Set PySimpleGUI version

As PySimpleGUI will be licensed starting at version 5.0.0, I am capping the version to prevent this. Alternate UI libraries will need to be implemented.

README.md

@@ -2,12 +2,62 @@
 
 This project's focus is to create a simple VDI client intended for mass deployment. This VDI client connects directly to Proxmox VE and allows users to connect (via Spice) to any VMs they have permission to access.
 
+Defining multiple Proxmox clusters is possible and can allow end users to easily select which 'server group' they wish to connect to:
+
 ![Login Screen](screenshots/login.png)
 
 ![Login Screen with OTP](screenshots/login-totp.png)
 
 ![VDI View](screenshots/vdiview.png)
 
+## Configuration File
+
+PVE VDI Client **REQUIRES** a configuration file to function. The client searches for this file in the following locations unless overridden with [command line options](#command-line-usage):
+
+* Windows
+    * %APPDATA%\VDIClient\vdiclient.ini
+    * %PROGRAMFILES%\VDIClient\vdiclient.ini
+* Linux
+    * ~/.config/VDIClient/vdiclient.ini
+    * /etc/vdiclient/vdiclient.ini
+    * /usr/local/etc/vdiclient/vdiclient.ini
+
+Please refer to [vdiclient.ini.example](https://github.com/joshpatten/PVE-VDIClient/blob/main/vdiclient.ini.example) for all available config file options
+
+If you encounter any issues feel free to submit an issue report.
+
+## Proxmox Permission Requirements
+
+Users that are accessing VDI instances need to have the following permissions assigned for each VM they access:
+
+* VM.PowerMgmt
+* VM.Console
+* VM.Audit
+
+## Command Line Usage
+
+No command line options are required for default behavior. The following command line options are available:
+
+    usage: vdiclient.py [-h] [--list_themes] [--config_type {file,http}] [--config_location CONFIG_LOCATION]
+                        [--config_username CONFIG_USERNAME] [--config_password CONFIG_PASSWORD] [--ignore_ssl]
+    
+    Proxmox VDI Client
+    
+    options:
+      -h, --help            show this help message and exit
+      --list_themes         List all available themes
+      --config_type {file,http}
+                            Select config type (default: file)
+      --config_location CONFIG_LOCATION
+                            Specify the config location (default: search for config file)
+      --config_username CONFIG_USERNAME
+                            HTTP basic authentication username (default: None)
+      --config_password CONFIG_PASSWORD
+                            HTTP basic authentication password (default: None)
+      --ignore_ssl          HTTPS ignore SSL certificate errors (default: False)
+
+If `--config_type http` is selected, pass the URL in the `--config_location` parameter
+
 ## Windows Installation
 
 You **MUST** install virt-viewer prior to using PVE VDI client, you may download it from the [official Virtual Machine Manager](https://virt-manager.org/download.html) site.
@@ -16,7 +66,7 @@ Please visit the [releases](https://github.com/joshpatten/PVE-VDIClient/releases
 
 If you need to customize the installation, such as to sign the executable and MSI, you may download and install the [WIX toolset](https://wixtoolset.org/releases/) and use the build_vdiclient.bat file to build a new MSI.
 
-you will need to download the latest 3.10 python release, and run the following commands to install the necessary packages:
+you will need to download the latest 3.12 python release, and run the following commands to install the necessary packages:
 
     requirements.bat
 
@@ -32,26 +82,28 @@ Run the following commands on a Debian/Ubuntu Linux system to install the approp
     cp vdiclient.py /usr/local/bin
     chmod +x /usr/local/bin/vdiclient.py
 
-## Configuration File
+## Fedora/CentOS/RHEL Installation
 
-PVE VDI Client **REQUIRES** a configuration file to function. The client searches for this file in the following locations unless **--config** is specified on the commmand line:
+Run the following commands on a Debian/Ubuntu Linux system to install the appropriate prerequisites
 
-* Windows
-    * %APPDATA%\VDIClient\vdiclient.ini
-    * %PROGRAMFILES%\VDIClient\vdiclient.ini
-* Linux
-    * ~/.config/VDIClient/vdiclient.ini
-    * /etc/vdiclient/vdiclient.ini
-    * /usr/local/etc/vdiclient/vdiclient.ini
+    dnf install python3-pip python3-tkinter virt-viewer git
+    git clone https://github.com/joshpatten/PVE-VDIClient.git
+    cd ./PVE-VDIClient/
+    chmod +x requirements.sh
+    ./requirements.sh
+    cp vdiclient.py /usr/local/bin
+    chmod +x /usr/local/bin/vdiclient.py
 
-Please refer to **vdiclient.ini.example** for all available config file options
+## Build Debian/Ubuntu Linux Binary
 
-If you encounter any issues feel free to submit an issue report.
+Run the following commands if you wish to build a binary on a Debian/Ubuntu Linux system
 
-## Proxmox Permission Requirements
+    apt install python3-pip python3-tk virt-viewer git
+    git clone https://github.com/joshpatten/PVE-VDIClient.git
+    cd ./PVE-VDIClient/
+    chmod +x requirements.sh
+    ./requirements.sh
+    pip3 install pyinstaller
+    pyinstaller --onefile --noconsole --noconfirm --hidden-import proxmoxer.backends --hidden-import proxmoxer.backends.https --hidden-import proxmoxer.backends.https.AuthenticationError --hidden-import proxmoxer.core --hidden-import proxmoxer.core.ResourceException --hidden-import subprocess.TimeoutExpired --hidden-import subprocess.CalledProcessError --hidden-import requests.exceptions --hidden-import requests.exceptions.ReadTimeout --hidden-import requests.exceptions.ConnectTimeout --hidden-import requests.exceptions.ConnectionError vdiclient.py
 
-Users that are accessing VDI instances need to have the following permissions assigned for each VM they access:
-
-* VM.PowerMgmt
-* VM.Console
-* VM.Audit
+Once pyinstaller has finished your binary will be located in dist/vdiclient

build_vdiclient.bat

@@ -1,24 +1,7 @@
 @echo off
-pyinstaller --noconsole --noconfirm --hidden-import proxmoxer.backends --hidden-import proxmoxer.backends.https --hidden-import proxmoxer.backends.https.AuthenticationError --hidden-import proxmoxer.core --hidden-import proxmoxer.core.ResourceException --hidden-import subprocess.TimeoutExpired --hidden-import subprocess.CalledProcessError --hidden-import requests.exceptions --hidden-import requests.exceptions.ReadTimeout --hidden-import requests.exceptions.ConnectTimeout --hidden-import requests.exceptions.ConnectionError -i vdiicon.ico vdiclient.py
+pyinstaller --noconsole --noconfirm --hidden-import proxmoxer.backends --hidden-import proxmoxer.backends.https --hidden-import proxmoxer.backends.https.AuthenticationError --hidden-import proxmoxer.core --hidden-import proxmoxer.core.ResourceException --hidden-import subprocess.TimeoutExpired --hidden-import subprocess.CalledProcessError --hidden-import requests.exceptions --hidden-import requests.exceptions.ReadTimeout --hidden-import requests.exceptions.ConnectTimeout --hidden-import requests.exceptions.ConnectionError --noupx -i vdiicon.ico vdiclient.py
 copy vdiclient.png dist\vdiclient
 copy vdiicon.ico dist\vdiclient
-del dist\vdiclient\opengl32sw.dll
-del dist\vdiclient\libGLESv2.dll
-del dist\vdiclient\d3dcompiler_47.dll
-del dist\vdiclient\Qt5Pdf.dll
-del dist\vdiclient\Qt5VirtualKeyboard.dll
-del dist\vdiclient\Qt5WebSockets.dll
-del dist\vdiclient\Qt5Quick.dll
-del dist\vdiclient\PySide2\plugins\imageformats\qgif.dll
-del dist\vdiclient\PySide2\plugins\imageformats\qjpeg.dll
-del dist\vdiclient\PySide2\plugins\imageformats\qpdf.dll
-del dist\vdiclient\PySide2\plugins\imageformats\qsvg.dll
-del dist\vdiclient\PySide2\plugins\imageformats\qtga.dll
-del dist\vdiclient\PySide2\plugins\imageformats\qtiff.dll
-del dist\vdiclient\PySide2\plugins\imageformats\qwbmp.dll
-del dist\vdiclient\PySide2\plugins\imageformats\qwebp.dll
-del dist\vdiclient\PySide2\plugins\platforminputcontexts\qtvirtualkeyboardplugin.dll
-del /Q dist\vdiclient\PySide2\translations\*
 cd dist
 python createmsi.py vdiclient.json
 cd ..

dist/vdiclient.json

@@ -1,6 +1,6 @@
 {
 	"upgrade_guid" : "46cbad92-353e-4b28-9bee-83950991dad8",
-	"version" : "1.2.06",
+	"version" : "2.0.2",
 	"product_name" : "VDI Client",
 	"manufacturer" : "Josh Patten",
 	"name" : "VDI Client",

requirements.bat

@@ -1,6 +1,6 @@
 @echo off
 pip install pyinstaller
 pip install proxmoxer
-pip install PySimpleGUI
+pip install "PySimpleGUI<5.0.0"
 pip install requests
 pip install pywin32

requirements.sh

@@ -1,4 +1,4 @@
 #!/bin/bash
 pip3 install proxmoxer
-pip3 install PySimpleGUI
+pip3 install "PySimpleGUI<5.0.0"
 pip3 install requests

vdiclient.ini.example

@@ -23,7 +23,17 @@ guest_type = both
 #window_width = 800
 #window_height = 600
 
-[Authentication]
+# PVE-VDIClient supports multiple clusters. Define them with sections that start with Hosts. followed by the name
+# you wish to display to your end users. This example is Hosts.PVE which would display PVE to your users
+[Hosts.PVE]
+# JSON dictionary of servers in the cluster
+# Format is 'IP/FQDN': PORT
+# NOTE: MAKE SURE THAT ALL LINES ARE INDENTED
+hostpool = {
+               "10.10.10.100" : 8006,
+               "10.10.10.111" : 8006,
+               "pve1.example.com" : 8006
+           }
 # This is the authentication backend that will be used to authenticate
 auth_backend = pve
 # If enabled, 2FA TOTP entry dialog will show
@@ -31,6 +41,35 @@ auth_totp = false
 # If disabled, TLS certificate will not be checked
 tls_verify = false
 # User name (if using token)
+# NOTE: If only one cluster is defined, this will auto-login
+# If user, token_name, and token_value are set
+#user = user
+# API Token Name
+#token_name = dvi
+# API Token Value
+#token_value = xxx-x-x-x-xxx
+# Password Reset Command Launch. Has to be full executable Command
+#pwresetcmd = start chrome --app=http://pwreset.example.com
+# Automatically connect to a VMID upon authentication
+#auto_vmid = 100
+
+# An additional cluster definition
+#[Hosts.PVE2]
+# JSON dictionary of servers in the cluster
+# Format is 'IP/FQDN': PORT
+#hostpool = {
+#               "10.10.10.100" : 8006,
+#               "10.10.10.111" : 8006,
+#               "pve1.example.com" : 8006
+#           }
+# This is the authentication backend that will be used to authenticate
+#auth_backend = pve
+# If enabled, 2FA TOTP entry dialog will show
+#auth_totp = false
+# If disabled, TLS certificate will not be checked
+#tls_verify = false
+# User name (if using token)
+# NOTE: If only one cluster is defined, this will auto-login
 #user = user
 # API Token Name
 #token_name = dvi
@@ -41,10 +80,6 @@ tls_verify = false
 # Automatically connect to a VMID upon authentication
 #auto_vmid = 100
 
-[Hosts]
-# Hosts are entered as `IP/FQDN = Port`
-10.10.10.100 = 8006
-pve1.example.com = 8006
 
 [SpiceProxyRedirect]
 # The Spice Proxy provided by the Proxmox API may need to have its host/port rewritten

vdiclient.py

@@ -5,10 +5,11 @@ gui = 'TK'
 import requests
 from datetime import datetime
 from configparser import ConfigParser
+import argparse
 import random
 import sys
-import copy
 import os
+import json
 import subprocess
 from time import sleep
 from io import StringIO
@@ -16,73 +17,78 @@ from io import StringIO
 
 
 class G:
-	hostpool = []
 	spiceproxy_conv = {}
 	proxmox = None
+	icon = None
 	vvcmd = None
 	scaling = 1
 	#########
-	title = 'VDI Login'
-	backend = 'pve'
-	user = ""
-	token_name = None
-	token_value = None
-	totp = False
+	inidebug = False
+	addl_params = None
 	imagefile = None
 	kiosk = False
 	viewer_kiosk = True
 	fullscreen = True
-	verify_ssl = True
-	icon = None
-	inidebug = False
 	show_reset = False
 	show_hibernate = False
-	addl_params = None
+	current_hostset = 'DEFAULT'
+	title = 'VDI Login'
+	hosts = {}
 	theme = 'LightBlue'
 	guest_type = 'both'
 	width = None
 	height = None
-	pwresetcmd = None
-	auto_vmid = None
 
-def loadconfig(config_location = None):
-	if config_location:
-		config = ConfigParser(delimiters='=')
-		try:
-			config.read(config_location)
-		except Exception as e:
-			win_popup_button(f'Unable to read supplied configuration:\n{e!r}', 'OK')
-			config_location = None
-	if not config_location:
-		if os.name == 'nt': # Windows
-			config_location = f'{os.getenv("APPDATA")}\\VDIClient\\vdiclient.ini'
-			if not os.path.exists(config_location):
-				config_location = f'{os.getenv("PROGRAMFILES")}\\VDIClient\\vdiclient.ini'
-			if not os.path.exists(config_location):
-				config_location = f'{os.getenv("PROGRAMFILES(x86)")}\\VDIClient\\vdiclient.ini'
-			if not os.path.exists(config_location):
-				# Last ditch effort
-				config_location = 'C:\\Program Files\\VDIClient\\vdiclient.ini'
-			if not os.path.exists(config_location):
-				win_popup_button(f'Unable to read supplied configuration from any location!', 'OK')
+
+def loadconfig(config_location = None, config_type='file', config_username = None, config_password = None, ssl_verify = True):
+	config = ConfigParser(delimiters='=')
+	if config_type == 'file':
+		if config_location:
+			if not os.path.isfile(config_location):
+				win_popup_button(f'Unable to read supplied configuration:\n{config_location} does not exist!', 'OK')
 				return False
-		elif os.name == 'posix': #Linux
-			config_location = os.path.expanduser('~/.config/VDIClient/vdiclient.ini')
-			if not os.path.exists(config_location):
-				config_location = '/etc/vdiclient/vdiclient.ini'
-			if not os.path.exists(config_location):
-				config_location = '/usr/local/etc/vdiclient/vdiclient.ini'
-			if not os.path.exists(config_location):
-				win_popup_button(f'Unable to read supplied configuration from any location!', 'OK')
-				return False
-		config = ConfigParser(delimiters='=')
+		else:
+			if os.name == 'nt': # Windows
+				config_list = [
+					f'{os.getenv("APPDATA")}\\VDIClient\\vdiclient.ini',
+					f'{os.getenv("PROGRAMFILES")}\\VDIClient\\vdiclient.ini',
+					f'{os.getenv("PROGRAMFILES(x86)")}\\VDIClient\\vdiclient.ini',
+					'C:\\Program Files\\VDIClient\\vdiclient.ini'
+				]
+				
+			elif os.name == 'posix': #Linux
+				config_list = [
+					os.path.expanduser('~/.config/VDIClient/vdiclient.ini'),
+					'/etc/vdiclient/vdiclient.ini',
+					'/usr/local/etc/vdiclient/vdiclient.ini'
+				]
+		for location in config_list:
+			if os.path.exists(location):
+				config_location = location
+				break
+		if not config_location:
+			win_popup_button(f'Unable to read supplied configuration from any location!', 'OK')
+			return False
 		try:
 			config.read(config_location)
 		except Exception as e:
 			win_popup_button(f'Unable to read configuration file:\n{e!r}', 'OK')
-			config_location = None
+			return False
+	elif config_type == 'http':
+		if not config_location:
+			win_popup_button('--config_type http defined, yet no URL provided in --config_location parameter!', 'OK')
+			return False
+		try:
+			if config_username and config_password:
+				r = requests.get(url=config_location, auth=(config_username, config_password), verify = ssl_verify)
+			else:
+				r = requests.get(url=config_location, verify = ssl_verify)
+			config.read_string(r.text)
+		except Exception as e:
+			win_popup_button(f"Unable to read configuration from URL!\n{e}", "OK")
+			return False
 	if not 'General' in config:
-		win_popup_button(f'Unable to read supplied configuration:\nNo `General` section defined!', 'OK')
+		win_popup_button('Unable to read supplied configuration:\nNo `General` section defined!', 'OK')
 		return False
 	else:
 		if 'title' in config['General']:
@@ -111,35 +117,99 @@ def loadconfig(config_location = None):
 			G.width = config['General'].getint('window_width')
 		if 'window_height' in config['General']:
 			G.height = config['General'].getint('window_height')
-	if not 'Authentication' in config:
-		win_popup_button(f'Unable to read supplied configuration:\nNo `Authentication` section defined!', 'OK')
-		return False
-	else:
-		if 'auth_backend' in config['Authentication']:
-			G.backend = config['Authentication']['auth_backend']
-		if 'auth_totp' in config['Authentication']:
-			G.totp = config['Authentication'].getboolean('auth_totp')
-		if 'tls_verify' in config['Authentication']:
-			G.verify_ssl = config['Authentication'].getboolean('tls_verify')
-		if 'user' in config['Authentication']:
-			G.user = config['Authentication']['user']
-		if 'token_name' in config['Authentication']:
-			G.token_name = config['Authentication']['token_name']
-		if 'token_value' in config['Authentication']:
-			G.token_value = config['Authentication']['token_value']
-		if 'pwresetcmd' in config['Authentication']:
-			G.pwresetcmd = config['Authentication']['pwresetcmd']
-		if 'auto_vmid' in config['Authentication']:
-			G.auto_vmid = config['Authentication'].getint('auto_vmid')
-	if not 'Hosts' in config:
-		win_popup_button(f'Unable to read supplied configuration:\nNo `Hosts` section defined!', 'OK')
-		return False
-	else:
+	if 'Authentication' in config: #Legacy configuration
+		G.hosts['DEFAULT'] = {
+			'hostpool' : [],
+			'backend' : 'pve',
+			'user' : "",
+			'token_name' : None,
+			'token_value' : None,
+			'totp' : False,
+			'verify_ssl' : True,
+			'pwresetcmd' : None,
+			'auto_vmid' : None,
+			'knock_seq': []
+		}
+		if not 'Hosts' in config:
+			win_popup_button(f'Unable to read supplied configuration:\nNo `Hosts` section defined!', 'OK')
+			return False
 		for key in config['Hosts']:
-			G.hostpool.append({
+			G.hosts['DEFAULT']['hostpool'].append({
 				'host': key,
 				'port': int(config['Hosts'][key])
 			})
+		if 'auth_backend' in config['Authentication']:
+			G.hosts['DEFAULT']['backend'] = config['Authentication']['auth_backend']
+		if 'user' in config['Authentication']:
+			G.hosts['DEFAULT']['user'] = config['Authentication']['user']
+		if 'token_name' in config['Authentication']:
+			G.hosts['DEFAULT']['token_name'] = config['Authentication']['token_name']
+		if 'token_value' in config['Authentication']:
+			G.hosts['DEFAULT']['token_value'] = config['Authentication']['token_value']
+		if 'auth_totp' in config['Authentication']:
+			G.hosts['DEFAULT']['totp'] = config['Authentication'].getboolean('auth_totp')
+		if 'tls_verify' in config['Authentication']:
+			G.hosts['DEFAULT']['verify_ssl'] = config['Authentication'].getboolean('tls_verify')
+		if 'pwresetcmd' in config['Authentication']:
+			G.hosts['DEFAULT']['pwresetcmd'] = config['Authentication']['pwresetcmd']
+		if 'auto_vmid' in config['Authentication']:
+			G.hosts['DEFAULT']['auto_vmid'] = config['Authentication'].getint('auto_vmid')
+		if 'knock_seq' in config['Authentication']:
+			try:
+				G.hosts['DEFAULT']['knock_seq'] = json.loads(config['Authentication']['knock_seq'])
+			except Exception as e:
+				win_popup_button(f'Knock sequence not valid JSON, skipping!\n{e!r}', 'OK')
+	else: # New style config
+		i = 0
+		for section in config.sections():
+			if section.startswith('Hosts.'):
+				_, group = section.split('.', 1)
+				if i == 0:
+					G.current_hostset = group
+				G.hosts[group] = {
+					'hostpool' : [],
+					'backend' : 'pve',
+					'user' : "",
+					'token_name' : None,
+					'token_value' : None,
+					'totp' : False,
+					'verify_ssl' : True,
+					'pwresetcmd' : None,
+					'auto_vmid' : None,
+					'knock_seq': []
+				}
+				try:
+					hostjson = json.loads(config[section]['hostpool'])
+				except Exception as e:
+					win_popup_button(f"Error: could not parse hostpool in section {section}:\n{e!r}", "OK")
+					return False
+				for key, value in hostjson.items():
+					G.hosts[group]['hostpool'].append({
+						'host': key,
+						'port': int(value)
+					})
+				if 'auth_backend' in config[section]:
+					G.hosts[group]['backend'] = config[section]['auth_backend']
+				if 'user' in config[section]:
+					G.hosts[group]['user'] = config[section]['user']
+				if 'token_name' in config[section]:
+					G.hosts[group]['token_name'] = config[section]['token_name']
+				if 'token_value' in config[section]:
+					G.hosts[group]['token_value'] = config[section]['token_value']
+				if 'auth_totp' in config[section]:
+					G.hosts[group]['totp'] = config[section].getboolean('auth_totp')
+				if 'tls_verify' in config[section]:
+					G.hosts[group]['verify_ssl'] = config[section].getboolean('tls_verify')
+				if 'pwresetcmd' in config[section]:
+					G.hosts[group]['pwresetcmd'] = config[section]['pwresetcmd']
+				if 'auto_vmid' in config[section]:
+					G.hosts[group]['auto_vmid'] = config[section].getint('auto_vmid')
+				if 'knock_seq' in config[section]:
+					try:
+						G.hosts[group]['knock_seq'] = json.loads(config[section]['knock_seq'])
+					except Exception as e:
+						win_popup_button(f'Knock sequence not valid JSON, skipping!\n{e!r}', 'OK')
+				i += 1
 	if 'SpiceProxyRedirect' in config:
 		for key in config['SpiceProxyRedirect']:
 			G.spiceproxy_conv[key] = config['SpiceProxyRedirect'][key]
@@ -175,22 +245,192 @@ def win_popup_button(message, button):
 			return
 
 def setmainlayout():
+	readonly = False
+	if G.hosts[G.current_hostset]['user'] and G.hosts[G.current_hostset]['token_name'] and G.hosts[G.current_hostset]['token_value']:
+		readonly = True
 	layout = []
 	if G.imagefile:
-		layout.append([sg.Image(G.imagefile), sg.Text(G.title, size =(18*G.scaling, 1*G.scaling), justification='c', font=["Helvetica", 18])])
+		layout.append(
+			[
+				sg.Image(G.imagefile),
+				sg.Text(
+					G.title,
+					size = (
+						18*G.scaling,
+						1*G.scaling
+					),
+					justification = 'c',
+					font = [
+						"Helvetica", 
+						18
+					]
+				)
+			]
+		)
 	else:
-		layout.append([sg.Text(G.title, size =(30*G.scaling, 1*G.scaling), justification='c', font=["Helvetica", 18])])
-	layout.append([sg.Text("Username", size =(12*G.scaling, 1*G.scaling), font=["Helvetica", 12]), sg.InputText(default_text=G.user,key='-username-', font=["Helvetica", 12])])
-	layout.append([sg.Text("Password", size =(12*G.scaling, 1*G.scaling),font=["Helvetica", 12]), sg.InputText(key='-password-', password_char='*', font=["Helvetica", 12])])
+		layout.append(
+			[
+				sg.Text(
+					G.title,
+					size = (
+						30*G.scaling,
+						1*G.scaling
+					),
+					justification='c',
+					font = [
+						"Helvetica", 
+						18
+					]
+				)
+			]
+		)
 	
-	if G.totp:
-		layout.append([sg.Text("OTP Key", size =(12*G.scaling, 1), font=["Helvetica", 12]), sg.InputText(key='-totp-', font=["Helvetica", 12])])
+	if len(G.hosts) > 1:
+		groups = []
+		for key, _ in G.hosts.items():
+			groups.append(key)
+		layout.append(
+			[
+				sg.Text(
+					"Server Group:",
+					size = (
+						12*G.scaling,
+						1*G.scaling
+					),
+					font = [
+						"Helvetica",
+						12
+					]
+				),
+				sg.Combo(
+					groups,
+					G.current_hostset,
+					key = '-group-',
+					font = [
+						"Helvetica",
+						12
+					],
+					readonly = True,
+					enable_events = True
+				)
+			]
+		)
+
+	layout.append(
+		[
+			sg.Text(
+				"Username",
+				size = (
+					12*G.scaling,
+					1*G.scaling
+				),
+				font = [
+					"Helvetica",
+					12
+				]
+			),
+			sg.InputText(
+				default_text = G.hosts[G.current_hostset]['user'],
+				key = '-username-',
+				font = [
+					"Helvetica",
+					12
+				],
+				readonly = readonly
+			)
+		]
+	)
+	layout.append(
+		[
+			sg.Text(
+				"Password",
+				size = (
+					12*G.scaling,
+					1*G.scaling
+				),
+				font = [
+					"Helvetica",
+					12
+				]
+			),
+			sg.InputText(
+				key='-password-',
+				password_char='*',
+				font = [
+					"Helvetica",
+					12
+				],
+				readonly = readonly
+			)
+		]
+	)
+	
+	if G.hosts[G.current_hostset]['totp']:
+		layout.append(
+			[
+				sg.Text(
+					"OTP Key",
+					size = (
+						12*G.scaling,
+						1
+					),
+					font = [
+						"Helvetica",
+						12
+					]
+				),
+				sg.InputText(
+					key = '-totp-',
+					font = [
+						"Helvetica",
+						12
+					]
+				)
+			]
+		)
 	if G.kiosk:
-		layout.append([sg.Button("Log In", font=["Helvetica", 14], bind_return_key=True)])
+		layout.append(
+			[
+				sg.Button(
+					"Log In",
+					font = [
+						"Helvetica",
+						14
+					],
+					bind_return_key=True
+				)
+			]
+		)
 	else:
-		layout.append([sg.Button("Log In", font=["Helvetica", 14], bind_return_key=True), sg.Button("Cancel", font=["Helvetica", 14])])
-	if G.pwresetcmd:
-		layout[-1].append(sg.Button('Password Reset', font=["Helvetica", 14]))
+		layout.append(
+			[
+				sg.Button(
+					"Log In",
+					font = [
+						"Helvetica",
+						14
+					],
+					bind_return_key=True
+				),
+				sg.Button(
+					"Cancel",
+					font = [
+						"Helvetica",
+						14
+					]
+				)
+			]
+		)
+	if G.hosts[G.current_hostset]['pwresetcmd']:
+		layout[-1].append(
+			sg.Button(
+				'Password Reset',
+				font = [
+					"Helvetica",
+					14
+				]
+			)
+		)
 	return layout
 
 def getvms(listonly = False):
@@ -275,7 +515,7 @@ def setvmlayout(vms):
 
 def iniwin(inistring):
 	inilayout = [
-			[sg.Multiline(default_text=inistring, size=(800*G.scaling, 600*G.scaling))]
+			[sg.Multiline(default_text=inistring, size=(100, 40))]
 	]
 	iniwindow = sg.Window('INI debug', inilayout)
 	while True:
@@ -440,9 +680,9 @@ def setcmd():
 		sys.exit()
 
 def pveauth(username, passwd=None, totp=None):
-	random.shuffle(G.hostpool)
+	random.shuffle(G.hosts[G.current_hostset]['hostpool'])
 	err = None
-	for hostinfo in G.hostpool:
+	for hostinfo in G.hosts[G.current_hostset]['hostpool']:
 		host = hostinfo['host']
 		if 'port' in hostinfo:
 			port = hostinfo['port']
@@ -452,12 +692,32 @@ def pveauth(username, passwd=None, totp=None):
 		authenticated = False
 		if not connected and not authenticated:
 			try:
-				if G.token_name and G.token_value:
-					G.proxmox = proxmoxer.ProxmoxAPI(host, user=f'{username}@{G.backend}',token_name=G.token_name,token_value=G.token_value, verify_ssl=G.verify_ssl, port=port)
+				if G.hosts[G.current_hostset]['token_name'] and G.hosts[G.current_hostset]['token_value']:
+					G.proxmox = proxmoxer.ProxmoxAPI(
+						host,
+						user=f"{username}@{G.hosts[G.current_hostset]['backend']}",
+						token_name=G.hosts[G.current_hostset]['token_name'],
+						token_value=G.hosts[G.current_hostset]['token_value'],
+						verify_ssl=G.hosts[G.current_hostset]['verify_ssl'], 
+						port=port
+					)
 				elif totp:
-					G.proxmox = proxmoxer.ProxmoxAPI(host, user=f'{username}@{G.backend}', otp=totp, password=passwd, verify_ssl=G.verify_ssl, port=port)
+					G.proxmox = proxmoxer.ProxmoxAPI(
+						host,
+						user=f"{username}@{G.hosts[G.current_hostset]['backend']}",
+						otp=totp,
+						password=passwd,
+						verify_ssl=G.hosts[G.current_hostset]['verify_ssl'],
+						port=port
+					)
 				else:
-					G.proxmox = proxmoxer.ProxmoxAPI(host, user=f'{username}@{G.backend}', password=passwd, verify_ssl=G.verify_ssl, port=port)
+					G.proxmox = proxmoxer.ProxmoxAPI(
+						host,
+						user=f"{username}@{G.hosts[G.current_hostset]['backend']}",
+						password=passwd,
+						verify_ssl=G.hosts[G.current_hostset]['verify_ssl'],
+						port=port
+					)
 				connected = True
 				authenticated = True
 				return connected, authenticated, err
@@ -472,18 +732,18 @@ def pveauth(username, passwd=None, totp=None):
 
 def loginwindow():
 	layout = setmainlayout()
-	if G.user and G.token_name and G.token_value: # We need to skip the login
+	if G.hosts[G.current_hostset]['user'] and G.hosts[G.current_hostset]['token_name'] and G.hosts[G.current_hostset]['token_value'] and len(G.hosts) == 1: # We need to skip the login
 		popwin = win_popup("Please wait, authenticating...")
-		connected, authenticated, error = pveauth(G.user)
+		connected, authenticated, error = pveauth(G.hosts[G.current_hostset]['user'])
 		popwin.close()
 		if not connected:
 			win_popup_button(f'Unable to connect to any VDI server, are you connected to the Internet?\nError Info: {error}', 'OK')
-			return False
+			return False, False
 		elif connected and not authenticated:
 			win_popup_button('Invalid username and/or password, please try again!', 'OK')
-			return False
+			return False, False
 		elif connected and authenticated:
-			return True
+			return True, False
 	else:
 		if G.icon:
 			window = sg.Window(G.title, layout, return_keyboard_events=True, resizable=False, no_titlebar=G.kiosk, icon=G.icon)
@@ -491,12 +751,17 @@ def loginwindow():
 			window = sg.Window(G.title, layout, return_keyboard_events=True, resizable=False, no_titlebar=G.kiosk)
 		while True:
 			event, values = window.read()
+			if event == '-group-' and values['-group-'] != G.current_hostset:
+				#Switch cluster
+				G.current_hostset = values['-group-']
+				window.close()
+				return False, True
 			if event == 'Cancel' or event == sg.WIN_CLOSED:
 				window.close()
-				return False
+				return False, False
 			elif event == 'Password Reset':
 				try:
-					subprocess.check_call(G.pwresetcmd, shell=True)
+					subprocess.check_call(G.hosts[G.current_hostset]['pwresetcmd'], shell=True)
 				except Exception as e:
 					win_popup_button(f'Unable to open password reset command.\n\nError Info:\n{e}', 'OK')
 			else:
@@ -516,7 +781,7 @@ def loginwindow():
 						win_popup_button('Invalid username and/or password, please try again!', 'OK')
 					elif connected and authenticated:
 						window.close()
-						return True
+						return True, False
 					#break
 
 def showvms():
@@ -599,42 +864,45 @@ def showvms():
 
 def main():
 	G.scaling = 1 # TKinter requires integers
-	config_location = None
-	if len(sys.argv) > 1:
-		if sys.argv[1] == '--list_themes':
-			sg.preview_all_look_and_feel_themes()
-			return
-		if sys.argv[1] == '--config':
-			if len(sys.argv) < 3:
-				win_popup_button('No config file provided with `--config` parameter.\nPlease provide location of config file!', 'OK')
-				return
-			else:
-				config_location = sys.argv[2]
+	parser = argparse.ArgumentParser(description='Proxmox VDI Client')
+	parser.add_argument('--list_themes', help='List all available themes', action='store_true')
+	parser.add_argument('--config_type', help='Select config type (default: file)', choices=['file', 'http'], default='file')
+	parser.add_argument('--config_location', help='Specify the config location (default: search for config file)', default=None)
+	parser.add_argument('--config_username', help="HTTP basic authentication username (default: None)", default=None)
+	parser.add_argument('--config_password', help="HTTP basic authentication password (default: None)", default=None)
+	parser.add_argument('--ignore_ssl', help="HTTPS ignore SSL certificate errors (default: False)", action='store_false', default=True)
+	args = parser.parse_args()
+	if args.list_themes:
+		sg.preview_all_look_and_feel_themes()
+		return
 	setcmd()
-	if not loadconfig(config_location):
+	if not loadconfig(config_location=args.config_location, config_type=args.config_type, config_username=args.config_username, config_password=args.config_password, ssl_verify=args.ignore_ssl):
 		return False
 	sg.theme(G.theme)
 	loggedin = False
+	switching = False
 	while True:
 		if not loggedin:
-			loggedin = loginwindow()
-			if not loggedin:
-				if G.user and G.token_name and G.token_value: # This means if we don't exit we'll be in an infinite loop
+			loggedin, switching = loginwindow()
+			if not loggedin and not switching:
+				if G.hosts[G.current_hostset]['user'] and G.hosts[G.current_hostset]['token_name'] and G.hosts[G.current_hostset]['token_value']: # This means if we don't exit we'll be in an infinite loop
 					return 1
 				break
+			elif not loggedin and switching:
+				pass
 			else:
-				if G.auto_vmid:
+				if G.hosts[G.current_hostset]['auto_vmid']:
 					vms = getvms()
 					for row in vms:
-						if row['vmid'] == G.auto_vmid:
+						if row['vmid'] == G.hosts[G.current_hostset]['auto_vmid']:
 							vmaction(row['node'], row['vmid'], row['type'], action='connect')
 							return 0
-					win_popup_button(f'No VDI instance with ID {G.auto_vmid} found!', 'OK')
+					win_popup_button(f"No VDI instance with ID {G.hosts[G.current_hostset]['auto_vmid']} found!", 'OK')
 				vmstat = showvms()
 				if not vmstat:
 					G.proxmox = None
 					loggedin = False
-					if G.user and G.token_name and G.token_value: # This means if we don't exit we'll be in an infinite loop
+					if G.hosts[G.current_hostset]['user'] and G.hosts[G.current_hostset]['token_name'] and G.hosts[G.current_hostset]['token_value'] and len(G.hosts) == 1: # This means if we don't exit we'll be in an infinite loop
 						return 0
 				else:
 					return