31 lines
970 B
Nix
31 lines
970 B
Nix
{config,lib,pkgs, ...}:
|
|
with lib;
|
|
let
|
|
pwfile = (toString <secrets>)+ "/vnc-password"; # create with `vncpasswd`
|
|
pwtmp = "/tmp/vnc-password";
|
|
# nixos-unstable tigervnc is currently broken :\
|
|
package = (import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-17.03.tar.gz) {}).pkgs.tigervnc;
|
|
User = "makefu";
|
|
port = 5900;
|
|
in {
|
|
networking.firewall.allowedTCPPorts = [ port ];
|
|
networking.firewall.allowedUDPPorts = [ port ];
|
|
|
|
systemd.services."terminal-server" = {
|
|
description = "Terminal Server";
|
|
after = [ "display-manager.service" ];
|
|
wantedBy = [ "graphical.target" ];
|
|
serviceConfig = {
|
|
inherit User;
|
|
ExecStartPre = pkgs.writeDash "terminal-pre" ''
|
|
|
|
set -eufx
|
|
install -m0700 -o ${User} ${pwfile} ${pwtmp}
|
|
'';
|
|
ExecStart = "${package}/bin/x0vncserver -display :0 -rfbport ${toString port} -passwordfile ${pwtmp}";
|
|
PermissionsStartOnly = true;
|
|
PrivateTmp = true;
|
|
};
|
|
};
|
|
}
|