From bc49a0815ae860010b4d593b02f00ab6f07d50ea Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Tue, 24 Nov 2020 10:29:28 -0500 Subject: utillinux: rename to util-linux --- nixos/modules/programs/x2goserver.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules/programs/x2goserver.nix') diff --git a/nixos/modules/programs/x2goserver.nix b/nixos/modules/programs/x2goserver.nix index 7d74231e956..05707a56542 100644 --- a/nixos/modules/programs/x2goserver.nix +++ b/nixos/modules/programs/x2goserver.nix @@ -110,7 +110,7 @@ in { "L+ /usr/local/bin/chmod - - - - ${coreutils}/bin/chmod" "L+ /usr/local/bin/cp - - - - ${coreutils}/bin/cp" "L+ /usr/local/bin/sed - - - - ${gnused}/bin/sed" - "L+ /usr/local/bin/setsid - - - - ${utillinux}/bin/setsid" + "L+ /usr/local/bin/setsid - - - - ${util-linux}/bin/setsid" "L+ /usr/local/bin/xrandr - - - - ${xorg.xrandr}/bin/xrandr" "L+ /usr/local/bin/xmodmap - - - - ${xorg.xmodmap}/bin/xmodmap" ]; -- cgit 1.4.1 From 6dbeea0b40c4f82e827c09c78c9e4970080c1692 Mon Sep 17 00:00:00 2001 From: Maciej Krüger Date: Thu, 10 Jun 2021 07:00:05 +0200 Subject: nixos/x2goserver: put into networking, like xrdp --- nixos/modules/module-list.nix | 2 +- nixos/modules/programs/x2goserver.nix | 149 --------------------- nixos/modules/services/networking/x2goserver.nix | 161 +++++++++++++++++++++++ 3 files changed, 162 insertions(+), 150 deletions(-) delete mode 100644 nixos/modules/programs/x2goserver.nix create mode 100644 nixos/modules/services/networking/x2goserver.nix (limited to 'nixos/modules/programs/x2goserver.nix') diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index b350bcfedae..2938f79fb16 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -198,7 +198,6 @@ ./programs/waybar.nix ./programs/wireshark.nix ./programs/wshowkeys.nix - ./programs/x2goserver.nix ./programs/xfs_quota.nix ./programs/xonsh.nix ./programs/xss-lock.nix @@ -854,6 +853,7 @@ ./services/networking/xandikos.nix ./services/networking/xinetd.nix ./services/networking/xl2tpd.nix + ./services/networking/x2goserver.nix ./services/networking/xrdp.nix ./services/networking/yggdrasil.nix ./services/networking/zerobin.nix diff --git a/nixos/modules/programs/x2goserver.nix b/nixos/modules/programs/x2goserver.nix deleted file mode 100644 index 05707a56542..00000000000 --- a/nixos/modules/programs/x2goserver.nix +++ /dev/null @@ -1,149 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.programs.x2goserver; - - defaults = { - superenicer = { enable = cfg.superenicer.enable; }; - }; - confText = generators.toINI {} (recursiveUpdate defaults cfg.settings); - x2goServerConf = pkgs.writeText "x2goserver.conf" confText; - - x2goAgentOptions = pkgs.writeText "x2goagent.options" '' - X2GO_NXOPTIONS="" - X2GO_NXAGENT_DEFAULT_OPTIONS="${concatStringsSep " " cfg.nxagentDefaultOptions}" - ''; - -in { - options.programs.x2goserver = { - enable = mkEnableOption "x2goserver" // { - description = '' - Enables the x2goserver module. - NOTE: This will create a good amount of symlinks in `/usr/local/bin` - ''; - }; - - superenicer = { - enable = mkEnableOption "superenicer" // { - description = '' - Enables the SupeReNicer code in x2gocleansessions, this will renice - suspended sessions to nice level 19 and renice them to level 0 if the - session becomes marked as running again - ''; - }; - }; - - nxagentDefaultOptions = mkOption { - type = types.listOf types.str; - default = [ "-extension GLX" "-nolisten tcp" ]; - example = [ "-extension GLX" "-nolisten tcp" ]; - description = '' - List of default nx agent options. - ''; - }; - - settings = mkOption { - type = types.attrsOf types.attrs; - default = {}; - description = '' - x2goserver.conf ini configuration as nix attributes. See - `x2goserver.conf(5)` for details - ''; - example = literalExample '' - superenicer = { - "enable" = "yes"; - "idle-nice-level" = 19; - }; - telekinesis = { "enable" = "no"; }; - ''; - }; - }; - - config = mkIf cfg.enable { - - environment.systemPackages = [ pkgs.x2goserver ]; - - users.groups.x2go = {}; - users.users.x2go = { - home = "/var/lib/x2go/db"; - group = "x2go"; - isSystemUser = true; - }; - - security.wrappers.x2gosqliteWrapper = { - source = "${pkgs.x2goserver}/lib/x2go/libx2go-server-db-sqlite3-wrapper.pl"; - owner = "x2go"; - group = "x2go"; - setgid = true; - }; - security.wrappers.x2goprintWrapper = { - source = "${pkgs.x2goserver}/bin/x2goprint"; - owner = "x2go"; - group = "x2go"; - setgid = true; - }; - - systemd.tmpfiles.rules = with pkgs; [ - "d /var/lib/x2go/ - x2go x2go - -" - "d /var/lib/x2go/db - x2go x2go - -" - "d /var/lib/x2go/conf - x2go x2go - -" - "d /run/x2go 0755 x2go x2go - -" - ] ++ - # x2goclient sends SSH commands with preset PATH set to - # "/usr/local/bin;/usr/bin;/bin". Since we cannot filter arbitrary ssh - # commands, we have to make the following executables available. - map (f: "L+ /usr/local/bin/${f} - - - - ${x2goserver}/bin/${f}") [ - "x2goagent" "x2gobasepath" "x2gocleansessions" "x2gocmdexitmessage" - "x2godbadmin" "x2gofeature" "x2gofeaturelist" "x2gofm" "x2gogetapps" - "x2gogetservers" "x2golistdesktops" "x2golistmounts" "x2golistsessions" - "x2golistsessions_root" "x2golistshadowsessions" "x2gomountdirs" - "x2gopath" "x2goprint" "x2goresume-desktopsharing" "x2goresume-session" - "x2goruncommand" "x2goserver-run-extensions" "x2gosessionlimit" - "x2gosetkeyboard" "x2goshowblocks" "x2gostartagent" - "x2gosuspend-desktopsharing" "x2gosuspend-session" - "x2goterminate-desktopsharing" "x2goterminate-session" - "x2goumount-session" "x2goversion" - ] ++ [ - "L+ /usr/local/bin/awk - - - - ${gawk}/bin/awk" - "L+ /usr/local/bin/chmod - - - - ${coreutils}/bin/chmod" - "L+ /usr/local/bin/cp - - - - ${coreutils}/bin/cp" - "L+ /usr/local/bin/sed - - - - ${gnused}/bin/sed" - "L+ /usr/local/bin/setsid - - - - ${util-linux}/bin/setsid" - "L+ /usr/local/bin/xrandr - - - - ${xorg.xrandr}/bin/xrandr" - "L+ /usr/local/bin/xmodmap - - - - ${xorg.xmodmap}/bin/xmodmap" - ]; - - systemd.services.x2goserver = { - description = "X2Go Server Daemon"; - wantedBy = [ "multi-user.target" ]; - unitConfig.Documentation = "man:x2goserver.conf(5)"; - serviceConfig = { - Type = "forking"; - ExecStart = "${pkgs.x2goserver}/bin/x2gocleansessions"; - PIDFile = "/run/x2go/x2goserver.pid"; - User = "x2go"; - Group = "x2go"; - RuntimeDirectory = "x2go"; - StateDirectory = "x2go"; - }; - preStart = '' - if [ ! -e /var/lib/x2go/setup_ran ] - then - mkdir -p /var/lib/x2go/conf - cp -r ${pkgs.x2goserver}/etc/x2go/* /var/lib/x2go/conf/ - ln -sf ${x2goServerConf} /var/lib/x2go/conf/x2goserver.conf - ln -sf ${x2goAgentOptions} /var/lib/x2go/conf/x2goagent.options - ${pkgs.x2goserver}/bin/x2godbadmin --createdb - touch /var/lib/x2go/setup_ran - fi - ''; - }; - - # https://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=276 - security.sudo.extraConfig = '' - Defaults env_keep+=QT_GRAPHICSSYSTEM - ''; - }; -} diff --git a/nixos/modules/services/networking/x2goserver.nix b/nixos/modules/services/networking/x2goserver.nix new file mode 100644 index 00000000000..6d6151f0f4b --- /dev/null +++ b/nixos/modules/services/networking/x2goserver.nix @@ -0,0 +1,161 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.x2goserver; + + defaults = { + superenicer = { enable = cfg.superenicer.enable; }; + }; + confText = generators.toINI {} (recursiveUpdate defaults cfg.settings); + x2goServerConf = pkgs.writeText "x2goserver.conf" confText; + + x2goAgentOptions = pkgs.writeText "x2goagent.options" '' + X2GO_NXOPTIONS="" + X2GO_NXAGENT_DEFAULT_OPTIONS="${concatStringsSep " " cfg.nxagentDefaultOptions}" + ''; + +in { + imports = [ + (mkAliasOptionModule [ "programs" "x2goserver" "enable" ] [ "services" "x2goserver" "enable" ]) + ]; + + options.services.x2goserver = { + enable = mkEnableOption "x2goserver" // { + description = '' + Enables the x2goserver module. + NOTE: This will create a good amount of symlinks in `/usr/local/bin` + ''; + }; + + superenicer = { + enable = mkEnableOption "superenicer" // { + description = '' + Enables the SupeReNicer code in x2gocleansessions, this will renice + suspended sessions to nice level 19 and renice them to level 0 if the + session becomes marked as running again + ''; + }; + }; + + nxagentDefaultOptions = mkOption { + type = types.listOf types.str; + default = [ "-extension GLX" "-nolisten tcp" ]; + example = [ "-extension GLX" "-nolisten tcp" ]; + description = '' + List of default nx agent options. + ''; + }; + + settings = mkOption { + type = types.attrsOf types.attrs; + default = {}; + description = '' + x2goserver.conf ini configuration as nix attributes. See + `x2goserver.conf(5)` for details + ''; + example = literalExample '' + superenicer = { + "enable" = "yes"; + "idle-nice-level" = 19; + }; + telekinesis = { "enable" = "no"; }; + ''; + }; + }; + + config = mkIf cfg.enable { + + # x2goserver can run X11 program even if "services.xserver.enable = false" + xdg = { + autostart.enable = true; + menus.enable = true; + mime.enable = true; + icons.enable = true; + }; + + environment.systemPackages = [ pkgs.x2goserver ]; + + users.groups.x2go = {}; + users.users.x2go = { + home = "/var/lib/x2go/db"; + group = "x2go"; + isSystemUser = true; + }; + + security.wrappers.x2gosqliteWrapper = { + source = "${pkgs.x2goserver}/lib/x2go/libx2go-server-db-sqlite3-wrapper.pl"; + owner = "x2go"; + group = "x2go"; + setgid = true; + }; + security.wrappers.x2goprintWrapper = { + source = "${pkgs.x2goserver}/bin/x2goprint"; + owner = "x2go"; + group = "x2go"; + setgid = true; + }; + + systemd.tmpfiles.rules = with pkgs; [ + "d /var/lib/x2go/ - x2go x2go - -" + "d /var/lib/x2go/db - x2go x2go - -" + "d /var/lib/x2go/conf - x2go x2go - -" + "d /run/x2go 0755 x2go x2go - -" + ] ++ + # x2goclient sends SSH commands with preset PATH set to + # "/usr/local/bin;/usr/bin;/bin". Since we cannot filter arbitrary ssh + # commands, we have to make the following executables available. + map (f: "L+ /usr/local/bin/${f} - - - - ${x2goserver}/bin/${f}") [ + "x2goagent" "x2gobasepath" "x2gocleansessions" "x2gocmdexitmessage" + "x2godbadmin" "x2gofeature" "x2gofeaturelist" "x2gofm" "x2gogetapps" + "x2gogetservers" "x2golistdesktops" "x2golistmounts" "x2golistsessions" + "x2golistsessions_root" "x2golistshadowsessions" "x2gomountdirs" + "x2gopath" "x2goprint" "x2goresume-desktopsharing" "x2goresume-session" + "x2goruncommand" "x2goserver-run-extensions" "x2gosessionlimit" + "x2gosetkeyboard" "x2goshowblocks" "x2gostartagent" + "x2gosuspend-desktopsharing" "x2gosuspend-session" + "x2goterminate-desktopsharing" "x2goterminate-session" + "x2goumount-session" "x2goversion" + ] ++ [ + "L+ /usr/local/bin/awk - - - - ${gawk}/bin/awk" + "L+ /usr/local/bin/chmod - - - - ${coreutils}/bin/chmod" + "L+ /usr/local/bin/cp - - - - ${coreutils}/bin/cp" + "L+ /usr/local/bin/sed - - - - ${gnused}/bin/sed" + "L+ /usr/local/bin/setsid - - - - ${util-linux}/bin/setsid" + "L+ /usr/local/bin/xrandr - - - - ${xorg.xrandr}/bin/xrandr" + "L+ /usr/local/bin/xmodmap - - - - ${xorg.xmodmap}/bin/xmodmap" + ]; + + systemd.services.x2goserver = { + description = "X2Go Server Daemon"; + wantedBy = [ "multi-user.target" ]; + unitConfig.Documentation = "man:x2goserver.conf(5)"; + serviceConfig = { + Type = "forking"; + ExecStart = "${pkgs.x2goserver}/bin/x2gocleansessions"; + PIDFile = "/run/x2go/x2goserver.pid"; + User = "x2go"; + Group = "x2go"; + RuntimeDirectory = "x2go"; + StateDirectory = "x2go"; + }; + preStart = '' + if [ ! -e /var/lib/x2go/setup_ran ] + then + mkdir -p /var/lib/x2go/conf + cp -r ${pkgs.x2goserver}/etc/x2go/* /var/lib/x2go/conf/ + ln -sf ${x2goServerConf} /var/lib/x2go/conf/x2goserver.conf + ln -sf ${x2goAgentOptions} /var/lib/x2go/conf/x2goagent.options + ${pkgs.x2goserver}/bin/x2godbadmin --createdb + touch /var/lib/x2go/setup_ran + fi + ''; + }; + + # https://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=276 + security.sudo.extraConfig = '' + Defaults env_keep+=QT_GRAPHICSSYSTEM + ''; + }; +} -- cgit 1.4.1