Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix RDP Session Already Running by using user-session screen sharing

Browse Source 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/ab7b63b5-2a0a-4933-9fb2-36ac793e9f1a

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-04-08 18:18:04 +00:00
committed by GitHub
parent 48926d1937
commit b77fb2ed70
1 changed files with 50 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
modules/rdp.nix
View File

@@ -82,14 +82,16 @@ lib.mkIf config.sovran_systemsOS.features.rdp {
if [ ! -f /var/lib/gnome-remote-desktop/rdp-password ]; then
PASSWORD=$(openssl rand -base64 16)
echo "$PASSWORD" > /var/lib/gnome-remote-desktop/rdp-password
chmod 600 /var/lib/gnome-remote-desktop/rdp-password
else
PASSWORD=$(cat /var/lib/gnome-remote-desktop/rdp-password)
fi
chown root:gnome-remote-desktop /var/lib/gnome-remote-desktop/rdp-password
chmod 640 /var/lib/gnome-remote-desktop/rdp-password
# Write username to a separate file for the hub
echo "sovran" > /var/lib/gnome-remote-desktop/rdp-username
chmod 600 /var/lib/gnome-remote-desktop/rdp-username
chown root:gnome-remote-desktop /var/lib/gnome-remote-desktop/rdp-username
chmod 640 /var/lib/gnome-remote-desktop/rdp-username
# Get current IP address
LOCAL_IP=$(hostname -I | awk '{print $1}')
@@ -111,12 +113,54 @@ lib.mkIf config.sovran_systemsOS.features.rdp {
chmod 600 "$CRED_FILE"
# Enable RDP backend and set credentials
grdctl --system rdp enable
grdctl --system rdp set-credentials sovran "$PASSWORD"
grdctl --system rdp disable-view-only || true
# Disable the system-level RDP endpoint so connections go through the user session
grdctl --system rdp disable || true
echo "GNOME Remote Desktop RDP configured successfully"
'';
};
# User-level service that enables RDP screen sharing within the free user's graphical session.
# This avoids the GDM "Session Already Running" conflict caused by the system-level RDP endpoint.
systemd.user.services.gnome-remote-desktop-session = {
description = "Enable GNOME Remote Desktop screen sharing for user session";
wantedBy = [ "graphical-session.target" ];
after = [ "graphical-session.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
path = [
pkgs.gnome-remote-desktop
];
script = ''
# Read the password generated by the system-level setup service.
# Wait for the password file to be available (system service may still be running).
for i in $(seq 1 30); do
[ -f /var/lib/gnome-remote-desktop/rdp-password ] && break
sleep 1
done
if [ ! -f /var/lib/gnome-remote-desktop/rdp-password ]; then
echo "ERROR: Timed out waiting for RDP password file"
exit 1
fi
PASSWORD=$(cat /var/lib/gnome-remote-desktop/rdp-password 2>/dev/null || echo "")
if [ -z "$PASSWORD" ]; then
echo "ERROR: RDP password file is empty"
exit 1
fi
# Enable RDP in the user session (screen sharing mode takes over existing desktop)
grdctl rdp enable
grdctl rdp set-credentials sovran "$PASSWORD"
grdctl rdp disable-view-only || true
echo "GNOME Remote Desktop user-session screen sharing enabled"
'';
};
# Add free user to gnome-remote-desktop group so the user-level service can read credential files
users.users.free.extraGroups = [ "gnome-remote-desktop" ];
}