Remote Desktop
Software
Remote desktop software is split into two types: servers and clients. To access a computer remotely, it must have a server running, which usually is exposed to a port or set thereof. Access to that server can be gained using a client; many protocols, like RDP, are open to all clients willing to support them. Others require specific clients, so consult the documentation for whichever service you choose to use.
Server Protocols
- VNC
- XRDP
Clients
- Apache Guacamole
- freerdp
- KRDC (KDE)
- remmina
- tightvnc and its forks tigervnc and turbovnc
- x2goclient
- GNOME Connections
Configuration
VNC
Most servers provide a vncserver command.
Various servers provide configuration options either by CLI or by configuration file.
Desktop session
To start a desktop session or window manager, one currently has to do this manually because servers still have hard-coded paths to /usr/share/xsessions to look for .desktop files. That means one has to write a script that starts the desktop session, window manager, or any other X application.
Some servers will automatically run $HOME/.vnc/xstartup but the more secure option is to write an executable script and run vncserver -xstartup $pathToScript
An example script:
#!/usr/bin/env bash
# set some env variables
# start window manager
exec icewm
pathToScript can also be a path to an executable like ${pkgs.icewm}/bin/icewm
Tiger VNC
Nixpkgs has a package but no service.
The server component can be started using the vncserver command.
To connect, use the vncviewer command.
x2go
X2go client is packaged in nixos as x2goclient.
The server is installed by adding the following line:
services.x2goserver.enable = true;
to /etc/nixos/configuration.nix.
Guacamole
Guacamole-server and guacamole-client are in nixpkgs. Some details are in the package request.
RDP
NixOS has first-class support for XRDP. Client-wise, RDP can be accessed in many ways, but `remmina` and `freerdp` support it natively.
All of the options for the xrdp service can be viewed on the NixOS Options wiki, though an example setup inside of configuration.nix is provided below:
services.xserver.enable = true;
services.xserver.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma5.enable = true;
services.xrdp.enable = true;
services.xrdp.defaultWindowManager = "startplasma-x11";
services.xrdp.openFirewall = true;
(Source: Discourse Link, nixpkgs code)
A different window manager can be used for XRDP than a machine user, provided it has been enabled (through NixOS services or nixpkgs.
Make sure you log out the visual user first on the remote machine, otherwise you'll get a black screen. (Source: Reddit). You may be able to work around this by enabling and configuring Polkit, as demonstrated on that page.
GNOME
The XRDP defaultWindowManager setting to access a remote GNOME shell should be set to gnome-remote-desktop. Also ensure you include the package pkgs.gnome.gnome-remote-desktop in your configuration files and that you have a firewall port open for XRDP to communicate on (for the GNOME connections app, this is usually 3389).
If the above results in a black screen and disconnection after login, the following should work:
services.xrdp.enable = true;
services.xrdp.defaultWindowManager = "${pkgs.gnome.gnome-session}/bin/gnome-session";
services.xrdp.openFirewall = true;
# Disable the GNOME3/GDM auto-suspend feature that cannot be disabled in GUI!
# If no user is logged in, the machine will power down after 20 minutes.
systemd.targets.sleep.enable = false;
systemd.targets.suspend.enable = false;
systemd.targets.hibernate.enable = false;
systemd.targets.hybrid-sleep.enable = false;
(Source: Discourse Link)
Meshcentral
Meshcentral is a self-hosted open source administration tool similar to teamviewer. It can be added with:
services.meshcentral.enable = true;
However, the agent (client) is not available. (Request)