Remote Desktop: Difference between revisions

(2 intermediate revisions by one other user not shown)

Line 140:

services.nginx = {

enable = true;

<nowiki> </nowiki> enable = true;

upstreams."guacamole_server" = {

<nowiki> </nowiki> upstreams."guacamole_server" = {

extraConfig = ''

<nowiki> </nowiki> extraConfig = <nowiki>''</nowiki>

keepalive 4;

<nowiki> </nowiki> keepalive 4;

'';

<nowiki> </nowiki> <nowiki>''</nowiki>'';

servers = {

<nowiki> </nowiki> servers = {

"127.0.0.1:8080" = {};

<nowiki> </nowiki> "127.0.0.1:8080" = {};

};

<nowiki> </nowiki> };

};

<nowiki> </nowiki> };

virtualHosts."remote.mydomain.net" = {

<nowiki> </nowiki> virtualHosts."remote.mydomain.net" = {

forceSSL = true; # redirect http to https

<nowiki> </nowiki> forceSSL = true; # redirect http to https

enableACME = true;

<nowiki> </nowiki> enableACME = true;

locations."/" = {

<nowiki> </nowiki> locations."/" = {

extraConfig = ''

<nowiki> </nowiki> extraConfig = <nowiki>''</nowiki>

proxy_buffering off;

<nowiki> </nowiki> proxy_buffering off;

proxy_set_header Upgrade $http_upgrade;

<nowiki> </nowiki> proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection $http_connection;

<nowiki> </nowiki> proxy_set_header Connection $http_connection;

proxy_set_header X-Real-IP $remote_addr;

<nowiki> </nowiki> proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

<nowiki> </nowiki> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header Host $host;

<nowiki> </nowiki> proxy_set_header Host $host;

proxy_set_header X-NginX-Proxy true;

<nowiki> </nowiki> proxy_set_header X-NginX-Proxy true;

proxy_pass http://guacamole_server/guacamole$request_uri;

<nowiki> </nowiki> proxy_pass http://guacamole_server/guacamole$request_uri;

proxy_redirect http://guacamole_server/ https://$server_name/;

'';

<nowiki> </nowiki> <nowiki>''</nowiki>'';

};

Line 254:

To fix this we need to enable and start the systemd unit at boot using <code>wantedBy = [ "graphical.target" ];</code> as shown below:

<syntaxhighlight lang="nix">services.gnome.gnome-remote-desktop.enable = true; # 'true' does not make the unit start ~~by default~~ at boot

<syntaxhighlight lang="nix">services.gnome.gnome-remote-desktop.enable = true; # 'true' does not make the unit start automatically at boot

systemd.services.gnome-remote-desktop = {

wantedBy = [ "graphical.target" ]; # for starting the unit ~~by default~~ at boot

wantedBy = [ "graphical.target" ]; # for starting the unit automatically at boot

};

services.displayManager.autoLogin.enable = ~~lib.mkForce~~ false;

services.displayManager.autoLogin.enable = false;

services.getty.autologinUser = ~~lib.mkForce~~ null;

services.getty.autologinUser = null;

networking.firewall.allowedTCPPorts = [ 3389 ];</syntaxhighlight>

@@ Line 140: / Line 140: @@
      services.nginx = {
-        enable = true;
+ <nowiki> </nowiki>      enable = true;
-        upstreams."guacamole_server" = {
+ <nowiki> </nowiki>      upstreams."guacamole_server" = {
-            extraConfig = ''
+ <nowiki> </nowiki>          extraConfig = <nowiki>''</nowiki>
-                keepalive 4;
+ <nowiki> </nowiki>              keepalive 4;
-            '';
+ <nowiki> </nowiki>          <nowiki>''</nowiki>'';
-            servers = {
+ <nowiki> </nowiki>          servers = {
-                "127.0.0.1:8080" = {};
+ <nowiki> </nowiki>              "127.0.0.1:8080" = {};
-            };
+ <nowiki> </nowiki>          };
-        };
+ <nowiki> </nowiki>      };
-        virtualHosts."remote.mydomain.net" = {
+ <nowiki> </nowiki>      virtualHosts."remote.mydomain.net" = {
-            forceSSL = true; # redirect http to https
+ <nowiki> </nowiki>          forceSSL = true; # redirect http to https
-            enableACME = true;
+ <nowiki> </nowiki>          enableACME = true;
-            locations."/" = {
+ <nowiki> </nowiki>          locations."/" = {
-                extraConfig = ''
+ <nowiki> </nowiki>              extraConfig = <nowiki>''</nowiki>
-                    proxy_buffering off;
+ <nowiki> </nowiki>                  proxy_buffering off;
-                    proxy_set_header Upgrade $http_upgrade;
+ <nowiki> </nowiki>                  proxy_set_header Upgrade $http_upgrade;
-                    proxy_set_header Connection $http_connection;
+ <nowiki> </nowiki>                  proxy_set_header Connection $http_connection;
-                    proxy_set_header X-Real-IP $remote_addr;
+ <nowiki> </nowiki>                  proxy_set_header X-Real-IP $remote_addr;
-                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ <nowiki> </nowiki>                  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-                    proxy_set_header Host $host;
+ <nowiki> </nowiki>                  proxy_set_header Host $host;
-                    proxy_set_header X-NginX-Proxy true;
+ <nowiki> </nowiki>                  proxy_set_header X-NginX-Proxy true;
-                    proxy_pass http://guacamole_server/guacamole$request_uri;
+ <nowiki> </nowiki>                  proxy_pass http://guacamole_server/guacamole$request_uri;
                      proxy_redirect http://guacamole_server/ https://$server_name/;
-                '';
+ <nowiki> </nowiki>              <nowiki>''</nowiki>'';
              };
          };
@@ Line 254: / Line 254: @@
 To fix this we need to enable and start the systemd unit at boot using <code>wantedBy = [ "graphical.target" ];</code> as shown below:
-<syntaxhighlight lang="nix">services.gnome.gnome-remote-desktop.enable = true; # 'true' does not make the unit start by default at boot
+<syntaxhighlight lang="nix">services.gnome.gnome-remote-desktop.enable = true; # 'true' does not make the unit start automatically at boot
 systemd.services.gnome-remote-desktop = {
-   wantedBy = [ "graphical.target" ]; # for starting the unit by default at boot
+   wantedBy = [ "graphical.target" ]; # for starting the unit automatically at boot
 };
-services.displayManager.autoLogin.enable = lib.mkForce false;
+services.displayManager.autoLogin.enable = false;
-services.getty.autologinUser = lib.mkForce null;
+services.getty.autologinUser = null;
 networking.firewall.allowedTCPPorts = [ 3389 ];</syntaxhighlight>