Initial RDP Implementation

2026-02-04 06:30:30 -07:00 · 2026-01-15 23:51:17 -07:00
parent bf7cbf6b7f
commit 35f26ce4ee
10 changed files with 1279 additions and 0 deletions
--- a/Data/Engine/config.py
+++ b/Data/Engine/config.py
@@ -84,6 +84,11 @@ DEFAULT_WIREGUARD_PEER_NETWORK = "10.255.0.0/16"
 DEFAULT_WIREGUARD_SHELL_PORT = 47002
 DEFAULT_WIREGUARD_ACL_WINDOWS = (3389, 5985, 5986, 5900, 3478, DEFAULT_WIREGUARD_SHELL_PORT)
 VPN_SERVER_CERT_ROOT = PROJECT_ROOT / "Engine" / "Certificates" / "VPN_Server"
+DEFAULT_GUACD_HOST = "127.0.0.1"
+DEFAULT_GUACD_PORT = 4822
+DEFAULT_RDP_WS_HOST = "0.0.0.0"
+DEFAULT_RDP_WS_PORT = 4823
+DEFAULT_RDP_SESSION_TTL_SECONDS = 120


 def _ensure_parent(path: Path) -> None:
@@ -285,6 +290,11 @@ class EngineSettings:
    wireguard_server_public_key_path: str
    wireguard_acl_allowlist_windows: Tuple[int, ...]
    wireguard_shell_port: int
+    guacd_host: str
+    guacd_port: int
+    rdp_ws_host: str
+    rdp_ws_port: int
+    rdp_session_ttl_seconds: int
    raw: MutableMapping[str, Any] = field(default_factory=dict)

    def to_flask_config(self) -> MutableMapping[str, Any]:
@@ -427,6 +437,36 @@ def load_runtime_config(overrides: Optional[Mapping[str, Any]] = None) -> Engine
    wireguard_server_private_key_path = str(wireguard_key_root / "server_private.key")
    wireguard_server_public_key_path = str(wireguard_key_root / "server_public.key")

+    guacd_host = str(
+        runtime_config.get("GUACD_HOST")
+        or os.environ.get("BOREALIS_GUACD_HOST")
+        or DEFAULT_GUACD_HOST
+    )
+    guacd_port = _parse_int(
+        runtime_config.get("GUACD_PORT") or os.environ.get("BOREALIS_GUACD_PORT"),
+        default=DEFAULT_GUACD_PORT,
+        minimum=1,
+        maximum=65535,
+    )
+    rdp_ws_host = str(
+        runtime_config.get("RDP_WS_HOST")
+        or os.environ.get("BOREALIS_RDP_WS_HOST")
+        or DEFAULT_RDP_WS_HOST
+    )
+    rdp_ws_port = _parse_int(
+        runtime_config.get("RDP_WS_PORT") or os.environ.get("BOREALIS_RDP_WS_PORT"),
+        default=DEFAULT_RDP_WS_PORT,
+        minimum=1,
+        maximum=65535,
+    )
+    rdp_session_ttl_seconds = _parse_int(
+        runtime_config.get("RDP_SESSION_TTL_SECONDS")
+        or os.environ.get("BOREALIS_RDP_SESSION_TTL_SECONDS"),
+        default=DEFAULT_RDP_SESSION_TTL_SECONDS,
+        minimum=30,
+        maximum=3600,
+    )
+
    api_groups = _parse_api_groups(
        runtime_config.get("API_GROUPS") or os.environ.get("BOREALIS_API_GROUPS")
    )
@@ -465,6 +505,11 @@ def load_runtime_config(overrides: Optional[Mapping[str, Any]] = None) -> Engine
        wireguard_server_public_key_path=wireguard_server_public_key_path,
        wireguard_acl_allowlist_windows=wireguard_acl_allowlist_windows,
        wireguard_shell_port=wireguard_shell_port,
+        guacd_host=guacd_host,
+        guacd_port=guacd_port,
+        rdp_ws_host=rdp_ws_host,
+        rdp_ws_port=rdp_ws_port,
+        rdp_session_ttl_seconds=rdp_session_ttl_seconds,
        raw=runtime_config,
    )
    return settings