From 3807ce3dc779a5c13f659c920984ae9a7cc38125 Mon Sep 17 00:00:00 2001
From: Juan Pedro Escalona <jescalona@riplife.es>
Date: Mon, 14 Dec 2015 13:03:49 +0100
Subject: [PATCH] Added support for CentOS 7.x

---
 manifests/config.pp                | 46 ++++++++++++++++++++-----
 manifests/init.pp                  |  3 +-
 manifests/install.pp               |  3 +-
 manifests/service.pp               | 54 ++++++++++++++++++++++++++----
 templates/vncservers_systemctl.erb | 45 +++++++++++++++++++++++++
 5 files changed, 133 insertions(+), 18 deletions(-)
 create mode 100644 templates/vncservers_systemctl.erb

diff --git a/manifests/config.pp b/manifests/config.pp
index bcf71c4..6c890f6 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -21,17 +21,45 @@
     default => Class['vnc::service'],
   }
 
+  define vnc::create_vncserver_config (
+    $servers
+  ) {
+    $index = inline_template('<%= servers.index(name) %>')
+    $vnc_user = $name[user]
+
+    file { "/etc/systemd/system/vncserver@:${index}.service":
+      ensure  => present,
+      owner   => root,
+      group   => root,
+      mode    => '0440',
+      content => template($vnc::vncservers_template_systemctl),
+      notify  => $notify_class,
+    }
+  }
+
   case $::osfamily {
     'RedHat': {
-      $vncservers_template = $vnc::vncservers_template
-      file { '/etc/sysconfig/vncservers':
-        ensure  => present,
-        owner   => root,
-        group   => root,
-        mode    => '0440',
-        content => template($vncservers_template),
-        notify  => $notify_class,
+      case $::operatingsystemrelease {
+        /^[6,5]\./: {    
+          $vncservers_template = $vnc::vncservers_template
+          file { '/etc/sysconfig/vncservers':
+            ensure  => present,
+            owner   => root,
+            group   => root,
+            mode    => '0440',
+            content => template($vncservers_template),
+            notify  => $notify_class,
+          }
+        }
+        /^7\./: {
+          vnc::create_vncserver_config {
+            $vnc::servers:
+              servers => $vnc::servers
+          }
+        }
+        default: { fail('Unsupported OS version') }
       }
+      
 
       file { '/etc/skel/.vnc':
         ensure => directory,
@@ -52,6 +80,6 @@
       }
     }
 
-    default: { }
+    default: { fail('Unsupported OS') }
   }
 }
diff --git a/manifests/init.pp b/manifests/init.pp
index 14a21e7..a4c4da5 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -75,7 +75,8 @@
   $service_enable = true,
   $service_ensure = running,
   $xstartup_template = 'vnc/xstartup.erb',
-  $vncservers_template = 'vnc/vncservers.erb'
+  $vncservers_template = 'vnc/vncservers.erb',
+  $vncservers_template_systemctl = 'vnc/vncservers_systemctl.erb'
 ) {
   include vnc::install, vnc::config, vnc::service
 
diff --git a/manifests/install.pp b/manifests/install.pp
index bb139d4..0b82ecf 100644
--- a/manifests/install.pp
+++ b/manifests/install.pp
@@ -22,7 +22,7 @@
   case $::osfamily {
     'RedHat': {
       case $::operatingsystemrelease {
-        /^6\./: { $package = 'tigervnc-server' }
+        /^[7,6]\./: { $package = 'tigervnc-server' }
         /^5\./: { $package = 'vnc-server' }
         default: { fail('Unsupported OS version') }
       }
@@ -32,5 +32,6 @@
     }
   }
 
+  package { 'xterm': ensure => installed }
   package { $package: ensure => installed }
 }
diff --git a/manifests/service.pp b/manifests/service.pp
index c1ba6b8..81a1c80 100644
--- a/manifests/service.pp
+++ b/manifests/service.pp
@@ -2,13 +2,53 @@
 #
 # Manages the VNC service
 #
-class vnc::service {
-  include vnc
+class vnc::service (
+  $enable = true,
+  $ensure = running,
+){ 
+  $notify_class = $vnc::refresh ? {
+    false   => undef,
+    default => Class['vnc::service'],
+  }
+
+  define vnc::create_vncserver_services (
+    $servers,
+    $ensure,
+    $enable,
+  ) {
+    $index = inline_template('<%= servers.index(name) %>')
+	service { "vncserver@:${index}.service":
+	    ensure    => $ensure,
+	    enable    => $enable,
+	    hasstatus => true,
+	    status    => "sudo systemctl status vncserver@:${index}.service; /usr/bin/test $? -eq 0",
+	}
+  }
 
-  service { 'vncserver':
-    ensure    => $vnc::service_ensure_real,
-    enable    => $vnc::service_enable_real,
-    hasstatus => true,
-    status    => '/sbin/service vncserver status; /usr/bin/test $? -eq 0',
+  case $::osfamily {
+    'RedHat': {
+      case $::operatingsystemrelease {
+        /^[6,5]\./: { 
+		  service { 'vncserver':
+		    ensure    => $ensure,
+		    enable    => $enable,
+		    hasstatus => true,
+		    status    => '/sbin/service vncserver status; /usr/bin/test $? -eq 0',
+		  }
+        }
+        /^7\./: {
+		  vnc::create_vncserver_services {
+		  	$vnc::servers:
+		  		servers => $vnc::servers,
+		  		ensure =>  $ensure,
+		  		enable => $enable,
+		  }		  
+        }
+        default: { fail('Unsupported OS version') }
+      }
+    }
+    default: {
+      fail('Unsupported OS')
+    }
   }
 }
diff --git a/templates/vncservers_systemctl.erb b/templates/vncservers_systemctl.erb
new file mode 100644
index 0000000..a8e15fb
--- /dev/null
+++ b/templates/vncservers_systemctl.erb
@@ -0,0 +1,45 @@
+# The vncserver service unit file
+#
+# Quick HowTo:
+# 1. Copy this file to /etc/systemd/system/vncserver@:<display>.service
+# 2. Edit <USER> and vncserver parameters appropriately
+#   ("runuser -l <USER> -c /usr/bin/vncserver %i -arg1 -arg2")
+# 3. Run `systemctl daemon-reload`
+# 4. Run `systemctl enable vncserver@:<display>.service`
+#
+# DO NOT RUN THIS SERVICE if your local area network is
+# untrusted!  For a secure way of using VNC, you should
+# limit connections to the local host and then tunnel from
+# the machine you want to view VNC on (host A) to the machine
+# whose VNC output you want to view (host B)
+#
+# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
+#
+# this will open a connection on port 590N of your hostA to hostB's port 590M
+# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
+# See the ssh man page for details on port forwarding)
+#
+# You can then point a VNC client on hostA at vncdisplay N of localhost and with
+# the help of ssh, you end up seeing what hostB makes available on port 590M
+#
+# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.
+#
+# Use "-localhost" to prevent remote VNC clients connecting except when
+# doing so through a secure tunnel.  See the "-via" option in the
+# `man vncviewer' manual page.
+
+
+[Unit]
+Description=Remote desktop service (VNC)
+After=syslog.target network.target
+
+[Service]
+Type=forking
+# Clean any existing files in /tmp/.X11-unix environment
+ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
+ExecStart=/sbin/runuser -l <%= @vnc_user -%> -c "/usr/bin/vncserver %i -geometry 1280x1024""
+PIDFile=/home/<%= @vnc_user -%>/.vnc/%H%i.pid
+ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file