
+  --target-config $TOKEN_FILE \
+  --cert $CERT_PATH \
+  6080
+Restart=always
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+    sudo systemctl daemon-reload
+    sudo systemctl stop novnc 2>/dev/null
+    sudo systemctl enable novnc.service --now
+
+    echo "  服务状态检查:"
+    sudo systemctl status novnc --no-pager | head -5
+    echo "✅ [完成] noVNC 服务已创建并启动"
+    echo "  查看日志: sudo journalctl -u novnc -f"
+    echo "  访问地址: https://$(hostname -I | awk '{print $1}'):6080/vnc.html"
+    echo ""
+}
+
+# 13. 显示部署总结
+show_summary(){
+    echo "==================== 部署总结 ===================="
+    echo "✅ 用户数量: $USER_COUNT"
+    echo "✅ 公共目录: $PUBLIC_DIR"
+    echo "✅ VNC 端口范围: 5901-$((5900 + $USER_COUNT))"
+    echo "✅ noVNC 访问地址: https://$(hostname -I | awk '{print $1}'):6080/vnc.html"
+    echo "✅ Token 配置: user1-user$USER_COUNT 使用对应密码"
+    echo ""
+    echo "==================== 部署完成 ===================="
+}
+
+# ==================== 主执行流程 ====================
+
+main(){
+    echo ""
+    echo "========== 开始部署 VNC 环境 =========="
+    echo "开始时间: $(date '+%Y-%m-%d %H:%M:%S')"
+    echo ""
+
+    pre_install
+    open_firewall
+    batch_create_user
+    batch_set_vncpdw
+    create_xstartup
+    cerate_public_dir
+    create_shortcut_for_users
+    install_vnc_server
+    create_ssl_cert
+    pre_install_spider
+    create_token_conf
+    create_novnc_service
+    show_summary
+
+    echo "结束时间: $(date '+%Y-%m-%d %H:%M:%S')"
+    echo ""
+}
+
+main
--- a/sh/start.sh
+++ b/sh/start.sh
@ -0,0 +1,24 @@
+#!/bin/bash
+PUBLIC_DIR="/shared"
+INDEX=$1
+username="user$INDEX"
+export DISPLAY=:$INDEX
+echo "当前显示桌面:$DISPLAY"
+
+echo "正在启动VNC服务"
+sudo su - "$username" -c "vncserver :$INDEX -geometry 1280x800 -depth 24 -localhost no"
+echo "授权桌面访问"
+sudo su - "$username" -c "export DISPLAY=:$INDEX && xhost +" 2>/dev/null
+echo "等待 VNC 启动"
+sleep 3
+
+start_spider(){
+  cd $PUBLIC_DIR/learn-spider
+  sudo -E ./run.sh   # -E 保留当前环境变量
+}
+
+echo "启动爬虫"
+start_spider $INDEX
+# sleep 60
+echo "爬虫执行完毕,关闭VNC"
+sudo su - "$username" -c "vncserver -kill :$INDEX" 2>/dev/null
--- a/sh/uninstall.sh
+++ b/sh/uninstall.sh
@ -0,0 +1,40 @@
+#!/bin/bash
+USER_COUNT=100
+PUBLIC_DIR="/shared"
+SECOUND=5
+
+batch_kill_process(){
+  echo "正在结束进程"
+  for i in $(seq 1 $USER_COUNT); do
+      username="user$i"
+       # 杀死用户所有进程
+      sudo pkill -u "$username" 2>/dev/null
+  done
+  echo "进程结束完成"
+}
+
+batch_delete_user(){
+  for i in $(seq 1 $USER_COUNT); do
+      username="user$i"
+       # 杀死用户所有进程
+      sudo userdel -r "$username" 2>/dev/null
+      if [ $? -eq 0 ]; then
+          echo "已删除用户: $username"
+      else
+          echo "用户 $username 不存在，跳过"
+      fi
+  done
+  echo "批量删除完成！"
+}
+
+for i in $(seq 1 $SECOUND); do
+  clear
+  echo "$(($SECOUND-$i))S后开始数据清理...."
+  sleep 1
+done
+
+batch_kill_process
+sleep 5
+batch_delete_user
+sudo rm -rf $PUBLIC_DIR
+echo "数据清理完成"
--- a/sh/update.sh
+++ b/sh/update.sh
@ -0,0 +1,17 @@
+#!/bin/bash
+
+PUBLIC_DIR="/shared"
+GIT_PY_SPIDER="https://git.nps.crabapples.cn/crabapples/learn-spider.git"
+
+cd $PUBLIC_DIR
+if [ -d "learn-spider" ]; then
+    cd learn-spider
+    sudo git pull
+else
+    sudo git clone $GIT_PY_SPIDER
+    cd learn-spider
+fi
+
+sudo chmod +x ./pre_install.sh ./run.sh
+sudo ./pre_install.sh
+echo "✅ [完成] 爬虫更新完成"