From 25b13b47e5ab49def8c2b7ba2b4452c1c78c74ad Mon Sep 17 00:00:00 2001 From: Philip Peterson Date: Mon, 25 May 2026 19:14:53 -0800 Subject: [PATCH] vnc: KDE Plasma desktop, local image build via systemd Replace openbox with kde-plasma-desktop + konsole. Build the container image locally via a oneshot systemd service (build-vnc-image) that runs before arion-vnc-desktop on each boot. Nix hashes the Dockerfile and start.sh at eval time so the build is skipped when nothing changed. No registry push/pull required. Co-Authored-By: Claude Sonnet 4.6 --- nixos/linux.nix | 29 +++++++++++++++++++++++++++++ nixos/vnc-desktop/Dockerfile | 4 ++-- nixos/vnc-desktop/start.sh | 5 ++--- 3 files changed, 33 insertions(+), 5 deletions(-) diff --git a/nixos/linux.nix b/nixos/linux.nix index d028406..f86b2cd 100644 --- a/nixos/linux.nix +++ b/nixos/linux.nix @@ -116,6 +116,35 @@ in { systemd.services.arion-riverside.environment.DOCKER_HOST = "unix:///run/podman/podman.sock"; systemd.services.arion-vnc-desktop.environment.DOCKER_HOST = "unix:///run/podman/podman.sock"; + # Build the VNC desktop image locally from the Dockerfile — no registry push/pull needed. + # Nix copies the build context into the store; the hash changes when Dockerfile or + # start.sh change, triggering a rebuild on the next nixos-rebuild switch. + systemd.services.build-vnc-image = { + description = "Build VNC desktop container image from Dockerfile"; + wantedBy = [ "arion-vnc-desktop.service" ]; + before = [ "arion-vnc-desktop.service" ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = pkgs.writeShellScript "build-vnc-image" '' + STAMP=/var/lib/build-vnc-image/context-hash + EXPECTED="${builtins.hashString "sha256" + (builtins.readFile ./vnc-desktop/Dockerfile + + builtins.readFile ./vnc-desktop/start.sh)}" + if [ -f "$STAMP" ] && [ "$(cat "$STAMP")" = "$EXPECTED" ]; then + echo "VNC image is up to date, skipping build" + exit 0 + fi + echo "Building VNC desktop image..." + ${pkgs.podman}/bin/podman build \ + -t forge.quinefoundation.com/ironmagma/vnc-desktop:latest \ + ${./vnc-desktop} + mkdir -p "$(dirname "$STAMP")" + echo "$EXPECTED" > "$STAMP" + ''; + }; + }; + services.gitea-actions-runner.instances."ubuntu" = { enable = true; name = "ubuntu"; diff --git a/nixos/vnc-desktop/Dockerfile b/nixos/vnc-desktop/Dockerfile index 9103611..380ae2e 100644 --- a/nixos/vnc-desktop/Dockerfile +++ b/nixos/vnc-desktop/Dockerfile @@ -7,8 +7,8 @@ RUN apt-get update && apt-get install -y \ tigervnc-common \ novnc \ python3-websockify \ - openbox \ - xterm \ + kde-plasma-desktop \ + konsole \ x11-utils \ xfonts-base \ dbus-x11 \ diff --git a/nixos/vnc-desktop/start.sh b/nixos/vnc-desktop/start.sh index b8be64c..fe604fd 100644 --- a/nixos/vnc-desktop/start.sh +++ b/nixos/vnc-desktop/start.sh @@ -21,9 +21,8 @@ Xvnc :1 \ export DISPLAY=:1 sleep 2 -# Start window manager and initial terminal -openbox-session & -xterm & +# Start KDE Plasma session +dbus-run-session -- startplasma-x11 & # Serve noVNC web UI + bridge WebSocket -> VNC exec websockify --web /usr/share/novnc 6080 localhost:5901