Commit da062879 authored by Todor Kondic's avatar Todor Kondic
Browse files

Replace xinetd/gmd3 with lightdm vnc solution

parent 9dd6ea85
# GDM configuration storage
#
# See /usr/share/gdm/gdm.schemas for a list of available options.
[daemon]
# Uncomment the line below to force the login screen to use Xorg
WaylandEnable=false
# Enabling automatic login
# AutomaticLoginEnable = true
# AutomaticLogin = user1
# Enabling timed login
# TimedLoginEnable = true
# TimedLogin = user1
# TimedLoginDelay = 10
[security]
AllowRemoteRoot=true
DisallowTCP=false
[xdmcp]
DisplaysPerHost=15
Enable=true
MaxSessions=30
MaxPending=15
[chooser]
[debug]
# Uncomment the line below to turn on debugging
# More verbose logs
# Additionally lets the X server dump core if it crashes
Enable=true
# These are the options for the greeter session that can be set
# through GSettings. Any GSettings setting that is used by the
# greeter session can be set here.
# Note that you must configure the path used by dconf to store the
# configuration, not the GSettings path.
# Theming options
# ===============
# - Change the GTK+ theme
[org/gnome/desktop/interface]
# gtk-theme='Adwaita'
# - Use another background
[org/gnome/desktop/background]
# picture-uri='file:///usr/share/themes/Adwaita/backgrounds/stripes.jpg'
# picture-options='zoom'
# - Or no background at all
[org/gnome/desktop/background]
# picture-options='none'
# primary-color='#000000'
# Login manager options
# =====================
[org/gnome/login-screen]
#logo='/usr/share/images/vendor-logos/logo-text-version-128.png'
# - Disable user list
disable-user-list=true
# - Disable restart buttons
disable-restart-buttons=true
# - Show a login welcome message
banner-message-enable=true
banner-message-text="Hello ECI."
# Automatic suspend
# =================
[org/gnome/settings-daemon/plugins/power]
# - Time inactive in seconds before suspending with AC power
# 1200=20 minutes, 0=never
# sleep-inactive-ac-timeout=1200
# - What to do after sleep-inactive-ac-timeout
# 'blank', 'suspend', 'shutdown', 'hibernate', 'interactive' or 'nothing'
# sleep-inactive-ac-type='suspend'
# - As above but when on battery
# sleep-inactive-battery-timeout=1200
# sleep-inactive-battery-type='suspend'
\ No newline at end of file
#
# General configuration
#
# start-default-seat = True to always start one seat if none are defined in the configuration
# greeter-user = User to run greeter as
# minimum-display-number = Minimum display number to use for X servers
# minimum-vt = First VT to run displays on
# lock-memory = True to prevent memory from being paged to disk
# user-authority-in-system-dir = True if session authority should be in the system location
# guest-account-script = Script to be run to setup guest account
# logind-check-graphical = True to on start seats that are marked as graphical by logind
# log-directory = Directory to log information to
# run-directory = Directory to put running state in
# cache-directory = Directory to cache to
# sessions-directory = Directory to find sessions
# remote-sessions-directory = Directory to find remote sessions
# greeters-directory = Directory to find greeters
# backup-logs = True to move add a .old suffix to old log files when opening new ones
# dbus-service = True if LightDM provides a D-Bus service to control it
#
[LightDM]
#start-default-seat=true
#greeter-user=lightdm
#minimum-display-number=0
#minimum-vt=7
#lock-memory=true
#user-authority-in-system-dir=false
#guest-account-script=guest-account
#logind-check-graphical=false
#log-directory=/var/log/lightdm
#run-directory=/var/run/lightdm
#cache-directory=/var/cache/lightdm
#sessions-directory=/usr/share/lightdm/sessions:/usr/share/xsessions:/usr/share/wayland-sessions
#remote-sessions-directory=/usr/share/lightdm/remote-sessions
#greeters-directory=$XDG_DATA_DIRS/lightdm/greeters:$XDG_DATA_DIRS/xgreeters
#backup-logs=true
#dbus-service=true
#
# Seat configuration
#
# Seat configuration is matched against the seat name glob in the section, for example:
# [Seat:*] matches all seats and is applied first.
# [Seat:seat0] matches the seat named "seat0".
# [Seat:seat-thin-client*] matches all seats that have names that start with "seat-thin-client".
#
# type = Seat type (local, xremote, unity)
# pam-service = PAM service to use for login
# pam-autologin-service = PAM service to use for autologin
# pam-greeter-service = PAM service to use for greeters
# xserver-backend = X backend to use (mir)
# xserver-command = X server command to run (can also contain arguments e.g. X -special-option)
# xmir-command = Xmir server command to run (can also contain arguments e.g. Xmir -special-option)
# xserver-config = Config file to pass to X server
# xserver-layout = Layout to pass to X server
# xserver-allow-tcp = True if TCP/IP connections are allowed to this X server
# xserver-share = True if the X server is shared for both greeter and session
# xserver-hostname = Hostname of X server (only for type=xremote)
# xserver-display-number = Display number of X server (only for type=xremote)
# xdmcp-manager = XDMCP manager to connect to (implies xserver-allow-tcp=true)
# xdmcp-port = XDMCP UDP/IP port to communicate on
# xdmcp-key = Authentication key to use for XDM-AUTHENTICATION-1 (stored in keys.conf)
# unity-compositor-command = Unity compositor command to run (can also contain arguments e.g. unity-system-compositor -special-option)
# unity-compositor-timeout = Number of seconds to wait for compositor to start
# greeter-session = Session to load for greeter
# greeter-hide-users = True to hide the user list
# greeter-allow-guest = True if the greeter should show a guest login option
# greeter-show-manual-login = True if the greeter should offer a manual login option
# greeter-show-remote-login = True if the greeter should offer a remote login option
# user-session = Session to load for users
# allow-user-switching = True if allowed to switch users
# allow-guest = True if guest login is allowed
# guest-session = Session to load for guests (overrides user-session)
# session-wrapper = Wrapper script to run session with
# greeter-wrapper = Wrapper script to run greeter with
# guest-wrapper = Wrapper script to run guest sessions with
# display-setup-script = Script to run when starting a greeter session (runs as root)
# display-stopped-script = Script to run after stopping the display server (runs as root)
# greeter-setup-script = Script to run when starting a greeter (runs as root)
# session-setup-script = Script to run when starting a user session (runs as root)
# session-cleanup-script = Script to run when quitting a user session (runs as root)
# autologin-guest = True to log in as guest by default
# autologin-user = User to log in with by default (overrides autologin-guest)
# autologin-user-timeout = Number of seconds to wait before loading default user
# autologin-session = Session to load for automatic login (overrides user-session)
# autologin-in-background = True if autologin session should not be immediately activated
# exit-on-failure = True if the daemon should exit if this seat fails
#
[Seat:*]
#type=local
#pam-service=lightdm
#pam-autologin-service=lightdm-autologin
#pam-greeter-service=lightdm-greeter
#xserver-backend=
#xserver-command=X
#xmir-command=Xmir
#xserver-config=
#xserver-layout=
xserver-allow-tcp=true
#xserver-share=true
#xserver-hostname=
#xserver-display-number=
#xdmcp-manager=
#xdmcp-port=177
#xdmcp-key=
#unity-compositor-command=unity-system-compositor
#unity-compositor-timeout=60
#greeter-session=example-gtk-gnome
#greeter-hide-users=false
#greeter-allow-guest=true
#greeter-show-manual-login=false
#greeter-show-remote-login=true
#user-session=default
#allow-user-switching=true
#allow-guest=true
#guest-session=
#session-wrapper=lightdm-session
#greeter-wrapper=
#guest-wrapper=
#display-setup-script=
#display-stopped-script=
#greeter-setup-script=
#session-setup-script=
#session-cleanup-script=
#autologin-guest=false
#autologin-user=
#autologin-user-timeout=0
#autologin-in-background=false
#autologin-session=
#exit-on-failure=false
#
# XDMCP Server configuration
#
# enabled = True if XDMCP connections should be allowed
# port = UDP/IP port to listen for connections on
# listen-address = Host/address to listen for XDMCP connections (use all addresses if not present)
# key = Authentication key to use for XDM-AUTHENTICATION-1 or blank to not use authentication (stored in keys.conf)
# hostname = Hostname to report to XDMCP clients (defaults to system hostname if unset)
#
# The authentication key is a 56 bit DES key specified in hex as 0xnnnnnnnnnnnnnn. Alternatively
# it can be a word and the first 7 characters are used as the key.
#
[XDMCPServer]
enabled=true
#port=177
#listen-address=
#key=
#hostname=
#
# VNC Server configuration
#
# enabled = True if VNC connections should be allowed
# command = Command to run Xvnc server with
# port = TCP/IP port to listen for connections on
# listen-address = Host/address to listen for VNC connections (use all addresses if not present)
# width = Width of display to use
# height = Height of display to use
# depth = Color depth of display to use
#
[VNCServer]
enabled=true
command=/usr/local/bin/fakeXvnc
#command=/usr/bin/Xvnc -inetd -once -query localhost -fp /usr/share/X11/fonts/misc -securitytypes=X509None -X509Key=/etc/custom-vnc/vnc.priv.pem -X509Cert=/etc/custom-vnc/vnc.pub.pem
port=5950
#listen-address=
#width=1024
#height=768
#depth=8
service vncserver
{
disable = no
type = unlisted
port = 5950
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/bin/Xvnc
server_args = -inetd -once -query localhost -fp /usr/share/X11/fonts/misc -securitytypes=X509None -X509Key=/etc/custom-vnc/vnc.priv.pem -X509Cert=/etc/custom-vnc/vnc.pub.pem
}
service vncserver{{ item.login }}
{
disable = no
type = unlisted
port = {{ item.port }}
socket_type = stream
protocol = tcp
wait = yes
user = {{ item.login }}
server = /usr/bin/Xvnc
server_args = -inetd -once -query localhost -fp /usr/share/X11/fonts/misc -securitytypes=X509None -X509Key=/etc/custom-vnc/key.vnc.pem -X509Cert=/etc/custom-vnc/cert.vnc.pem
}
service vncserver{{ item.login }}
{
disable = no
type = unlisted
port = {{ item.vncport }}
socket_type = stream
protocol = tcp
wait = yes
user = {{ item.login }}
server = /usr/bin/Xvnc
server_args = -inetd -once -query localhost -fp /usr/share/X11/fonts/misc -securitytypes=X509None -X509Key=/etc/custom-vnc/key.vnc.pem -X509Cert=/etc/custom-vnc/cert.vnc.pem
}
#!/bin/sh
/usr/bin/Xvnc -inetd -once -query localhost -fp /usr/share/X11/fonts/misc -securitytypes=X509None -X509Key=/etc/custom-vnc/vnc.priv.pem -X509Cert=/etc/custom-vnc/vnc.pub.pem
\ No newline at end of file
......@@ -22,14 +22,14 @@
dest: "/home/{{ item.login }}/.profile"
become_user: "{{ item.login }}"
loop: "{{ users }}"
- include: tasks/apt.yml
tags: apt
- include: tasks/ufw.yml
tags: ufw
- include: tasks/vnc.yml
tags: vnc
- include: tasks/visual-appeal.yml
tags: visual
# Set lightdm as login manager and make it listen to incoming
# connections.
- include: tasks/lightdm.yml
tags: lightdm
- include: tasks/guix.yml
tags: guix
- include: tasks/keyboard.yml
......@@ -42,9 +42,5 @@
handlers:
- name: Restart xinetd.
command: systemctl restart xinetd
- name: Update dconf.
command: dconf update
- name: Restart gdm.
command: systemctl restart gdm3
- name: restart-lightdm
command: systemctl restart lightdm
......@@ -12,12 +12,15 @@
'git',
'ufw',
'xfce4',
'gdm3',
'xinetd',
'firefox',
'chromium-browser',
'lightdm',
's3fs' ]
tags: apt
- name: Remove unnecessary pkgs.
apt:
name: [ 'gdm3' ]
state: absent
- name: Install lightdm configuration.
copy:
src: files/etc/lightdm/lightdm.conf
dest: /etc/lightdm/lightdm.conf
notify: restart-lightdm
- name: Copy fakeXvnc script.
copy:
src: files/usr/local/bin/fakeXvnc
dest: /usr/local/bin/fakeXvnc
mode: '0744'
notify: restart-lightdm
- name: Copy the greeter config.
copy:
src: files/etc/gdm3/greeter.dconf-defaults
dest: /etc/gdm3/greeter.dconf-defaults
notify:
- Update dconf.
- Restart gdm.
- name: Copy gdm3 config files.
ansible.builtin.copy:
src: files/etc/gdm3/custom.conf
dest: /etc/gdm3/custom.conf
owner: root
group: root
mode: '0644'
notify:
- Restart gdm.
- name: Copy xinetd config files.
ansible.builtin.copy:
src: files/etc/xinetd.d/vncserver
dest: /etc/xinetd.d/vncserver
owner: root
group: root
mode: '0644'
notify:
- Restart xinetd.
# - name: Create wait-based vnc services.
# ansible.builtin.template:
# src: files/etc/xinetd.d/vnctmpl
# dest: /etc/xinetd.d/vncserver{{ item.login }}
# loop: "{{ users }}"
# notify:
# - Restart xinetd.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment