m 2 vncserver: init

makefu/2configs/vncserver.nix

@@ -0,0 +1,30 @@
+{config,lib,pkgs, ...}:
+with lib;
+let
+  pwfile = (toString <secrets>)+ "/vnc-password"; # create with `vncpasswd`
+  pwtmp = "/tmp/vnc-password";
+  # nixos-unstable tigervnc is currently broken :\
+  package = (import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-17.03.tar.gz) {}).pkgs.tigervnc;
+  User = "makefu";
+  port = 5900;
+in {
+	networking.firewall.allowedTCPPorts = [ port ];
+	networking.firewall.allowedUDPPorts = [ port ];
+
+	systemd.services."terminal-server" = {
+    description = "Terminal Server";
+    after = [ "display-manager.service" ];
+    wantedBy = [ "graphical.target" ];
+		serviceConfig = {
+      inherit User;
+      ExecStartPre = pkgs.writeDash "terminal-pre" ''
+ 
+        set -eufx
+        install -m0700 -o ${User} ${pwfile} ${pwtmp}
+      '';
+			ExecStart = "${package}/bin/x0vncserver -display :0 -rfbport ${toString port} -passwordfile ${pwtmp}";
+      PermissionsStartOnly = true;
+      PrivateTmp = true;
+		};
+	};
+}