accetto
commented
1 year ago Hello @markNZed,
thank you for you feedback.
I also usually limit the VNC to the localhost on the client side. However, I'm doing it mostly in the compose yaml files, because sometimes I need to bind it to something else. Btw, in your example I would prefer something like 127.0.0.1:35901:5901 (binding the port 35901 on the host computer to the port 5901 exposed by the container). It allows me to run more than one container concurrently on the host.
If I've understood you correctly, you propose to bind the VNC server inside the container to the localhost, not on the client side, right?
However, as a quick guess I would say that the VNC server in the container is probably already bound to the localhost.
For example, the noVNC is started like this (if you check the vnc_startup.rc script):
"${NOVNC_HOME}"/utils/novnc_proxy --vnc localhost:${VNC_PORT} --listen ${NOVNC_PORT} ...and if you'll start the container with the argument --verbose, then there will be the line like this in the output:
/usr/libexec/noVNCdim/utils/novnc_proxy --vnc localhost:5901 --listen 6901 --heartbeat 5 &> /dockerstartup/novnc.logSo, have I understood you correctly?
I'll check you proposal and I let you know.
FYI: I'm currently finishing a new major release, so I'll concentrate on that task first. Btw, the release will include also the new version of Tiger VNC (1.13.0) and noVNC (1.4.0). I hope to release it in a few next days.
Regards, accetto
markNZed
This is a great docker package! I have limited access to the VNC Server to the localhost by using a port mapping like "127.0.0.1:5901:5901" but there is a localhost configuration option for tigervnc that should be usable?
I've tried this in an extension of the Dockerfile:
RUN echo "localhost" >> /etc/tigervnc/vncserver-config-defaults
But that seems to break the VNC server.