pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / networking / x2goserver.nix
at 25.11-pre 5.8 kB view raw
1{ 2 config, 3 lib, 4 pkgs, 5 ... 6}: 7 8with lib; 9 10let 11 cfg = config.services.x2goserver; 12 13 defaults = { 14 superenicer = { 15 enable = cfg.superenicer.enable; 16 }; 17 }; 18 confText = generators.toINI { } (recursiveUpdate defaults cfg.settings); 19 x2goServerConf = pkgs.writeText "x2goserver.conf" confText; 20 21 x2goAgentOptions = pkgs.writeText "x2goagent.options" '' 22 X2GO_NXOPTIONS="" 23 X2GO_NXAGENT_DEFAULT_OPTIONS="${concatStringsSep " " cfg.nxagentDefaultOptions}" 24 ''; 25 26in 27{ 28 imports = [ 29 (mkRenamedOptionModule [ "programs" "x2goserver" ] [ "services" "x2goserver" ]) 30 ]; 31 32 options.services.x2goserver = { 33 enable = mkEnableOption "x2goserver" // { 34 description = '' 35 Enables the x2goserver module. 36 NOTE: This will create a good amount of symlinks in `/usr/local/bin` 37 ''; 38 }; 39 40 superenicer = { 41 enable = mkEnableOption "superenicer" // { 42 description = '' 43 Enables the SupeReNicer code in x2gocleansessions, this will renice 44 suspended sessions to nice level 19 and renice them to level 0 if the 45 session becomes marked as running again 46 ''; 47 }; 48 }; 49 50 nxagentDefaultOptions = mkOption { 51 type = types.listOf types.str; 52 default = [ 53 "-extension GLX" 54 "-nolisten tcp" 55 ]; 56 description = '' 57 List of default nx agent options. 58 ''; 59 }; 60 61 settings = mkOption { 62 type = types.attrsOf types.attrs; 63 default = { }; 64 description = '' 65 x2goserver.conf ini configuration as nix attributes. See 66 `x2goserver.conf(5)` for details 67 ''; 68 example = literalExpression '' 69 { 70 superenicer = { 71 "enable" = "yes"; 72 "idle-nice-level" = 19; 73 }; 74 telekinesis = { "enable" = "no"; }; 75 } 76 ''; 77 }; 78 }; 79 80 config = mkIf cfg.enable { 81 82 # x2goserver can run X11 program even if "services.xserver.enable = false" 83 xdg = { 84 autostart.enable = true; 85 menus.enable = true; 86 mime.enable = true; 87 icons.enable = true; 88 }; 89 90 environment.systemPackages = [ pkgs.x2goserver ]; 91 92 users.groups.x2go = { }; 93 users.users.x2go = { 94 home = "/var/lib/x2go/db"; 95 group = "x2go"; 96 isSystemUser = true; 97 }; 98 99 security.wrappers.x2gosqliteWrapper = { 100 source = "${pkgs.x2goserver}/lib/x2go/libx2go-server-db-sqlite3-wrapper.pl"; 101 owner = "x2go"; 102 group = "x2go"; 103 setuid = false; 104 setgid = true; 105 }; 106 security.wrappers.x2goprintWrapper = { 107 source = "${pkgs.x2goserver}/bin/x2goprint"; 108 owner = "x2go"; 109 group = "x2go"; 110 setuid = false; 111 setgid = true; 112 }; 113 114 systemd.tmpfiles.rules = 115 with pkgs; 116 [ 117 "d /var/lib/x2go/ - x2go x2go - -" 118 "d /var/lib/x2go/db - x2go x2go - -" 119 "d /var/lib/x2go/conf - x2go x2go - -" 120 "d /run/x2go 0755 x2go x2go - -" 121 ] 122 ++ 123 # x2goclient sends SSH commands with preset PATH set to 124 # "/usr/local/bin;/usr/bin;/bin". Since we cannot filter arbitrary ssh 125 # commands, we have to make the following executables available. 126 map (f: "L+ /usr/local/bin/${f} - - - - ${x2goserver}/bin/${f}") [ 127 "x2goagent" 128 "x2gobasepath" 129 "x2gocleansessions" 130 "x2gocmdexitmessage" 131 "x2godbadmin" 132 "x2gofeature" 133 "x2gofeaturelist" 134 "x2gofm" 135 "x2gogetapps" 136 "x2gogetservers" 137 "x2golistdesktops" 138 "x2golistmounts" 139 "x2golistsessions" 140 "x2golistsessions_root" 141 "x2golistshadowsessions" 142 "x2gomountdirs" 143 "x2gopath" 144 "x2goprint" 145 "x2goresume-desktopsharing" 146 "x2goresume-session" 147 "x2goruncommand" 148 "x2goserver-run-extensions" 149 "x2gosessionlimit" 150 "x2gosetkeyboard" 151 "x2goshowblocks" 152 "x2gostartagent" 153 "x2gosuspend-desktopsharing" 154 "x2gosuspend-session" 155 "x2goterminate-desktopsharing" 156 "x2goterminate-session" 157 "x2goumount-session" 158 "x2goversion" 159 ] 160 ++ [ 161 "L+ /usr/local/bin/awk - - - - ${gawk}/bin/awk" 162 "L+ /usr/local/bin/chmod - - - - ${coreutils}/bin/chmod" 163 "L+ /usr/local/bin/cp - - - - ${coreutils}/bin/cp" 164 "L+ /usr/local/bin/sed - - - - ${gnused}/bin/sed" 165 "L+ /usr/local/bin/setsid - - - - ${util-linux}/bin/setsid" 166 "L+ /usr/local/bin/xrandr - - - - ${xorg.xrandr}/bin/xrandr" 167 "L+ /usr/local/bin/xmodmap - - - - ${xorg.xmodmap}/bin/xmodmap" 168 ]; 169 170 systemd.services.x2goserver = { 171 description = "X2Go Server Daemon"; 172 wantedBy = [ "multi-user.target" ]; 173 unitConfig.Documentation = "man:x2goserver.conf(5)"; 174 serviceConfig = { 175 Type = "forking"; 176 ExecStart = "${pkgs.x2goserver}/bin/x2gocleansessions"; 177 PIDFile = "/run/x2go/x2goserver.pid"; 178 User = "x2go"; 179 Group = "x2go"; 180 RuntimeDirectory = "x2go"; 181 StateDirectory = "x2go"; 182 }; 183 preStart = '' 184 if [ ! -e /var/lib/x2go/setup_ran ] 185 then 186 mkdir -p /var/lib/x2go/conf 187 cp -r ${pkgs.x2goserver}/etc/x2go/* /var/lib/x2go/conf/ 188 ln -sf ${x2goServerConf} /var/lib/x2go/conf/x2goserver.conf 189 ln -sf ${x2goAgentOptions} /var/lib/x2go/conf/x2goagent.options 190 ${pkgs.x2goserver}/bin/x2godbadmin --createdb 191 touch /var/lib/x2go/setup_ran 192 fi 193 ''; 194 }; 195 196 # https://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=276 197 security.sudo.extraConfig = '' 198 Defaults env_keep+=QT_GRAPHICSSYSTEM 199 ''; 200 security.sudo-rs.extraConfig = '' 201 Defaults env_keep+=QT_GRAPHICSSYSTEM 202 ''; 203 }; 204}