Google Drive Storage Provider Setup
The Google Drive Storage Provider allows end-users to map in their Google Drive storage into container-based sessions. Access is provided via Googles Drive’s OAuth interface and leveraging the Rclone Docker volume plugin.
Reference Docs:
Creating a Google OAuth App
Login to the Google Developer Console: https://console.developers.google.com.
From the APIs & Services menu, Select OAuth consent screen.
Select External then click Create.
Warning
In this example, we walk through creating an integration where any Google user can auth with the Google Drive Storage Provider. This is ideal for a public facing deployment. Choose Internal if only users from your Google Workspace corporate account should be allowed to authenticate.
Extenal types will need to go through a validation process before being used in production systems.
OAuth Consent
Provide values for the App Name , User support email, and Developer Contact email.
In the Authorized Domains section, enter the Workspaces deployment’s top private domain (e.g
example.com).Click Save and Continue.
OAuth Registration
Click Add or Remove Scopes.
In the Update Selected Scopes window check
.../auth/drive, then click Update. If the option is not available, addhttps://www.googleapis.com/auth/driveto the Manually add scope field and click Add To Table.
OAuth Scope
Click Save and Continue.
Until the app is fully verified and published it can only be used to auth specific test accounts. Click Add Users to authorize several test google accounts.
Click Save and Continue.
In the APIs & Services menu, select Credentials.
Select Create Credentials, then OAuth client ID.
Client ID
Select
Web Applicationas the Application type, then give the client a name (e.gKasm).Click Add URI in the Authorized redirect URIs section, and enter
https://<kasm deployment hostname>/api/cloud_storage_callback.Click Create.
Create Client
A dialogue will display with a Client ID and Client Secret. Save these values for the next configuration steps. The JSON download will also include URLs needed for the next configuration steps.
Client Secret
From the main menu of the Google Cloud Console , search for “Google Drive API”. Navigate to the selected page, then click “Enable” if the option is available. No action is needed if the status is currently enabled.
Enable Drive
Kasm Storage Provider Config
Log into the Kasm UI as an administrator.
Select Settings -> Storage -> Add.
Update the form with the following entries, using the Client ID and Client Secret gathered in the previous section.
Name |
|
Storage Provider Type |
|
Enabled |
|
Client ID |
|
Client Secret |
|
Authorization URL |
|
Authorization URL Options |
|
Token URL |
|
Redirect URL |
|
Scope |
|
Default Target |
|
Volume Config |
{
"driver" : "rclone",
"driver_opts" : {
"type" : "drive",
"uid" : "1000",
"gid" : "1000",
"allow_other" : "true"
}
}
|
Mount Config |
|
Click Save to save the changes.
Google Drive Storage Mapping Configuration
From any page, select the profile icon at the top right of the page. Select Edit Profile.
Edit Profile
Select the Cloud Storage section, then Add Storage Mapping.
Add Storage Mapping
Select Google Drive from the dropdown, then select Next.
Configure Storage
The Google Login page will appear. Login with the desired account. This account must have been selected as test user in the Oauth app creation process.
Login
If the Google OAuth app is not yet approved, the user will get a warning. Click continue.
Approve Kasm
If successful, the user will be redirected to the Workspaces dashboard. The new storage mapping can be seen in the Cloud Storage section of the profile.
Storage Mapping
Launch a new container-based session. Verify the Google Drive is mapped inside the session at the
/gdrivelocation.
In Session View