| blob | 53e938d11554af30b1e38a5bfbd1a29eb5a54f6e |
1 {
2 config,
3 lib,
4 pkgs,
5 ...
6 }:
8 with lib;
10 let
11 cfg = config.services.x2goserver;
13 defaults = {
14 superenicer = {
15 enable = cfg.superenicer.enable;
16 };
17 };
18 confText = generators.toINI { } (recursiveUpdate defaults cfg.settings);
19 x2goServerConf = pkgs.writeText "x2goserver.conf" confText;
21 x2goAgentOptions = pkgs.writeText "x2goagent.options" ''
22 X2GO_NXOPTIONS=""
23 X2GO_NXAGENT_DEFAULT_OPTIONS="${concatStringsSep " " cfg.nxagentDefaultOptions}"
24 '';
26 in
27 {
28 imports = [
29 (mkRenamedOptionModule [ "programs" "x2goserver" ] [ "services" "x2goserver" ])
30 ];
32 options.services.x2goserver = {
33 enable = mkEnableOption "x2goserver" // {
34 description = ''
35 Enables the x2goserver module.
36 NOTE: This will create a good amount of symlinks in `/usr/local/bin`
37 '';
38 };
40 superenicer = {
41 enable = mkEnableOption "superenicer" // {
42 description = ''
43 Enables the SupeReNicer code in x2gocleansessions, this will renice
44 suspended sessions to nice level 19 and renice them to level 0 if the
45 session becomes marked as running again
46 '';
47 };
48 };
50 nxagentDefaultOptions = mkOption {
51 type = types.listOf types.str;
52 default = [
53 "-extension GLX"
54 "-nolisten tcp"
55 ];
56 description = ''
57 List of default nx agent options.
58 '';
59 };
61 settings = mkOption {
62 type = types.attrsOf types.attrs;
63 default = { };
64 description = ''
65 x2goserver.conf ini configuration as nix attributes. See
66 `x2goserver.conf(5)` for details
67 '';
68 example = literalExpression ''
69 {
70 superenicer = {
71 "enable" = "yes";
72 "idle-nice-level" = 19;
73 };
74 telekinesis = { "enable" = "no"; };
75 }
76 '';
77 };
78 };
80 config = mkIf cfg.enable {
82 # x2goserver can run X11 program even if "services.xserver.enable = false"
83 xdg = {
84 autostart.enable = true;
85 menus.enable = true;
86 mime.enable = true;
87 icons.enable = true;
88 };
90 environment.systemPackages = [ pkgs.x2goserver ];
92 users.groups.x2go = { };
93 users.users.x2go = {
94 home = "/var/lib/x2go/db";
95 group = "x2go";
96 isSystemUser = true;
97 };
99 security.wrappers.x2gosqliteWrapper = {
100 source = "${pkgs.x2goserver}/lib/x2go/libx2go-server-db-sqlite3-wrapper.pl";
101 owner = "x2go";
102 group = "x2go";
103 setuid = false;
104 setgid = true;
105 };
106 security.wrappers.x2goprintWrapper = {
107 source = "${pkgs.x2goserver}/bin/x2goprint";
108 owner = "x2go";
109 group = "x2go";
110 setuid = false;
111 setgid = true;
112 };
114 systemd.tmpfiles.rules =
115 with pkgs;
116 [
117 "d /var/lib/x2go/ - x2go x2go - -"
118 "d /var/lib/x2go/db - x2go x2go - -"
119 "d /var/lib/x2go/conf - x2go x2go - -"
120 "d /run/x2go 0755 x2go x2go - -"
121 ]
122 ++
123 # x2goclient sends SSH commands with preset PATH set to
124 # "/usr/local/bin;/usr/bin;/bin". Since we cannot filter arbitrary ssh
125 # commands, we have to make the following executables available.
126 map (f: "L+ /usr/local/bin/${f} - - - - ${x2goserver}/bin/${f}") [
127 "x2goagent"
128 "x2gobasepath"
129 "x2gocleansessions"
130 "x2gocmdexitmessage"
131 "x2godbadmin"
132 "x2gofeature"
133 "x2gofeaturelist"
134 "x2gofm"
135 "x2gogetapps"
136 "x2gogetservers"
137 "x2golistdesktops"
138 "x2golistmounts"
139 "x2golistsessions"
140 "x2golistsessions_root"
141 "x2golistshadowsessions"
142 "x2gomountdirs"
143 "x2gopath"
144 "x2goprint"
145 "x2goresume-desktopsharing"
146 "x2goresume-session"
147 "x2goruncommand"
148 "x2goserver-run-extensions"
149 "x2gosessionlimit"
150 "x2gosetkeyboard"
151 "x2goshowblocks"
152 "x2gostartagent"
153 "x2gosuspend-desktopsharing"
154 "x2gosuspend-session"
155 "x2goterminate-desktopsharing"
156 "x2goterminate-session"
157 "x2goumount-session"
158 "x2goversion"
159 ]
160 ++ [
161 "L+ /usr/local/bin/awk - - - - ${gawk}/bin/awk"
162 "L+ /usr/local/bin/chmod - - - - ${coreutils}/bin/chmod"
163 "L+ /usr/local/bin/cp - - - - ${coreutils}/bin/cp"
164 "L+ /usr/local/bin/sed - - - - ${gnused}/bin/sed"
165 "L+ /usr/local/bin/setsid - - - - ${util-linux}/bin/setsid"
166 "L+ /usr/local/bin/xrandr - - - - ${xorg.xrandr}/bin/xrandr"
167 "L+ /usr/local/bin/xmodmap - - - - ${xorg.xmodmap}/bin/xmodmap"
168 ];
170 systemd.services.x2goserver = {
171 description = "X2Go Server Daemon";
172 wantedBy = [ "multi-user.target" ];
173 unitConfig.Documentation = "man:x2goserver.conf(5)";
174 serviceConfig = {
175 Type = "forking";
176 ExecStart = "${pkgs.x2goserver}/bin/x2gocleansessions";
177 PIDFile = "/run/x2go/x2goserver.pid";
178 User = "x2go";
179 Group = "x2go";
180 RuntimeDirectory = "x2go";
181 StateDirectory = "x2go";
182 };
183 preStart = ''
184 if [ ! -e /var/lib/x2go/setup_ran ]
185 then
186 mkdir -p /var/lib/x2go/conf
187 cp -r ${pkgs.x2goserver}/etc/x2go/* /var/lib/x2go/conf/
188 ln -sf ${x2goServerConf} /var/lib/x2go/conf/x2goserver.conf
189 ln -sf ${x2goAgentOptions} /var/lib/x2go/conf/x2goagent.options
190 ${pkgs.x2goserver}/bin/x2godbadmin --createdb
191 touch /var/lib/x2go/setup_ran
192 fi
193 '';
194 };
196 # https://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=276
197 security.sudo.extraConfig = ''
198 Defaults env_keep+=QT_GRAPHICSSYSTEM
199 '';
200 security.sudo-rs.extraConfig = ''
201 Defaults env_keep+=QT_GRAPHICSSYSTEM
202 '';
203 };
204 }