m 2 vncserver: init

author: makefu <github@syntax-fehler.de> 2017-05-10 16:47:58 +0200
committer: makefu <github@syntax-fehler.de> 2017-05-10 16:47:58 +0200
commit: 669a7936fc75e377e840472d2b941fef382413b3 (patch)
tree: 76ce2516a6ac9b89a011db607c13ca4973236a0a
parent: fb1fff243a100757391552f7caa691bd9fe36097 (diff)
1 files changed, 30 insertions, 0 deletions
diff --git a/makefu/2configs/vncserver.nix b/makefu/2configs/vncserver.nix
new file mode 100644
index 000000000..2e8e50feb
--- /dev/null
+++ b/makefu/2configs/vncserver.nix
@@ -0,0 +1,30 @@
+{config,lib,pkgs, ...}:
+with lib;
+let
+  pwfile = (toString <secrets>)+ "/vnc-password"; # create with `vncpasswd`
+  pwtmp = "/tmp/vnc-password";
+  # nixos-unstable tigervnc is currently broken :\
+  package = (import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-17.03.tar.gz) {}).pkgs.tigervnc;
+  User = "makefu";
+  port = 5900;
+in {
+	networking.firewall.allowedTCPPorts = [ port ];
+	networking.firewall.allowedUDPPorts = [ port ];
+
+	systemd.services."terminal-server" = {
+    description = "Terminal Server";
+    after = [ "display-manager.service" ];
+    wantedBy = [ "graphical.target" ];
+		serviceConfig = {
+      inherit User;
+      ExecStartPre = pkgs.writeDash "terminal-pre" ''
+ 
+        set -eufx
+        install -m0700 -o ${User} ${pwfile} ${pwtmp}
+      '';
+			ExecStart = "${package}/bin/x0vncserver -display :0 -rfbport ${toString port} -passwordfile ${pwtmp}";
+      PermissionsStartOnly = true;
+      PrivateTmp = true;
+		};
+	};
+}
author	makefu <github@syntax-fehler.de>	2017-05-10 16:47:58 +0200
committer	makefu <github@syntax-fehler.de>	2017-05-10 16:47:58 +0200
commit	669a7936fc75e377e840472d2b941fef382413b3 (patch)
tree	76ce2516a6ac9b89a011db607c13ca4973236a0a
parent	fb1fff243a100757391552f7caa691bd9fe36097 (diff)