nixos/modules/services/networking/x2goserver.nix at 23.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / networking / x2goserver.nix
at 23.11-pre 5.4 kB view raw
  1{ config, lib, pkgs, ... }:
  2
  3with lib;
  4
  5let
  6  cfg = config.services.x2goserver;
  7
  8  defaults = {
  9    superenicer = { enable = cfg.superenicer.enable; };
 10  };
 11  confText = generators.toINI {} (recursiveUpdate defaults cfg.settings);
 12  x2goServerConf = pkgs.writeText "x2goserver.conf" confText;
 13
 14  x2goAgentOptions = pkgs.writeText "x2goagent.options" ''
 15    X2GO_NXOPTIONS=""
 16    X2GO_NXAGENT_DEFAULT_OPTIONS="${concatStringsSep " " cfg.nxagentDefaultOptions}"
 17  '';
 18
 19in {
 20  imports = [
 21    (mkRenamedOptionModule [ "programs" "x2goserver" ] [ "services" "x2goserver" ])
 22  ];
 23
 24  options.services.x2goserver = {
 25    enable = mkEnableOption (lib.mdDoc "x2goserver") // {
 26      description = lib.mdDoc ''
 27        Enables the x2goserver module.
 28        NOTE: This will create a good amount of symlinks in `/usr/local/bin`
 29      '';
 30    };
 31
 32    superenicer = {
 33      enable = mkEnableOption (lib.mdDoc "superenicer") // {
 34        description = lib.mdDoc ''
 35          Enables the SupeReNicer code in x2gocleansessions, this will renice
 36          suspended sessions to nice level 19 and renice them to level 0 if the
 37          session becomes marked as running again
 38        '';
 39      };
 40    };
 41
 42    nxagentDefaultOptions = mkOption {
 43      type = types.listOf types.str;
 44      default = [ "-extension GLX" "-nolisten tcp" ];
 45      description = lib.mdDoc ''
 46        List of default nx agent options.
 47      '';
 48    };
 49
 50    settings = mkOption {
 51      type = types.attrsOf types.attrs;
 52      default = {};
 53      description = lib.mdDoc ''
 54        x2goserver.conf ini configuration as nix attributes. See
 55        `x2goserver.conf(5)` for details
 56      '';
 57      example = literalExpression ''
 58        {
 59          superenicer = {
 60            "enable" = "yes";
 61            "idle-nice-level" = 19;
 62          };
 63          telekinesis = { "enable" = "no"; };
 64        }
 65      '';
 66    };
 67  };
 68
 69  config = mkIf cfg.enable {
 70
 71    # x2goserver can run X11 program even if "services.xserver.enable = false"
 72    xdg = {
 73      autostart.enable = true;
 74      menus.enable = true;
 75      mime.enable = true;
 76      icons.enable = true;
 77    };
 78
 79    environment.systemPackages = [ pkgs.x2goserver ];
 80
 81    users.groups.x2go = {};
 82    users.users.x2go = {
 83      home = "/var/lib/x2go/db";
 84      group = "x2go";
 85      isSystemUser = true;
 86    };
 87
 88    security.wrappers.x2gosqliteWrapper = {
 89      source = "${pkgs.x2goserver}/lib/x2go/libx2go-server-db-sqlite3-wrapper.pl";
 90      owner = "x2go";
 91      group = "x2go";
 92      setuid = false;
 93      setgid = true;
 94    };
 95    security.wrappers.x2goprintWrapper = {
 96      source = "${pkgs.x2goserver}/bin/x2goprint";
 97      owner = "x2go";
 98      group = "x2go";
 99      setuid = false;
100      setgid = true;
101    };
102
103    systemd.tmpfiles.rules = with pkgs; [
104      "d /var/lib/x2go/ - x2go x2go - -"
105      "d /var/lib/x2go/db - x2go x2go - -"
106      "d /var/lib/x2go/conf - x2go x2go - -"
107      "d /run/x2go 0755 x2go x2go - -"
108    ] ++
109    # x2goclient sends SSH commands with preset PATH set to
110    # "/usr/local/bin;/usr/bin;/bin". Since we cannot filter arbitrary ssh
111    # commands, we have to make the following executables available.
112    map (f: "L+ /usr/local/bin/${f} - - - - ${x2goserver}/bin/${f}") [
113      "x2goagent" "x2gobasepath" "x2gocleansessions" "x2gocmdexitmessage"
114      "x2godbadmin" "x2gofeature" "x2gofeaturelist" "x2gofm" "x2gogetapps"
115      "x2gogetservers" "x2golistdesktops" "x2golistmounts" "x2golistsessions"
116      "x2golistsessions_root" "x2golistshadowsessions" "x2gomountdirs"
117      "x2gopath" "x2goprint" "x2goresume-desktopsharing" "x2goresume-session"
118      "x2goruncommand" "x2goserver-run-extensions" "x2gosessionlimit"
119      "x2gosetkeyboard" "x2goshowblocks" "x2gostartagent"
120      "x2gosuspend-desktopsharing" "x2gosuspend-session"
121      "x2goterminate-desktopsharing" "x2goterminate-session"
122      "x2goumount-session" "x2goversion"
123    ] ++ [
124      "L+ /usr/local/bin/awk - - - - ${gawk}/bin/awk"
125      "L+ /usr/local/bin/chmod - - - - ${coreutils}/bin/chmod"
126      "L+ /usr/local/bin/cp - - - - ${coreutils}/bin/cp"
127      "L+ /usr/local/bin/sed - - - - ${gnused}/bin/sed"
128      "L+ /usr/local/bin/setsid - - - - ${util-linux}/bin/setsid"
129      "L+ /usr/local/bin/xrandr - - - - ${xorg.xrandr}/bin/xrandr"
130      "L+ /usr/local/bin/xmodmap - - - - ${xorg.xmodmap}/bin/xmodmap"
131    ];
132
133    systemd.services.x2goserver = {
134      description = "X2Go Server Daemon";
135      wantedBy = [ "multi-user.target" ];
136      unitConfig.Documentation = "man:x2goserver.conf(5)";
137      serviceConfig = {
138        Type = "forking";
139        ExecStart = "${pkgs.x2goserver}/bin/x2gocleansessions";
140        PIDFile = "/run/x2go/x2goserver.pid";
141        User = "x2go";
142        Group = "x2go";
143        RuntimeDirectory = "x2go";
144        StateDirectory = "x2go";
145      };
146      preStart = ''
147        if [ ! -e /var/lib/x2go/setup_ran ]
148        then
149          mkdir -p /var/lib/x2go/conf
150          cp -r ${pkgs.x2goserver}/etc/x2go/* /var/lib/x2go/conf/
151          ln -sf ${x2goServerConf} /var/lib/x2go/conf/x2goserver.conf
152          ln -sf ${x2goAgentOptions} /var/lib/x2go/conf/x2goagent.options
153          ${pkgs.x2goserver}/bin/x2godbadmin --createdb
154          touch /var/lib/x2go/setup_ran
155        fi
156      '';
157    };
158
159    # https://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=276
160    security.sudo.extraConfig = ''
161      Defaults  env_keep+=QT_GRAPHICSSYSTEM
162    '';
163  };
164}