neko/docs/getting-started/README.md

153 lines
9.1 KiB
Markdown
Raw Permalink Normal View History

2021-10-24 02:54:58 +13:00
# Getting started & FAQ
2022-09-11 23:42:54 +12:00
<div align="center">
<img src="../_media/icons/firefox.svg" title="m1k1o/neko:firefox" width="60" height="auto"/>
<img src="../_media/icons/google-chrome.svg" title="m1k1o/neko:google-chrome" width="60" height="auto"/>
<img src="../_media/icons/chromium.svg" title="m1k1o/neko:chromium" width="60" height="auto"/>
<img src="../_media/icons/microsoft-edge.svg" title="m1k1o/neko:microsoft-edge" width="60" height="auto"/>
<img src="../_media/icons/brave.svg" title="m1k1o/neko:brave" width="60" height="auto"/>
<img src="../_media/icons/vivaldi.svg" title="m1k1o/neko:vivaldi" width="60" height="auto"/>
<img src="../_media/icons/opera.svg" title="m1k1o/neko:opera" width="60" height="auto"/>
<img src="../_media/icons/tor-browser.svg" title="m1k1o/neko:tor-browser" width="60" height="auto"/>
<img src="../_media/icons/remmina.png" title="m1k1o/neko:remmina" width="60" height="auto"/>
<img src="../_media/icons/vlc.svg" title="m1k1o/neko:vlc" width="60" height="auto"/>
<img src="../_media/icons/xfce.svg" title="m1k1o/neko:xfce" width="60" height="auto"/>
</div>
2021-10-24 02:54:58 +13:00
Use the following docker images:
2022-01-03 07:32:44 +13:00
- `m1k1o/neko:latest` or `m1k1o/neko:firefox` - for Firefox.
- `m1k1o/neko:chromium` - for Chromium (needs `--cap-add=SYS_ADMIN`, see the [security implications](https://www.redhat.com/en/blog/container-tidbits-adding-capabilities-container)).
- `m1k1o/neko:google-chrome` - for Google Chrome (needs `--cap-add=SYS_ADMIN`, see the [security implications](https://www.redhat.com/en/blog/container-tidbits-adding-capabilities-container)).
- `m1k1o/neko:ungoogled-chromium` - for [Ungoogled Chromium](https://github.com/Eloston/ungoogled-chromium) (needs `--cap-add=SYS_ADMIN`, see the [security implications](https://www.redhat.com/en/blog/container-tidbits-adding-capabilities-container)) (by @whalehub).
2021-12-10 11:45:57 +13:00
- `m1k1o/neko:microsoft-edge` - for Microsoft Edge (needs `--cap-add=SYS_ADMIN`, see the [security implications](https://www.redhat.com/en/blog/container-tidbits-adding-capabilities-container)).
- `m1k1o/neko:brave` - for [Brave Browser](https://brave.com) (needs `--cap-add=SYS_ADMIN`, see the [security implications](https://www.redhat.com/en/blog/container-tidbits-adding-capabilities-container)).
2022-06-19 07:27:09 +12:00
- `m1k1o/neko:vivaldi` - for [Vivaldi Browser](https://vivaldi.com) (needs `--cap-add=SYS_ADMIN`, see the [security implications](https://www.redhat.com/en/blog/container-tidbits-adding-capabilities-container)) (by @Xeddius).
2022-09-20 13:56:56 +12:00
- `m1k1o/neko:opera` for [Opera Browser](https://opera.com) (requires extra steps to enable DRM, see instructions [here](https://www.reddit.com/r/operabrowser/wiki/opera/linux_widevine_config/). libffmpeg is already configured.) (by @prophetofxenu)
2021-10-24 02:54:58 +13:00
- `m1k1o/neko:tor-browser` - for Tor Browser.
2022-03-19 11:11:32 +13:00
- `m1k1o/neko:remmina` - for remote desktop connection (by @lowne).
- Pass env var `REMMINA_URL=<proto>://[<username>[:<password>]@]server[:port]` (proto being `vnc`, `rdp` or `spice`).
- Or create your custom configuration with remmina locally (it's saved in `~/.local/share/remmina/path_to_profile.remmina`) and bind-mount it, then pass env var `REMMINA_PROFILE=<path_to_profile.remmina>`.
2021-10-24 02:54:58 +13:00
- `m1k1o/neko:vlc` - for VLC Video player (needs volume mounted to `/media` with local video files, or setting `VLC_MEDIA=/media` path).
- `m1k1o/neko:xfce` - for a shared desktop / installing shared software.
- `m1k1o/neko:base` - for custom base.
For ARM-based devices (like Raspberry Pi, with GPU hardware acceleration):
- `m1k1o/neko:arm-firefox` - for Firefox.
- `m1k1o/neko:arm-chromium` - for Chromium.
- `m1k1o/neko:arm-base` - for custom arm based.
Images (except `arm-`) are built using GitHub actions on every push and on weekly basis to keep all browsers up-to-date,
### Networking:
- If you want to use n.eko in **external** network, you can omit `NEKO_NAT1TO1`. It will automatically get your Public IP.
- If you want to use n.eko in **internal** network, set `NEKO_NAT1TO1` to your local IP address (e.g. `NEKO_NAT1TO1: 192.168.1.20`)-
- Currently, it is not supported to supply multiple NAT addresses (see https://github.com/m1k1o/neko/issues/47).
### Why so many ports?
- WebRTC needs UDP ports in order to transfer Audio/Video towards user and Mouse/Keyboard events to the server in real time.
- If you don't set `NEKO_ICELITE=true`, every user will need 2 UDP ports.
- If you set `NEKO_ICELITE=true`, every user will need only 1 UDP port. It is **recommended** to use *ice-lite*.
- Do not forget, they are **UDP** ports, that configuration must be correct in your firewall/router/docker.
- You can freely limit number of UDP ports. But you can't map them to different ports.
- This **WON'T** work: `32000-32100:52000-52100/udp`
- You can change API port (8080).
- This **WILL** work: `3000:8080`
2022-07-31 22:19:05 +12:00
### Using mux instead of epr
2022-01-14 08:47:25 +13:00
2022-07-31 22:19:05 +12:00
When using a mux, not so many ports are needed.
2022-01-14 08:47:25 +13:00
```yaml
version: "3.4"
services:
neko:
image: "m1k1o/neko:firefox"
restart: "unless-stopped"
shm_size: "2gb"
ports:
- "8080:8080"
- "8081:8081/tcp"
- "8082:8082/udp"
environment:
NEKO_SCREEN: 1920x1080@30
NEKO_PASSWORD: neko
NEKO_PASSWORD_ADMIN: admin
NEKO_TCPMUX: 8081
NEKO_UDPMUX: 8082
NEKO_ICELITE: 1
```
2022-07-31 22:19:05 +12:00
- When using mux, `NEKO_EPR` is ignored.
2022-11-19 07:41:15 +13:00
- Mux accepts only one port, not a range.
2022-07-31 22:19:05 +12:00
- You only need to expose maximum two ports for WebRTC on your router/firewall and have many users connected.
- It can even be the same port number, so e.g. `NEKO_TCPMUX: 8081` and `NEKO_UDPMUX: 8081`.
2022-11-19 07:41:15 +13:00
- The same port must be exposed from docker container, you can't map them to different ports. So `8082:8082` is OK, but `"5454:8082` will not work.
2022-07-31 22:19:05 +12:00
- You can use them alone (either TCP or UDP) when needed.
- UDP is generally better for latency. But some networks block UDP so it is good to have TCP available as fallback.
- Still, using `NEKO_ICELITE=true` is recommended.
2021-10-24 02:54:58 +13:00
### Want to customize and install own add-ons, set custom bookmarks?
- You would need to modify the existing policy file and mount it to your container.
2021-12-08 12:12:30 +13:00
- For Firefox, copy [this](https://github.com/m1k1o/neko/blob/master/.docker/firefox/policies.json) file, modify and mount it as: ` -v '${PWD}/policies.json:/usr/lib/firefox/distribution/policies.json'`
2021-11-28 02:23:33 +13:00
- For Chromium, copy [this](https://github.com/m1k1o/neko/blob/master/.docker/chromium/policies.json) file, modify and mount it as: ` -v '${PWD}/policies.json:/etc/chromium/policies/managed/policies.json'`
2021-12-08 12:12:30 +13:00
- For others, see where existing `policies.json` is placed in their `Dockerfile`.
2021-10-24 02:54:58 +13:00
2022-11-21 02:53:46 +13:00
#### Allow file uploading & downloading
- From security perespective, browser is not enabled to access local file data.
- If you want to enable this, you need to modify following policies:
```json
"DownloadRestrictions": 0,
"AllowFileSelectionDialogs": true,
"URLAllowlist": [
"file:///home/neko/Downloads"
],
```
2022-11-21 02:50:13 +13:00
### Want to preserve browser data between restarts?
- You need to mount browser profile as volume.
- For Firefox, that is this `/home/neko/.mozilla/firefox/profile.default` folder, mount it as: ` -v '${PWD}/data:/home/neko/.mozilla/firefox/profile.default'`
- For Chromium, that is this `/home/neko/.config/chromium` folder, mount it as: ` -v '${PWD}/data:/home/neko/.config/chromium'`
- For other chromium based browsers, see in `supervisord.conf` folder that is specified in `--user-data-dir`.
2022-11-21 02:53:46 +13:00
#### Allow persistent data in policies
- From security perespective, browser is set up to forget all cookies and brwosing history when its closed.
- If you want to enable this, you need to modify following policies:
```json
"DefaultCookiesSetting": 1,
"RestoreOnStartup": 1,
```
2021-10-24 02:54:58 +13:00
### Want to use VPN for your n.eko browsing?
- Check this out: https://github.com/m1k1o/neko-vpn
### Want to have multiple rooms on demand?
- Check this out: https://github.com/m1k1o/neko-rooms
### Want to use different Apps than Browser?
- Check this out: https://github.com/m1k1o/neko-apps
### Accounts:
- There are no accounts, display name (a.k.a. username) can be freely chosen. Only password needs to match. Depending on which password matches, the visitor gets its privilege:
- Anyone, who enters with `NEKO_PASSWORD` will be **user**.
- Anyone, who enters with `NEKO_PASSWORD_ADMIN` will be **admin**.
2022-02-28 02:23:24 +13:00
- Disabling passwords is not possible. However, you can use following query parameters to create auto-join links:
- Adding `?pwd=<password>` will prefill password.
- Adding `?usr=<display-name>` will prefill username.
- Adding `?cast=1` will hide all control and show only video.
- e.g. `http(s)://<URL:Port>/?pwd=neko&usr=guest&cast=1`
2021-10-24 02:54:58 +13:00
### Screen size
- Only admins can change screen size.
- You can set a default screen size, but this size **MUST** be one from the list, that your server supports.
- You will get this list in frontend, where you can choose from.
2022-01-18 08:02:38 +13:00
### Clipboard sharing
- Browsers have certain requirements to allow clipboard sharing.
2022-01-20 06:38:10 +13:00
- Your instance must be HTTPS.
2022-01-18 08:02:38 +13:00
- Firefox does not support clipboard sharing.
2022-01-20 06:38:10 +13:00
- Use Chrome for the best experience.
- If your browser does not support clipboard sharing:
- Clipboard icon in the bottom right corner will be displayed for host.
2022-01-18 08:02:38 +13:00
- It opens text area that can share clipboard content bi-directionally.
- Only plain-text is supported.