tv: add x0vncserver module

This commit is contained in:
tv 2017-08-02 02:13:21 +02:00
parent 13b161949c
commit 26b88c04c5
2 changed files with 53 additions and 0 deletions

View File

@ -6,5 +6,6 @@ _:
./ejabberd
./hosts.nix
./iptables.nix
./x0vncserver.nix
];
}

View File

@ -0,0 +1,52 @@
with import <stockholm/lib>;
{ config, pkgs, ... }: let
cfg = config.tv.x0vncserver;
in {
options.tv.x0vncserver = {
display = mkOption {
default = ":${toString config.services.xserver.display}";
type = types.str;
};
enable = mkEnableOption "tv.x0vncserver";
pwfile = mkOption {
default = {
owner = cfg.user;
path = "${cfg.user.home}/.vncpasswd";
source-path = toString <secrets> + "/vncpasswd";
};
description = ''
Use vncpasswd to edit pwfile.
See: nix-shell -p tigervnc --run 'man vncpasswd'
'';
type = types.secret-file;
};
rfbport = mkOption {
default = 5900;
type = types.int;
};
user = mkOption {
default = config.krebs.build.user;
type = types.user;
};
};
config = mkIf cfg.enable {
krebs.secret.files = {
x0vncserver-pwfile = cfg.pwfile;
};
systemd.services.x0vncserver = {
after = [ "graphical.target" "secret.service" ];
requires = [ "graphical.target" "secret.service" ];
serviceConfig = {
ExecStart = "${pkgs.tigervnc}/bin/x0vncserver ${toString [
"-display ${cfg.display}"
"-passwordfile ${cfg.pwfile.path}"
"-rfbport ${toString cfg.rfbport}"
]}";
User = cfg.user.name;
};
};
tv.iptables.input-retiolum-accept-tcp = singleton (toString cfg.rfbport);
};
}