1 { config, lib, pkgs, ... }:
6 cfg = config.services.x2goserver;
9 superenicer = { enable = cfg.superenicer.enable; };
11 confText = generators.toINI {} (recursiveUpdate defaults cfg.settings);
12 x2goServerConf = pkgs.writeText "x2goserver.conf" confText;
14 x2goAgentOptions = pkgs.writeText "x2goagent.options" ''
16 X2GO_NXAGENT_DEFAULT_OPTIONS="${concatStringsSep " " cfg.nxagentDefaultOptions}"
21 (mkRenamedOptionModule [ "programs" "x2goserver" ] [ "services" "x2goserver" ])
24 options.services.x2goserver = {
25 enable = mkEnableOption "x2goserver" // {
27 Enables the x2goserver module.
28 NOTE: This will create a good amount of symlinks in `/usr/local/bin`
33 enable = mkEnableOption "superenicer" // {
35 Enables the SupeReNicer code in x2gocleansessions, this will renice
36 suspended sessions to nice level 19 and renice them to level 0 if the
37 session becomes marked as running again
42 nxagentDefaultOptions = mkOption {
43 type = types.listOf types.str;
44 default = [ "-extension GLX" "-nolisten tcp" ];
46 List of default nx agent options.
51 type = types.attrsOf types.attrs;
54 x2goserver.conf ini configuration as nix attributes. See
55 `x2goserver.conf(5)` for details
57 example = literalExpression ''
61 "idle-nice-level" = 19;
63 telekinesis = { "enable" = "no"; };
69 config = mkIf cfg.enable {
71 # x2goserver can run X11 program even if "services.xserver.enable = false"
73 autostart.enable = true;
79 environment.systemPackages = [ pkgs.x2goserver ];
81 users.groups.x2go = {};
83 home = "/var/lib/x2go/db";
88 security.wrappers.x2gosqliteWrapper = {
89 source = "${pkgs.x2goserver}/lib/x2go/libx2go-server-db-sqlite3-wrapper.pl";
95 security.wrappers.x2goprintWrapper = {
96 source = "${pkgs.x2goserver}/bin/x2goprint";
103 systemd.tmpfiles.rules = with pkgs; [
104 "d /var/lib/x2go/ - x2go x2go - -"
105 "d /var/lib/x2go/db - x2go x2go - -"
106 "d /var/lib/x2go/conf - x2go x2go - -"
107 "d /run/x2go 0755 x2go x2go - -"
109 # x2goclient sends SSH commands with preset PATH set to
110 # "/usr/local/bin;/usr/bin;/bin". Since we cannot filter arbitrary ssh
111 # commands, we have to make the following executables available.
112 map (f: "L+ /usr/local/bin/${f} - - - - ${x2goserver}/bin/${f}") [
113 "x2goagent" "x2gobasepath" "x2gocleansessions" "x2gocmdexitmessage"
114 "x2godbadmin" "x2gofeature" "x2gofeaturelist" "x2gofm" "x2gogetapps"
115 "x2gogetservers" "x2golistdesktops" "x2golistmounts" "x2golistsessions"
116 "x2golistsessions_root" "x2golistshadowsessions" "x2gomountdirs"
117 "x2gopath" "x2goprint" "x2goresume-desktopsharing" "x2goresume-session"
118 "x2goruncommand" "x2goserver-run-extensions" "x2gosessionlimit"
119 "x2gosetkeyboard" "x2goshowblocks" "x2gostartagent"
120 "x2gosuspend-desktopsharing" "x2gosuspend-session"
121 "x2goterminate-desktopsharing" "x2goterminate-session"
122 "x2goumount-session" "x2goversion"
124 "L+ /usr/local/bin/awk - - - - ${gawk}/bin/awk"
125 "L+ /usr/local/bin/chmod - - - - ${coreutils}/bin/chmod"
126 "L+ /usr/local/bin/cp - - - - ${coreutils}/bin/cp"
127 "L+ /usr/local/bin/sed - - - - ${gnused}/bin/sed"
128 "L+ /usr/local/bin/setsid - - - - ${util-linux}/bin/setsid"
129 "L+ /usr/local/bin/xrandr - - - - ${xorg.xrandr}/bin/xrandr"
130 "L+ /usr/local/bin/xmodmap - - - - ${xorg.xmodmap}/bin/xmodmap"
133 systemd.services.x2goserver = {
134 description = "X2Go Server Daemon";
135 wantedBy = [ "multi-user.target" ];
136 unitConfig.Documentation = "man:x2goserver.conf(5)";
139 ExecStart = "${pkgs.x2goserver}/bin/x2gocleansessions";
140 PIDFile = "/run/x2go/x2goserver.pid";
143 RuntimeDirectory = "x2go";
144 StateDirectory = "x2go";
147 if [ ! -e /var/lib/x2go/setup_ran ]
149 mkdir -p /var/lib/x2go/conf
150 cp -r ${pkgs.x2goserver}/etc/x2go/* /var/lib/x2go/conf/
151 ln -sf ${x2goServerConf} /var/lib/x2go/conf/x2goserver.conf
152 ln -sf ${x2goAgentOptions} /var/lib/x2go/conf/x2goagent.options
153 ${pkgs.x2goserver}/bin/x2godbadmin --createdb
154 touch /var/lib/x2go/setup_ran
159 # https://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=276
160 security.sudo.extraConfig = ''
161 Defaults env_keep+=QT_GRAPHICSSYSTEM
163 security.sudo-rs.extraConfig = ''
164 Defaults env_keep+=QT_GRAPHICSSYSTEM