From 06ca86f9c92eee7de38eee38af76d1710846700f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Thu, 28 Apr 2022 23:20:18 +0200 Subject: [PATCH 1/7] Add wayvnc option for sway This change allows you to start wayvnc anytime your sway session starts. For hosts where you want to enable this, you'll need to generate the certificate and keys, see: https://github.com/any1/wayvnc#encryption--authentication You can then add these to your secrets via agenix, and load them as `vnc-key.pem` and `vnc-cert.pem` into `/run/secrets`. Enable the wayvnc server via the option `pub-solar.sway.vnc.enable`. At the time of writing, `tigervnc` appears to be a good vnc client to use. ``` --- .../config/config.d/custom-keybindings.conf | 6 ++++++ modules/sway/config/wayvnc/config.nix | 8 ++++++++ modules/sway/default.nix | 15 ++++++++++----- modules/sway/wayvnc.service.nix | 19 +++++++++++++++++++ 4 files changed, 43 insertions(+), 5 deletions(-) create mode 100644 modules/sway/config/wayvnc/config.nix create mode 100644 modules/sway/wayvnc.service.nix diff --git a/modules/sway/config/config.d/custom-keybindings.conf b/modules/sway/config/config.d/custom-keybindings.conf index 5faddece..4a00bd77 100644 --- a/modules/sway/config/config.d/custom-keybindings.conf +++ b/modules/sway/config/config.d/custom-keybindings.conf @@ -47,3 +47,9 @@ mode "$mode_system" { bindsym Return mode "default" bindsym Escape mode "default" } + +set $mode_vncclient In VNCClient mode. Press $mod+Num_Lock to return. +bindsym $mod+Num_Lock mode "$mode_vncclient" +mode "$mode_vncclient" { + bindsym $mod+Num_Lock mode "default" +} diff --git a/modules/sway/config/wayvnc/config.nix b/modules/sway/config/wayvnc/config.nix new file mode 100644 index 00000000..1ecc2e5f --- /dev/null +++ b/modules/sway/config/wayvnc/config.nix @@ -0,0 +1,8 @@ +{ psCfg, pkgs }: " +address=0.0.0.0 +enable_auth=true +username=${psCfg.user.name} +password=${psCfg.user.password} +private_key_file=/run/secrets/vnc-key.pem +certificate_file=/run/secrets/vnc-cert.pem +" diff --git a/modules/sway/default.nix b/modules/sway/default.nix index cfc5733c..568bcb41 100644 --- a/modules/sway/default.nix +++ b/modules/sway/default.nix @@ -7,11 +7,13 @@ in { options.pub-solar.sway = { enable = mkEnableOption "Life in boxes"; - }; - options.pub-solar.sway.v4l2loopback.enable = mkOption { - type = types.bool; - default = true; - description = "WebCam streaming tool"; + vnc.enable = mkEnableOption "Enable vnc service"; + + v4l2loopback.enable = mkOption { + type = types.bool; + default = true; + description = "WebCam streaming tool"; + }; }; config = mkIf cfg.enable (mkMerge [ @@ -76,6 +78,8 @@ in systemd.user.services.waybar = import ./waybar.service.nix pkgs; systemd.user.targets.sway-session = import ./sway-session.target.nix pkgs; + systemd.user.services.wayvnc = mkIf cfg.vnc.enable (import ./wayvnc.service.nix pkgs); + xdg.configFile."sway/config".source = ./config/config; xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf; xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf; @@ -83,6 +87,7 @@ in xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf; xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf; xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf; + xdg.configFile."wayvnc/config".text = import ./config/wayvnc/config.nix { inherit psCfg; inherit pkgs; }; }; }) ]); diff --git a/modules/sway/wayvnc.service.nix b/modules/sway/wayvnc.service.nix new file mode 100644 index 00000000..0963da5e --- /dev/null +++ b/modules/sway/wayvnc.service.nix @@ -0,0 +1,19 @@ +pkgs: +{ + Unit = { + Description = "A VNC server for wlroots based Wayland compositors "; + Documentation = "https://github.com/any1/wayvnc"; + BindsTo = [ "sway-session.target" ]; + After = [ "graphical-session-pre.target" "network-online.target" ]; + Wants = [ "graphical-session-pre.target" "network-online.target" ]; + }; + + Service = { + Type = "simple"; + ExecStart = "${pkgs.wayvnc}/bin/wayvnc"; + }; + + Install = { + WantedBy = [ "sway-session.target" ]; + }; +} -- 2.47.2 From ae7bee47dff4ff2dc511a94ee69a293dd9b8f249 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Thu, 28 Apr 2022 23:47:11 +0200 Subject: [PATCH 2/7] Allow outside vnc access, render a cursor in vnc --- modules/sway/config/wayvnc/config.nix | 6 +++--- modules/sway/wayvnc.service.nix | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/sway/config/wayvnc/config.nix b/modules/sway/config/wayvnc/config.nix index 1ecc2e5f..27a51188 100644 --- a/modules/sway/config/wayvnc/config.nix +++ b/modules/sway/config/wayvnc/config.nix @@ -2,7 +2,7 @@ address=0.0.0.0 enable_auth=true username=${psCfg.user.name} -password=${psCfg.user.password} -private_key_file=/run/secrets/vnc-key.pem -certificate_file=/run/secrets/vnc-cert.pem +password=testtest +private_key_file=/run/agenix/vnc-key.pem +certificate_file=/run/agenix/vnc-cert.pem " diff --git a/modules/sway/wayvnc.service.nix b/modules/sway/wayvnc.service.nix index 0963da5e..45938a3f 100644 --- a/modules/sway/wayvnc.service.nix +++ b/modules/sway/wayvnc.service.nix @@ -10,7 +10,7 @@ pkgs: Service = { Type = "simple"; - ExecStart = "${pkgs.wayvnc}/bin/wayvnc"; + ExecStart = "${pkgs.wayvnc}/bin/wayvnc --render-cursor"; }; Install = { -- 2.47.2 From a2d7196cd9f1a751b7ee88b8880b742caffeb030 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Sat, 30 Apr 2022 13:48:38 +0200 Subject: [PATCH 3/7] Add VNCClient mode for sway --- modules/sway/config/config.d/custom-keybindings.conf | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/modules/sway/config/config.d/custom-keybindings.conf b/modules/sway/config/config.d/custom-keybindings.conf index 4a00bd77..c394a69a 100644 --- a/modules/sway/config/config.d/custom-keybindings.conf +++ b/modules/sway/config/config.d/custom-keybindings.conf @@ -48,8 +48,10 @@ mode "$mode_system" { bindsym Escape mode "default" } -set $mode_vncclient In VNCClient mode. Press $mod+Num_Lock to return. +set $mode_vncclient In VNCClient mode. Press $mod+Num_Lock or $mod+Shift+Escape to return. bindsym $mod+Num_Lock mode "$mode_vncclient" +bindsym $mod+Shift+Escape mode "$mode_vncclient" mode "$mode_vncclient" { bindsym $mod+Num_Lock mode "default" + bindsym $mod+Shift+Escape mode "default" } -- 2.47.2 From 1ce4d74637c0e78070be1751e795bbe154af0108 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Sat, 30 Apr 2022 17:08:48 +0200 Subject: [PATCH 4/7] Change port of wayvnc --- modules/sway/wayvnc.service.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/sway/wayvnc.service.nix b/modules/sway/wayvnc.service.nix index 45938a3f..863669d5 100644 --- a/modules/sway/wayvnc.service.nix +++ b/modules/sway/wayvnc.service.nix @@ -10,7 +10,7 @@ pkgs: Service = { Type = "simple"; - ExecStart = "${pkgs.wayvnc}/bin/wayvnc --render-cursor"; + ExecStart = "${pkgs.wayvnc}/bin/wayvnc -r -p 0.0.0.0 5901"; }; Install = { -- 2.47.2 From 3b3c6ec0e1ba7f28a1ecc9a3af8295d22ace0eb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Sat, 30 Apr 2022 17:41:08 +0200 Subject: [PATCH 5/7] Add headless sway service --- modules/headless-graphical/default.nix | 73 +++++++++++++++++++ .../sway-headless.service.nix} | 16 +++- .../wayvnc.service.nix | 1 + modules/sway/default.nix | 12 ++- modules/user/default.nix | 1 + 5 files changed, 97 insertions(+), 6 deletions(-) create mode 100644 modules/headless-graphical/default.nix rename modules/{sway/sway.service.nix => headless-graphical/sway-headless.service.nix} (58%) rename modules/{sway => headless-graphical}/wayvnc.service.nix (91%) diff --git a/modules/headless-graphical/default.nix b/modules/headless-graphical/default.nix new file mode 100644 index 00000000..149dea3c --- /dev/null +++ b/modules/headless-graphical/default.nix @@ -0,0 +1,73 @@ +{ lib, config, pkgs, ... }: +with lib; +let + psCfg = config.pub-solar; + cfg = config.pub-solar.headless-graphical; +in +{ + options.pub-solar.headless-graphical = { + enable = mkEnableOption "Enable headless sway and VNC"; + }; + + config = mkIf cfg.enable { + programs.sway.enable = true; + + xdg.portal = { + enable = true; + extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ]; + gtkUsePortal = true; + }; + + services.pipewire.enable = true; + + home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { + home.packages = with pkgs; [ + sway + grim + kanshi + mako + slurp + swayidle + swaylock + swaybg + xwayland + + libappindicator-gtk3 + + wl-clipboard + wf-recorder + brightnessctl + gammastep + geoclue2 + xsettingsd + ydotool + + swaylock-bg + sway-launcher + import-gtk-settings + s + wcwd + ]; + + programs.waybar.enable = true; + + systemd.user.services.mako = import ./mako.service.nix pkgs; + systemd.user.services.swayidle = import ./swayidle.service.nix pkgs; + systemd.user.services.xsettingsd = import ./xsettingsd.service.nix pkgs; + systemd.user.services.waybar = import ./waybar.service.nix pkgs; + systemd.user.targets.sway-session = import ./sway-session.target.nix pkgs; + + systemd.user.services.sway-headless = mkIf cfg.vnc.enable (import ./wayvnc.service.nix pkgs); + systemd.user.services.wayvnc = mkIf cfg.vnc.enable (import ./wayvnc.service.nix pkgs); + + xdg.configFile."sway/config".source = ./config/config; + xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf; + xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf; + xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf; + xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf; + xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf; + xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf; + xdg.configFile."wayvnc/config".text = import ./config/wayvnc/config.nix { inherit psCfg; inherit pkgs; }; + }; + }; +} diff --git a/modules/sway/sway.service.nix b/modules/headless-graphical/sway-headless.service.nix similarity index 58% rename from modules/sway/sway.service.nix rename to modules/headless-graphical/sway-headless.service.nix index 95efc3e6..7074a0d8 100644 --- a/modules/sway/sway.service.nix +++ b/modules/headless-graphical/sway-headless.service.nix @@ -1,18 +1,30 @@ pkgs: { Unit = { - Description = "sway - SirCmpwn's Wayland window manager"; + Description = "Headless sway - SirCmpwn's Wayland window manager"; Documentation = [ "man:sway(5)" ]; BindsTo = [ "graphical-session.target" ]; Wants = [ "graphical-session-pre.target" ]; After = [ "graphical-session-pre.target" ]; }; + Service = { Type = "simple"; - ExecStart = "${pkgs.sway}/bin/sway"; + + ExecStart = "${pkgs.sway}/bin/sway --headless"; + Environment = [ + "WLR_BACKENDS=headless" + "WLR_RENDERER=pixman" + "WLR_LIBINPUT_NO_DEVICES=1" + ]; + Restart = "on-failure"; RestartSec = "1"; TimeoutStopSec = "10"; ExecStopPost = "${pkgs.systemd}/bin/systemctl --user unset-environment SWAYSOCK DISPLAY I3SOCK WAYLAND_DISPLAY"; }; + + Install = { + WantedBy = [ "sway-session.target" ]; + }; } diff --git a/modules/sway/wayvnc.service.nix b/modules/headless-graphical/wayvnc.service.nix similarity index 91% rename from modules/sway/wayvnc.service.nix rename to modules/headless-graphical/wayvnc.service.nix index 45938a3f..54c2d520 100644 --- a/modules/sway/wayvnc.service.nix +++ b/modules/headless-graphical/wayvnc.service.nix @@ -11,6 +11,7 @@ pkgs: Service = { Type = "simple"; ExecStart = "${pkgs.wayvnc}/bin/wayvnc --render-cursor"; + Environment = "WAYLAND_DISPLAY=wayland-1"; }; Install = { diff --git a/modules/sway/default.nix b/modules/sway/default.nix index 568bcb41..72023c83 100644 --- a/modules/sway/default.nix +++ b/modules/sway/default.nix @@ -3,11 +3,11 @@ with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.sway; + headlessCfg = config.pub-solar.sway-headless; in { options.pub-solar.sway = { enable = mkEnableOption "Life in boxes"; - vnc.enable = mkEnableOption "Enable vnc service"; v4l2loopback.enable = mkOption { type = types.bool; @@ -16,6 +16,10 @@ in }; }; + options.pub-solar.sway-headless = { + headless.enable = mkEnableOption "Enable headless sway and vnc service"; + }; + config = mkIf cfg.enable (mkMerge [ (mkIf (cfg.v4l2loopback.enable) { boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; @@ -23,13 +27,12 @@ in boot.extraModprobeConfig = '' options v4l2loopback exclusive_caps=1 devices=3 ''; - }) - - ({ environment.systemPackages = with pkgs; [ linuxPackages.v4l2loopback ]; + }) + ({ programs.sway.enable = true; xdg.portal = { @@ -78,6 +81,7 @@ in systemd.user.services.waybar = import ./waybar.service.nix pkgs; systemd.user.targets.sway-session = import ./sway-session.target.nix pkgs; + systemd.user.services.sway-headless = mkIf cfg.vnc.enable (import ./wayvnc.service.nix pkgs); systemd.user.services.wayvnc = mkIf cfg.vnc.enable (import ./wayvnc.service.nix pkgs); xdg.configFile."sway/config".source = ./config/config; diff --git a/modules/user/default.nix b/modules/user/default.nix index 79e32eca..90f4e7f7 100644 --- a/modules/user/default.nix +++ b/modules/user/default.nix @@ -36,6 +36,7 @@ in type = types.nullOr types.str; default = null; }; + autologin = mkEnableOption "Autologin the pub solar user on all TTYs"; }; }; } -- 2.47.2 From 9aafa7ff5242e841a1c42a7895429d659343a181 Mon Sep 17 00:00:00 2001 From: Hendrik Sokolowski Date: Sun, 1 May 2022 00:05:53 +0200 Subject: [PATCH 6/7] Switch from caddy to haproxy --- modules/x-os/networking.nix | 62 ++++++++++++++++++++++++++++--------- 1 file changed, 47 insertions(+), 15 deletions(-) diff --git a/modules/x-os/networking.nix b/modules/x-os/networking.nix index 1e981290..476460a8 100644 --- a/modules/x-os/networking.nix +++ b/modules/x-os/networking.nix @@ -2,7 +2,9 @@ with lib; -let cfg = config.pub-solar.x-os; +let + psCfg = config.pub-solar; + cfg = psCfg.x-os; in { options.pub-solar.x-os = { @@ -34,21 +36,51 @@ in # These entries get added to /etc/hosts networking.hosts = { - "127.0.0.1" = [ "cups.local" ]; + "127.0.0.1" = mkIf psCfg.printing.enable [ "cups.local" ]; }; - # Caddy reverse proxy for local services like cups - services.caddy = { - enable = true; - config = '' - { - auto_https off - } - cups.local:80 - bind 127.0.0.1 - request_header Host localhost:631 - reverse_proxy unix//run/cups/cups.sock - ''; - }; + # ha reverse proxy for local services like cups + services.haproxy.enable = true; + services.haproxy.config = '' + global + maxconn 4096 +# user http +# group http + daemon + + defaults + log global + mode http + option httplog + option dontlognull + retries 3 + option redispatch + maxconn 2000 + timeout connect 5000 + timeout client 50000 + timeout server 50000 + log 127.0.0.1 local0 + log 127.0.0.1 local7 debug + option httpchk + + frontend http + bind 0.0.0.0:80 + + acl is_cups hdr_end(host) -i cups.local + acl is_local dst 127.0.0.1 + + use_backend cups if is_cups is_local + + frontend vnc + bind 0.0.0.0:5901 + mode tcp + use_backend vnc + + backend cups + server cups unix@/run/cups/cups.sock + + backend vnc + server vnc unix@/run/wayvnc.sock + ''; }; } -- 2.47.2 From 2d213d4dbd4d17139ae5b347f9a946e6360d4df6 Mon Sep 17 00:00:00 2001 From: Hendrik Sokolowski Date: Sun, 1 May 2022 00:07:23 +0200 Subject: [PATCH 7/7] Write out args of wayvnc, start on unix socket --- modules/headless-graphical/wayvnc.service.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/headless-graphical/wayvnc.service.nix b/modules/headless-graphical/wayvnc.service.nix index 021fe021..43b7ebae 100644 --- a/modules/headless-graphical/wayvnc.service.nix +++ b/modules/headless-graphical/wayvnc.service.nix @@ -11,7 +11,7 @@ pkgs: Service = { Type = "simple"; Environment = "WAYLAND_DISPLAY=wayland-1"; - ExecStart = "${pkgs.wayvnc}/bin/wayvnc -r -p 0.0.0.0 5901"; + ExecStart = "${pkgs.wayvnc}/bin/wayvnc --render-cursor --unix-socket /run/wayvnc.sock"; }; Install = { -- 2.47.2