pve1: VM 105 finance (IBKR TWS) erstellt und dokumentiert

Neue VM 105 auf pve1:
- Ubuntu 25.10 Cloud-Image, 12 GB RAM, 4 vCPU, 32 GB Disk
- Xvfb :1 (1920x1080) + Openbox + TigerVNC + noVNC (Port 6080)
- IBC für automatisierten IBKR TWS Login
- IP: 192.168.10.43 (DHCP, vmbr0 VLAN 10)
- Setup-Scripts: pve1/guests/vm105-finance/setup-tws.sh

pve1/guests/vm105-finance/setup-tws.sh

@@ -0,0 +1,142 @@
+#!/usr/bin/env bash
+# Setup-Script für VM 105 finance: Xvfb + noVNC + TWS + IBC
+# Ausführen als ubuntu-User (sudo-fähig), nicht-interaktiv:
+#   ssh -i /root/.ssh/finance_vm ubuntu@192.168.10.43 'bash -s' < setup-tws.sh
+set -euo pipefail
+
+VNC_PASS="${VNC_PASS:-$(openssl rand -base64 12 | tr -d '/+=')}"
+
+echo "=== [1/6] System-Update ==="
+sudo apt-get update -qq
+sudo DEBIAN_FRONTEND=noninteractive apt-get upgrade -y -qq
+
+echo "=== [2/6] Pakete installieren ==="
+sudo DEBIAN_FRONTEND=noninteractive apt-get install -y -qq \
+  xvfb \
+  openbox \
+  tigervnc-standalone-server \
+  novnc \
+  websockify \
+  openjdk-21-jre \
+  wget \
+  unzip \
+  xdotool \
+  x11-utils \
+  x11-xserver-utils \
+  fonts-dejavu \
+  dbus-x11 \
+  libxtst6 \
+  libxi6 \
+  ca-certificates \
+  curl
+
+echo "=== [3/6] tws-User anlegen ==="
+if ! id -u tws &>/dev/null; then
+  sudo useradd -m -s /bin/bash tws
+fi
+sudo mkdir -p /home/tws/.vnc /home/tws/.config/openbox
+sudo chown -R tws:tws /home/tws
+
+echo "=== [4/6] VNC-Passwort setzen (automatisch) ==="
+echo "$VNC_PASS" | sudo -u tws vncpasswd -f | sudo -u tws tee /home/tws/.vnc/passwd > /dev/null
+sudo chmod 600 /home/tws/.vnc/passwd
+sudo chown tws:tws /home/tws/.vnc/passwd
+
+echo "=== [5/6] Systemd-Services erstellen ==="
+
+sudo tee /etc/systemd/system/xvfb.service > /dev/null <<'EOF'
+[Unit]
+Description=Virtual Framebuffer 1920x1080
+After=network.target
+
+[Service]
+User=tws
+ExecStart=/usr/bin/Xvfb :1 -screen 0 1920x1080x24 -ac -nolisten tcp
+Restart=always
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+sudo tee /etc/systemd/system/openbox.service > /dev/null <<'EOF'
+[Unit]
+Description=Openbox Window Manager on DISPLAY :1
+After=xvfb.service
+Requires=xvfb.service
+
+[Service]
+User=tws
+Environment=DISPLAY=:1
+Environment=HOME=/home/tws
+ExecStart=/usr/bin/openbox-session
+Restart=always
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+sudo tee /etc/systemd/system/vncserver.service > /dev/null <<'EOF'
+[Unit]
+Description=TigerVNC x0vncserver on DISPLAY :1
+After=xvfb.service
+Requires=xvfb.service
+
+[Service]
+User=tws
+Environment=DISPLAY=:1
+ExecStart=/usr/bin/x0vncserver -display :1 -rfbport 5900 -SecurityTypes VncAuth -PasswordFile /home/tws/.vnc/passwd
+Restart=always
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+sudo tee /etc/systemd/system/novnc.service > /dev/null <<'EOF'
+[Unit]
+Description=noVNC Websocket Proxy
+After=vncserver.service
+Requires=vncserver.service
+
+[Service]
+User=tws
+ExecStart=/usr/share/novnc/utils/novnc_proxy --vnc localhost:5900 --listen 0.0.0.0:6080
+Restart=always
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+# Openbox autostart (leer)
+sudo -u tws tee /home/tws/.config/openbox/autostart > /dev/null <<'EOF'
+# TWS wird via tws-ibc.service gestartet
+EOF
+
+echo "=== [6/6] Services aktivieren ==="
+sudo systemctl daemon-reload
+sudo systemctl enable --now xvfb openbox vncserver novnc
+
+# Kurz warten damit Services hochfahren
+sleep 3
+sudo systemctl is-active xvfb vncserver novnc || true
+
+VM_IP=$(hostname -I | awk '{print $1}')
+
+echo ""
+echo "========================================"
+echo " Basis-Stack erfolgreich eingerichtet"
+echo "========================================"
+echo ""
+echo "  noVNC Browser:  http://${VM_IP}:6080/vnc.html"
+echo "  VNC Passwort:   ${VNC_PASS}"
+echo "  VNC Port:       5900"
+echo ""
+echo "  BITTE NOTIEREN: VNC-Passwort wird nicht erneut angezeigt"
+echo "  Ändern mit:     sudo -u tws vncpasswd /home/tws/.vnc/passwd"
+echo ""
+echo "Nächster Schritt: TWS + IBC installieren:"
+echo "  ssh -i /root/.ssh/finance_vm ubuntu@${VM_IP} 'bash -s' < setup-tws-installer.sh"
+echo ""