During the time of Debian Wheezy being Debian's stable release, we started developing a new ThinClientEdition (TCE) - one that is based on Debian-Live and thus does no longer rely on NFS. Instead, the entire image is loaded into the RAM of the ThinClient machine.

The disadvantage is that your ThinClient now needs at least 1 GB of RAM (see below).

However, the huge advantage is that there no longer is a need for any high-availibility setup concerning NFS. All you need is an HTTP or FTP server with a dedicated IP, if you want to use netbooting. It is also possible to deploy the image to the ThinClient's local storage, if present, and have it update in the background. Also, making changes/updating the NFS-based TCE was rather finicky - with the current TCE, you build and deploy a new image every time you make a change, and you can test it on a single client without interrupting your production environment.

We've also received reports that the old NFS-based TCE wouldn't work with Jessie, or at least it was very hard to get it to work. Our current TCE works just fine with Jessie, and we expect it to work in Stretch and hopefully in Buster (Stretch+1) as well. The one catch is that the live-build package in Debian/the Debian-Live project is currently looking for a new maintainer - so there is a slim chance that live-build might be removed from Debian Buster, especially if no new maintainer steps up and the live-build replacement that is currently in the works contains all the required functionality of live-build by then.

• At least 1 GB of RAM
• At least an i586-compatible CPU
• Capability to boot via PXE or sufficient local storage (expect 250-450 MB, depending on what you decide to include)
• A graphics card and input devices (Keyboard, Mouse/Trackball/Touchpad/Trackpoint/Touchscreen, …) that are supported by the stock Debian X Server

• You need a Debian Jessie system to build the image. (Other distributions based on Debian might work, but this is untested.)
• We suggest using a 64-Bit system, however, it is possible to use a 32-Bit system if you don't want to build a 64-Bit ThinClient image.
• We suggest leaving at least 4 GB of free disk space so the build won't abort due to insufficient disk space while packages are downloaded, unpacked and copied around.
• Make sure your package list is up to date by running:

  sudo apt-get update 

• Install the required packages by running:

  sudo apt-get install git-core live-build live-config-doc live-manual-html live-boot-doc

• export the following variables:

  # Point this to the git repository you wish to use
  export LBX2GO_CONFIG='git://code.x2go.org/live-build-x2go.git::feature/openbox'
  
  # Select ONE of the following LBX2GO_ARCH lines and comment out the others 
  # (feel free to use long or short options)
  # for 64-Bit builds, use:
  # export LBX2GO_ARCH='-a amd64 -k amd64' 
  # 32-Bit, larger memory footprint, but faster performance on i686 and newer
  # export LBX2GO_ARCH='-a i386 -k 686-pae'
  # 32-Bit, smallest memory footprint
  export LBX2GO_ARCH='--architectures i386 --linux-flavours 586' 
  
  # These options are meant to reduce the image size.
  # Feel free to adapt them after consulting "man lb_config"
  export LBX2GO_SPACE='--checksums none --apt-indices none --cache false 
                       --win32-loader false --memtest none
                       --firmware-binary false'
  
  # These are default values that should not require tuning
  export LBX2GO_DEFAULTS='--initsystem sysvinit --security true --updates true 
                          --apt-recommends false --firmware-chroot true   
                          --backports true'
  export LBX2GO_ARCHIVE_AREAS="main contrib non-free"

• You need an existing DHCP/PXE/TFTP setup with the usual pxelinux.0/pxelinux.cfg boot and configuration files, and a directory where kernel and initrd can be stored. This is not covered here, though we might add a separate howto for that some time later on.
• You will also need an HTTP/FTP server with a dedicated IP (no name-based virtual hosts) for the squashfs image.
  • This image cannot be deployed via TFTP as it is too large - some TFTP servers refuse to serve files lager than 32MB, and some TFTP clients have problems with that as well.
  • Also, even if you have a TFTP server/client combination that handles files larger than 32 MB, it will still be waaaay slower than the HTTP/FTP transfer.

Change to a directory where you want to save your builds, and run the following commands:

# Set everything up for netboot-image creation
LBX2GO_IMAGETYPE='netboot'

# Create Timestamp
LBX2GO_TIMESTAMP=$(date +"%Y%m%d%H%M%S") 

# Set Directory name
LBX2GO_TCEDIR=./live-build-x2go-$LBX2GO_TIMESTAMP

if [ -z "$LBX2GO_ARCH" ] ||
   [ -z "$LBX2GO_SPACE" ] ||
   [ -z "$LBX2GO_CONFIG" ] ||
   [ -z "$LBX2GO_DEFAULTS" ] ||
   [ -z "$LBX2GO_IMAGETYPE" ] ||
   [ -z "$LBX2GO_TIMESTAMP" ] ||
   [ -z "$LBX2GO_ARCHIVE_AREAS" ]; then
    echo -e "One or more of the following variables is unset:"
    echo -e "LBX2GO_ARCH: '${LBX2GO_ARCH}'"
    echo -e "LBX2GO_SPACE: '${LBX2GO_SPACE}'"
    echo -e "LBX2GO_DEFAULTS: '${LBX2GO_DEFAULTS}'"
    echo -e "LBX2GO_CONFIG: '${LBX2GO_CONFIG}'"
    echo -e "LBX2GO_IMAGETYPE: '${LBX2GO_IMAGETYPE}'"
    echo -e "LBX2GO_TIMESTAMP: '${LBX2GO_TIMESTAMP}'"
    echo -e "LBX2GO_ARCHIVE_AREAS: '${LBX2GO_ARCHIVE_AREAS}'"
    echo -e "Please visit http://wiki.x2go.org/doku.php/doc:howto:tce"
    echo -e "and read up on the general prerequisites for X2Go-TCE"
else
    # This will create a timestamped subdirectory for the build
    mkdir -p $LBX2GO_TCEDIR
    cd $LBX2GO_TCEDIR

    lb config $LBX2GO_ARCH $LBX2GO_SPACE $LBX2GO_DEFAULTS \
       --config $LBX2GO_CONFIG --binary-images $LBX2GO_IMAGETYPE \
       --archive-areas "$LBX2GO_ARCHIVE_AREAS"
    if lb build ; then
        echo -e "Build is done: '$LBX2GO_TCEDIR'"
        ln ./tftpboot/live/vmlinuz ./x2go-tce-vmlinuz
        ln ./tftpboot/live/initrd.img ./x2go-tce-initrd.img
        ln ./binary/live/filesystem.squashfs ./x2go-tce-filesystem.squashfs
        lb clean
        rm -rf ./cache
    else
        echo -e "Build failed: '$LBX2GO_TCEDIR'"
    fi
    cd ..
fi

This is assuming you already have an existing, working PXE/TFTP and HTTP or FTP server setup.

Once you see the message “Build is done:”, go to the directory mentioned there, and copy x2go-tce-vmlinuz and x2go-tce-initrd.img to a suitable subdirectory under your TFTP root.

We suggest using ./x2go-tce.

 cd $(mktemp -d)
 atftp your-tftp-server-ip-here
 tftp> get pxelinux.cfg/default
 tftp> get x2go-tce/x2go-tce-vmlinuz 
 tftp> get x2go-tce/x2go-tce-initrd.img 
 tftp> quit

Next, copy x2go-tce-filesystem.squashfs from the directory mentioned after “Build is done:” to a suitable subdirectory under your HTTP or FTP root.

We suggest using ./x2go-tce.

 cd $(mktemp -d)
wget -Y off http://your-http-server-ip-here/
wget -Y off http://your-http-server-ip-here/x2go-tce/x2go-tce-filesystem.squashfs

Again, this is assuming you already have an existing, working PXE/TFTP server setup.

• Change to the pxelinux.cfg directory in your tftproot.
• create a file x2go-tce there, using the template below and adjusting it to your needs
• options ending in “=de” and “=de_DE.UTF-8” should be set to match your desired country/locale setting
• options containing “http://your-http-server-ip-here” should be replaced with the proper HTTP or FTP URL for your server
• where it says FURTHER-OPTIONS-GO-HERE, you can (must!) add one or more of the options explained below. All options are separated from the next option using a single blank (space bar), just like the options before that placeholder. DO NOT use newlines. All “APPEND” options must be on one and the same line.

x2go-tce

DEFAULT x2go-tce
PROMPT 0
MENU TITLE Linux Boot Menu
MENU COLOR TITLE 1 #ffffff #000000 std
MENU COLOR SEL 0 #ffffff #444444 std
MENU COLOR TABMSG 0 #999933 #000000 std
MENU COLOR UNSEL 0 #aaaaaa

LABEL x2go-tce
TIMEOUT 50
MENU LABEL X2Go-TCE
KERNEL x2go-tce/vmlinuz
APPEND initrd=x2go-tce/initrd.img boot=live components noswap aufs rd.luks=0 rd.lvm=0 rd.md=0 rd.dm=0 kernel.sysrq=1 keep_bootcon sysrq_always_enabled rd.driver.pre=loop rd.noverifyssl rd.skipfsck rd.live.overlay.check rd.live.overlay.reset rd.live.ram log_buf_len=1M quickreboot consoleblank=0 kernel.sysrq=1 keep_bootcon sysrq_always_enabled rootwait=120 silent quiet splash lang=de vconsole.keymap=de keyboard-layouts=de locales=de_DE.UTF-8 noroot nouser fetch=http://your-http-server-ip-here/x2go-tce/x2go-tce-filesystem.squashfs FURTHER-OPTIONS-GO-HERE

These two are mutually exclusive, i.e. never put both of them in the same config:

• sessionsurl=http://your-http-server-ip-here/x2go-tce/x2go-tce.sessions - use this to specify a sessions file. You need this unless you are using a session broker. See below for how to add this file to your HTTP or FTP server.
• broker-url=ssh://your-broker-address-here - this allows you to specify an X2Go Session Broker instead of a sessions file (not limited to an ssh-based broker, works with an http-based broker as well)

These are entirely optional:

• pubkey=http://your-http-server-ip-here/x2go-tce/x2go-tce.authorized_keys - this allows you to add an ssh public key file to the ThinClient, so your administrators can log in remotely using SSH
• xorgconfurl=http://your-http-server-ip-here/x2go-tce/x2go-tce.xorg.conf - when a client outright refuses to boot into the graphical X2Go login screen, but gets stuck at the console or a black screen instead, yet you can get the GUI to work using a regular Linux on the same hardware, you can disable the X Server's autodetection and force it to use the xorg.conf specified here. Note that you should use a more descriptive name for the file, as described below.
• xorg-resolution=HRESxVRES - will force the horizontal resolution to HRES and the vertical resolution to VRES, e.g. xorg-resolution=1280×1024, useful if autodetection for the correct screen size fails, but you do get as far as seeing the X2Go GUI
• xinerama=left-of|right-of|above|below|same-as - not yet implemented. Will allow you to specify how multiple screens are handled (same-as clones the primary screen to all secondary screens, the other commands will cascade and thus expand the screen)
• ldap=ldap.example.com:389:cn=cngoeshere,dc=example,dc=com - this allows you to specify an LDAP server to authenticate against
• ldap1=ldap-backupserver-1.example.com:389 - this allows you to specify the first of up to two LDAP backup servers when using LDAP authentication
• ldap2=ldap-backupserver-2.example.com:389 - this allows you to specify the second of up to two LDAP backup servers when using LDAP authentication

Again, this is assuming you already have an existing, working HTTP or FTP server setup.

• run X2GoClient on any computer you like, and configure a session the same way it should appear on the ThinClient <note tip>when using a Windows client, run x2goclient.exe –portable, or it will store the session information in the registry, rather than in a “sessions” file.</note>
• locate the “sessions” file you just created - it should be at ~/.x2goclient/sessions
• copy it to x2go-tce.sessions
• using an editor of your choice, edit x2go-tce.sessions so it contains only the sessions you want to appear on the ThinClient, and none that might have been created earlier.
• log on to your HTTP or FTP server and change to the x2go-tce directory in your webroot/ftproot.
• copy the x2go-tce.sessions file with your desired configuration to this directory.

Again, this is assuming you already have an existing, working HTTP or FTP server setup.

• locate your current authorized_keys file - it should be at ~/.ssh/authorized_keys
• copy it to x2go-tce.authorized_keys
• using an editor of your choice, edit x2go-tce.authorized_keys so it contains only the keys you want to appear on the ThinClient, and none that might have been created for a different purpose.
• log on to your HTTP or FTP server and change to the x2go-tce directory in your webroot/ftproot.
• copy the x2go-tce.authorized_keys file with your desired configuration to this directory.

Again, this is assuming you already have an existing, working HTTP or FTP server setup.

• copy the xorg.conf file from the working system to x2go-tce.xorg.conf - actually, to something that lets you tell which hardware it is made for, like x2go-tce-P4-whitebox-with-crappy-VGA.xorg.conf
• log on to your HTTP or FTP server and change to the x2go-tce directory in your webroot/ftproot.
• copy the x2go-tce.xorg.conf file (or whatever you named it) with your desired configuration to this directory.

Again, this is assuming you already have an existing, working PXE/TFTP server setup in place.

• Determine the MAC address of your ThinClient. In the following example, we will assume it is AA-BB-CC-DD-EE-FF.
• Change to the pxelinux.cfg directory in your tftproot.
• create a symlink with the name 01-AA-BB-CC-DD-EE-FF (note the extra “01-” at the beginning) pointing to x2go-tce.
• After that, your ThinClient should boot the X2Go-TCE image.

• Change to the pxelinux.cfg directory in your tftproot.
• run ls -lah default
• Make a note where this symlink points to, if it is a symlink.
• If it is not a symlink, but a regular file, rename it e.g. to default-before-x2go-tce
• create a new symlink named default that points to x2go-tce

• Change to the pxelinux.cfg directory in your tftproot.
• copy the file x2go-tce to an appropriate name, like x2go-tce-debug or x2go-tce-P4-whitebox-with-crappy-VGA
• you can create as many such configuration files as you want, and edit them according to the use case
• to make a particular client boot a particular configuration,
  • Determine the MAC address of your ThinClient. In the following example, we will assume it is AA-BB-CC-DD-EE-FF.
  • create a symlink with the name 01-AA-BB-CC-DD-EE-FF (note the extra “01-” at the beginning) pointing to x2go-tce-whatever-name-you-chose.
  • After that, your ThinClient should boot the X2Go-TCE image.
  • Note that it is possible to use partial matching, so a symlink starting with “01-AA-BB-CC” would match all ThinClients with a MAC address starting with “AA-BB-CC” and so on.
  • For further matching options (IP-based, for example), please consult the pxeboot documentation. In short, it should be possible (i.e. untested by us), but it a) requires you to assign static DHCP IPs and b) you need to translate the IP to its hexadecimal value and use that value as the symlink name, so e.g. 192.168.0.1 becomes C0A80001 → x2go-tce.

This page is missing a section/subpage that explains how to use the content of the tar file located in the build directory if no PXE/TFTP/HTTP server is present yet.

Basically, debian-live/live/filesystem.squashfs becomes (webroot)/x2go-tce/x2go-tce-filesystem.squashfs and everything from tftpboot/ goes into the TFTP root directory. After that, one should proceed as described above regarding creation of files and symlinks.

Sample contents of live-image-i386.netboot.tar:

drwxr-xr-x root/root         0 2016-12-15 23:46 debian-live/
drwxr-xr-x root/root         0 2016-12-15 23:54 debian-live/live/
-rw-r--r-- root/root 271536128 2016-12-15 23:50 debian-live/live/filesystem.squashfs
-rw-r--r-- root/root     11579 2016-12-15 23:52 debian-live/live/filesystem.packages
-rw-r--r-- root/root        74 2016-12-15 23:52 debian-live/live/filesystem.packages-remove
drwxr-xr-x root/root         0 2016-12-15 23:54 tftpboot/
drwxr-xr-x root/root         0 2016-12-15 23:54 tftpboot/live/
-rw-r--r-- root/root  31942749 2016-12-15 23:52 tftpboot/live/initrd.img
-rw-r--r-- root/root   2831760 2016-12-15 23:52 tftpboot/live/vmlinuz
drwxr-xr-x root/root         0 2015-04-28 14:01 tftpboot/pxelinux.cfg/
-rw-r--r-- root/root        57 2014-10-25 14:21 tftpboot/pxelinux.cfg/default
-rw-r--r-- root/root       351 2016-12-15 23:54 tftpboot/live.cfg
-rw-r--r-- root/root    116624 2015-08-19 15:17 tftpboot/ldlinux.c32
-rw-r--r-- root/root       270 2016-12-15 23:54 tftpboot/menu.cfg
-rw-r--r-- root/root     26188 2015-08-19 15:17 tftpboot/vesamenu.c32
-rw-r--r-- root/root       268 2016-12-15 23:54 tftpboot/install.cfg
-rw-r--r-- root/root       508 2016-12-15 23:54 tftpboot/stdmenu.cfg
-rw-r--r-- root/root     34739 2016-12-15 23:54 tftpboot/splash.png
-rw-r--r-- root/root     23480 2015-08-19 15:17 tftpboot/libutil.c32
-rw-r--r-- root/root       153 2016-12-15 23:54 tftpboot/advanced.cfg
-rw-r--r-- root/root    182552 2015-08-19 15:17 tftpboot/libcom32.c32
-rw-r--r-- root/root     42988 2015-08-19 15:17 tftpboot/pxelinux.0
-rw-r--r-- root/root    164096 2015-08-19 15:17 tftpboot/hdt.c32

This page is missing a section/subpage that explains how to speed up the netboot process using iPXE.

Basically:

apt-get install ipxe
cd /your-tftp-root
mkdir -p {bios,uefi}
ln -s /usr/lib/ipxe/undionly.kpxe ./bios/
ln -s /boot/ipxe.efi ./uefi/
FQDN=DNS-name-of-your-server-here
IP_OF_FQDN=`dig $FQDN +short`
cat <<EOF>x2go-tce-ipxe
#!ipxe
dhcp
kernel http://$FQDN/x2go-tce-vmlinuz EVERYTHING-FROM-THE-LINE-STARTING-WITH-APPEND-IN-THE-X2GO-TCE-SAMPLE-FILE-ABOVE
initrd http://$FQDN/x2go-tce-initrd.img
boot
EOF

After that, create a symlink/symlinks that point from “default” or a part of the MAC or the entire MAC or the hex-encoded IP to x2go-tce-ipxe.

Then add this to your dhcpd.conf

   if substring ( option vendor-class-identifier , 19,1 ) = "0" {
           filename "bios/undionly.kpxe";
   }
   else if substring ( option vendor-class-identifier , 19,1 ) = "7" {
           filename "uefi/ipxe.efi";
   }
   else {  
           log (info, concat ( "Unhandled vendor class Arch: ", substring ( option vendor-class-identifier , 19,1 )));
   }
   if exists user-class and option user-class = "iPXE" {
	set hwmac = concat (
	suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,1,1))),2), ":",
	suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,2,1))),2), ":",
	suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,3,1))),2), ":",
	suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,4,1))),2), ":",
	suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,5,1))),2), ":",
	suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,6,1))),2)
	);

      filename = concat( "http://DNS-name-of-your-server-here/", hwmac );
   }

This page is missing a section/subpage that explains how to retrieve an xorg.conf from a different system.

Things to try: KNOPPIX Live Linux, other Distribution's Live Images (a recent Fedora or Arch, maybe?)

Basically, in the running Linux where you have a working X Server on that particular hardware:

• change to a command shell
• try to run Xorg :$(($(ps -C Xorg -o args= | awk ' $2 ~ /^:[0-9]/ { print $2 }' | tr -d ':' | sort -n)+1)) -configure
• if that fails, stop the currently running X server, then run Xorg -configure
• this should output ~/xorg.conf.new, which could then be saved somewhere else (LAN share, USB stick, …).

This page is missing a section/subpage that explains how to create images for USB/CD/local storage.

Basically, proceed as shown for netboot above, but set LBX2GO_IMAGETYPE to iso, iso-hybrid, or hdd.

Location and name of the output files will vary slightly, so skip the “lb clean” step until you've located them.

Iso-Hybrid images can be dd'ed directly to a USB stick.

HDD images mean you might have to jiggle with syslinux or grub.

Some of the optional steps above could be moved to a separate subpage to reduce clutter.

The steps for the build process could probably streamlined into an x2go-tcebuilder.deb Debian package

Ideas:

• instead of the “exports” stuff, use a config file e.g. under /etc/x2go/x2go-tcebuilder/config and source its contents
• instead of copy-pasting the build commands, turn most of it into a script as /usr/bin/x2go-tcebuilder or something (the remaining config parts in the copy-paste block would have to be moved into the config file)
• our config would be used as suggestion by linking to it; a user could create their own by replacing the link with a regular file (similar to how /etc/x2go/applications works)
• our additional live-scripts would be shipped inside the package and similar to how apache does it with sites-available and sites-active - not pulling in content from git each time
  • /etc/x2go/x2go-tcebuilder/scripts-active (dir with symlinks to all active scripts)
  • /etc/x2go/x2go-tcebuilder/scripts-available (dir with symlinks to our templates and with regular user-created files)
  • /usr/share/x2go-tcebuilder/template-scripts (scripts we ship, with a big fat header that they should not be changed, but copied)
• store the results somewhere under /var/lib/x2go-tcebuilder/ or whatever the proper place according to FHS and Debian would be
• turning it into a package would mean we could add dependencies as well, so the manual apt-get install would not be neccessary
• additional scripts could be added that work “automagically” if there's no PXE/TFTP/HTTP/FTP server yet - maybe in a separate package x2go-tce-setup-aids.deb which then has dependencies on atftpd and apache|lighttpd, …