From 21d808ee6cb54c7f097e68fe95039108ea4c8410 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Thu, 10 Nov 2011 20:52:23 +0000
Subject: [PATCH] * Add a module that enables a x11vnc-based terminal server,
 allowing   users to login via VNC.  Xvfb servers are started as required to  
 allow multiple concurrent users.

svn path=/nixos/trunk/; revision=30374
---
 modules/services/x11/terminal-server.nix | 66 ++++++++++++++++++++++++
 1 file changed, 66 insertions(+)
 create mode 100644 modules/services/x11/terminal-server.nix

diff --git a/modules/services/x11/terminal-server.nix b/modules/services/x11/terminal-server.nix
new file mode 100644
index 00000000000..951807bec5a
--- /dev/null
+++ b/modules/services/x11/terminal-server.nix
@@ -0,0 +1,66 @@
+# This module implements a terminal service based on ‘x11vnc’.  It
+# listens on port 5900 for VNC connections.  It then presents a login
+# screen to the user.  If the user successfully authenticates, x11vnc
+# checks to see if a X server is already running for that user.  If
+# not, a X server (Xvfb) is started for that user.  The Xvfb instances
+# persist across VNC sessions.
+
+{ config, pkgs, ... }:
+
+with pkgs.lib;
+
+let
+
+  # Wrap Xvfb to set some flags/variables.
+  xvfbWrapper = pkgs.writeScriptBin "Xvfb"
+    ''
+      #! ${pkgs.stdenv.shell}
+      export XKB_BINDIR=${pkgs.xorg.xkbcomp}/bin
+      export XORG_DRI_DRIVER_PATH=${pkgs.mesa}/lib/dri
+      exec ${pkgs.xorg.xorgserver}/bin/Xvfb "$@" -xkbdir "${pkgs.xkeyboard_config}/etc/X11/xkb"
+    '';
+
+  # ‘xinetd’ is insanely braindamaged in that it sends stderr to
+  # stdout.  Thus requires just about any xinetd program to be
+  # wrapped to redirect its stderr.  Sigh.
+  x11vncWrapper = pkgs.writeScriptBin "x11vnc-wrapper"
+    ''
+      #! ${pkgs.stdenv.shell}
+      export PATH=${makeSearchPath "bin" [ xvfbWrapper pkgs.gawk pkgs.which pkgs.openssl pkgs.xorg.xdpyinfo pkgs.xorg.xauth pkgs.nettools pkgs.shadow pkgs.procps pkgs.utillinux pkgs.bash ]}:$PATH
+      export FD_GEOM=1024x786x24
+      exec ${pkgs.x11vnc}/bin/x11vnc -inetd -display WAIT:1024x786:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp -unixpw -ssl SAVE 2> /var/log/x11vnc.log
+    '';
+
+in 
+
+{
+
+  config = {
+  
+    services.xserver.enable = true;
+
+    # Enable KDM.  Any display manager will do as long as it supports XDMCP.
+    services.xserver.displayManager.kdm.enable = true;
+    services.xserver.displayManager.kdm.enableXDMCP = true;
+    services.xserver.displayManager.kdm.extraConfig =
+      ''
+        [General]
+        # We're headless, so don't bother starting an X server.
+        StaticServers=
+
+        [Xdmcp]
+        Xaccess=${pkgs.writeText "Xaccess" "localhost"}
+      '';
+
+    services.xinetd.enable = true;
+    services.xinetd.services = singleton
+      { name = "x11vnc";
+        port = 5900;
+        unlisted = true;
+        user = "root";
+        server = "${x11vncWrapper}/bin/x11vnc-wrapper";
+      };
+
+  };
+
+}