Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity
Files
2753047197c37df7b73f68d9d7446851ddee59b0
Sovran_SystemsOS/modules/rdp.nix
naturallaw77 2753047197 rdp added systemd unit
2026-03-24 20:15:41 -05:00

85 lines
2.0 KiB
Nix
Executable File
Raw Blame History

{ config, pkgs, lib, ... }:
lib.mkIf config.sovran_systemsOS.features.rdp {
services.gnome.gnome-remote-desktop.enable = true;
networking.firewall.allowedTCPPorts = [ 3389 ];
environment.systemPackages = with pkgs; [
freerdp
];
systemd.services.gnome-remote-desktop-setup = {
description = "GNOME Remote Desktop RDP Setup";
wantedBy = [ "multi-user.target" ];
after = [
"gnome-remote-desktop.service"
];
requires = [
"gnome-remote-desktop.service"
];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
set -euo pipefail
CERT_DIR=/var/lib/gnome-remote-desktop
KEY_FILE=$CERT_DIR/rdp-tls.key
CRT_FILE=$CERT_DIR/rdp-tls.crt
if [ ! -f "$KEY_FILE" ]; then
echo "Generating RDP TLS certificate..."
${pkgs.freerdp}/bin/winpr-makecert -silent -rdp \
-path "$CERT_DIR" rdp-tls
chown gnome-remote-desktop:gnome-remote-desktop $CERT_DIR/*
fi
# Configure RDP
${pkgs.gnome-remote-desktop}/bin/grdctl --system rdp set-tls-key "$KEY_FILE"
${pkgs.gnome-remote-desktop}/bin/grdctl --system rdp set-tls-cert "$CRT_FILE"
${pkgs.gnome-remote-desktop}/bin/grdctl --system rdp enable
# Only set credentials if not already set
if ! ${pkgs.gnome-remote-desktop}/bin/grdctl rdp show | grep -q "username"; then
${pkgs.gnome-remote-desktop}/bin/grdctl rdp set-credentials "free" "a"
fi
'';
};
systemd.services.gnome-remote-desktop-permission = {
description = "GNOME Remote Desktop File Permission";
wantedBy = [ "multi-user.target" ];
after = [
"gnome-remote-desktop.service"
];
requires = [
"gnome-remote-desktop.service"
];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
chown gnome-remote-desktop:gnome-remote-desktop /var/lib/gnome-remote-desktop -R
'';
};
}
Reference in New Issue View Git Blame Copy Permalink