1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
|
{ lib
, stdenv
, applyPatches
, fetchFromGitHub
, pkg-config
, which
, perl
, autoconf
, automake
, libtool
, openssl
, systemd
, pam
, fuse
, libjpeg
, libopus
, nasm
, xorg
, lame
, pixman
, libjpeg_turbo
, _experimental-update-script-combinators
, gitUpdater
}:
let
xorgxrdp = stdenv.mkDerivation rec {
pname = "xorgxrdp";
version = "0.9.20";
src = fetchFromGitHub {
owner = "neutrinolabs";
repo = "xorgxrdp";
rev = "v${version}";
hash = "sha256-cAAWk/GqR5zJmh7EAzX3qJiYNl/RrDWdncdFeqsFIaU=";
};
nativeBuildInputs = [ pkg-config autoconf automake which libtool nasm ];
buildInputs = [ xorg.xorgserver ];
postPatch = ''
# patch from Debian, allows to run xrdp daemon under unprivileged user
substituteInPlace module/rdpClientCon.c \
--replace 'g_sck_listen(dev->listen_sck);' 'g_sck_listen(dev->listen_sck); g_chmod_hex(dev->uds_data, 0x0660);'
substituteInPlace configure.ac \
--replace 'moduledir=`pkg-config xorg-server --variable=moduledir`' "moduledir=$out/lib/xorg/modules" \
--replace 'sysconfdir="/etc"' "sysconfdir=$out/etc"
'';
preConfigure = "./bootstrap";
configureFlags = [ "XRDP_CFLAGS=-I${xrdp.src}/common" ];
enableParallelBuilding = true;
passthru.updateScript = gitUpdater { rev-prefix = "v"; };
};
xrdp = stdenv.mkDerivation rec {
pname = "xrdp";
version = "0.9.25.1";
src = applyPatches {
inherit version;
patches = [ ./dynamic_config.patch ];
name = "xrdp-patched-${version}";
src = fetchFromGitHub {
owner = "neutrinolabs";
repo = "xrdp";
rev = "v${version}";
fetchSubmodules = true;
hash = "sha256-oAs0oWkCyj3ObdJuHLfT25ZzkTrxNAXDiFU64OOP4Ow=";
};
};
nativeBuildInputs = [ pkg-config autoconf automake which libtool nasm perl ];
buildInputs = [
fuse
lame
libjpeg
libjpeg_turbo
libopus
openssl
pam
pixman
systemd
xorg.libX11
xorg.libXfixes
xorg.libXrandr
];
postPatch = ''
substituteInPlace sesman/xauth.c --replace "xauth -q" "${xorg.xauth}/bin/xauth -q"
substituteInPlace configure.ac --replace /usr/include/ ""
'';
preConfigure = ''
(cd librfxcodec && ./bootstrap && ./configure --prefix=$out --enable-static --disable-shared)
./bootstrap
'';
dontDisableStatic = true;
configureFlags = [
"--with-systemdsystemunitdir=/var/empty"
"--enable-fuse"
"--enable-ipv6"
"--enable-jpeg"
"--enable-mp3lame"
"--enable-opus"
"--enable-pam-config=unix"
"--enable-pixman"
"--enable-rdpsndaudin"
"--enable-rfxcodec"
"--enable-tjpeg"
"--enable-vsock"
];
installFlags = [ "DESTDIR=$(out)" "prefix=" ];
postInstall = ''
# remove generated keys (as non-deterministic)
rm $out/etc/xrdp/{rsakeys.ini,key.pem,cert.pem}
cp $src/keygen/openssl.conf $out/share/xrdp/openssl.conf
substituteInPlace $out/etc/xrdp/sesman.ini --replace /etc/xrdp/pulse $out/etc/xrdp/pulse
# remove all session types except Xorg (they are not supported by this setup)
perl -i -ne 'print unless /\[(X11rdp|Xvnc|console|vnc-any|sesman-any|rdp-any|neutrinordp-any)\]/ .. /^$/' $out/etc/xrdp/xrdp.ini
# remove all session types and then add Xorg
perl -i -ne 'print unless /\[(X11rdp|Xvnc|Xorg)\]/ .. /^$/' $out/etc/xrdp/sesman.ini
cat >> $out/etc/xrdp/sesman.ini <<EOF
[Xorg]
param=${xorg.xorgserver}/bin/Xorg
param=-modulepath
param=${xorgxrdp}/lib/xorg/modules,${xorg.xorgserver}/lib/xorg/modules
param=-config
param=${xorgxrdp}/etc/X11/xrdp/xorg.conf
param=-noreset
param=-nolisten
param=tcp
param=-logfile
param=.xorgxrdp.%s.log
EOF
'';
enableParallelBuilding = true;
passthru = {
inherit xorgxrdp;
updateScript = _experimental-update-script-combinators.sequence (map (item: item.command) [
(gitUpdater { rev-prefix = "v"; attrPath = "xrdp.src"; ignoredVersions = [ "beta" ]; })
{ command = ["rm" "update-git-commits.txt"]; }
(gitUpdater { rev-prefix = "v"; attrPath = "xrdp.xorgxrdp"; })
]);
};
meta = with lib; {
description = "Open source RDP server";
homepage = "https://github.com/neutrinolabs/xrdp";
license = licenses.asl20;
maintainers = with maintainers; [ chvp lucasew ];
platforms = platforms.linux;
};
};
in xrdp
|