feat: change rustdesk for epicenter
This commit is contained in:
@@ -35,6 +35,8 @@ in {
|
|||||||
./cachix.nix
|
./cachix.nix
|
||||||
./users
|
./users
|
||||||
|
|
||||||
|
./modules/epicenter.nix
|
||||||
|
|
||||||
# ./modules/steam.nix
|
# ./modules/steam.nix
|
||||||
./modules/fingerprint.nix
|
./modules/fingerprint.nix
|
||||||
./modules/set-nix-channel.nix
|
./modules/set-nix-channel.nix
|
||||||
|
|||||||
@@ -9,7 +9,6 @@ in {
|
|||||||
./thunderbird.nix
|
./thunderbird.nix
|
||||||
./bitwarden.nix
|
./bitwarden.nix
|
||||||
./rustdesk.nix
|
./rustdesk.nix
|
||||||
./rustdesk-epicenter.nix
|
|
||||||
./flatpak-packages.nix
|
./flatpak-packages.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|||||||
@@ -1,38 +0,0 @@
|
|||||||
{ config, pkgs, lib, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
wrapperScript = pkgs.writeShellScriptBin "rustdesk-wrapper" ''
|
|
||||||
CONFIG_FILE="$HOME/.config/rustdesk/RustDesk2.toml"
|
|
||||||
CONFIG_DIR="$(dirname "$CONFIG_FILE")"
|
|
||||||
|
|
||||||
if [ ! -f "$CONFIG_FILE" ]; then
|
|
||||||
${pkgs.rustdesk-flutter}/bin/rustdesk &
|
|
||||||
RUSTDESK_PID=$!
|
|
||||||
sleep 3
|
|
||||||
kill $RUSTDESK_PID 2>/dev/null || true
|
|
||||||
sleep 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -f "$CONFIG_FILE" ]; then
|
|
||||||
sed -i "s|^rendezvous_server = .*|rendezvous_server = 'tools.epicenter.works:21116'|" "$CONFIG_FILE"
|
|
||||||
sed -i "s|^custom-rendezvous-server = .*|custom-rendezvous-server = 'tools.epicenter.works'|" "$CONFIG_FILE"
|
|
||||||
sed -i "/^key\s*=.*/d" "$CONFIG_FILE"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Launch RustDesk
|
|
||||||
exec ${pkgs.rustdesk-flutter}/bin/rustdesk "$@"
|
|
||||||
'';
|
|
||||||
|
|
||||||
rustdeskEpicenterDesktopItem = pkgs.makeDesktopItem {
|
|
||||||
name = "rustdesk-epicenter";
|
|
||||||
desktopName = "RustDesk Epicenter";
|
|
||||||
exec = "${wrapperScript}/bin/rustdesk-wrapper";
|
|
||||||
icon = "rustdesk"; # Using the standard rustdesk icon
|
|
||||||
categories = [ "Network" "RemoteAccess" ];
|
|
||||||
comment = "Remote desktop software configured for Epicenter";
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
environment.systemPackages = [
|
|
||||||
rustdeskEpicenterDesktopItem
|
|
||||||
];
|
|
||||||
}
|
|
||||||
78
hosts/nb/modules/epicenter.nix
Normal file
78
hosts/nb/modules/epicenter.nix
Normal file
@@ -0,0 +1,78 @@
|
|||||||
|
{ lib, pkgs, ... }:
|
||||||
|
let
|
||||||
|
wrapperScript = pkgs.writeShellScriptBin "rustdesk-epicenter-wrapper" ''
|
||||||
|
# Grant epicenter user access to the Wayland socket
|
||||||
|
${pkgs.acl}/bin/setfacl -m u:epicenter:x "$XDG_RUNTIME_DIR"
|
||||||
|
${pkgs.acl}/bin/setfacl -m u:epicenter:rwx "$XDG_RUNTIME_DIR/$WAYLAND_DISPLAY"
|
||||||
|
|
||||||
|
# Run rustdesk as epicenter user with absolute path to Wayland socket
|
||||||
|
exec /run/wrappers/bin/sudo -u epicenter \
|
||||||
|
WAYLAND_DISPLAY="$XDG_RUNTIME_DIR/$WAYLAND_DISPLAY" \
|
||||||
|
XDG_RUNTIME_DIR=/run/user/1001 \
|
||||||
|
${pkgs.rustdesk-flutter}/bin/rustdesk "$@"
|
||||||
|
'';
|
||||||
|
|
||||||
|
rustdeskEpicenterDesktopItem = pkgs.makeDesktopItem {
|
||||||
|
name = "rustdesk-epicenter";
|
||||||
|
desktopName = "RustDesk Epicenter";
|
||||||
|
exec = "${wrapperScript}/bin/rustdesk-epicenter-wrapper";
|
||||||
|
icon = "rustdesk";
|
||||||
|
categories = [ "Network" "RemoteAccess" ];
|
||||||
|
comment = "Remote desktop software for office user (Epicenter)";
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
environment.systemPackages = [
|
||||||
|
rustdeskEpicenterDesktopItem
|
||||||
|
];
|
||||||
|
|
||||||
|
users.users.epicenter = {
|
||||||
|
isNormalUser = true;
|
||||||
|
extraGroups = [ ]; # Minimal groups
|
||||||
|
};
|
||||||
|
|
||||||
|
users.groups.epicenter = {};
|
||||||
|
|
||||||
|
# Allow dominik to run rustdesk as epicenter user without password
|
||||||
|
security.sudo.extraRules = [
|
||||||
|
{
|
||||||
|
users = [ "dominik" ];
|
||||||
|
runAs = "epicenter";
|
||||||
|
commands = [
|
||||||
|
{
|
||||||
|
command = "${pkgs.rustdesk-flutter}/bin/rustdesk";
|
||||||
|
options = [ "NOPASSWD" "SETENV" ];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
home-manager.users.epicenter = {
|
||||||
|
home.stateVersion = "24.05";
|
||||||
|
home.username = "epicenter";
|
||||||
|
home.homeDirectory = "/home/epicenter";
|
||||||
|
|
||||||
|
# Add rustdesk to the epicenter user's packages
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
rustdesk-flutter
|
||||||
|
];
|
||||||
|
|
||||||
|
# Declaratively configure RustDesk for Epicenter server
|
||||||
|
home.file.".config/rustdesk/RustDesk2.toml" = {
|
||||||
|
force = true;
|
||||||
|
text = ''
|
||||||
|
rendezvous_server = 'rustdesk.helsinki.tools:21116'
|
||||||
|
nat_type = 1
|
||||||
|
serial = 0
|
||||||
|
unlock_pin = '''
|
||||||
|
trusted_devices = '''
|
||||||
|
|
||||||
|
[options]
|
||||||
|
av1-test = 'N'
|
||||||
|
key = '8jkD3HoWK+flkWcAMIqRnyn0jr4r9VPb+JYIbBtb+7k='
|
||||||
|
api-server = 'https://rustdesk.helsinki.tools'
|
||||||
|
custom-rendezvous-server = 'rustdesk.helsinki.tools'
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
||||||
@@ -172,7 +172,7 @@ in
|
|||||||
home-manager.users.dominik = { lib, pkgs, ... }: {
|
home-manager.users.dominik = { lib, pkgs, ... }: {
|
||||||
# imports = [ "${impermanence}/home-manager.nix" ];
|
# imports = [ "${impermanence}/home-manager.nix" ];
|
||||||
/* The home.stateVersion option does not have a default and must be set */
|
/* The home.stateVersion option does not have a default and must be set */
|
||||||
home.stateVersion = "24.05";
|
home.stateVersion = "25.05";
|
||||||
home.enableNixpkgsReleaseCheck = false;
|
home.enableNixpkgsReleaseCheck = false;
|
||||||
home.sessionVariables = {
|
home.sessionVariables = {
|
||||||
MOZ_ENABLE_WAYLAND = "1";
|
MOZ_ENABLE_WAYLAND = "1";
|
||||||
|
|||||||
Reference in New Issue
Block a user