diff options
author | makefu <github@syntax-fehler.de> | 2017-05-12 11:35:35 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2017-05-12 11:35:35 +0200 |
commit | 4c2408763eec98ec9cecf340dccfffa34a0c3cb0 (patch) | |
tree | 995be05e5b059970082095079c16af3a073d882d /makefu | |
parent | 1f9ddd9c6f8cdd9ce1b5a6bb9dc65475e2a90e62 (diff) |
m: init and use 'makefu.gui.user'
Diffstat (limited to 'makefu')
-rw-r--r-- | makefu/2configs/vncserver.nix | 70 | ||||
-rw-r--r-- | makefu/3modules/server-config.nix | 5 | ||||
-rw-r--r-- | makefu/5pkgs/novnc/default.nix | 41 |
3 files changed, 97 insertions, 19 deletions
diff --git a/makefu/2configs/vncserver.nix b/makefu/2configs/vncserver.nix index 2e8e50feb..c56b3e294 100644 --- a/makefu/2configs/vncserver.nix +++ b/makefu/2configs/vncserver.nix @@ -5,26 +5,58 @@ let pwtmp = "/tmp/vnc-password"; # nixos-unstable tigervnc is currently broken :\ package = (import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-17.03.tar.gz) {}).pkgs.tigervnc; - User = "makefu"; - port = 5900; + user = config.makefu.gui.user; + vnc_port = 5900; + web_port = 6080; in { - networking.firewall.allowedTCPPorts = [ port ]; - networking.firewall.allowedUDPPorts = [ port ]; + networking.firewall.allowedTCPPorts = [ 80 vnc_port web_port ]; + systemd.services = { + terminal-server = { + description = "VNC Terminal Server"; + after = [ "display-manager.service" "graphical.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = user; + Restart = "always"; + ExecStartPre = pkgs.writeDash "terminal-pre" '' + sleep 5 + install -m0700 -o ${user} ${pwfile} ${pwtmp} + ''; + ExecStart = "${package}/bin/x0vncserver -display :0 -rfbport ${toString vnc_port} -passwordfile ${pwtmp}"; + PermissionsStartOnly = true; + PrivateTmp = true; + }; + }; + terminal-web = { + description = "noVNC Web Server"; + after = [ "terminal-server.service" "graphical.target" "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "nobody"; + ExecStart = "${pkgs.novnc}/bin/launch-novnc.sh --listen ${toString web_port} --vnc localhost:${toString vnc_port}"; + PrivateTmp = true; + }; + }; + }; + services.nginx.enable = true; + services.nginx.virtualHosts._.locations = { + "/" = { + root = "${pkgs.novnc}"; + index = "vnc_auto.html"; + }; + "/websockify" = { + proxyPass = "http://127.0.0.1:6080/"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; - systemd.services."terminal-server" = { - description = "Terminal Server"; - after = [ "display-manager.service" ]; - wantedBy = [ "graphical.target" ]; - serviceConfig = { - inherit User; - ExecStartPre = pkgs.writeDash "terminal-pre" '' - - set -eufx - install -m0700 -o ${User} ${pwfile} ${pwtmp} + # VNC connection timeout + proxy_read_timeout 61s; + + # Disable cache + proxy_buffering off; ''; - ExecStart = "${package}/bin/x0vncserver -display :0 -rfbport ${toString port} -passwordfile ${pwtmp}"; - PermissionsStartOnly = true; - PrivateTmp = true; - }; - }; + }; + }; } diff --git a/makefu/3modules/server-config.nix b/makefu/3modules/server-config.nix index dbd29d748..846642580 100644 --- a/makefu/3modules/server-config.nix +++ b/makefu/3modules/server-config.nix @@ -6,5 +6,10 @@ with import <stockholm/lib>; type = types.str; description = "Primary interface of the server"; }; + options.makefu.gui.user = lib.mkOption { + type = types.str; + description = "GUI user"; + default = config.krebs.build.user.name; + }; } diff --git a/makefu/5pkgs/novnc/default.nix b/makefu/5pkgs/novnc/default.nix new file mode 100644 index 000000000..b1d62248d --- /dev/null +++ b/makefu/5pkgs/novnc/default.nix @@ -0,0 +1,41 @@ +{ stdenv, fetchurl, pkgs }: +# source: https://github.com/hyphon81/Nixtack/blob/master/noVNC/noVNC.nix +let +in + +stdenv.mkDerivation rec { + name = "novnc-${version}"; + version = "0.6.2"; + + src = fetchurl { + url = "https://github.com/novnc/noVNC/archive/v${version}.tar.gz"; + sha256 = "16ygbdzdmnfg9a26d9il4a6fr16qmq0ix9imfbpzl0drfbj7z8kh"; + }; + p = stdenv.lib.makeBinPath [ pkgs.nettools pkgs.python27Packages.websockify + pkgs.coreutils pkgs.which pkgs.procps ]; + # TODO: propagatedBuildInputs does not seem to work with shell scripts + patchPhase = '' + sed -i '1aset -efu\nexport PATH=${p}\n' utils/launch.sh + ''; + installPhase = '' + mkdir -p $out/bin + cp utils/launch.sh $out/bin/launch-novnc.sh + chmod +x $out/bin/launch-novnc.sh + mkdir -p $out/images + cp -r images/* $out/images/ + mkdir -p $out/include + cp -r include/* $out/include/ + cp favicon.ico $out + cp vnc.html $out + cp vnc_auto.html $out + ''; + + meta = with stdenv.lib; { + homepage = http://novnc.com/info.html; + repositories.git = git://github.com/novnc/noVNC.git; + description = '' + A HTML5 VNC Client + ''; + license = licenses.mpl20; + }; +} |