Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

added more features rdp.nix

Browse Source
This commit is contained in:
naturallaw77
2026-03-25 13:12:44 -05:00
parent 919bdba7c4
commit b0d574e55e
1 changed files with 33 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
modules/rdp.nix
View File

@@ -30,7 +30,8 @@ lib.mkIf config.sovran_systemsOS.features.rdp {
description = "Configure GNOME Remote Desktop RDP"; description = "Configure GNOME Remote Desktop RDP";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
before = [ "gnome-remote-desktop.service" ]; before = [ "gnome-remote-desktop.service" ];
after = [ "systemd-tmpfiles-setup.service" ]; after = [ "systemd-tmpfiles-setup.service" "network-online.target" ];
wants = [ "network-online.target" ];
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = true; RemainAfterExit = true;
@@ -39,19 +40,44 @@ lib.mkIf config.sovran_systemsOS.features.rdp {
pkgs.gnome-remote-desktop pkgs.gnome-remote-desktop
pkgs.polkit pkgs.polkit
pkgs.openssl pkgs.openssl
pkgs.hostname
]; ];
script = '' script = ''
# Generate a default password file if one doesn't exist CRED_FILE="/var/lib/gnome-remote-desktop/rdp-credentials"
if [ ! -f /var/lib/gnome-remote-desktop/rdp-password ]; then PASSWORD=""
openssl rand -base64 16 > /var/lib/gnome-remote-desktop/rdp-password
chown gnome-remote-desktop:gnome-remote-desktop /var/lib/gnome-remote-desktop/rdp-password # Generate password on first boot only
if [ ! -f "$CRED_FILE" ]; then
PASSWORD=$(openssl rand -base64 16)
echo "$PASSWORD" > /var/lib/gnome-remote-desktop/rdp-password
chmod 600 /var/lib/gnome-remote-desktop/rdp-password chmod 600 /var/lib/gnome-remote-desktop/rdp-password
echo "Generated new RDP password at /var/lib/gnome-remote-desktop/rdp-password" else
PASSWORD=$(grep "Password:" "$CRED_FILE" | awk '{print $2}')
fi fi
# Get current IP address
LOCAL_IP=$(hostname -I | awk '{print $1}')
# Always rewrite the credentials file with the current IP
cat > "$CRED_FILE" <<EOF
========================================
GNOME Remote Desktop (RDP) Credentials
========================================
Username: sovran
Password: $PASSWORD
Connect from any RDP client to:
$LOCAL_IP:3389
========================================
EOF
chmod 600 "$CRED_FILE"
# Enable RDP backend and set credentials # Enable RDP backend and set credentials
grdctl --system rdp enable grdctl --system rdp enable
grdctl --system rdp set-credentials sovran "$(cat /var/lib/gnome-remote-desktop/rdp-password)" grdctl --system rdp set-credentials sovran "$PASSWORD"
''; '';
}; };
} }