blob: 2e8e50feb5e874eeb2c130d40a9c989d80bc590d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
{config,lib,pkgs, ...}:
with lib;
let
pwfile = (toString <secrets>)+ "/vnc-password"; # create with `vncpasswd`
pwtmp = "/tmp/vnc-password";
# nixos-unstable tigervnc is currently broken :\
package = (import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-17.03.tar.gz) {}).pkgs.tigervnc;
User = "makefu";
port = 5900;
in {
networking.firewall.allowedTCPPorts = [ port ];
networking.firewall.allowedUDPPorts = [ port ];
systemd.services."terminal-server" = {
description = "Terminal Server";
after = [ "display-manager.service" ];
wantedBy = [ "graphical.target" ];
serviceConfig = {
inherit User;
ExecStartPre = pkgs.writeDash "terminal-pre" ''
set -eufx
install -m0700 -o ${User} ${pwfile} ${pwtmp}
'';
ExecStart = "${package}/bin/x0vncserver -display :0 -rfbport ${toString port} -passwordfile ${pwtmp}";
PermissionsStartOnly = true;
PrivateTmp = true;
};
};
}
|
