├── .gitignore ├── Dockerfile ├── LICENSE ├── README.md ├── configs ├── bash_profile ├── node.cfg ├── node.cfg.default ├── server.cfg ├── server.cfg.default └── xfce4 │ ├── desktop │ ├── icons.screen0-1295x498.rc │ ├── icons.screen0-1295x542.rc │ ├── icons.screen0-1295x622.rc │ ├── icons.screen0-784x504.rc │ └── icons.screen0-784x584.rc │ ├── helpers.rc │ ├── panel │ ├── launcher-10 │ │ └── 15320870362.desktop │ ├── launcher-12 │ │ └── 15320870364.desktop │ ├── launcher-16 │ │ └── 15320872325.desktop │ └── launcher-9 │ │ └── 15320870361.desktop │ └── xfconf │ └── xfce-perchannel-xml │ ├── thunar.xml │ ├── xfce4-appfinder.xml │ ├── xfce4-desktop.xml │ ├── xfce4-keyboard-shortcuts.xml │ ├── xfce4-panel.xml │ ├── xfce4-settings-editor.xml │ ├── xfce4-settings-manager.xml │ └── xfwm4.xml ├── docker-compose.yml ├── install ├── nomachine-enterprise-desktop-evaluation_6.5.6_10_amd64.deb └── nomachine_6.5.6_9_amd64.deb └── nxserver.sh /.gitignore: -------------------------------------------------------------------------------- 1 | /volumes/ 2 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:18.04 as vdi_base 2 | 3 | ENV DEBIAN_FRONTEND=noninteractive 4 | 5 | # Configure timezone and locale to spanish and America/Bogota timezone. Change locale and timezone to whatever you want 6 | ENV LANG="de_DE.UTF-8" 7 | ENV LANGUAGE=de_DE 8 | ENV KEYMAP="de" 9 | ENV TIMEZONE="Europe/Berlin" 10 | #ENV DESKTOP="mate-desktop-environment-extras" 11 | ENV DESKTOP="xfce4" 12 | 13 | 14 | ################################################################################## 15 | # Base System 16 | RUN apt-get clean && apt-get update && apt-get install -y locales apt-utils && \ 17 | #locales 18 | locale-gen ${LANG} && locale-gen ${LANGUAGE} && \ 19 | echo "${TIMEZONE}" > /etc/timezone && \ 20 | apt-get install -y locales && \ 21 | sed -i -e "s/# $LANG.*/$LANG.UTF-8 UTF-8/" /etc/locale.gen && \ 22 | dpkg-reconfigure --frontend="${DEBIAN_FRONTEND}" locales && \ 23 | update-locale LANG=$LANG && \ 24 | echo "XKBLAYOUT=\"${KEYMAP}\"" > /etc/default/keyboard && \ 25 | # software 26 | apt-get install -y software-properties-common python3-software-properties sudo && \ 27 | add-apt-repository universe && apt-get update -y && \ 28 | apt-get install -y vim xterm pulseaudio cups curl libgconf2-4 iputils-ping libxss1 wget xdg-utils libpango1.0-0 fonts-liberation && \ 29 | # Install the desktop-enviroment version you would like to have 30 | apt-get install -y "${DESKTOP}" && \ 31 | # Cleanup 32 | apt-get autoremove -y && \ 33 | apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* 34 | 35 | 36 | ####################################### 37 | # additional softeware: download tor, firefox, libreoffice and git, etc 38 | # RUN add-apt-repository ppa:webupd8team/tor-browser && apt-get update -y && \ 39 | # apt-get install -y aptitude tor firefox libreoffice htop nano git vim tor-browser iftop chromium-browser keepassx sshfs encfs terminator nmap tig mtr && \ 40 | 41 | RUN apt-get update && apt-get install -y chromium-browser firefox torbrowser-launcher && \ 42 | # Clean up APT when done. 43 | apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | ################################################################################## 52 | # nomachine installation 53 | 54 | FROM vdi_base as vdi 55 | 56 | 57 | ####################################### 58 | # ONLINE install 59 | # Goto https://www.nomachine.com/download/download&id=10 and change for the latest NOMACHINE_PACKAGE_NAME and MD5 shown in that link to get the latest version. 60 | # Free - OLD 61 | #ENV NOMACHINE_PACKAGE_NAME nomachine_5.2.11_1_amd64.deb 62 | #ENV NOMACHINE_MD5 d697e5a565507d522380c94d2f295d0 63 | 64 | # Free - lastest 65 | ENV NOMACHINE_PACKAGE_NAME nomachine_6.5.6_9_amd64.deb 66 | # ENV NOMACHINE_MD5 8fc4b0a467eff56f662f348c7e03c6ec 67 | 68 | # Enterprise 69 | # ENV NOMACHINE_PACKAGE_NAME nomachine-enterprise-desktop-evaluation_6.5.6_10_amd64.deb 70 | # ENV NOMACHINE_MD5 306a8554a6ffc9aec6f8a2b7e6e61e46 71 | 72 | # Install nomachine, change password and username to whatever you want here 73 | #RUN # curl -fSL "http://download.nomachine.com/download/5.2/Linux/${NOMACHINE_PACKAGE_NAME}" -o nomachine.deb \ 74 | # curl -fSL "http://download.nomachine.com/download/6.5/Linux/${NOMACHINE_PACKAGE_NAME}" -o nomachine.deb \ 75 | # echo "${NOMACHINE_MD5} *nomachine.deb" | md5sum -c - && \ 76 | # # Clean up APT when done. 77 | # apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* 78 | 79 | 80 | ####################################### 81 | # OFFLINE install 82 | ADD ./install/${NOMACHINE_PACKAGE_NAME} /nomachine.deb 83 | RUN dpkg -i /nomachine.deb && \ 84 | # Cleanup 85 | rm -f /nomachine.deb 86 | 87 | 88 | ####################################### 89 | # add Configs 90 | ADD ./configs/server.cfg /usr/NX/etc/server.cfg 91 | ADD ./configs/node.cfg /usr/NX/etc/node.cfg 92 | ## keyboard-layout 93 | ADD ./configs/bash_profile /home/user/.bash_profile 94 | ## Desktop config 95 | ADD ./configs/xfce4 /home/user/.config/xfce4 96 | 97 | 98 | ADD nxserver.sh / 99 | 100 | ENTRYPOINT ["/nxserver.sh"] 101 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2016 cesarandreslopez 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Docker VDI (Virtual Desktop Instance) 2 | Ubuntu Desktop 18.04 (xfce) Dockerfile with NoMachine remote access and firefox, chromium & more 3 | 4 | # How to run 5 | ## with docker-compose 6 | build & run: 7 | ``` 8 | docker-compose up -d 9 | ``` 10 | 11 | (re)-build 12 | ``` 13 | docker-compose build --no-cache 14 | ``` 15 | 16 | ## manually 17 | ### Build 18 | 19 | ``` 20 | git clone 21 | cd docker-vdi 22 | docker build -t=vdi . 23 | ``` 24 | 25 | 26 | ### Enviroment vaiables 27 | * `USER` -> user for the nomachine login 28 | * `PASSWORD` -> password for the nomachine login 29 | 30 | ### Usage 31 | 32 | ``` 33 | docker run -d --rm -p 4000:4000 -p 4080:4080 -p 4443:4443 --name vdi -e PASSWORD=password -e USER=user --cap-add=SYS_PTRACE vdi 34 | ``` 35 | 36 | ### Language and Locale 37 | In the Docker file the default language and location are set to German/Germany, these can be changed to English/United States 38 | 39 | ``` 40 | ENV LANG="en_US.UTF-8" 41 | ENV LANGUAGE=en_US 42 | ENV KEYMAP="us" 43 | ENV TIMEZONE="America/Denver" 44 | ``` 45 | 46 | 47 | # Connect to the container 48 | ## with the Client 49 | Download the NoMachine client from: https://www.nomachine.com/download, install the client, create a new connection to your public ip, port 4000, NX protocol, use enviroment user and password for authentication (make sure to setup enviroment variables for that) 50 | 51 | ## via Webbrowser (only with Enterprise Client) 52 | open URL: `https://127.0.0.1:4443` 53 | -------------------------------------------------------------------------------- /configs/bash_profile: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | setxkbmap de & 4 | -------------------------------------------------------------------------------- /configs/node.cfg: -------------------------------------------------------------------------------- 1 | ###################################################################### 2 | # # 3 | # Copyright (c) 2001, 2018 NoMachine, http://www.nomachine.com. # 4 | # # 5 | # All rights reserved. # 6 | # # 7 | ###################################################################### 8 | 9 | # 10 | # Some configuration keys are used to set specific limits, such as the 11 | # maximum size for the session log. To remove a limitation, set the 12 | # corresponding key to value '0' or 'Unlimited'. 13 | 14 | # 15 | # Configuration file format version. 16 | # 17 | ConfigFileVersion 4.0 18 | 19 | # 20 | # Specify hostname for the NoMachine node. 21 | # 22 | #NodeName localhost.localdomain 23 | 24 | # 25 | # Set log level. Node logs all events that are <= to the level set and 26 | # according to the following convention: 27 | # 28 | # KERN_ERR 3: Error condition. 29 | # KERN_INFO 6: Informational. 30 | # KERN_DEBUG 7: Debug messages. 31 | # 32 | # The suggested values are: 33 | # 34 | # 6: Default value. Only relevant events are logged. 35 | # 36 | # 7: Set the log level to debug. 37 | # 38 | #SessionLogLevel 6 39 | 40 | # 41 | # Point the node to log to a specific file. The default log file is 42 | # /Library/Application Support/NoMachine/var/log/nxserver.log on Mac 43 | # OS X, %PROGRAMDATA%/NoMachine/var/log/nxserver.log on Windows and 44 | # /usr/NX/var/log/nxserver.log on Linux. 45 | # 46 | #SystemLogFile /usr/NX/var/log/nxserver.log 47 | 48 | # 49 | # Specify path and name of the command to start a new virtual desktop, 50 | # by default the X session set on the system. 51 | # 52 | DefaultDesktopCommand "/etc/X11/Xsession default" 53 | 54 | # 55 | # Provide a comma-separated list of session types supported on this 56 | # node host. 57 | # 58 | AvailableSessionTypes unix-remote,unix-console,unix-default,unix-application,physical-desktop,shadow,unix-xsession-default,unix-xdm 59 | 60 | # 61 | # Set the maximum size, expressed in bytes, allowed for the session 62 | # log. Node terminates the session when this limit is exceeded. 63 | # 64 | #SessionLogLimit 0 65 | 66 | # 67 | # Enable or disable the automatic clean-up of session directories at 68 | # the time sessions are terminated. 69 | # 70 | # 1: Enabled. This is the default value. 71 | # 72 | # 0: Disabled. Directories are prefixed by 'T-' and left 73 | # for further reference. 74 | # 75 | #SessionLogClean 1 76 | 77 | # 78 | # Enable or disable node to log the X clients standard error. 79 | # 80 | # 1: Enabled. Stderr of X clients is redirected to 'clients' 81 | # file in the session directory. 82 | # 83 | # 0: Disabled. Stderr of X clients is redirected to /dev/null. 84 | # 85 | #ClientLog 1 86 | 87 | # 88 | # Set the maximum size, expressed in bytes, allowed for the X clients 89 | # log. Node terminates the session when this limit is exceeded. 90 | # 91 | #ClientLogLimit 0 92 | 93 | # 94 | # Set the maximum amount of data, in bytes, that can be copied from 95 | # the session to the client. The default value is 0, i.e. unlimited. 96 | # 97 | #ClipboardBufferLimit 0 98 | 99 | # 100 | # Specify for how long the node has to wait for a reply from NoMachine 101 | # server before considering that the connection with the server has 102 | # been lost. Default value, 120 seconds, lets node wait for 2 minutes. 103 | # Set this value to 0 to disable timeout on the node. 104 | # 105 | #NodeConnectionTimeout 120 106 | 107 | # 108 | # Enable or disable disk sharing: 109 | # 110 | # client: Filesystem on the client can be connected on server side and 111 | # accessed from the session. 112 | # 113 | # server: Filesystem on the server can be connected on the end-user's 114 | # machine and accessed through the whole life of the session. 115 | # 116 | # both: Client and server filesystem can be connected on remote and 117 | # locale respectively. 118 | # 119 | # none: Neither client or server filesystem can be connected. 120 | # 121 | EnableDiskSharing both 122 | 123 | # 124 | # Specify path of base directory where the node has to mount disks 125 | # accessible only by the user who connected them. Base directory is 126 | # "$(DESKTOP)" by default. $(HOME) and $(USER) are also accepted values 127 | # and can be concatenated to specify path to a directory, for example 128 | # "$(HOME)/Shares". Target directory must exist on the system. 129 | # 130 | DiskSharingPrivateBasePath "$(DESKTOP)" 131 | 132 | # 133 | # Specify path to base directory where the node has to mount user's 134 | # disks which are accessible to users running a session on that server. 135 | # Base directory is "$(PUBLIC)" by default. $(PUBLIC) is /Volumes on Mac 136 | # OS X, /media on Linux, C:\Users\Public on Windows Vista/7/8 and 137 | # %ALLUSERSPROFILE% on XP. $(USER) is an accepted value and can be 138 | # concatenated to specify path to a directory, for example "/tmp/$(USER)". 139 | # Target directory must exist on the system. 140 | # 141 | #DiskSharingPublicBasePath "$(PUBLIC)" 142 | 143 | # 144 | # Specify which disks are available to be connected in the session. 145 | # Default value is 'all'. Alternatively, specify path to the disk or 146 | # directory in a list of comma-separated values. $(HOME) and $(USER) 147 | # are accepted values. For example "$(HOME),/Volumes/TimeMachine". 148 | # 149 | DiskSharingList all 150 | 151 | # 152 | # Enable or disable printer sharing 153 | # 154 | # client: Printers on the client can be connected on server side and 155 | # made available within the session. 156 | # 157 | # server: Printers on the server can be connected on the end-user's 158 | # machine. 159 | # 160 | # both: Client and server printers can be connected on remote and 161 | # locale respectively. 162 | # 163 | # none: Neither client or server printers can be connected. 164 | # 165 | EnablePrinterSharing both 166 | 167 | # 168 | # Enable or disable usb sharing: 169 | # 170 | # client: USB devices on the client can be forwarded on server side and 171 | # made available within the session 172 | # 173 | # server: USB devices on the server can be connected on the end-user's 174 | # machine. 175 | # 176 | # both: Client and server USB devices can be connected on remote and 177 | # locale respectively. 178 | # 179 | # none: Neither client or server USB devices can be connected. 180 | # 181 | EnableUSBSharing both 182 | 183 | # 184 | # Enable or disable network services sharing: 185 | # 186 | # client: Network servers on client side can be added and made available 187 | # within the session. 188 | # 189 | # server: Network server on the server side can be added and made 190 | # available on the end-user's machine. 191 | # 192 | # both: Network servers from client and server side can be connected 193 | # on remote and locale respectively. 194 | # 195 | # none: Neither client or server side network servers can be 196 | # connected. 197 | # 198 | #EnableNetworkSharing both 199 | 200 | # 201 | # Enable or disable connecting a smartcard reader: 202 | # 203 | # 1: Enabled. The smartcard reader plugged on client side can be 204 | # forwarded to server side. 205 | # 206 | # 0: Disabled. The smartcard reader cannot be forwarded. 207 | # 208 | EnableSmartcardSharing 1 209 | 210 | # 211 | # Enable or disable file transfer: 212 | # 213 | # client: Files can be transferred from client machine to the 214 | # server. 215 | # 216 | # server: Files can be sent from the server to users. 217 | # 218 | # both: Client and server files can be transferred on remote and 219 | # locale respectively. 220 | # 221 | # none: Neither client or server files can be transferred. 222 | # 223 | #EnableFileTransfer both 224 | 225 | # 226 | # Specify which audio interface should be used to provide sound in 227 | # sessions. Key values depend on the hosting operating system and can 228 | # be 'pulseaudio', 'alsa' or 'disabled' on Linux, and 'nxaudio' or 229 | # 'disabled' on Windows and Mac OS X. 230 | # 231 | AudioInterface pulseaudio 232 | 233 | # 234 | # Specify path and name of the command to start PulseAudio server. 235 | # 236 | CommandStartPulseAudio "/usr/bin/pulseaudio --high-priority=no" 237 | 238 | # 239 | # Enable or disable CUPS support. This doesn't apply to Windows plat- 240 | # forms. This key is obsolete and used only for retro compatibility. 241 | # 242 | # 1: Enabled. Enable CUPS support. 243 | # 244 | # 0: Disabled. Disable CUPS support. 245 | # 246 | EnableCUPSSupport 1 247 | 248 | # 249 | # Specify the path of the directory holding CUPS binaries (e.g. the 250 | # 'lpoptions' program). This key is obsolete and used only for retro 251 | # compatibility. 252 | # 253 | CUPSBinPath /usr/bin 254 | 255 | # 256 | # Specify the path of the directory holding CUPS programs and reserved 257 | # for administrative purposes (e.g. 'cupsd' or 'lpadmin'). This key is 258 | # obsolete and used only for retro compatibility. 259 | # 260 | CUPSSbinPath /usr/sbin 261 | 262 | # 263 | # Specify the path of directory holding the CUPS backend. This key is 264 | # obsolete and used only for retro compatibility. 265 | # 266 | CUPSBackendPath /usr/lib/cups/backend 267 | 268 | # 269 | # Specify path of base directory where the node has to mount shares 270 | # exported by the user. Default value is $(HOME)/MyShares. This key 271 | # is obsolete and used only for retro compatibility. 272 | # 273 | #ShareBasePath $(HOME)/MyShares 274 | 275 | # 276 | # Allow node to use the CIFS (SMB) file-sharing protocol to attach the 277 | # filesystem to the target directory. This key is obsolete and used 278 | # only for retro compatibility. 279 | # 280 | # 1: Enabled. Node uses smbfs to mount and unmount client shares. 281 | # 282 | # 0: Disabled. Node forbids any attempt to mount shares via smbfs. 283 | # 284 | EnableSMBFSSupport 0 285 | 286 | # 287 | # Specify path and name of the command to start 'GNOME'. This doesn't 288 | # apply to Windows and Mac OS X platforms. 289 | # 290 | #CommandStartGnome "" 291 | 292 | # 293 | # Specify path and name of the command to start 'KDE'. This doesn't 294 | # apply to Windows and Mac OS X platforms. 295 | # 296 | #CommandStartKDE "" 297 | 298 | # 299 | # Specify path and name of the command to start 'CDE'. This applies to 300 | # Solaris SPARC platforms only. 301 | # 302 | #CommandStartCDE cdwm 303 | 304 | # 305 | # Specify path and name of the command to start the RFB Client. If the 306 | # Server supports VNC sessions, set this key to "vncviewer -fullscreen" 307 | # to use the vncviewer client. 308 | # 309 | #CommandStartRFB "" 310 | 311 | # 312 | # Specify path and name of the command to start the RDP Client. If the 313 | # Server supports RDP sessions, set this key to "rdesktop -f" to use 314 | # the rdesktop client. 315 | # 316 | #CommandStartRDP "" 317 | 318 | # 319 | # Specify the domain of the Windows Terminal Server. 320 | # 321 | #DefaultRDPDomain "" 322 | 323 | # 324 | # Specify path and name of the command 'fuser' to identify processes 325 | # using files or sockets. 326 | # 327 | CommandFuser /bin/fuser 328 | 329 | # 330 | # Specify path and name of the command 'lsof' to list open files. This 331 | # doesn't apply to Windows and Mac OS X platforms. 332 | # 333 | #CommandLsof /usr/sbin/lsof 334 | 335 | # 336 | # Specify path and name of the client program to be run by the node, 337 | # for example for issuing dialog boxes and messages, instead of the 338 | # default nxclient program. 339 | # 340 | #CommandClient /usr/NX/bin/nxclient 341 | 342 | # 343 | # Specify path and name of the command 'xauth' to edit and display 344 | # the authorization information used when connecting to the X server. 345 | # 346 | #CommandXauth /usr/NX/bin/nxauth 347 | 348 | # 349 | # Specify path and name of the command 'xdpyinfo' for displaying info- 350 | # rmation about an X server. 351 | # 352 | CommandXdpyInfo /usr/bin/xdpyinfo 353 | 354 | # 355 | # Specify path and name of the command 'xmodmap' to edit and display 356 | # the keyboard modifier map and keymap table. 357 | # 358 | CommandXmodmap /usr/bin/xmodmap 359 | 360 | # 361 | # Enable or disable use of 'xkbcomp' command: 362 | # 363 | # 1: Enabled. Use 'xkbcomp' command. 364 | # 365 | # 0: Disabled. 366 | # 367 | #EnableCommandXkbComp 1 368 | 369 | # 370 | # Specify path and name of the command 'xkbcomp' to compile XKB key- 371 | # board description. 372 | # 373 | CommandXkbComp /usr/bin/xkbcomp 374 | 375 | # 376 | # Specify location and file name of the keymap file used by 'xkbcomp'. 377 | # 378 | #XkbCompKeymapFile /etc/X11/xkb/keymap/xfree86 379 | 380 | # 381 | # Enable or disable loading VirtualGL libraries when starting virtual 382 | # desktops on Linux. 383 | # 384 | # 1: Enabled. This make OpenGL applications able to use server side 385 | # graphics hardware. 386 | # 387 | # 0: Disabled. VirtualGL libraries are not loaded. 388 | # 389 | #EnableVirtualGLSupport 0 390 | 391 | # 392 | # By default the agent only uses the X11 system fonts, uncomment this 393 | # key to enable use of an X Font Server. 394 | # 395 | #AgentFontServer unix/:7100 396 | 397 | # 398 | # Specify the path of default X window system startup script. This 399 | # doesn't apply to Windows and Mac OS X platforms. 400 | # 401 | DefaultXSession "/etc/X11/Xsession default" 402 | 403 | # 404 | # Set the default DPI of the X server to the specified value. This 405 | # should normally not be required, but some less recent desktop appli- 406 | # cations fail to set an appropriate value and fall back to 75 DPI, 407 | # which is the default value reported by the X server. 408 | # 409 | #DefaultXDPI 96 410 | 411 | # 412 | # Specify path of libraries to be added to the NoMachine agent environ- 413 | # ment. Be sure that NoMachine libraries are listed first. 414 | # 415 | #AgentLibraryPath /lib 416 | 417 | # 418 | # Specify a list of comma-separated options to be added to NoMachine 419 | # proxy transport. 420 | # 421 | #ProxyExtraOptions limit=256k,link=modem 422 | 423 | # 424 | # Append arguments to the command used by the Node to load the display 425 | # server program. 426 | # 427 | # Multiple parameters can be specified by separating them with a blank 428 | # character. For security reasons, no shell interpretation is made. 429 | # 430 | #DisplayServerExtraOptions "-nocomposite -noshpix" 431 | 432 | # 433 | # Append arguments to the command used by the Node to load the display 434 | # agent connected to the display server. 435 | # 436 | # Multiple parameters can be specified by separating them with a blank 437 | # character. For security reasons, no shell interpretation is made. 438 | # 439 | #DisplayAgentExtraOptions "-nocomposite -noshpix" 440 | 441 | # 442 | # Specify how clients will have to contact the node, by default by 443 | # the NX service. To allow for multiple methods, specify them in a 444 | # comma-separated list. Supported methods are: NX and SSH. 445 | # 446 | ClientConnectionMethods NX,SSH 447 | 448 | # 449 | # Specify the location and name of the SSH authorized keys file. 450 | # 451 | #SSHAuthorizedKeys $(HOME)/.ssh/authorized_keys2 452 | 453 | # 454 | # Specify the message to be shown to the user when the user starts the 455 | # session on this node for the first time. 456 | # 457 | #NodeFirstLoginGreeting "Welcome to your NoMachine session" 458 | 459 | # 460 | # Specify the message to be shown to the user every time the user 461 | # starts a new session on this node. 462 | # 463 | #NodeLoginGreeting "Welcome to your NoMachine session" 464 | 465 | # 466 | # Specify a different path to the default, i.e. user's home, where 467 | # the .nx directory has to be created to store session files. If it 468 | # doesn't exist yet, node will try to create a sub-directory for 469 | # each of the users starting a session there, named as username, and 470 | # will create the .nx under that sub-directory. For example, if this 471 | # key is set to /tmp/nxdir/, when user nxtest runs the first session, 472 | # the node will try to create the /tmp/nxdir/nxtest/.nx directory. 473 | # The directory specifed in the UserNXDirectoryPath key needs to 474 | # have proper ownership and permissions set to ensure that the node, 475 | # running as the user, can access it. I.e. the directory should be 476 | # writeable for all users or alternatively, the administrator should 477 | # create a directory with proper ownership and permissions, named as 478 | # username, for each of the users who need to start sessions there. 479 | # 480 | #UserNXDirectoryPath "" 481 | 482 | # 483 | # Specify absolute path of the custom script to be executed before 484 | # the session start-up. The script can accept session ID, username, 485 | # session type and display as its input. 486 | # 487 | # E.g. UserScriptBeforeSessionStart /tmp/nxscript/script.sh 488 | # 489 | #UserScriptBeforeSessionStart "" 490 | 491 | # 492 | # Specify absolute path of the custom script to be executed after the 493 | # session start-up. The script can accept session ID, username, ses- 494 | # sion type and display as its input. 495 | # 496 | #UserScriptAfterSessionStart "" 497 | 498 | # 499 | # Specify absolute path of the custom script to be executed before 500 | # the session is disconnected. The script can accept session ID, user- 501 | # name, session type and display as its input. 502 | # 503 | #UserScriptBeforeSessionDisconnect "" 504 | 505 | # 506 | # Specify absolute path of the custom script to be executed after the 507 | # session is disconnected. The script can accept session ID, username, 508 | # session type and display as its input. 509 | # 510 | #UserScriptAfterSessionDisconnect "" 511 | 512 | # 513 | # Specify absolute path of the custom script to be executed before the 514 | # session is closed. The script can accept session ID, username, ses- 515 | # sion type and display its input. 516 | # 517 | #UserScriptBeforeSessionClose "" 518 | 519 | # 520 | # Specify absolute path of the custom script to be executed after the 521 | # session is closed. The script can accept session ID, username, ses- 522 | # sion type and display its input. 523 | # 524 | #UserScriptAfterSessionClose "" 525 | 526 | # 527 | # Specify absolute path of the custom script to be executed before 528 | # the session is reconnected. The script can accept session ID, user- 529 | # name, session type and display as its input. 530 | # 531 | #UserScriptBeforeSessionReconnect "" 532 | 533 | # 534 | # Specify absolute path of the custom script to be executed after the 535 | # session is reconnected. The script can accept session ID, username, 536 | # session type and display as its input. 537 | # 538 | #UserScriptAfterSessionReconnect "" 539 | 540 | # 541 | # Specify absolute path of the custom script to be executed after 542 | # session failure. The script can accept session ID, username, ses- 543 | # sion type and display as its input. 544 | # 545 | #UserScriptAfterSessionFailure "" 546 | 547 | # 548 | # Specify how many CPU cores the display server will use to encode 549 | # display updates. The default value 'auto' allows NoMachine to use 550 | # a default number of threads based on the available cores. 551 | # 552 | DisplayServerThreads auto 553 | 554 | # 555 | # Specify how many CPU cores the encoder will use to encode display 556 | # updates. The default value 'auto' allows NoMachine to use a default 557 | # number of threads based on the available cores. 558 | # 559 | DisplayEncoderThreads auto 560 | 561 | # 562 | # Allow NoMachine to use a specific codec to encode videos or rely on 563 | # its ability to choose the codec depending on network and hardware 564 | # capabilities: 565 | # 566 | # 1: Enabled. Nomachine always uses the specified codec. 567 | # 568 | # 0: Disabled. NoMachine automatically adapts to network conditions 569 | # and the available hardware. 570 | # 571 | EnableDisplayServerVideoCodec 1 572 | 573 | # 574 | # Specify the codec to be used for encoding displays. Accepted 575 | # values are 'vp8','h264'and 'mjpeg'. 576 | # 577 | DisplayServerVideoCodec h264 578 | 579 | # 580 | # Specify the video frame rate for encoding displays. Accepted values 581 | # are '30','40','50' and '60'. 582 | # 583 | DisplayServerVideoFrameRate 60 584 | 585 | # 586 | # Allow NoMachine to use a specific frame rate to encode displays or 587 | # rely on its ability to choose automatically a frame rate depending 588 | # on network conditions. 589 | # 590 | # 1: Enabled. Nomachine uses only the specified frame rate. 591 | # 592 | # 0: Disabled. NoMachine automatically chooses a frame rate. 593 | # 594 | DisplayServerUseVideoFrameRate 1 595 | 596 | # 597 | # Enable or disable the debug tool when the node program is launched. 598 | # 599 | # 1: Enabled. The debug tool specified in the CommandDebug key will 600 | # be run to debug the node program. This can slow down the exe- 601 | # cution of the node. 602 | # 603 | # 0: Disabled. Debug tool is not run. 604 | # 605 | #EnableDebug 0 606 | 607 | # 608 | # Specify absolute path of the command to launch a debug tool. 609 | # 610 | #CommandDebug "" 611 | 612 | # 613 | # Specify path and commands of the debug tool in a comma-separated 614 | # list, e.g. accepted command for Valgrind is '/usr/bin/valgrind.bin'. 615 | # 616 | #AcceptedDebuggerCommands /usr/bin/valgrind.bin 617 | 618 | # 619 | # Append arguments to the command used by the Node to launch the 620 | # debug tool 621 | # 622 | # Multiple parameters can be specified by separating them with a blank 623 | # character. For security reasons, no shell interpretation is made. 624 | # 625 | #DebugOptions "" 626 | 627 | # 628 | # Specify process execution priority for the display server loaded by 629 | # the Node. Accepted values are: 630 | # 631 | # low: process has niceness 19 on Linux and OS X and idle prio- 632 | # rity on Windows. This is the least favourable scheduling. 633 | # 634 | # normal: process has niceness 0 set on Linux and OS X and normal 635 | # priority class on Windows. 636 | # 637 | # high: process has niceness -10 set on Linux and OS X and high 638 | # priority class on Windows. 639 | # 640 | # realtime: process has niceness -20 set on Linux and OS X and real 641 | # time priority class on Windows. This is the most favourable 642 | # scheduling. 643 | # 644 | #DisplayServerPriority realtime 645 | 646 | # 647 | # Specify process execution priority for the display agent loaded by 648 | # the Node and connected to the display server. Accepted values are: 649 | # 650 | # low: process has niceness 19 on Linux and OS X and idle prio- 651 | # rity on Windows. This is the least favourable scheduling. 652 | # 653 | # normal: process has niceness 0 set on Linux and OS X and normal 654 | # priority class on Windows. 655 | # 656 | # high: process has niceness -10 set on Linux and OS X and high 657 | # priority class on Windows. 658 | # 659 | # realtime: process has niceness -20 set on Linux and OS X and real 660 | # time priority class on Windows. This is the most favourable 661 | # scheduling. 662 | # 663 | #DisplayAgentPriority realtime 664 | 665 | # 666 | # Enable or disable the server forbidding a file transfer when the 667 | # size of the file to be uploaded exceeds the configured limit. 668 | # 669 | # 1: Enabled. The server doesn't allow to transfer a file when 670 | # its size exceeds the configured limit. 671 | # 672 | # 0: Disabled. File transfer is always allowed, even when the file 673 | # is largen than the size limit. 674 | # 675 | #EnableUploadSizeLimit 0 676 | 677 | # 678 | # Set the maximum size for files that can be transferred during the 679 | # upload, in bytes. The default value is 104857600 B, 100MB. 680 | # 681 | #UploadSizeLimit 104857600 682 | 683 | # 684 | # Enable or disable the server forbidding a file transfer when the 685 | # size of the file to be downloaded exceeds the configured limit. 686 | # 687 | # 1: Enabled. The server doesn't allow to transfer a file when 688 | # its size exceeds the configured limit. 689 | # 690 | # 0: Disabled. File transfer is always allowed, even when the file 691 | # is largen than the size limit. 692 | # 693 | #EnableDownloadSizeLimit 0 694 | 695 | # 696 | # Set the maximum size for files that can be transferred during the 697 | # download, in bytes. The default value is 104857600 B, 100MB. 698 | # 699 | #DownloadSizeLimit 104857600 700 | 701 | # 702 | # Specify path of base directory where the node has to save files 703 | # uploaded to the server. Base directory is "$(DESKTOP)" by default. 704 | # $(HOME) and $(USER) are also accepted values and can be concatenated 705 | # to specify path to a directory, for example "$(HOME)/Shares". 706 | # Target directory must exist on the system. 707 | # 708 | #FileTransferSavePath "$(DESKTOP)" 709 | 710 | # 711 | # Enable or disable saving a transferred file to the specified directory. 712 | # 713 | # 1: Enabled. Given the path to be used, the server always save a 714 | # transferred file to that directory. 715 | # 716 | # 0: Disabled. User is always asked where to save the transferred 717 | # file. 718 | # 719 | #FileTransferSaveForcePath 0 720 | 721 | # 722 | # Enable or disable the ability of recording activities on the local 723 | # desktop: 724 | # 725 | # 1: Enabled. User can create a video of the local desktop and save it 726 | # on their local device. 727 | # 728 | # 0: Disabled. Recording of the local desktop is disabled. 729 | # 730 | #EnableLocalRecording 1 731 | 732 | # 733 | # Enable or disable the ability of recording session activities: 734 | # 735 | # 1: Enabled. User can create a video of the session and save it 736 | # on their local device. 737 | # 738 | # 0: Disabled. Session recording option is disabled. 739 | # 740 | #EnableSessionRecording 1 741 | 742 | # 743 | # Enable or disable the whiteboard and chat tool in the Monitor tool. 744 | # 745 | # 1: Enabled. User can run the whiteboard from the Monitor menu. 746 | # 747 | # 0: Disabled. Item 'Show the whiteboard' is not accessible in the 748 | # monitor menu. 749 | # 750 | #EnableWhiteboard 1 751 | 752 | # 753 | # Enable or disable displaying the icon of the Monitor application 754 | # in the system tray. 755 | # 756 | # 1: Enabled. The Monitor icon is visible in the system tray. 757 | # 758 | # 0: Disabled. The Monitor icon is hidden. A notification 759 | # dialog is issued when users are connecting. 760 | # 761 | #DisplayMonitorIcon 1 762 | 763 | # 764 | # Enable or disable displaying the Monitor window, i.e. the Server 765 | # status panel. 766 | # 767 | # 1: Enabled. The Server Status panel is always visible 768 | # and cannot be closed. 769 | # 770 | # 0: Disabled. The Server status panel is never shown. It 771 | # can be run from the Monitor menu, accessible by the 772 | # Monitor icon in the system tray. 773 | # 774 | #AlwaysDisplayMonitorWindow 0 775 | 776 | # 777 | # Enable or disable displaying the Monitor balloon messages issued to 778 | # notify about events like user's disconnection or user's requests 779 | # for connecting. 780 | # 781 | # 1: Enabled. A balloon message pops-up each time a user disconnects, 782 | # a connection request arrives or a user disconnects. 783 | # 784 | # 0: Disabled. The Monitor doesn't issue balloon messages to notify 785 | # about connection or disconnection events. 786 | # 787 | #DisplayMonitorNotifications 1 788 | 789 | # 790 | # Enable or disable showing items for browsing existing connections. 791 | # or creating new ones in the Monitor tool. These items, enabled 792 | # by default, will launch the GUI of the local NoMachine client. 793 | # 794 | # 1: Enabled. User can browse connections on this host machine or 795 | # create new ones from the Monitor menu. 796 | # 797 | # 0: Disabled. Connection items are not accessible in the Monitor 798 | # menu. 799 | # 800 | #EnableMenuConnections 1 801 | 802 | # 803 | # Enable or disable support for DirectX applications, including games 804 | # running in fullscreen mode. 805 | # 806 | # 1: Enabled. DirectX output is captured and processed. 807 | # 808 | # 0: Disabled. Ignore output of DirectX applications. 809 | # 810 | EnableDirectXSupport 1 811 | 812 | # 813 | # Specify the physical display or range of X server displays which are 814 | # made available to NoMachine connections. It is possible to specify a 815 | # single display by display number, e.g. :0, or by port, e.g. 6000. 816 | # Range of displays can be specified as a dash separated list, 817 | # e.g. :0-:7 or, by port number, 6200-6204. By default all displays 818 | # detected as running will be made available for users. 819 | # 820 | PhysicalDisplays :0 821 | 822 | # 823 | # X-Window sessions will only use the X protocol compression. Depend- 824 | # ing on the application, this may require less bandwidth and comput- 825 | # ing resources. 826 | # 827 | # 1: Enabled. Enable X11 vector graphics mode. 828 | # 829 | # 0: Disabled. Disable X11 vector graphics mode. 830 | # 831 | AgentX11VectorGraphics 1 832 | 833 | # 834 | # Enable or disable playing a sound alert when there is an event. 835 | # 836 | # 1: Enabled. Play a sound when an event occurs, for example 837 | # when the user connects to the physical desktop. 838 | # This is the default. 839 | # 840 | # 0: Disabled. Disable acoustic alert. 841 | # 842 | #EnableSoundAlert 1 843 | 844 | # 845 | # Enable or disable access to the server status interface. 846 | # 847 | # 1: Enabled. Users can access the server status interface and the 848 | # provided functionalities. The system will request administrative 849 | # credentials for the host machine to allow users to display any 850 | # security sensitive information or change the settings. This is 851 | # the default. 852 | # 853 | # 0: Disabled. The 'Server status' item will not be accessible in 854 | # the system tray menu. 855 | # 856 | #EnableServerStatus 1 857 | 858 | # 859 | # Enable or disable access to the server preferences. 860 | # 861 | # 1: Enabled. Users can access the server preferences. The system 862 | # will request administrative credentials for the host machine 863 | # to allow users to change the settings. This is the default. 864 | # 865 | # 0: Disabled. Users will not have access to the server preferences. 866 | # 867 | #EnableServerPreferences 1 868 | 869 | # 870 | # Force legacy X11 keyboard support. Enabling this option the display 871 | # server will build the keyboard map using the X11 keycodes, even when 872 | # evdev Linux input driver is supported. The default is to use evdev 873 | # on node machines where it is available. 874 | # 875 | # 1: Enabled. Always use X11 keycodes even if evdev is supported. 876 | # 877 | # 0: Disabled. Use evdev if supported or fall back to X11 keycodes. 878 | # 879 | #AgentLegacyKeyboard 0 880 | 881 | # 882 | # Specify path to libraries to be added to the command for starting 883 | # a new virtual desktop. 884 | # 885 | #DesktopCommandLibraryPath "" 886 | 887 | # 888 | # Specify the default console system startup script. This 889 | # doesn't apply to Windows and Mac OS X platforms. 890 | # 891 | DefaultConsole xterm 892 | 893 | # 894 | # Enable or disable logging to the system log file, e.g. syslog 895 | # on UNIX based systems and Events log on Windows platforms. 896 | # 897 | # 1: Enabled. The node will log to the system log file. 898 | # 899 | # 0: Disabled. This is the default value, the node will log to 900 | # the file specified in the SystemLogFile key. 901 | # 902 | #EnableSyslogSupport 0 903 | 904 | # 905 | # Set how often the server has to renew the Kerberos tickets and AFS 906 | # tokens to let users keep their Kerberos credentials inside the 907 | # session. The default value, 600 seconds, makes the server renew 908 | # tickets each 10 minutes. Multiples of 30 are accepted, 30 seconds 909 | # is the minimum value. Value must be lower than the maximum lifetime 910 | # set on the system for Kerberos credentials. 911 | # 912 | #KerberosCredentialsRenewal 600 913 | 914 | # 915 | # Enable or disable use of the hardware encoder. 916 | # 917 | # 1: Enabled. Use the hardware encoder if supported by the graphics 918 | # card. 919 | # 920 | # 0: Disabled. Don't use the hardware encoder. 921 | # 922 | EnableHardwareEncoding 1 923 | 924 | # 925 | # Set the DS (Differentiated Services) 8-bit field, previously known 926 | # as ToS (Type of Service), at the IP network layer. Valid values are 927 | # numbers from 0 to 255 in decimal or hexadecimal format (0x00-0xff). 928 | # The six most significant bits should be set to the DSCP values recom- 929 | # mended by RFC-2597 and RFC-2598 (e.g. use 72 or 0x48 for DSCP Class 930 | # AF21). The two least significative bits should be set to 0. It is 931 | # also possible to use the obsolete ToS flags (e.g. 16 or 0x10 for the 932 | # LOWDELAY behaviour). 933 | # 934 | #ProxyPacketPriority 0x48 935 | 936 | # 937 | # Enable or disable the server to execute single commands through 938 | # D-Bus. This key applies only to Linux platforms. 939 | # 940 | # 1: Enabled. The node will use dbus-launch to run single commands 941 | # such as gnome-terminal. This is required on those distributions 942 | # which rely on dbus-launch for standard X session in order to let 943 | # users run NoMachine custom sessions. 944 | # 945 | # 0: Disabled. Do not use dbus-launch for executing single commands. 946 | # 947 | EnableDbusLaunch 1 948 | 949 | # 950 | # Show or hide the item in the Monitor tool for enabling or disabling 951 | # accepting connections to this physical desktop. 952 | # 953 | # 1: Enabled. The Accepting connection item is shown in the Monitor 954 | # menu. The desktop owner can switch screen-sharing on/off. 955 | # 956 | # 0: Disabled. The Accepting connection item is not displayed in the 957 | # Monitor menu. 958 | # 959 | #EnableAcceptingConnection 1 960 | -------------------------------------------------------------------------------- /configs/node.cfg.default: -------------------------------------------------------------------------------- 1 | ###################################################################### 2 | # # 3 | # Copyright (c) 2001, 2018 NoMachine, http://www.nomachine.com. # 4 | # # 5 | # All rights reserved. # 6 | # # 7 | ###################################################################### 8 | 9 | # 10 | # Some configuration keys are used to set specific limits, such as the 11 | # maximum size for the session log. To remove a limitation, set the 12 | # corresponding key to value '0' or 'Unlimited'. 13 | 14 | # 15 | # Configuration file format version. 16 | # 17 | ConfigFileVersion 4.0 18 | 19 | # 20 | # Specify hostname for the NoMachine node. 21 | # 22 | #NodeName localhost.localdomain 23 | 24 | # 25 | # Set log level. Node logs all events that are <= to the level set and 26 | # according to the following convention: 27 | # 28 | # KERN_ERR 3: Error condition. 29 | # KERN_INFO 6: Informational. 30 | # KERN_DEBUG 7: Debug messages. 31 | # 32 | # The suggested values are: 33 | # 34 | # 6: Default value. Only relevant events are logged. 35 | # 36 | # 7: Set the log level to debug. 37 | # 38 | #SessionLogLevel 6 39 | 40 | # 41 | # Point the node to log to a specific file. The default log file is 42 | # /Library/Application Support/NoMachine/var/log/nxserver.log on Mac 43 | # OS X, %PROGRAMDATA%/NoMachine/var/log/nxserver.log on Windows and 44 | # /usr/NX/var/log/nxserver.log on Linux. 45 | # 46 | #SystemLogFile /usr/NX/var/log/nxserver.log 47 | 48 | # 49 | # Specify path and name of the command to start a new virtual desktop, 50 | # by default the X session set on the system. 51 | # 52 | DefaultDesktopCommand "/etc/X11/Xsession default" 53 | 54 | # 55 | # Provide a comma-separated list of session types supported on this 56 | # node host. 57 | # 58 | AvailableSessionTypes unix-remote,unix-console,unix-default,unix-application,physical-desktop,shadow,unix-xsession-default,unix-xdm 59 | 60 | # 61 | # Set the maximum size, expressed in bytes, allowed for the session 62 | # log. Node terminates the session when this limit is exceeded. 63 | # 64 | #SessionLogLimit 0 65 | 66 | # 67 | # Enable or disable the automatic clean-up of session directories at 68 | # the time sessions are terminated. 69 | # 70 | # 1: Enabled. This is the default value. 71 | # 72 | # 0: Disabled. Directories are prefixed by 'T-' and left 73 | # for further reference. 74 | # 75 | #SessionLogClean 1 76 | 77 | # 78 | # Enable or disable node to log the X clients standard error. 79 | # 80 | # 1: Enabled. Stderr of X clients is redirected to 'clients' 81 | # file in the session directory. 82 | # 83 | # 0: Disabled. Stderr of X clients is redirected to /dev/null. 84 | # 85 | #ClientLog 1 86 | 87 | # 88 | # Set the maximum size, expressed in bytes, allowed for the X clients 89 | # log. Node terminates the session when this limit is exceeded. 90 | # 91 | #ClientLogLimit 0 92 | 93 | # 94 | # Set the maximum amount of data, in bytes, that can be copied from 95 | # the session to the client. The default value is 0, i.e. unlimited. 96 | # 97 | #ClipboardBufferLimit 0 98 | 99 | # 100 | # Specify for how long the node has to wait for a reply from NoMachine 101 | # server before considering that the connection with the server has 102 | # been lost. Default value, 120 seconds, lets node wait for 2 minutes. 103 | # Set this value to 0 to disable timeout on the node. 104 | # 105 | #NodeConnectionTimeout 120 106 | 107 | # 108 | # Enable or disable disk sharing: 109 | # 110 | # client: Filesystem on the client can be connected on server side and 111 | # accessed from the session. 112 | # 113 | # server: Filesystem on the server can be connected on the end-user's 114 | # machine and accessed through the whole life of the session. 115 | # 116 | # both: Client and server filesystem can be connected on remote and 117 | # locale respectively. 118 | # 119 | # none: Neither client or server filesystem can be connected. 120 | # 121 | #EnableDiskSharing both 122 | 123 | # 124 | # Specify path of base directory where the node has to mount disks 125 | # accessible only by the user who connected them. Base directory is 126 | # "$(DESKTOP)" by default. $(HOME) and $(USER) are also accepted values 127 | # and can be concatenated to specify path to a directory, for example 128 | # "$(HOME)/Shares". Target directory must exist on the system. 129 | # 130 | #DiskSharingPrivateBasePath "$(DESKTOP)" 131 | 132 | # 133 | # Specify path to base directory where the node has to mount user's 134 | # disks which are accessible to users running a session on that server. 135 | # Base directory is "$(PUBLIC)" by default. $(PUBLIC) is /Volumes on Mac 136 | # OS X, /media on Linux, C:\Users\Public on Windows Vista/7/8 and 137 | # %ALLUSERSPROFILE% on XP. $(USER) is an accepted value and can be 138 | # concatenated to specify path to a directory, for example "/tmp/$(USER)". 139 | # Target directory must exist on the system. 140 | # 141 | #DiskSharingPublicBasePath "$(PUBLIC)" 142 | 143 | # 144 | # Specify which disks are available to be connected in the session. 145 | # Default value is 'all'. Alternatively, specify path to the disk or 146 | # directory in a list of comma-separated values. $(HOME) and $(USER) 147 | # are accepted values. For example "$(HOME),/Volumes/TimeMachine". 148 | # 149 | #DiskSharingList all 150 | 151 | # 152 | # Enable or disable printer sharing 153 | # 154 | # client: Printers on the client can be connected on server side and 155 | # made available within the session. 156 | # 157 | # server: Printers on the server can be connected on the end-user's 158 | # machine. 159 | # 160 | # both: Client and server printers can be connected on remote and 161 | # locale respectively. 162 | # 163 | # none: Neither client or server printers can be connected. 164 | # 165 | #EnablePrinterSharing both 166 | 167 | # 168 | # Enable or disable usb sharing: 169 | # 170 | # client: USB devices on the client can be forwarded on server side and 171 | # made available within the session 172 | # 173 | # server: USB devices on the server can be connected on the end-user's 174 | # machine. 175 | # 176 | # both: Client and server USB devices can be connected on remote and 177 | # locale respectively. 178 | # 179 | # none: Neither client or server USB devices can be connected. 180 | # 181 | #EnableUSBSharing both 182 | 183 | # 184 | # Enable or disable network services sharing: 185 | # 186 | # client: Network servers on client side can be added and made available 187 | # within the session. 188 | # 189 | # server: Network server on the server side can be added and made 190 | # available on the end-user's machine. 191 | # 192 | # both: Network servers from client and server side can be connected 193 | # on remote and locale respectively. 194 | # 195 | # none: Neither client or server side network servers can be 196 | # connected. 197 | # 198 | #EnableNetworkSharing both 199 | 200 | # 201 | # Enable or disable connecting a smartcard reader: 202 | # 203 | # 1: Enabled. The smartcard reader plugged on client side can be 204 | # forwarded to server side. 205 | # 206 | # 0: Disabled. The smartcard reader cannot be forwarded. 207 | # 208 | EnableSmartcardSharing 1 209 | 210 | # 211 | # Enable or disable file transfer: 212 | # 213 | # client: Files can be transferred from client machine to the 214 | # server. 215 | # 216 | # server: Files can be sent from the server to users. 217 | # 218 | # both: Client and server files can be transferred on remote and 219 | # locale respectively. 220 | # 221 | # none: Neither client or server files can be transferred. 222 | # 223 | #EnableFileTransfer both 224 | 225 | # 226 | # Specify which audio interface should be used to provide sound in 227 | # sessions. Key values depend on the hosting operating system and can 228 | # be 'pulseaudio', 'alsa' or 'disabled' on Linux, and 'nxaudio' or 229 | # 'disabled' on Windows and Mac OS X. 230 | # 231 | AudioInterface pulseaudio 232 | 233 | # 234 | # Specify path and name of the command to start PulseAudio server. 235 | # 236 | CommandStartPulseAudio "/usr/bin/pulseaudio --high-priority=no" 237 | 238 | # 239 | # Enable or disable CUPS support. This doesn't apply to Windows plat- 240 | # forms. This key is obsolete and used only for retro compatibility. 241 | # 242 | # 1: Enabled. Enable CUPS support. 243 | # 244 | # 0: Disabled. Disable CUPS support. 245 | # 246 | EnableCUPSSupport 1 247 | 248 | # 249 | # Specify the path of the directory holding CUPS binaries (e.g. the 250 | # 'lpoptions' program). This key is obsolete and used only for retro 251 | # compatibility. 252 | # 253 | CUPSBinPath /usr/bin 254 | 255 | # 256 | # Specify the path of the directory holding CUPS programs and reserved 257 | # for administrative purposes (e.g. 'cupsd' or 'lpadmin'). This key is 258 | # obsolete and used only for retro compatibility. 259 | # 260 | CUPSSbinPath /usr/sbin 261 | 262 | # 263 | # Specify the path of directory holding the CUPS backend. This key is 264 | # obsolete and used only for retro compatibility. 265 | # 266 | CUPSBackendPath /usr/lib/cups/backend 267 | 268 | # 269 | # Specify path of base directory where the node has to mount shares 270 | # exported by the user. Default value is $(HOME)/MyShares. This key 271 | # is obsolete and used only for retro compatibility. 272 | # 273 | #ShareBasePath $(HOME)/MyShares 274 | 275 | # 276 | # Allow node to use the CIFS (SMB) file-sharing protocol to attach the 277 | # filesystem to the target directory. This key is obsolete and used 278 | # only for retro compatibility. 279 | # 280 | # 1: Enabled. Node uses smbfs to mount and unmount client shares. 281 | # 282 | # 0: Disabled. Node forbids any attempt to mount shares via smbfs. 283 | # 284 | EnableSMBFSSupport 0 285 | 286 | # 287 | # Specify path and name of the command to start 'GNOME'. This doesn't 288 | # apply to Windows and Mac OS X platforms. 289 | # 290 | #CommandStartGnome "" 291 | 292 | # 293 | # Specify path and name of the command to start 'KDE'. This doesn't 294 | # apply to Windows and Mac OS X platforms. 295 | # 296 | #CommandStartKDE "" 297 | 298 | # 299 | # Specify path and name of the command to start 'CDE'. This applies to 300 | # Solaris SPARC platforms only. 301 | # 302 | #CommandStartCDE cdwm 303 | 304 | # 305 | # Specify path and name of the command to start the RFB Client. If the 306 | # Server supports VNC sessions, set this key to "vncviewer -fullscreen" 307 | # to use the vncviewer client. 308 | # 309 | #CommandStartRFB "" 310 | 311 | # 312 | # Specify path and name of the command to start the RDP Client. If the 313 | # Server supports RDP sessions, set this key to "rdesktop -f" to use 314 | # the rdesktop client. 315 | # 316 | #CommandStartRDP "" 317 | 318 | # 319 | # Specify the domain of the Windows Terminal Server. 320 | # 321 | #DefaultRDPDomain "" 322 | 323 | # 324 | # Specify path and name of the command 'fuser' to identify processes 325 | # using files or sockets. 326 | # 327 | CommandFuser /bin/fuser 328 | 329 | # 330 | # Specify path and name of the command 'lsof' to list open files. This 331 | # doesn't apply to Windows and Mac OS X platforms. 332 | # 333 | #CommandLsof /usr/sbin/lsof 334 | 335 | # 336 | # Specify path and name of the client program to be run by the node, 337 | # for example for issuing dialog boxes and messages, instead of the 338 | # default nxclient program. 339 | # 340 | #CommandClient /usr/NX/bin/nxclient 341 | 342 | # 343 | # Specify path and name of the command 'xauth' to edit and display 344 | # the authorization information used when connecting to the X server. 345 | # 346 | #CommandXauth /usr/NX/bin/nxauth 347 | 348 | # 349 | # Specify path and name of the command 'xdpyinfo' for displaying info- 350 | # rmation about an X server. 351 | # 352 | CommandXdpyInfo /usr/bin/xdpyinfo 353 | 354 | # 355 | # Specify path and name of the command 'xmodmap' to edit and display 356 | # the keyboard modifier map and keymap table. 357 | # 358 | CommandXmodmap /usr/bin/xmodmap 359 | 360 | # 361 | # Enable or disable use of 'xkbcomp' command: 362 | # 363 | # 1: Enabled. Use 'xkbcomp' command. 364 | # 365 | # 0: Disabled. 366 | # 367 | #EnableCommandXkbComp 1 368 | 369 | # 370 | # Specify path and name of the command 'xkbcomp' to compile XKB key- 371 | # board description. 372 | # 373 | CommandXkbComp /usr/bin/xkbcomp 374 | 375 | # 376 | # Specify location and file name of the keymap file used by 'xkbcomp'. 377 | # 378 | #XkbCompKeymapFile /etc/X11/xkb/keymap/xfree86 379 | 380 | # 381 | # Enable or disable loading VirtualGL libraries when starting virtual 382 | # desktops on Linux. 383 | # 384 | # 1: Enabled. This make OpenGL applications able to use server side 385 | # graphics hardware. 386 | # 387 | # 0: Disabled. VirtualGL libraries are not loaded. 388 | # 389 | #EnableVirtualGLSupport 0 390 | 391 | # 392 | # By default the agent only uses the X11 system fonts, uncomment this 393 | # key to enable use of an X Font Server. 394 | # 395 | #AgentFontServer unix/:7100 396 | 397 | # 398 | # Specify the path of default X window system startup script. This 399 | # doesn't apply to Windows and Mac OS X platforms. 400 | # 401 | DefaultXSession "/etc/X11/Xsession default" 402 | 403 | # 404 | # Set the default DPI of the X server to the specified value. This 405 | # should normally not be required, but some less recent desktop appli- 406 | # cations fail to set an appropriate value and fall back to 75 DPI, 407 | # which is the default value reported by the X server. 408 | # 409 | #DefaultXDPI 96 410 | 411 | # 412 | # Specify path of libraries to be added to the NoMachine agent environ- 413 | # ment. Be sure that NoMachine libraries are listed first. 414 | # 415 | #AgentLibraryPath /lib 416 | 417 | # 418 | # Specify a list of comma-separated options to be added to NoMachine 419 | # proxy transport. 420 | # 421 | #ProxyExtraOptions limit=256k,link=modem 422 | 423 | # 424 | # Append arguments to the command used by the Node to load the display 425 | # server program. 426 | # 427 | # Multiple parameters can be specified by separating them with a blank 428 | # character. For security reasons, no shell interpretation is made. 429 | # 430 | #DisplayServerExtraOptions "-nocomposite -noshpix" 431 | 432 | # 433 | # Append arguments to the command used by the Node to load the display 434 | # agent connected to the display server. 435 | # 436 | # Multiple parameters can be specified by separating them with a blank 437 | # character. For security reasons, no shell interpretation is made. 438 | # 439 | #DisplayAgentExtraOptions "-nocomposite -noshpix" 440 | 441 | # 442 | # Specify how clients will have to contact the node, by default by 443 | # the NX service. To allow for multiple methods, specify them in a 444 | # comma-separated list. Supported methods are: NX and SSH. 445 | # 446 | ClientConnectionMethods NX,SSH 447 | 448 | # 449 | # Specify the location and name of the SSH authorized keys file. 450 | # 451 | #SSHAuthorizedKeys $(HOME)/.ssh/authorized_keys2 452 | 453 | # 454 | # Specify the message to be shown to the user when the user starts the 455 | # session on this node for the first time. 456 | # 457 | #NodeFirstLoginGreeting "Welcome to your NoMachine session" 458 | 459 | # 460 | # Specify the message to be shown to the user every time the user 461 | # starts a new session on this node. 462 | # 463 | #NodeLoginGreeting "Welcome to your NoMachine session" 464 | 465 | # 466 | # Specify a different path to the default, i.e. user's home, where 467 | # the .nx directory has to be created to store session files. If it 468 | # doesn't exist yet, node will try to create a sub-directory for 469 | # each of the users starting a session there, named as username, and 470 | # will create the .nx under that sub-directory. For example, if this 471 | # key is set to /tmp/nxdir/, when user nxtest runs the first session, 472 | # the node will try to create the /tmp/nxdir/nxtest/.nx directory. 473 | # The directory specifed in the UserNXDirectoryPath key needs to 474 | # have proper ownership and permissions set to ensure that the node, 475 | # running as the user, can access it. I.e. the directory should be 476 | # writeable for all users or alternatively, the administrator should 477 | # create a directory with proper ownership and permissions, named as 478 | # username, for each of the users who need to start sessions there. 479 | # 480 | #UserNXDirectoryPath "" 481 | 482 | # 483 | # Specify absolute path of the custom script to be executed before 484 | # the session start-up. The script can accept session ID, username, 485 | # session type and display as its input. 486 | # 487 | # E.g. UserScriptBeforeSessionStart /tmp/nxscript/script.sh 488 | # 489 | #UserScriptBeforeSessionStart "" 490 | 491 | # 492 | # Specify absolute path of the custom script to be executed after the 493 | # session start-up. The script can accept session ID, username, ses- 494 | # sion type and display as its input. 495 | # 496 | #UserScriptAfterSessionStart "" 497 | 498 | # 499 | # Specify absolute path of the custom script to be executed before 500 | # the session is disconnected. The script can accept session ID, user- 501 | # name, session type and display as its input. 502 | # 503 | #UserScriptBeforeSessionDisconnect "" 504 | 505 | # 506 | # Specify absolute path of the custom script to be executed after the 507 | # session is disconnected. The script can accept session ID, username, 508 | # session type and display as its input. 509 | # 510 | #UserScriptAfterSessionDisconnect "" 511 | 512 | # 513 | # Specify absolute path of the custom script to be executed before the 514 | # session is closed. The script can accept session ID, username, ses- 515 | # sion type and display its input. 516 | # 517 | #UserScriptBeforeSessionClose "" 518 | 519 | # 520 | # Specify absolute path of the custom script to be executed after the 521 | # session is closed. The script can accept session ID, username, ses- 522 | # sion type and display its input. 523 | # 524 | #UserScriptAfterSessionClose "" 525 | 526 | # 527 | # Specify absolute path of the custom script to be executed before 528 | # the session is reconnected. The script can accept session ID, user- 529 | # name, session type and display as its input. 530 | # 531 | #UserScriptBeforeSessionReconnect "" 532 | 533 | # 534 | # Specify absolute path of the custom script to be executed after the 535 | # session is reconnected. The script can accept session ID, username, 536 | # session type and display as its input. 537 | # 538 | #UserScriptAfterSessionReconnect "" 539 | 540 | # 541 | # Specify absolute path of the custom script to be executed after 542 | # session failure. The script can accept session ID, username, ses- 543 | # sion type and display as its input. 544 | # 545 | #UserScriptAfterSessionFailure "" 546 | 547 | # 548 | # Specify how many CPU cores the display server will use to encode 549 | # display updates. The default value 'auto' allows NoMachine to use 550 | # a default number of threads based on the available cores. 551 | # 552 | DisplayServerThreads auto 553 | 554 | # 555 | # Specify how many CPU cores the encoder will use to encode display 556 | # updates. The default value 'auto' allows NoMachine to use a default 557 | # number of threads based on the available cores. 558 | # 559 | DisplayEncoderThreads auto 560 | 561 | # 562 | # Allow NoMachine to use a specific codec to encode videos or rely on 563 | # its ability to choose the codec depending on network and hardware 564 | # capabilities: 565 | # 566 | # 1: Enabled. Nomachine always uses the specified codec. 567 | # 568 | # 0: Disabled. NoMachine automatically adapts to network conditions 569 | # and the available hardware. 570 | # 571 | #EnableDisplayServerVideoCodec 0 572 | 573 | # 574 | # Specify the codec to be used for encoding displays. Accepted 575 | # values are 'vp8','h264'and 'mjpeg'. 576 | # 577 | #DisplayServerVideoCodec vp8 578 | 579 | # 580 | # Specify the video frame rate for encoding displays. Accepted values 581 | # are '30','40','50' and '60'. 582 | # 583 | #DisplayServerVideoFrameRate 30 584 | 585 | # 586 | # Allow NoMachine to use a specific frame rate to encode displays or 587 | # rely on its ability to choose automatically a frame rate depending 588 | # on network conditions. 589 | # 590 | # 1: Enabled. Nomachine uses only the specified frame rate. 591 | # 592 | # 0: Disabled. NoMachine automatically chooses a frame rate. 593 | # 594 | #DisplayServerUseVideoFrameRate 0 595 | 596 | # 597 | # Enable or disable the debug tool when the node program is launched. 598 | # 599 | # 1: Enabled. The debug tool specified in the CommandDebug key will 600 | # be run to debug the node program. This can slow down the exe- 601 | # cution of the node. 602 | # 603 | # 0: Disabled. Debug tool is not run. 604 | # 605 | #EnableDebug 0 606 | 607 | # 608 | # Specify absolute path of the command to launch a debug tool. 609 | # 610 | #CommandDebug "" 611 | 612 | # 613 | # Specify path and commands of the debug tool in a comma-separated 614 | # list, e.g. accepted command for Valgrind is '/usr/bin/valgrind.bin'. 615 | # 616 | #AcceptedDebuggerCommands /usr/bin/valgrind.bin 617 | 618 | # 619 | # Append arguments to the command used by the Node to launch the 620 | # debug tool 621 | # 622 | # Multiple parameters can be specified by separating them with a blank 623 | # character. For security reasons, no shell interpretation is made. 624 | # 625 | #DebugOptions "" 626 | 627 | # 628 | # Specify process execution priority for the display server loaded by 629 | # the Node. Accepted values are: 630 | # 631 | # low: process has niceness 19 on Linux and OS X and idle prio- 632 | # rity on Windows. This is the least favourable scheduling. 633 | # 634 | # normal: process has niceness 0 set on Linux and OS X and normal 635 | # priority class on Windows. 636 | # 637 | # high: process has niceness -10 set on Linux and OS X and high 638 | # priority class on Windows. 639 | # 640 | # realtime: process has niceness -20 set on Linux and OS X and real 641 | # time priority class on Windows. This is the most favourable 642 | # scheduling. 643 | # 644 | #DisplayServerPriority realtime 645 | 646 | # 647 | # Specify process execution priority for the display agent loaded by 648 | # the Node and connected to the display server. Accepted values are: 649 | # 650 | # low: process has niceness 19 on Linux and OS X and idle prio- 651 | # rity on Windows. This is the least favourable scheduling. 652 | # 653 | # normal: process has niceness 0 set on Linux and OS X and normal 654 | # priority class on Windows. 655 | # 656 | # high: process has niceness -10 set on Linux and OS X and high 657 | # priority class on Windows. 658 | # 659 | # realtime: process has niceness -20 set on Linux and OS X and real 660 | # time priority class on Windows. This is the most favourable 661 | # scheduling. 662 | # 663 | #DisplayAgentPriority realtime 664 | 665 | # 666 | # Enable or disable the server forbidding a file transfer when the 667 | # size of the file to be uploaded exceeds the configured limit. 668 | # 669 | # 1: Enabled. The server doesn't allow to transfer a file when 670 | # its size exceeds the configured limit. 671 | # 672 | # 0: Disabled. File transfer is always allowed, even when the file 673 | # is largen than the size limit. 674 | # 675 | #EnableUploadSizeLimit 0 676 | 677 | # 678 | # Set the maximum size for files that can be transferred during the 679 | # upload, in bytes. The default value is 104857600 B, 100MB. 680 | # 681 | #UploadSizeLimit 104857600 682 | 683 | # 684 | # Enable or disable the server forbidding a file transfer when the 685 | # size of the file to be downloaded exceeds the configured limit. 686 | # 687 | # 1: Enabled. The server doesn't allow to transfer a file when 688 | # its size exceeds the configured limit. 689 | # 690 | # 0: Disabled. File transfer is always allowed, even when the file 691 | # is largen than the size limit. 692 | # 693 | #EnableDownloadSizeLimit 0 694 | 695 | # 696 | # Set the maximum size for files that can be transferred during the 697 | # download, in bytes. The default value is 104857600 B, 100MB. 698 | # 699 | #DownloadSizeLimit 104857600 700 | 701 | # 702 | # Specify path of base directory where the node has to save files 703 | # uploaded to the server. Base directory is "$(DESKTOP)" by default. 704 | # $(HOME) and $(USER) are also accepted values and can be concatenated 705 | # to specify path to a directory, for example "$(HOME)/Shares". 706 | # Target directory must exist on the system. 707 | # 708 | #FileTransferSavePath "$(DESKTOP)" 709 | 710 | # 711 | # Enable or disable saving a transferred file to the specified directory. 712 | # 713 | # 1: Enabled. Given the path to be used, the server always save a 714 | # transferred file to that directory. 715 | # 716 | # 0: Disabled. User is always asked where to save the transferred 717 | # file. 718 | # 719 | #FileTransferSaveForcePath 0 720 | 721 | # 722 | # Enable or disable the ability of recording activities on the local 723 | # desktop: 724 | # 725 | # 1: Enabled. User can create a video of the local desktop and save it 726 | # on their local device. 727 | # 728 | # 0: Disabled. Recording of the local desktop is disabled. 729 | # 730 | #EnableLocalRecording 1 731 | 732 | # 733 | # Enable or disable the ability of recording session activities: 734 | # 735 | # 1: Enabled. User can create a video of the session and save it 736 | # on their local device. 737 | # 738 | # 0: Disabled. Session recording option is disabled. 739 | # 740 | #EnableSessionRecording 1 741 | 742 | # 743 | # Enable or disable the whiteboard and chat tool in the Monitor tool. 744 | # 745 | # 1: Enabled. User can run the whiteboard from the Monitor menu. 746 | # 747 | # 0: Disabled. Item 'Show the whiteboard' is not accessible in the 748 | # monitor menu. 749 | # 750 | #EnableWhiteboard 1 751 | 752 | # 753 | # Enable or disable displaying the icon of the Monitor application 754 | # in the system tray. 755 | # 756 | # 1: Enabled. The Monitor icon is visible in the system tray. 757 | # 758 | # 0: Disabled. The Monitor icon is hidden. A notification 759 | # dialog is issued when users are connecting. 760 | # 761 | #DisplayMonitorIcon 1 762 | 763 | # 764 | # Enable or disable displaying the Monitor window, i.e. the Server 765 | # status panel. 766 | # 767 | # 1: Enabled. The Server Status panel is always visible 768 | # and cannot be closed. 769 | # 770 | # 0: Disabled. The Server status panel is never shown. It 771 | # can be run from the Monitor menu, accessible by the 772 | # Monitor icon in the system tray. 773 | # 774 | #AlwaysDisplayMonitorWindow 0 775 | 776 | # 777 | # Enable or disable displaying the Monitor balloon messages issued to 778 | # notify about events like user's disconnection or user's requests 779 | # for connecting. 780 | # 781 | # 1: Enabled. A balloon message pops-up each time a user disconnects, 782 | # a connection request arrives or a user disconnects. 783 | # 784 | # 0: Disabled. The Monitor doesn't issue balloon messages to notify 785 | # about connection or disconnection events. 786 | # 787 | #DisplayMonitorNotifications 1 788 | 789 | # 790 | # Enable or disable showing items for browsing existing connections. 791 | # or creating new ones in the Monitor tool. These items, enabled 792 | # by default, will launch the GUI of the local NoMachine client. 793 | # 794 | # 1: Enabled. User can browse connections on this host machine or 795 | # create new ones from the Monitor menu. 796 | # 797 | # 0: Disabled. Connection items are not accessible in the Monitor 798 | # menu. 799 | # 800 | #EnableMenuConnections 1 801 | 802 | # 803 | # Enable or disable support for DirectX applications, including games 804 | # running in fullscreen mode. 805 | # 806 | # 1: Enabled. DirectX output is captured and processed. 807 | # 808 | # 0: Disabled. Ignore output of DirectX applications. 809 | # 810 | EnableDirectXSupport 0 811 | 812 | # 813 | # Specify the physical display or range of X server displays which are 814 | # made available to NoMachine connections. It is possible to specify a 815 | # single display by display number, e.g. :0, or by port, e.g. 6000. 816 | # Range of displays can be specified as a dash separated list, 817 | # e.g. :0-:7 or, by port number, 6200-6204. By default all displays 818 | # detected as running will be made available for users. 819 | # 820 | #PhysicalDisplays :0 821 | 822 | # 823 | # X-Window sessions will only use the X protocol compression. Depend- 824 | # ing on the application, this may require less bandwidth and comput- 825 | # ing resources. 826 | # 827 | # 1: Enabled. Enable X11 vector graphics mode. 828 | # 829 | # 0: Disabled. Disable X11 vector graphics mode. 830 | # 831 | #AgentX11VectorGraphics 1 832 | 833 | # 834 | # Enable or disable playing a sound alert when there is an event. 835 | # 836 | # 1: Enabled. Play a sound when an event occurs, for example 837 | # when the user connects to the physical desktop. 838 | # This is the default. 839 | # 840 | # 0: Disabled. Disable acoustic alert. 841 | # 842 | #EnableSoundAlert 1 843 | 844 | # 845 | # Enable or disable access to the server status interface. 846 | # 847 | # 1: Enabled. Users can access the server status interface and the 848 | # provided functionalities. The system will request administrative 849 | # credentials for the host machine to allow users to display any 850 | # security sensitive information or change the settings. This is 851 | # the default. 852 | # 853 | # 0: Disabled. The 'Server status' item will not be accessible in 854 | # the system tray menu. 855 | # 856 | #EnableServerStatus 1 857 | 858 | # 859 | # Enable or disable access to the server preferences. 860 | # 861 | # 1: Enabled. Users can access the server preferences. The system 862 | # will request administrative credentials for the host machine 863 | # to allow users to change the settings. This is the default. 864 | # 865 | # 0: Disabled. Users will not have access to the server preferences. 866 | # 867 | #EnableServerPreferences 1 868 | 869 | # 870 | # Force legacy X11 keyboard support. Enabling this option the display 871 | # server will build the keyboard map using the X11 keycodes, even when 872 | # evdev Linux input driver is supported. The default is to use evdev 873 | # on node machines where it is available. 874 | # 875 | # 1: Enabled. Always use X11 keycodes even if evdev is supported. 876 | # 877 | # 0: Disabled. Use evdev if supported or fall back to X11 keycodes. 878 | # 879 | #AgentLegacyKeyboard 0 880 | 881 | # 882 | # Specify path to libraries to be added to the command for starting 883 | # a new virtual desktop. 884 | # 885 | #DesktopCommandLibraryPath "" 886 | 887 | # 888 | # Specify the default console system startup script. This 889 | # doesn't apply to Windows and Mac OS X platforms. 890 | # 891 | DefaultConsole xterm 892 | 893 | # 894 | # Enable or disable logging to the system log file, e.g. syslog 895 | # on UNIX based systems and Events log on Windows platforms. 896 | # 897 | # 1: Enabled. The node will log to the system log file. 898 | # 899 | # 0: Disabled. This is the default value, the node will log to 900 | # the file specified in the SystemLogFile key. 901 | # 902 | #EnableSyslogSupport 0 903 | 904 | # 905 | # Set how often the server has to renew the Kerberos tickets and AFS 906 | # tokens to let users keep their Kerberos credentials inside the 907 | # session. The default value, 600 seconds, makes the server renew 908 | # tickets each 10 minutes. Multiples of 30 are accepted, 30 seconds 909 | # is the minimum value. Value must be lower than the maximum lifetime 910 | # set on the system for Kerberos credentials. 911 | # 912 | #KerberosCredentialsRenewal 600 913 | 914 | # 915 | # Enable or disable use of the hardware encoder. 916 | # 917 | # 1: Enabled. Use the hardware encoder if supported by the graphics 918 | # card. 919 | # 920 | # 0: Disabled. Don't use the hardware encoder. 921 | # 922 | #EnableHardwareEncoding 1 923 | 924 | # 925 | # Set the DS (Differentiated Services) 8-bit field, previously known 926 | # as ToS (Type of Service), at the IP network layer. Valid values are 927 | # numbers from 0 to 255 in decimal or hexadecimal format (0x00-0xff). 928 | # The six most significant bits should be set to the DSCP values recom- 929 | # mended by RFC-2597 and RFC-2598 (e.g. use 72 or 0x48 for DSCP Class 930 | # AF21). The two least significative bits should be set to 0. It is 931 | # also possible to use the obsolete ToS flags (e.g. 16 or 0x10 for the 932 | # LOWDELAY behaviour). 933 | # 934 | #ProxyPacketPriority 0x48 935 | 936 | # 937 | # Enable or disable the server to execute single commands through 938 | # D-Bus. This key applies only to Linux platforms. 939 | # 940 | # 1: Enabled. The node will use dbus-launch to run single commands 941 | # such as gnome-terminal. This is required on those distributions 942 | # which rely on dbus-launch for standard X session in order to let 943 | # users run NoMachine custom sessions. 944 | # 945 | # 0: Disabled. Do not use dbus-launch for executing single commands. 946 | # 947 | EnableDbusLaunch 1 948 | 949 | # 950 | # Show or hide the item in the Monitor tool for enabling or disabling 951 | # accepting connections to this physical desktop. 952 | # 953 | # 1: Enabled. The Accepting connection item is shown in the Monitor 954 | # menu. The desktop owner can switch screen-sharing on/off. 955 | # 956 | # 0: Disabled. The Accepting connection item is not displayed in the 957 | # Monitor menu. 958 | # 959 | #EnableAcceptingConnection 1 960 | 961 | -------------------------------------------------------------------------------- /configs/server.cfg: -------------------------------------------------------------------------------- 1 | ###################################################################### 2 | # # 3 | # Copyright (c) 2001, 2018 NoMachine, http://www.nomachine.com. # 4 | # # 5 | # All rights reserved. # 6 | # # 7 | ###################################################################### 8 | 9 | # 10 | # Configuration file format version. 11 | # 12 | ConfigFileVersion 4.0 13 | 14 | # 15 | # Set the log level of NX Server. NX Server logs to the syslog all 16 | # the events that are <= to the level specified below, according to 17 | # the following convention: 18 | # 19 | # KERN_ERR 3: Error condition. 20 | # KERN_INFO 6: Informational. 21 | # KERN_DEBUG 7: Debug-level messages. 22 | # 23 | # Note that NX Server uses level 6 in the syslog to log the event. 24 | # This is intended to override settings on the local syslog configur- 25 | # ation that would prevent the event from being actually logged. 26 | # 27 | # The suggested values are: 28 | # 29 | # 6: This is the default value. Only the important events 30 | # are logged. 31 | # 32 | # 7: Sets logs to level debug. 33 | # 34 | #SessionLogLevel 6 35 | 36 | # 37 | # Point the server to log to a specific file. The default log file is 38 | # /Library/Application Support/NoMachine/var/log/nxserver.log on Mac 39 | # OS X, %PROGRAMDATA%/NoMachine/var/log/nxserver.log on Windows and 40 | # /usr/NX/var/log/nxserver.log on Linux. 41 | # 42 | #SystemLogFile /usr/NX/var/log/nxserver.log 43 | 44 | # 45 | # Set how often NoMachine must check for updates on the repository. 46 | # Default value, 172800 seconds, allow to check once every two days. 47 | # To disable check for updates, set this key to 0. 48 | # 49 | #UpdateFrequency 172800 50 | 51 | # 52 | # Specify the TCP port where the NX service is listening. 53 | # 54 | #NXPort 4000 55 | 56 | # 57 | # Enable support for NAT-PMP and UPnP networking protocols to redirect 58 | # a port from server side to allow end-users to connect to the server 59 | # through a firewall. Accepted values are: 60 | # 61 | # NX: Redirect port of the nxd service. 62 | # 63 | # SSH: Redirect port of the SSH server. 64 | # 65 | # HTTP: Redirect port of the HTTP server. 66 | # 67 | # none: Do not redirect port. Connections via NX, SSH or HTTP 68 | # protocol are possible only if NoMachine host and user's 69 | # machine are on the same LAN or server has a public IP. 70 | # 71 | EnableUPnP none 72 | 73 | # 74 | # Specify the port where the NX service will be redirected using NAT- 75 | # PMP or UPnP to allow end-users to connect to the server through a 76 | # firewall. 77 | # 78 | #NXUPnPPort "" 79 | 80 | # 81 | # Specify the port where the SSHD service will be redirected using 82 | # NAT-PMP or UPnP to allow end-users to connect to the server through 83 | # a firewall. 84 | # 85 | #SSHDUPnPPort "" 86 | 87 | # 88 | # Specify the port where the HTTP service will be redirected using 89 | # NAT-PMP or UPnP to allow end-users to connect to the server through 90 | # a firewall. 91 | # 92 | #HTTPUPnPPort "" 93 | 94 | # 95 | # Specify a port range, in the form of minport-maxport, to use UDP 96 | # communication for multimedia data. Alternatively, specify a comma- 97 | # separated list of ports or a single port. In this last case, only 98 | # one connection will be able to use UDP at any given time. As a note, 99 | # the Internet Assigned Numbers Authority (IANA) suggests the range 100 | # 49152 to 65535 for dynamic or private ports. 101 | # 102 | #UDPPort 4011-4999 103 | 104 | # 105 | # Specify the TCP port where the SSHD daemon is listening on the NX 106 | # Server host machine. 107 | # 108 | #SSHDPort 22 109 | 110 | # 111 | # Set the base display number for NX sessions. 112 | # 113 | #DisplayBase 1001 114 | 115 | # 116 | # Set the maximum number of displays reserved for NX sessions. 117 | # 118 | #DisplayLimit 200 119 | 120 | # 121 | # Set the maximum number of concurrent connections. 122 | # 123 | #ConnectionsLimit 20 124 | 125 | # 126 | # Specify the maximum number of concurrent connections that can be 127 | # run by a single user. 128 | # 129 | #ConnectionsUserLimit 20 130 | 131 | # 132 | # Set the maximum number of concurrent virtual desktops. 133 | # 134 | #VirtualDesktopsLimit 20 135 | 136 | # 137 | # Specify the maximum number of concurrent Linux virtual desktops 138 | # that can be run by a single user. By default a user can run as 139 | # many virtual desktops as they are allowed on the server. By setting 140 | # this value to 1, user has to terminate their disconnected virtual 141 | # desktop before starting a new one. 142 | # 143 | #VirtualDesktopsUserLimit 20 144 | 145 | # 146 | # Set for how long NX Server will retain data related to terminated 147 | # sessions in its session history. 148 | # 149 | # <0: Never delete data from NX session history. 150 | # 151 | # 0: Disable NX sessions history. 152 | # 153 | # >0: Keep data in session history for this amount 154 | # of seconds. 155 | # 156 | # The default value, 2592000 seconds, lets NX Server keep session data 157 | # for 30 days. 158 | # 159 | #SessionHistory 2592000 160 | 161 | # 162 | # Allow NX Server to terminate oldest disconnected sessions: 163 | # 164 | # 1: Enabled. Enable the automatic kill of the disconnected 165 | # sessions. 166 | # 167 | # 0: Disabled. Disconnected sessions are never terminated. 168 | # 169 | # When this option is set and the maximum number of concurrent sessions 170 | # has been reached, the server will kill the oldest disconnected sessions to 171 | # make room for the new session. 172 | # 173 | #EnableAutokillSessions 0 174 | 175 | # 176 | # Configure the NX Server behavior when the maximum number of allowed 177 | # connections is reached. An already connected user can be asked to 178 | # accept or refuse to disconnect to make room for the incoming user 179 | # (this is the default), or can be automatically disconnected or 180 | # never disconnected. 181 | # 182 | # 0: Disabled. The server prompts the connected user to accept or 183 | # refuse to disconnect for making room for the incoming user. If 184 | # no choice is made, the user is automatically disconnected. 185 | # 186 | # 1: Enabled. The server automatically disconnects the connected user 187 | # to make room for the connecting user. No message is issued to 188 | # the already connected user. 189 | # 190 | # 2: None. The server prompts the connected user to accept or 191 | # refuse to disconnect for making room for the incoming user. If 192 | # no choice is made, the server doesn't disconnect the user and 193 | # advise the incoming user that the maximum number of allowed 194 | # connections is reached. 195 | # 196 | # 3: Silent. The server never notifies desktop owners about incoming 197 | # users, incoming users are informed that the maximum number of 198 | # allowed connections is reached. 199 | # 200 | #AutomaticDisconnection 0 201 | 202 | # 203 | # Enable persistent sessions for users. If the option is followed by 204 | # the keyword 'all', all users are allowed to run persistent sessions. 205 | # Alternatively, it can be followed by a list of comma-separated user- 206 | # names. The default value is 'all' which corresponds to enabling 207 | # persistent sessions for all users. Values specified are overridden 208 | # by the value set for the 'DisablePersistentSession' key. 209 | # 210 | #EnablePersistentSession all 211 | 212 | # 213 | # Disable persistent sessions for users. If the option is followed by 214 | # the keyword 'all', no user is allowed to run persistent sessions. Al- 215 | # ternatively, the option can be followed by a list of comma-separated 216 | # usernames. The default value is the empty string which corresponds 217 | # to disabling persistent sessions for no user. The values specified 218 | # override the values set for the 'EnablePersistentSession' key. 219 | # 220 | #DisablePersistentSession "" 221 | 222 | # 223 | # Enable or disable clipboard: 224 | # 225 | # client: The content copied on the client can be pasted inside the 226 | # NX session. 227 | # 228 | # server: The content copied inside the NX session can be pasted 229 | # on the client. 230 | # 231 | # both: The copy&paste operations are allowed between both the 232 | # client and the NX session and vice versa. 233 | # 234 | # none: The copy&paste operations between the client and the NX 235 | # session are never allowed. 236 | # 237 | #EnableClipboard both 238 | 239 | # 240 | # Enable or disable NX users DB: 241 | # 242 | # 1: Enabled. Only users listed in NX users DB can login to the NX 243 | # server. 244 | # 245 | # 0: Disabled. All the authenticated users can login. 246 | # 247 | # If the NX user DB is disabled, any user providing a valid password 248 | # from local DB or through SSHD authentication, can connect to the NX 249 | # system. This is likely to be the default when SSHD authentication 250 | # with PAM is enabled. 251 | # 252 | #EnableUserDB 0 253 | 254 | # 255 | # Enable or disable NX password DB: 256 | # 257 | # 1: Enabled. Use NX password DB to authenticate users. 258 | # 259 | # 0: Disabled. Use SSHD + PAM authentication. 260 | # 261 | # System administrators can enable a restricted set of users to con- 262 | # nect to NX Server by setting EnableUserDB to 1 and adding 263 | # those users to the DB. If user is enabled to connect, his/her pass- 264 | # word will be verified against the current PAM settings by the SSHD 265 | # daemon. 266 | # 267 | # If both 'EnableUserDB' and 'EnablePasswordDB' are set to 0, any 268 | # user being authenticated by SSHD account will be enabled to connect 269 | # to the system. 270 | # 271 | EnablePasswordDB 0 272 | 273 | # 274 | # Specify policies as a comma-separated list of options to tune the 275 | # behaviour of clients 4 or higher and restore behaviors typical of 276 | # version 3.x. Options accept value 1 (enabled) and 0 (disabled). 277 | # This is the list of the available options: 278 | # 279 | # autocreate=1 run a new virtual desktop automatically when the ses- 280 | # sion type is pre-defined in the player configuration. 281 | # 282 | # autoconnect=1 reconnect automatically the user's virtual desktop. 283 | # 284 | # automigrate=1 don't connect to a virtual desktop when there is a 285 | # a user already connected but disconnect and reconnect 286 | # the session on the new side (session migration). 287 | # 288 | # desktop=1 list all desktop types set in the AvailableSessionTypes 289 | # key. 290 | # 291 | # dialog=1 display the disconnect/terminate dialog. 292 | # 293 | ConnectPolicy autocreate=1,autoconnect=1,automigrate=1,desktop=1,dialog=0 294 | 295 | # 296 | # Enable or disable starting the NoMachine HTTP server. If enabled, 297 | # the server will be started automatically at every reboot. 298 | # 299 | # 1: Automatic. Enable automatic starting of the HTTP server. 300 | # 301 | # 0: Manual. Disable automatic starting of the HTTP server. 302 | # The server can be started manually. 303 | # 304 | #StartHTTPDaemon Automatic 305 | 306 | # 307 | # Enable or disable starting the NX service. If enabled, the service 308 | # will be started automatically at every reboot. 309 | # 310 | # 1: Automatic. Enable automatic starting of the NX server. 311 | # 312 | # 0: Manual. Disable automatic starting of the NX server. 313 | # The server can be started manually. 314 | # 315 | #StartNXDaemon Automatic 316 | 317 | # 318 | # Enable or disable starting the NX service on Windows. If enabled, 319 | # the SSH server will be started automatically at every reboot. 320 | # 321 | # 1: Automatic. Enable automatic starting of the SSH server. 322 | # 323 | # 0: Manual. Disable automatic starting of the SSH server. 324 | # The server can be started manually. 325 | # 326 | #StartSSHDaemon Automatic 327 | 328 | # 329 | # Specify how clients will have to contact the node, by default by 330 | # the NX service. To allow for multiple methods, specify them in a 331 | # comma-separated list. Supported methods are: NX, SSH and HTTP. 332 | # 333 | ClientConnectionMethods NX,SSH,HTTP 334 | 335 | # 336 | # Specify a list of comma-separated 'hostname:port' values for XDM 337 | # server. 338 | # 339 | #RoundRobinXdmList 127.0.0.1:177 340 | 341 | # 342 | # Enable or disable the XDM round robin query: 343 | # 344 | # 1: Enabled. Let NX Server decide XDM host according to hostnames 345 | # that are defined in the RoundRobinXdmList key. 346 | # 347 | # 0: Disabled. 348 | # 349 | #EnableRoundRobinXdmQuery 1 350 | 351 | # 352 | # Enable or disable the XDM indirect query: 353 | # 354 | # 1: Enabled. Let the user obtain a list of available XDM hosts. 355 | # 356 | # 0: Disabled. 357 | # 358 | #EnableIndirectXdmQuery 0 359 | 360 | # 361 | # Enable or disable the XDM direct query: 362 | # 363 | # 1: Enabled. Let client specify XDM host. 364 | # 365 | # 0: Disabled. 366 | # 367 | #EnableDirectXdmQuery 0 368 | 369 | # 370 | # Enable or disable the XDM broadcast query: 371 | # 372 | # 1: Enabled. Let client connect to the first responding XDM host. 373 | # 374 | # 0: Disabled. 375 | # 376 | #EnableBroadcastXdmQuery 0 377 | 378 | # 379 | # Specify the algorithm to be used for selecting the node. Accepted 380 | # values are: 'round-robin' for selecting the node according to the 381 | # round robin algorithm and 'custom' to use a custom load-balancing 382 | # algorithm as specified in the NodeSelectionScript key. Otherwise 383 | # set 'load-average' to select the node according to the load average 384 | # of each node. Default is to use a weighted round-robin algorithm. 385 | # 386 | #LoadBalancingAlgorithm round-robin 387 | 388 | # 389 | # Specify path and name to the script providing the load-balancing al- 390 | # gorithm. 391 | # 392 | #NodeSelectionScript "" 393 | 394 | # 395 | # Specify path and name of the command 'sessreg' for managing utmp and 396 | # wtmp entries for non-init clients. 397 | # 398 | #CommandSessreg /usr/X11/bin/sessreg 399 | 400 | # 401 | # Specify the location and name of the SSH authorized keys file. 402 | # 403 | SSHAuthorizedKeys authorized_keys 404 | 405 | # 406 | # Accept or refuse the client connection if SSHD does not export 407 | # the 'SSH_CONNECTION' and 'SSH_CLIENT' variables in the environment 408 | # passed to the NX Server. 409 | # 410 | # 1: Refuse. Check the remote IP and do not accept the connection if it 411 | # can't be determined. 412 | # 413 | # 0: Accept. Check the remote IP and accept the connection even if the 414 | # remote IP is not provided. 415 | # 416 | #SSHDCheckIP 0 417 | 418 | # 419 | # Specify the base username to be used by NX Server to create guest 420 | # users accounts. The server will add a progressive number to the 421 | # name specified by GuestName, according to the range of values set 422 | # in the BaseGuestUserId and GuestUserIdLimit keys. 423 | # 424 | #GuestName guest 425 | 426 | # 427 | # Set the base User Identifier (UID) number for NX guest users. 428 | # 429 | #BaseGuestUserId 10 430 | 431 | # 432 | # Set the maximum User Identifier (UID) number reserved for NX guest 433 | # users. 434 | # 435 | #GuestUserIdLimit 200 436 | 437 | # 438 | # Set the Group Identifier (GID) for NX guest users. The specified 439 | # GID must already exist on the system. 440 | # 441 | #GuestUserGroup "" 442 | 443 | # 444 | # Set the maximum number of concurrent NX guest users. 445 | # 446 | #GuestUserLimit 10 447 | 448 | # 449 | # Set the maximum number of NX sessions a NX guest user can run before 450 | # his/her account is terminated. 451 | # 452 | #GuestUserConnectionLimit 5 453 | 454 | # 455 | # Set for how long NX Server has to retain NX guest users accounts. 456 | # 457 | # 0: NX guest users accounts are never removed. 458 | # 459 | # >0: Maintain NX guest users accounts for this amount 460 | # of seconds. 461 | # 462 | # The default value, 2592000 seconds, lets NX Server keep guest users 463 | # accounts for 30 days. 464 | # 465 | #GuestUserAccountExpiry 2592000 466 | 467 | # 468 | # Set for how long NX Server has to keep alive a NX guest user's 469 | # session. When the time has expired, NX Server will kill the session. 470 | # 471 | # 0: NX guest user session is never terminated. 472 | # 473 | # >0: Keep NX guest user session live for this number 474 | # of seconds. 475 | # 476 | #GuestConnectionExpiry 0 477 | 478 | # 479 | # Enable or disable possibility for NX guest users to disconnect their 480 | # sessions: 481 | # 482 | # 1: Enabled. NX Server lets NX guest users disconnect sessions. 483 | # 484 | # 0: Disabled. 485 | # 486 | #GuestUserAllowDisconnect 1 487 | 488 | # 489 | # Set the home directory for NX guest users. Provide an empty value 490 | # between double quotes to let NX Server create the guest user's home 491 | # in the default directory set on the system. 492 | # 493 | #GuestUserHome /home 494 | 495 | # 496 | # Enable or disable removing the NX guest user from the system when the 497 | # account is expired: 498 | # 499 | # 1: Enabled. When the guest account is expired, NX Server will 500 | # delete the account from both the system and the NX guests DB 501 | # and will remove the home directory. 502 | # 503 | # 0: Disabled. When the guest account is expired, NX Server will 504 | # keep the guest account on the system but will forbid this user 505 | # to start new sessions on the server. 506 | # 507 | #EnableGuestWipeout 1 508 | 509 | # 510 | # Allow the server to set disk quota for the NX guest accounts: 511 | # 512 | # 1: Enabled. When a new guest account is created on the system, 513 | # the server will set the disk quota for this user. 514 | # 515 | # 0: Disabled. No restrictions on the amount of disk space used 516 | # by each guest user are applied. 517 | # 518 | #EnableGuestQuota 0 519 | 520 | # 521 | # Specify the username of the account to be used as a prototype for 522 | # propagating its disk quota settings to all the new guest accounts. 523 | # If the softlimit or the hardlimit on either the inode or the disk 524 | # block are set, they will override the settings applied to the user 525 | # prototype. 526 | # 527 | #GuestQuotaProtoname protoguest 528 | 529 | # 530 | # Specify the maximum amount of disk space available for each of the 531 | # guest users, checked as number of inodes. This limit can be exceeded 532 | # for the grace period. 533 | # 534 | #GuestQuotaInodeSoftlimit 0 535 | 536 | # 537 | # Specify the absolute maximum amount of disk space available for 538 | # each of the guest users, checked as number of inodes. Once this 539 | # limit is reached, no further disk space can be used. 540 | # 541 | #GuestQuotaInodeHardlimit 0 542 | 543 | # 544 | # Specify the maximum amount of disk space available for each of the 545 | # guest users, checked as number of disk blocks consumed. This limit 546 | # can be exceeded for the grace period. 547 | # 548 | #GuestQuotaBlockSoftlimit 0 549 | 550 | # 551 | # Specify the absolute maximum amount of disk space available for each 552 | # of the guest users, checked as number of disk blocks consumed. Once 553 | # this limit is reached, no further disk space can be used. 554 | # 555 | #GuestQuotaBlockHardlimit 0 556 | 557 | # 558 | # Specify the grace period, expressed in seconds, during which the 559 | # soft limit, set in the GuestQuotaInodeSoftlimit key may be 560 | # exceeded. 561 | # 562 | #GuestQuotaInodeGracePeriod 0 563 | 564 | # 565 | # Specify the grace period, expressed in seconds, during which the 566 | # soft limit, set in the GuestQuotaBlockSoftlimit key may be 567 | # exceeded. 568 | # 569 | #GuestQuotaBlockGracePeriod 0 570 | 571 | # 572 | # Specify a list of comma-separated filesystem names or devices to 573 | # which the disk quota restrictions will be applied. The default 574 | # value is 'all' which corresponds to applying the disk quota limits 575 | # to all the filesystems having disk quota enabled. 576 | # 577 | #GuestQuotaFilesystems all 578 | 579 | # 580 | # Set the User Identifier (UID) number for NX users. If an empty value 581 | # is specified, the NX Server will create the account with the default 582 | # value set on the system. 583 | # 584 | #UserId "" 585 | 586 | # 587 | # Set the Group Identifier (GID) for NX users. If an empty value is 588 | # specified, NX Server will create the account with the default 589 | # value set on the system. 590 | # 591 | #UserGroup "" 592 | 593 | # 594 | # Set the home directory for NX users. If an empty value is specified, 595 | # NX Server will create the user's home in the default directory 596 | # set on the system. 597 | # 598 | #UserHome "" 599 | 600 | # 601 | # Allow the user to connect to a virtual desktop: 602 | # 603 | # 1: Enabled. Each user can request to connect to a 604 | # virtual desktop. 605 | # 606 | # 0: Disabled. Connections to a virtual desktop are 607 | # forbidden. 608 | # 609 | #VirtualDesktopSharing 1 610 | 611 | # 612 | # Set the interaction level for the session connected to a virtual 613 | # desktop: 614 | # 615 | # 0: View-only. The session is connected to the desktop in 616 | # view-only mode, i.e. the user can't interact with the 617 | # virtual desktop. 618 | # 619 | # 1: Restricted. User connected to the virtual desktop can 620 | # interact with the desktop except for resize operations. 621 | # 622 | # 2: Interactive. User connected to the virtual desktop has 623 | # full interaction with the desktop. 624 | # 625 | #VirtualDesktopMode 2 626 | 627 | # 628 | # Enable or disable NX Server requesting authorization to the owner of 629 | # the virtual desktop before connecting. 630 | # 631 | # 1: Enabled. NX Server asks for authorization to the owner 632 | # of the virtual desktop before trying to connect. 633 | # 634 | # 0: Disabled. NX Server tries to connect to the virtual 635 | # desktop without the need for any authorization from the 636 | # desktop's owner. 637 | # 638 | #VirtualDesktopAuthorization 1 639 | 640 | # 641 | # Allow the user to connect to the physical desktop: 642 | # 643 | # 0: Disabled. Connections to the physical desktop are 644 | # forbidden. 645 | # 646 | # 1: Enabled. Each user can request to connect to the 647 | # physical desktop. 648 | # 649 | # 2: Restricted. Only the administrator and trusted users 650 | # can connect to the physical desktop. 651 | # 652 | #PhysicalDesktopSharing 1 653 | 654 | # 655 | # Set the interaction level for the session connected to the physical 656 | # desktop: 657 | # 658 | # 0: View-only. The session is connected to the desktop in 659 | # view-only mode, i.e. the user can't interact with the 660 | # physical desktop. 661 | # 662 | # 1: Restricted. User connected to the physical desktop can 663 | # interact with the desktop except for resize operations. 664 | # 665 | # 2: Interactive. User connected to the physical desktop has 666 | # full interaction with the desktop. 667 | # 668 | #PhysicalDesktopMode 2 669 | 670 | # 671 | # Enable or disable NX Server requesting authorization to the owner of 672 | # the physical desktop before connecting. 673 | # 674 | # 1: Enabled. NX Server asks for authorization to the owner 675 | # of the physical desktop before trying to connect. 676 | # 677 | # 0: Disabled. NX Server tries to connect to the physical 678 | # desktop without the need for any authorization from the 679 | # desktop's owner. 680 | # 681 | #PhysicalDesktopAuthorization 1 682 | 683 | # 684 | # Specify absolute path of the custom script to be executed before 685 | # the user logs in. The script can accept remote IP of the user's 686 | # machine as its input. 687 | # 688 | # E.g. UserScriptBeforeLogin /tmp/nxscript/script.sh 689 | # 690 | #UserScriptBeforeLogin "" 691 | 692 | # 693 | # Specify absolute path of the custom script to be executed after 694 | # the user logs in. The script can accept username as its input. 695 | # 696 | #UserScriptAfterLogin "" 697 | 698 | # 699 | # Specify absolute path of the custom script to be executed before 700 | # the session start-up. The script can accept session ID, username, 701 | # node host and node port as its input. 702 | # 703 | #UserScriptBeforeSessionStart "" 704 | 705 | # 706 | # Specify absolute path of the custom script to be executed after the 707 | # session start-up. The script can accept session ID, username, node 708 | # host and node port as its input. 709 | # 710 | #UserScriptAfterSessionStart "" 711 | 712 | # 713 | # Specify absolute path of the custom script to be executed before 714 | # the session is closed. The script can accept session ID, username, 715 | # node host and node port as its input. 716 | # 717 | #UserScriptBeforeSessionClose "" 718 | 719 | # 720 | # Specify absolute path of the custom script to be executed after the 721 | # session is closed. The script can accept session ID, username, node 722 | # host and node port as its input. 723 | # 724 | #UserScriptAfterSessionClose "" 725 | 726 | # 727 | # Specify absolute path of the custom script to be executed before 728 | # the session is reconnected. The script can accept session ID user- 729 | # name, node host and node port as its input. 730 | # 731 | #UserScriptBeforeSessionReconnect "" 732 | 733 | # 734 | # Specify absolute path of the custom script to be executed after the 735 | # session is reconnected. The script can accept session ID username 736 | # node host and node port as its input. 737 | # 738 | #UserScriptAfterSessionReconnect "" 739 | 740 | # 741 | # Specify absolute path of the custom script to be executed before 742 | # the session is disconnected. The script can accept session ID, user- 743 | # name, node host and node port as its input. 744 | # 745 | #UserScriptBeforeSessionDisconnect "" 746 | 747 | # 748 | # Specify absolute path of the custom script to be executed after 749 | # the session is disconnected. The script can accept session ID, user- 750 | # name, node host and node port as its input. 751 | # 752 | #UserScriptAfterSessionDisconnect "" 753 | 754 | # 755 | # Specify absolute path of the custom script to be executed before 756 | # session failure. The script can accept session ID username, node 757 | # host and node port as its input. 758 | # 759 | #UserScriptBeforeSessionFailure "" 760 | 761 | # 762 | # Specify absolute path of the custom script to be executed after 763 | # session failure. The script can accept session ID username, node 764 | # host and node port as its input. 765 | # 766 | #UserScriptAfterSessionFailure "" 767 | 768 | # 769 | # Specify absolute path of the custom script to be executed before 770 | # NX Server creates the new account. The script can accept username 771 | # as its input. 772 | # 773 | #UserScriptBeforeCreateUser "" 774 | 775 | # 776 | # Specify absolute path of the custom script to be executed after 777 | # NX Server has created the new account. The script can accept user- 778 | # name as its input. 779 | # 780 | #UserScriptAfterCreateUser "" 781 | 782 | # 783 | # Specify absolute path of the custom script to be executed before 784 | # NX Server removes the account. The script can accept username as 785 | # its input. 786 | # 787 | #UserScriptBeforeDeleteUser "" 788 | 789 | # 790 | # Specify absolute path of the custom script to be executed after 791 | # NX Server has removed the account. The script can accept username 792 | # as its input. 793 | # 794 | #UserScriptAfterDeleteUser "" 795 | 796 | # 797 | # Specify absolute path of the custom script to be executed before 798 | # NX Server disables the user. The script can accept username as its 799 | # input. 800 | # 801 | #UserScriptBeforeDisableUser "" 802 | 803 | # 804 | # Specify absolute path of the custom script to be executed after 805 | # NX Server has disabled the user. The script can accept username 806 | # as its input. 807 | # 808 | #UserScriptAfterDisableUser "" 809 | 810 | # 811 | # Specify absolute path of the custom script to be executed before 812 | # NX Server enables the user. The script can accept username as its 813 | # input. 814 | # 815 | #UserScriptBeforeEnableUser "" 816 | 817 | # 818 | # Specify absolute path of the custom script to be executed after 819 | # NX Server has enabled the user. The script can accept username 820 | # as its input. 821 | # 822 | #UserScriptAfterEnableUser "" 823 | 824 | # 825 | # Specify absolute path of the script to be executed before 826 | # the server daemon is started. 827 | # 828 | #ScriptBeforeServerDaemonStart "" 829 | 830 | # 831 | # Specify absolute path of the script to be executed after 832 | # the server daemon is started. 833 | # 834 | #ScriptAfterServerDaemonStart "" 835 | 836 | # 837 | # Specify absolute path of the script to be executed before 838 | # the server daemon is stopped. 839 | # 840 | #ScriptBeforeServerDaemonStop "" 841 | 842 | # 843 | # Specify absolute path of the script to be executed after 844 | # the server daemon is stopped. 845 | # 846 | #ScriptAfterServerDaemonStop "" 847 | 848 | # 849 | # Allow the root user (or Administrator on a Windows machine) to 850 | # run NX sessions. 851 | # 852 | # 1: Enabled. Allow an NX user to run sessions as user with 853 | # administrative rights. 854 | # 855 | # 0: Disabled. NX Server forbids an NX user to log in as user 856 | # having administrative privileges. 857 | # 858 | #EnableAdministratorLogin 1 859 | 860 | # 861 | # Specify path to the SSH client. 862 | # 863 | #SSHClient /usr/bin/ssh 864 | 865 | # 866 | # Enable or disable broadcasting the required information to let 867 | # other computers discover this host on the local network. 868 | # 869 | # 1: Enabled. Other computers on the local network can find 870 | # this host machine. 871 | # 872 | # 0: Disabled. This computer cannot be found on the local 873 | # network but it's still reachable by providing its IP 874 | # or hostname. 875 | # 876 | #EnableNetworkBroadcast 1 877 | 878 | # 879 | # Specify a list of comma-separated session types available on this 880 | # server. 881 | # 882 | AvailableSessionTypes unix-remote,unix-console,unix-default,unix-application,physical-desktop,shadow,unix-xsession-default,unix-xdm 883 | 884 | # 885 | # Specify how the node process is run. 886 | # 887 | # 1: Noshell. Execute script to run the node process directly. 888 | # 889 | # 0: Shellmode. Execute script to run the node process by 890 | # invoking the bash shell. 891 | # 892 | #RunNodeMode 0 893 | 894 | # 895 | # Enable the server to automatically configure the firewall for all 896 | # the configured services. On platforms that don't support adding 897 | # the specific executables to a white list, the needed ports are 898 | # added at server startup and removed at server shutdown, or when, 899 | # at run-time, a new port is needed. The default value is 1. 900 | # 901 | # 1: Enabled. NoMachine opens the required ports in the firewall. 902 | # 903 | # 0: Disabled. Firewall must be configured manually. By default 904 | # the required ports are TCP ports 4000 for NX, 4080 and 4443 905 | # for HTTP and UDP ports in the range 4011-4999 range. 906 | # 907 | #EnableFirewallConfiguration 1 908 | 909 | # 910 | # Enable or disable logging to the system log file, e.g. syslog 911 | # on UNIX based systems and Events log on Windows platforms. 912 | # 913 | # 1: Enabled. The webplayer and webclient applications will log. 914 | # to the system log file. 915 | # 916 | # 0: Disabled. This is the default value, webplayer and webclient 917 | # will log to the file specified in the SystemLogFile key. 918 | # 919 | #EnableSyslogSupport 0 920 | 921 | # 922 | # Set for how long the server has to keep alive virtual desktops in 923 | # status disconnected. When the time is expired, the server will 924 | # terminate virtual desktops if no user are connected there. 925 | # 926 | # 0: Virtual desktops in status disconnected are never terminated. 927 | # This is the default. 928 | # 929 | # >0: Keep Disconnected session alive for this number 930 | # of seconds. 931 | # 932 | #DisconnectedSessionExpiry 0 933 | 934 | # 935 | # Enable or disable NoMachine server checking at start up the status 936 | # of the Windows Net Logon service. 937 | # 938 | # 1: Enabled. The server will delay its start up until Net Logon is 939 | # up and running. This is required when the NoMachine server host 940 | # is an ActiveDirectory client. If Net Logon fails to start, No- 941 | # Machine server will be not available on this host and the start 942 | # up procedure will report an error. 943 | # 944 | # 0: Disabled. NoMachine server will start without verifying if Net 945 | # Logon is up and running. This is the default setting. 946 | # 947 | #NetLogonDependency 0 948 | 949 | # 950 | # Set for how long the server will wait for the authentication phase 951 | # to be completed on the system. By default timeout is set to 30 952 | # seconds. Increase this value when the authentication process on 953 | # the system takes longer. This setting applies also to two-factor 954 | # authentication. 955 | # 956 | #AuthorizationTimeout 30 957 | 958 | # 959 | # Enable or disable the automatic creation of an X11 display when no 960 | # X servers are running on this host (e.g. headless machine) to let 961 | # users connect to the desktop. This setting applies to NoMachine 962 | # servers not supporting virtual desktops and permits to have one 963 | # single display. 964 | # 965 | # 1: Enabled. NoMachine will create automatically the new display at 966 | # server startup. This setting has to be used in conjunction with 967 | # 'DisplayOwner' and 'DisplayGeometry'. 968 | # 969 | # 0: Disabled. NoMachine will prompt the user for creating the new 970 | # display. This is the default. 971 | # 972 | CreateDisplay 1 973 | 974 | # 975 | # When 'CreateDisplay' is enabled, specify the display owner and let 976 | # NoMachine create the new display without querying the user. If the 977 | # server supports only one concurrent connection, the connecting user 978 | # must be the display owner set in this key. 979 | # 980 | DisplayOwner "user" 981 | 982 | # 983 | # When 'CreateDisplay' is enabled, specify the resolution of the new 984 | # desktop in the WxH format. Default is 800x600. 985 | # 986 | #DisplayGeometry 800x600 987 | 988 | # 989 | # Enable or disable support for Kerberos ticket-based authentication 990 | # for connections by NX protocol. 991 | # 992 | # 1: Enabled. Kerberos ticket-based authentication is supported when 993 | # users connect by the NX protocol. 994 | # 995 | # 0: Disabled. Kerberos ticket-based authentication is not supported 996 | # for connections by NX protocol. This is the default. 997 | # 998 | #EnableNXKerberosAuthentication 0 999 | 1000 | # 1001 | # Set for how long the server will wait for the kerberos response 1002 | # from kerberos kdc server. By default timeout is set to 10 seconds. 1003 | # Increase this value when the authentication process on the system 1004 | # takes longer. 1005 | # 1006 | #NXKerberosAuthenticationTimeout 10 1007 | 1008 | # 1009 | # Set the maximum size for the Kerberos authentication request, by 1010 | # default 1048576 bytes. 1011 | # 1012 | #NXKerberosRequestLimit 1048576 1013 | 1014 | # 1015 | # Enable or disable support for Kerberos ticket forwarding to the 1016 | # remote node when the user didn't authenticate with Kerberos, but 1017 | # their Kerberos ticket is already available on the server system. 1018 | # This key applies to a multi-node environment only and it's di- 1019 | # sabled by default 1020 | # 1021 | # 1: Enabled. User's Kerberos ticket already available on the 1022 | # NoMachine server system will be forwarded to the remote node 1023 | # where the user's session is started. 1024 | # 1025 | # 0: Disabled. User's Kerberos ticket will not be forwarded to the 1026 | # remote node where the user's session is started. 1027 | # 1028 | #EnableNXKerberosForwardingToRemote 0 1029 | 1030 | # 1031 | # Blanking the physical screen of the machine when somebody connects. 1032 | # 1033 | # 1: Enabled. The physical screen of this machine is blanked and the 1034 | # local user cannot interact with the desktop while somebody is 1035 | # connected. 1036 | # 1037 | # 0: Disabled. The physical desktop of this machine is not blanked 1038 | # when somebody is connected. All operations made from the remote 1039 | # user are visible to the local user and the local user can interact 1040 | # with the desktop. This is the default. 1041 | # 1042 | #EnableScreenBlanking 0 1043 | 1044 | # 1045 | # Activate the system lock screen when the NoMachine user disconnects 1046 | # from the physical display. 1047 | # 1048 | # 1: Enabled. When the user disconnects, the physical screen of this 1049 | # host will be locked. 1050 | # 1051 | # 0: Disabled. When the user disconnects, the screen state will not 1052 | # change. This is the default. 1053 | # 1054 | EnableLockScreen 1 1055 | 1056 | # 1057 | # Enable or disable support for SSL client authentication in the NX 1058 | # service. 1059 | # 1060 | # 1: Enabled. The NX service, nxd, uses the client side certificate 1061 | # to validate the connecting client against a list of allowed 1062 | # clients. Only clients owning a certificate valid for this NX 1063 | # service can authenticate with this method. 1064 | # 1065 | # 0: Disabled. Authentication by using a client side certificate 1066 | # is not possible. 1067 | # 1068 | # This option applies to connections by NX protocol only and it's 1069 | # disabled by default. 1070 | # 1071 | #EnableNXClientAuthentication 0 1072 | 1073 | # 1074 | # Specify how clients will have to authenticate to the server, by 1075 | # default all the available methods are supported. This corresponds 1076 | # to value all. To specify a subset of methods use a comma-separated 1077 | # list. 1078 | # 1079 | # Supported methods for connections by NX protocol are: 1080 | # NX-password : Password authentication. 1081 | # NX-private-key: Key-based authentication. 1082 | # NX-kerberos : Kerberos ticket-based authentication. 1083 | # 1084 | # Supported method for connections by SSH protocol is: 1085 | # SSH-system : All methods supported for the system login. 1086 | # SSH authentication methods for the system login 1087 | # have to be set on the system for example in the 1088 | # PAM configuration. 1089 | # 1090 | # For example: 1091 | # AcceptedAuthenticationMethods NX-private-key,SSH-system 1092 | # 1093 | # This key has to be used in conjunction with ClientConnectionMethod. 1094 | # See also the EnableNXClientAuthentication key for enabling SSL 1095 | # client authentication for connections by NX protocol. 1096 | # 1097 | #AcceptedAuthenticationMethods all 1098 | 1099 | # 1100 | # Configure behavior of the NoMachine menu to be displayed inside the 1101 | # session: hide the welcome panels shown at session startup, prevent 1102 | # users from changing settings or use specific services. Default is 1103 | # 'all', welcome panels are shown and the menu can be used without 1104 | # restrictions. Set this key to 'none' for hiding both welcome panels 1105 | # and the NoMachine menu (clicking on the page peel or pressing ctrl+ 1106 | # alt+0 will not open it). Give a comma-separated list of values to 1107 | # indicate which items should be made available to users. 1108 | # 1109 | # Available values for client and web sessions are: welcome,input, 1110 | # display,display-mode,display-settings,connection. Client sessions 1111 | # support also: devices,devices-disk,devices-printer,devices-usb, 1112 | # devices-network,devices-smartcard,audio,audio-settings,mic,mic- 1113 | # settings,recording. For web sessions instead it's possible to set 1114 | # also: keyboard,clipboard. 1115 | # 1116 | #ClientMenuConfiguration all 1117 | 1118 | # 1119 | # Enable or disable users to store their access credentials on their 1120 | # devices when they connect via NoMachine client or in the browser's 1121 | # cookie in case of web sessions. Accepted values are: 1122 | # 1123 | # player: Allow only users connected via NoMachine client to save 1124 | # username and password in their connection file. 1125 | # 1126 | # webplayer: Allow only users connected via web to store username and 1127 | # password in the browser's cookies, if enabled. 1128 | # 1129 | # both: Users connected via client or via web can always choose to 1130 | # store their credentials. 1131 | # 1132 | # none: Do not permit users to save their username and password. 1133 | # Users will be requested to insert their credentials at 1134 | # each new connection via NoMachine client or web. 1135 | # 1136 | # 1137 | #EnableClientCredentialsStoring both 1138 | 1139 | # 1140 | # Enable or disable strict GSSAPI host credential check for Kerberos 1141 | # authentication. When enabled, authentication is done against the 1142 | # host service on the current hostname. If disabled, authentication 1143 | # is done against any requested service key stored in the keytab file. 1144 | # 1145 | # 1: Enabled. Kerberos authentication is made strictly against hostname 1146 | # host service. This is the default. 1147 | # 1148 | # 0: Disabled. Allow relaxed GSSAPI host credential check, and make 1149 | # possible to authenticate against GSSAPI host service with a 1150 | # different name than hostname. 1151 | # 1152 | #NXGSSAPIStrictAcceptorCheck 1 1153 | 1154 | # 1155 | # Enable or disable this server accepting direct connections to its 1156 | # IP or hostname when it's federated in a multi-server environment. 1157 | # 1158 | # 1: Enabled. Users are allowed to connect to this NoMachine server. 1159 | # 1160 | # 0: Disabled. Users have to connect to the main server ruling the 1161 | # multi-host environment in order to reach this server. 1162 | # 1163 | #EnableServerRole 1 1164 | 1165 | # 1166 | # Set the log level of NoMachine Web Player. Web Player logs all events 1167 | # that are <= to the level specified below, according to the following 1168 | # convention: 1169 | # 1170 | # KERN_ERR 3: Error condition. 1171 | # KERN_INFO 6: Informational. 1172 | # KERN_DEBUG 7: Debug-level messages. 1173 | # 1174 | # The suggested values are: 1175 | # 1176 | # 6: Default value. Only relevant events are logged. 1177 | # 1178 | # 7: Set the log level to debug. 1179 | # 1180 | #WebSessionLogLevel 6 1181 | 1182 | # 1183 | # Specify user name of NoMachine HTTP Server owner. 1184 | # 1185 | #ApacheUname nxhtd 1186 | 1187 | # 1188 | # Specify group name of NoMachine HTTP Server owner. 1189 | # 1190 | #ApacheGname nxhtd 1191 | 1192 | # 1193 | # Allow NoMachine HTTP Server to serve content of Web Player applica- 1194 | # tion. 1195 | # 1196 | # 1: Enabled. Users can access the Web Player application. 1197 | # 1198 | # 0: Disabled. The Web Player application is not accessible. 1199 | # 1200 | #EnableWebPlayer 1 1201 | 1202 | # 1203 | # Specify the absolute path for the Web Player graphic interface and 1204 | # for storing session images generated by the X11 agent. 1205 | # 1206 | #WebDirPath /usr/NX/share/htdocs/nxwebplayer 1207 | 1208 | # 1209 | # Make Web Player request user credentials to connect to the server 1210 | # or try to connect automatically as a guest user on the server: 1211 | # 1212 | # 1: Enabled. Web Player tries to log-in to server as a guest 1213 | # without the need for user intervention. Server must support 1214 | # the automatic generation of guest accounts and have this 1215 | # functionality enabled. 1216 | # 1217 | # 0: Disabled. Web Player prompts the user asking for access 1218 | # credentials to log-in to server. Users can provide either 1219 | # their username and password or to try to log-in as a guest 1220 | # if the server supports it. 1221 | # 1222 | #EnableWebGuest 0 1223 | 1224 | # 1225 | # Show the tutorial wizard for the menu panel at session startup. 1226 | # 1227 | # 1: Enabled. Display the tutorial screenshots. 1228 | # 1229 | # 0: Disabled. Do not show the tutorial. 1230 | # 1231 | #EnableWebMenuTutorial 1 1232 | 1233 | # 1234 | # Make Web Player change connection name: 1235 | # 1236 | # 1: Enabled. Allows to have displayed name from Section "Server" 1237 | # directive. 1238 | # 1239 | # 0: Disabled. Allows to see hostname of the server displayed. 1240 | # 1241 | #EnableWebConnectionName 0 1242 | 1243 | # 1244 | # Specify the method to be used for browser-server communication. By 1245 | # default this keys is set to 'classic'. To use WebRTC technology 1246 | # set this key to 'classic,webrtc'. In this case HTML5 real-time 1247 | # communication will be used when the browser supports WebRTC and 1248 | # will fall back to the classic web media exchange protocol in case 1249 | # of browser not supporting WebRTC. 1250 | # 1251 | #AcceptedWebMethods classic 1252 | 1253 | # 1254 | # Specify for how many seconds the automatically generated password 1255 | # must be valid. The default value is 60 seconds. 1256 | # 1257 | #OneTimePasswordValidityPeriod 60 1258 | 1259 | # 1260 | # Specify the GUI language. Available languages are: English (default) 1261 | # French, German, Italian, Spanish, Polish, Portuguese and Russian. 1262 | # Users will be still able to change the language in the GUI. 1263 | # 1264 | #WebSessionLanguage English 1265 | 1266 | # 1267 | # Specify the GUI theme, sunshine (default) or moonlight. Users will 1268 | # be still able to change GUI theme in the GUI.. 1269 | # 1270 | #WebSessionTheme sunshine 1271 | 1272 | # 1273 | # Specify the wave theme, red (default), light gray or dark gray. 1274 | # Users will be still able to change wave theme in the GUI. 1275 | # 1276 | #WebSessionWave red 1277 | 1278 | # 1279 | # Enable or disable the debug tool when the server program is launched. 1280 | # 1281 | # 1: Enabled. The debug tool specified in the CommandDebug key will 1282 | # be run to debug the server program. This can slow down the exe- 1283 | # cution of the server. 1284 | # 1285 | # 0: Disabled. Debug tool is not run. 1286 | # 1287 | #EnableDebug 0 1288 | 1289 | # 1290 | # Specify absolute path of the command to launch a debug tool. 1291 | # 1292 | #CommandDebug "" 1293 | 1294 | # 1295 | # Specify path and commands of the debug tool in a comma-separated 1296 | # list, e.g. accepted command for Valgrind is '/usr/bin/valgrind.bin'. 1297 | # 1298 | #AcceptedDebuggerCommands /usr/bin/valgrind.bin 1299 | 1300 | # 1301 | # Append arguments to the command used by the server to launch the 1302 | # debug tool 1303 | # 1304 | # Multiple parameters can be specified by separating them with a blank 1305 | # character. For security reasons, no shell interpretation is made. 1306 | # 1307 | #DebugOptions "" 1308 | 1309 | # 1310 | # The Section directive allows to define settings for the server 1311 | # where the Web Player will connect. Edit lines below to define a 1312 | # server different from localhost. Protocol is by default 'NX' as 1313 | # well as port is '4000'. To use SSH service, specify 'system' to 1314 | # authorize with system password. In this case NoMachine uses by 1315 | # default port 4022 on Windows and port 22 on the other operating 1316 | # systems. 1317 | # 1318 | Section "Server" 1319 | 1320 | Name "Connection to localhost" 1321 | Host 127.0.0.1 1322 | Protocol NX 1323 | Port 4000 1324 | 1325 | EndSection 1326 | 1327 | # 1328 | # When WebRTC is enabled, set parameters for STUN/TURN utilities to 1329 | # permit NAT traversal for peer to peer direct video, audio and data 1330 | # streaming. Replace 'hostname' and 'portnumber' with the ip or host 1331 | # name of the network server; replace 'username' and 'password' with 1332 | # username and password to be used for authenticating to such server. 1333 | # If a TURN server has to be contacted, duplicate section below, set 1334 | # it to Section "TURN" and provide the appropriate values for Host, 1335 | # Port, User and Password parameters. Define multiple sections for 1336 | # different STUN or TURN servers to provide an alternative server 1337 | # in case the first of the list is not reachable. 1338 | # 1339 | # Section "STUN" 1340 | # 1341 | # Host hostname 1342 | # Port portnumber 1343 | # User username 1344 | # Password password 1345 | # 1346 | # EndSection 1347 | -------------------------------------------------------------------------------- /configs/server.cfg.default: -------------------------------------------------------------------------------- 1 | ###################################################################### 2 | # # 3 | # Copyright (c) 2001, 2018 NoMachine, http://www.nomachine.com. # 4 | # # 5 | # All rights reserved. # 6 | # # 7 | ###################################################################### 8 | 9 | # 10 | # Configuration file format version. 11 | # 12 | ConfigFileVersion 4.0 13 | 14 | # 15 | # Set the log level of NX Server. NX Server logs to the syslog all 16 | # the events that are <= to the level specified below, according to 17 | # the following convention: 18 | # 19 | # KERN_ERR 3: Error condition. 20 | # KERN_INFO 6: Informational. 21 | # KERN_DEBUG 7: Debug-level messages. 22 | # 23 | # Note that NX Server uses level 6 in the syslog to log the event. 24 | # This is intended to override settings on the local syslog configur- 25 | # ation that would prevent the event from being actually logged. 26 | # 27 | # The suggested values are: 28 | # 29 | # 6: This is the default value. Only the important events 30 | # are logged. 31 | # 32 | # 7: Sets logs to level debug. 33 | # 34 | #SessionLogLevel 6 35 | 36 | # 37 | # Point the server to log to a specific file. The default log file is 38 | # /Library/Application Support/NoMachine/var/log/nxserver.log on Mac 39 | # OS X, %PROGRAMDATA%/NoMachine/var/log/nxserver.log on Windows and 40 | # /usr/NX/var/log/nxserver.log on Linux. 41 | # 42 | #SystemLogFile /usr/NX/var/log/nxserver.log 43 | 44 | # 45 | # Set how often NoMachine must check for updates on the repository. 46 | # Default value, 172800 seconds, allow to check once every two days. 47 | # To disable check for updates, set this key to 0. 48 | # 49 | #UpdateFrequency 172800 50 | 51 | # 52 | # Specify the TCP port where the NX service is listening. 53 | # 54 | #NXPort 4000 55 | 56 | # 57 | # Enable support for NAT-PMP and UPnP networking protocols to redirect 58 | # a port from server side to allow end-users to connect to the server 59 | # through a firewall. Accepted values are: 60 | # 61 | # NX: Redirect port of the nxd service. 62 | # 63 | # SSH: Redirect port of the SSH server. 64 | # 65 | # HTTP: Redirect port of the HTTP server. 66 | # 67 | # none: Do not redirect port. Connections via NX, SSH or HTTP 68 | # protocol are possible only if NoMachine host and user's 69 | # machine are on the same LAN or server has a public IP. 70 | # 71 | EnableUPnP none 72 | 73 | # 74 | # Specify the port where the NX service will be redirected using NAT- 75 | # PMP or UPnP to allow end-users to connect to the server through a 76 | # firewall. 77 | # 78 | #NXUPnPPort "" 79 | 80 | # 81 | # Specify the port where the SSHD service will be redirected using 82 | # NAT-PMP or UPnP to allow end-users to connect to the server through 83 | # a firewall. 84 | # 85 | #SSHDUPnPPort "" 86 | 87 | # 88 | # Specify the port where the HTTP service will be redirected using 89 | # NAT-PMP or UPnP to allow end-users to connect to the server through 90 | # a firewall. 91 | # 92 | #HTTPUPnPPort "" 93 | 94 | # 95 | # Specify a port range, in the form of minport-maxport, to use UDP 96 | # communication for multimedia data. Alternatively, specify a comma- 97 | # separated list of ports or a single port. In this last case, only 98 | # one connection will be able to use UDP at any given time. As a note, 99 | # the Internet Assigned Numbers Authority (IANA) suggests the range 100 | # 49152 to 65535 for dynamic or private ports. 101 | # 102 | #UDPPort 4011-4999 103 | 104 | # 105 | # Specify the TCP port where the SSHD daemon is listening on the NX 106 | # Server host machine. 107 | # 108 | #SSHDPort 22 109 | 110 | # 111 | # Set the base display number for NX sessions. 112 | # 113 | #DisplayBase 1001 114 | 115 | # 116 | # Set the maximum number of displays reserved for NX sessions. 117 | # 118 | #DisplayLimit 200 119 | 120 | # 121 | # Set the maximum number of concurrent connections. 122 | # 123 | #ConnectionsLimit 20 124 | 125 | # 126 | # Specify the maximum number of concurrent connections that can be 127 | # run by a single user. 128 | # 129 | #ConnectionsUserLimit 20 130 | 131 | # 132 | # Set the maximum number of concurrent virtual desktops. 133 | # 134 | #VirtualDesktopsLimit 20 135 | 136 | # 137 | # Specify the maximum number of concurrent Linux virtual desktops 138 | # that can be run by a single user. By default a user can run as 139 | # many virtual desktops as they are allowed on the server. By setting 140 | # this value to 1, user has to terminate their disconnected virtual 141 | # desktop before starting a new one. 142 | # 143 | #VirtualDesktopsUserLimit 20 144 | 145 | # 146 | # Set for how long NX Server will retain data related to terminated 147 | # sessions in its session history. 148 | # 149 | # <0: Never delete data from NX session history. 150 | # 151 | # 0: Disable NX sessions history. 152 | # 153 | # >0: Keep data in session history for this amount 154 | # of seconds. 155 | # 156 | # The default value, 2592000 seconds, lets NX Server keep session data 157 | # for 30 days. 158 | # 159 | #SessionHistory 2592000 160 | 161 | # 162 | # Allow NX Server to terminate oldest disconnected sessions: 163 | # 164 | # 1: Enabled. Enable the automatic kill of the disconnected 165 | # sessions. 166 | # 167 | # 0: Disabled. Disconnected sessions are never terminated. 168 | # 169 | # When this option is set and the maximum number of concurrent sessions 170 | # has been reached, the server will kill the oldest disconnected sessions to 171 | # make room for the new session. 172 | # 173 | #EnableAutokillSessions 0 174 | 175 | # 176 | # Configure the NX Server behavior when the maximum number of allowed 177 | # connections is reached. An already connected user can be asked to 178 | # accept or refuse to disconnect to make room for the incoming user 179 | # (this is the default), or can be automatically disconnected or 180 | # never disconnected. 181 | # 182 | # 0: Disabled. The server prompts the connected user to accept or 183 | # refuse to disconnect for making room for the incoming user. If 184 | # no choice is made, the user is automatically disconnected. 185 | # 186 | # 1: Enabled. The server automatically disconnects the connected user 187 | # to make room for the connecting user. No message is issued to 188 | # the already connected user. 189 | # 190 | # 2: None. The server prompts the connected user to accept or 191 | # refuse to disconnect for making room for the incoming user. If 192 | # no choice is made, the server doesn't disconnect the user and 193 | # advise the incoming user that the maximum number of allowed 194 | # connections is reached. 195 | # 196 | # 3: Silent. The server never notifies desktop owners about incoming 197 | # users, incoming users are informed that the maximum number of 198 | # allowed connections is reached. 199 | # 200 | #AutomaticDisconnection 0 201 | 202 | # 203 | # Enable persistent sessions for users. If the option is followed by 204 | # the keyword 'all', all users are allowed to run persistent sessions. 205 | # Alternatively, it can be followed by a list of comma-separated user- 206 | # names. The default value is 'all' which corresponds to enabling 207 | # persistent sessions for all users. Values specified are overridden 208 | # by the value set for the 'DisablePersistentSession' key. 209 | # 210 | #EnablePersistentSession all 211 | 212 | # 213 | # Disable persistent sessions for users. If the option is followed by 214 | # the keyword 'all', no user is allowed to run persistent sessions. Al- 215 | # ternatively, the option can be followed by a list of comma-separated 216 | # usernames. The default value is the empty string which corresponds 217 | # to disabling persistent sessions for no user. The values specified 218 | # override the values set for the 'EnablePersistentSession' key. 219 | # 220 | #DisablePersistentSession "" 221 | 222 | # 223 | # Enable or disable clipboard: 224 | # 225 | # client: The content copied on the client can be pasted inside the 226 | # NX session. 227 | # 228 | # server: The content copied inside the NX session can be pasted 229 | # on the client. 230 | # 231 | # both: The copy&paste operations are allowed between both the 232 | # client and the NX session and vice versa. 233 | # 234 | # none: The copy&paste operations between the client and the NX 235 | # session are never allowed. 236 | # 237 | #EnableClipboard both 238 | 239 | # 240 | # Enable or disable NX users DB: 241 | # 242 | # 1: Enabled. Only users listed in NX users DB can login to the NX 243 | # server. 244 | # 245 | # 0: Disabled. All the authenticated users can login. 246 | # 247 | # If the NX user DB is disabled, any user providing a valid password 248 | # from local DB or through SSHD authentication, can connect to the NX 249 | # system. This is likely to be the default when SSHD authentication 250 | # with PAM is enabled. 251 | # 252 | #EnableUserDB 0 253 | 254 | # 255 | # Enable or disable NX password DB: 256 | # 257 | # 1: Enabled. Use NX password DB to authenticate users. 258 | # 259 | # 0: Disabled. Use SSHD + PAM authentication. 260 | # 261 | # System administrators can enable a restricted set of users to con- 262 | # nect to NX Server by setting EnableUserDB to 1 and adding 263 | # those users to the DB. If user is enabled to connect, his/her pass- 264 | # word will be verified against the current PAM settings by the SSHD 265 | # daemon. 266 | # 267 | # If both 'EnableUserDB' and 'EnablePasswordDB' are set to 0, any 268 | # user being authenticated by SSHD account will be enabled to connect 269 | # to the system. 270 | # 271 | EnablePasswordDB 0 272 | 273 | # 274 | # Specify policies as a comma-separated list of options to tune the 275 | # behaviour of clients 4 or higher and restore behaviors typical of 276 | # version 3.x. Options accept value 1 (enabled) and 0 (disabled). 277 | # This is the list of the available options: 278 | # 279 | # autocreate=1 run a new virtual desktop automatically when the ses- 280 | # sion type is pre-defined in the player configuration. 281 | # 282 | # autoconnect=1 reconnect automatically the user's virtual desktop. 283 | # 284 | # automigrate=1 don't connect to a virtual desktop when there is a 285 | # a user already connected but disconnect and reconnect 286 | # the session on the new side (session migration). 287 | # 288 | # desktop=1 list all desktop types set in the AvailableSessionTypes 289 | # key. 290 | # 291 | # dialog=1 display the disconnect/terminate dialog. 292 | # 293 | #ConnectPolicy autocreate=1,autoconnect=1,automigrate=1,desktop=0,dialog=0 294 | 295 | # 296 | # Enable or disable starting the NoMachine HTTP server. If enabled, 297 | # the server will be started automatically at every reboot. 298 | # 299 | # 1: Automatic. Enable automatic starting of the HTTP server. 300 | # 301 | # 0: Manual. Disable automatic starting of the HTTP server. 302 | # The server can be started manually. 303 | # 304 | #StartHTTPDaemon Automatic 305 | 306 | # 307 | # Enable or disable starting the NX service. If enabled, the service 308 | # will be started automatically at every reboot. 309 | # 310 | # 1: Automatic. Enable automatic starting of the NX server. 311 | # 312 | # 0: Manual. Disable automatic starting of the NX server. 313 | # The server can be started manually. 314 | # 315 | #StartNXDaemon Automatic 316 | 317 | # 318 | # Enable or disable starting the NX service on Windows. If enabled, 319 | # the SSH server will be started automatically at every reboot. 320 | # 321 | # 1: Automatic. Enable automatic starting of the SSH server. 322 | # 323 | # 0: Manual. Disable automatic starting of the SSH server. 324 | # The server can be started manually. 325 | # 326 | #StartSSHDaemon Automatic 327 | 328 | # 329 | # Specify how clients will have to contact the node, by default by 330 | # the NX service. To allow for multiple methods, specify them in a 331 | # comma-separated list. Supported methods are: NX, SSH and HTTP. 332 | # 333 | ClientConnectionMethods NX,SSH,HTTP 334 | 335 | # 336 | # Specify a list of comma-separated 'hostname:port' values for XDM 337 | # server. 338 | # 339 | #RoundRobinXdmList 127.0.0.1:177 340 | 341 | # 342 | # Enable or disable the XDM round robin query: 343 | # 344 | # 1: Enabled. Let NX Server decide XDM host according to hostnames 345 | # that are defined in the RoundRobinXdmList key. 346 | # 347 | # 0: Disabled. 348 | # 349 | #EnableRoundRobinXdmQuery 1 350 | 351 | # 352 | # Enable or disable the XDM indirect query: 353 | # 354 | # 1: Enabled. Let the user obtain a list of available XDM hosts. 355 | # 356 | # 0: Disabled. 357 | # 358 | #EnableIndirectXdmQuery 0 359 | 360 | # 361 | # Enable or disable the XDM direct query: 362 | # 363 | # 1: Enabled. Let client specify XDM host. 364 | # 365 | # 0: Disabled. 366 | # 367 | #EnableDirectXdmQuery 0 368 | 369 | # 370 | # Enable or disable the XDM broadcast query: 371 | # 372 | # 1: Enabled. Let client connect to the first responding XDM host. 373 | # 374 | # 0: Disabled. 375 | # 376 | #EnableBroadcastXdmQuery 0 377 | 378 | # 379 | # Specify the algorithm to be used for selecting the node. Accepted 380 | # values are: 'round-robin' for selecting the node according to the 381 | # round robin algorithm and 'custom' to use a custom load-balancing 382 | # algorithm as specified in the NodeSelectionScript key. Otherwise 383 | # set 'load-average' to select the node according to the load average 384 | # of each node. Default is to use a weighted round-robin algorithm. 385 | # 386 | #LoadBalancingAlgorithm round-robin 387 | 388 | # 389 | # Specify path and name to the script providing the load-balancing al- 390 | # gorithm. 391 | # 392 | #NodeSelectionScript "" 393 | 394 | # 395 | # Specify path and name of the command 'sessreg' for managing utmp and 396 | # wtmp entries for non-init clients. 397 | # 398 | #CommandSessreg /usr/X11/bin/sessreg 399 | 400 | # 401 | # Specify the location and name of the SSH authorized keys file. 402 | # 403 | SSHAuthorizedKeys authorized_keys 404 | 405 | # 406 | # Accept or refuse the client connection if SSHD does not export 407 | # the 'SSH_CONNECTION' and 'SSH_CLIENT' variables in the environment 408 | # passed to the NX Server. 409 | # 410 | # 1: Refuse. Check the remote IP and do not accept the connection if it 411 | # can't be determined. 412 | # 413 | # 0: Accept. Check the remote IP and accept the connection even if the 414 | # remote IP is not provided. 415 | # 416 | #SSHDCheckIP 0 417 | 418 | # 419 | # Specify the base username to be used by NX Server to create guest 420 | # users accounts. The server will add a progressive number to the 421 | # name specified by GuestName, according to the range of values set 422 | # in the BaseGuestUserId and GuestUserIdLimit keys. 423 | # 424 | #GuestName guest 425 | 426 | # 427 | # Set the base User Identifier (UID) number for NX guest users. 428 | # 429 | #BaseGuestUserId 10 430 | 431 | # 432 | # Set the maximum User Identifier (UID) number reserved for NX guest 433 | # users. 434 | # 435 | #GuestUserIdLimit 200 436 | 437 | # 438 | # Set the Group Identifier (GID) for NX guest users. The specified 439 | # GID must already exist on the system. 440 | # 441 | #GuestUserGroup "" 442 | 443 | # 444 | # Set the maximum number of concurrent NX guest users. 445 | # 446 | #GuestUserLimit 10 447 | 448 | # 449 | # Set the maximum number of NX sessions a NX guest user can run before 450 | # his/her account is terminated. 451 | # 452 | #GuestUserConnectionLimit 5 453 | 454 | # 455 | # Set for how long NX Server has to retain NX guest users accounts. 456 | # 457 | # 0: NX guest users accounts are never removed. 458 | # 459 | # >0: Maintain NX guest users accounts for this amount 460 | # of seconds. 461 | # 462 | # The default value, 2592000 seconds, lets NX Server keep guest users 463 | # accounts for 30 days. 464 | # 465 | #GuestUserAccountExpiry 2592000 466 | 467 | # 468 | # Set for how long NX Server has to keep alive a NX guest user's 469 | # session. When the time has expired, NX Server will kill the session. 470 | # 471 | # 0: NX guest user session is never terminated. 472 | # 473 | # >0: Keep NX guest user session live for this number 474 | # of seconds. 475 | # 476 | #GuestConnectionExpiry 0 477 | 478 | # 479 | # Enable or disable possibility for NX guest users to disconnect their 480 | # sessions: 481 | # 482 | # 1: Enabled. NX Server lets NX guest users disconnect sessions. 483 | # 484 | # 0: Disabled. 485 | # 486 | #GuestUserAllowDisconnect 1 487 | 488 | # 489 | # Set the home directory for NX guest users. Provide an empty value 490 | # between double quotes to let NX Server create the guest user's home 491 | # in the default directory set on the system. 492 | # 493 | #GuestUserHome /home 494 | 495 | # 496 | # Enable or disable removing the NX guest user from the system when the 497 | # account is expired: 498 | # 499 | # 1: Enabled. When the guest account is expired, NX Server will 500 | # delete the account from both the system and the NX guests DB 501 | # and will remove the home directory. 502 | # 503 | # 0: Disabled. When the guest account is expired, NX Server will 504 | # keep the guest account on the system but will forbid this user 505 | # to start new sessions on the server. 506 | # 507 | #EnableGuestWipeout 1 508 | 509 | # 510 | # Allow the server to set disk quota for the NX guest accounts: 511 | # 512 | # 1: Enabled. When a new guest account is created on the system, 513 | # the server will set the disk quota for this user. 514 | # 515 | # 0: Disabled. No restrictions on the amount of disk space used 516 | # by each guest user are applied. 517 | # 518 | #EnableGuestQuota 0 519 | 520 | # 521 | # Specify the username of the account to be used as a prototype for 522 | # propagating its disk quota settings to all the new guest accounts. 523 | # If the softlimit or the hardlimit on either the inode or the disk 524 | # block are set, they will override the settings applied to the user 525 | # prototype. 526 | # 527 | #GuestQuotaProtoname protoguest 528 | 529 | # 530 | # Specify the maximum amount of disk space available for each of the 531 | # guest users, checked as number of inodes. This limit can be exceeded 532 | # for the grace period. 533 | # 534 | #GuestQuotaInodeSoftlimit 0 535 | 536 | # 537 | # Specify the absolute maximum amount of disk space available for 538 | # each of the guest users, checked as number of inodes. Once this 539 | # limit is reached, no further disk space can be used. 540 | # 541 | #GuestQuotaInodeHardlimit 0 542 | 543 | # 544 | # Specify the maximum amount of disk space available for each of the 545 | # guest users, checked as number of disk blocks consumed. This limit 546 | # can be exceeded for the grace period. 547 | # 548 | #GuestQuotaBlockSoftlimit 0 549 | 550 | # 551 | # Specify the absolute maximum amount of disk space available for each 552 | # of the guest users, checked as number of disk blocks consumed. Once 553 | # this limit is reached, no further disk space can be used. 554 | # 555 | #GuestQuotaBlockHardlimit 0 556 | 557 | # 558 | # Specify the grace period, expressed in seconds, during which the 559 | # soft limit, set in the GuestQuotaInodeSoftlimit key may be 560 | # exceeded. 561 | # 562 | #GuestQuotaInodeGracePeriod 0 563 | 564 | # 565 | # Specify the grace period, expressed in seconds, during which the 566 | # soft limit, set in the GuestQuotaBlockSoftlimit key may be 567 | # exceeded. 568 | # 569 | #GuestQuotaBlockGracePeriod 0 570 | 571 | # 572 | # Specify a list of comma-separated filesystem names or devices to 573 | # which the disk quota restrictions will be applied. The default 574 | # value is 'all' which corresponds to applying the disk quota limits 575 | # to all the filesystems having disk quota enabled. 576 | # 577 | #GuestQuotaFilesystems all 578 | 579 | # 580 | # Set the User Identifier (UID) number for NX users. If an empty value 581 | # is specified, the NX Server will create the account with the default 582 | # value set on the system. 583 | # 584 | #UserId "" 585 | 586 | # 587 | # Set the Group Identifier (GID) for NX users. If an empty value is 588 | # specified, NX Server will create the account with the default 589 | # value set on the system. 590 | # 591 | #UserGroup "" 592 | 593 | # 594 | # Set the home directory for NX users. If an empty value is specified, 595 | # NX Server will create the user's home in the default directory 596 | # set on the system. 597 | # 598 | #UserHome "" 599 | 600 | # 601 | # Allow the user to connect to a virtual desktop: 602 | # 603 | # 1: Enabled. Each user can request to connect to a 604 | # virtual desktop. 605 | # 606 | # 0: Disabled. Connections to a virtual desktop are 607 | # forbidden. 608 | # 609 | #VirtualDesktopSharing 1 610 | 611 | # 612 | # Set the interaction level for the session connected to a virtual 613 | # desktop: 614 | # 615 | # 0: View-only. The session is connected to the desktop in 616 | # view-only mode, i.e. the user can't interact with the 617 | # virtual desktop. 618 | # 619 | # 1: Restricted. User connected to the virtual desktop can 620 | # interact with the desktop except for resize operations. 621 | # 622 | # 2: Interactive. User connected to the virtual desktop has 623 | # full interaction with the desktop. 624 | # 625 | #VirtualDesktopMode 2 626 | 627 | # 628 | # Enable or disable NX Server requesting authorization to the owner of 629 | # the virtual desktop before connecting. 630 | # 631 | # 1: Enabled. NX Server asks for authorization to the owner 632 | # of the virtual desktop before trying to connect. 633 | # 634 | # 0: Disabled. NX Server tries to connect to the virtual 635 | # desktop without the need for any authorization from the 636 | # desktop's owner. 637 | # 638 | #VirtualDesktopAuthorization 1 639 | 640 | # 641 | # Allow the user to connect to the physical desktop: 642 | # 643 | # 0: Disabled. Connections to the physical desktop are 644 | # forbidden. 645 | # 646 | # 1: Enabled. Each user can request to connect to the 647 | # physical desktop. 648 | # 649 | # 2: Restricted. Only the administrator and trusted users 650 | # can connect to the physical desktop. 651 | # 652 | #PhysicalDesktopSharing 1 653 | 654 | # 655 | # Set the interaction level for the session connected to the physical 656 | # desktop: 657 | # 658 | # 0: View-only. The session is connected to the desktop in 659 | # view-only mode, i.e. the user can't interact with the 660 | # physical desktop. 661 | # 662 | # 1: Restricted. User connected to the physical desktop can 663 | # interact with the desktop except for resize operations. 664 | # 665 | # 2: Interactive. User connected to the physical desktop has 666 | # full interaction with the desktop. 667 | # 668 | #PhysicalDesktopMode 2 669 | 670 | # 671 | # Enable or disable NX Server requesting authorization to the owner of 672 | # the physical desktop before connecting. 673 | # 674 | # 1: Enabled. NX Server asks for authorization to the owner 675 | # of the physical desktop before trying to connect. 676 | # 677 | # 0: Disabled. NX Server tries to connect to the physical 678 | # desktop without the need for any authorization from the 679 | # desktop's owner. 680 | # 681 | #PhysicalDesktopAuthorization 1 682 | 683 | # 684 | # Specify absolute path of the custom script to be executed before 685 | # the user logs in. The script can accept remote IP of the user's 686 | # machine as its input. 687 | # 688 | # E.g. UserScriptBeforeLogin /tmp/nxscript/script.sh 689 | # 690 | #UserScriptBeforeLogin "" 691 | 692 | # 693 | # Specify absolute path of the custom script to be executed after 694 | # the user logs in. The script can accept username as its input. 695 | # 696 | #UserScriptAfterLogin "" 697 | 698 | # 699 | # Specify absolute path of the custom script to be executed before 700 | # the session start-up. The script can accept session ID, username, 701 | # node host and node port as its input. 702 | # 703 | #UserScriptBeforeSessionStart "" 704 | 705 | # 706 | # Specify absolute path of the custom script to be executed after the 707 | # session start-up. The script can accept session ID, username, node 708 | # host and node port as its input. 709 | # 710 | #UserScriptAfterSessionStart "" 711 | 712 | # 713 | # Specify absolute path of the custom script to be executed before 714 | # the session is closed. The script can accept session ID, username, 715 | # node host and node port as its input. 716 | # 717 | #UserScriptBeforeSessionClose "" 718 | 719 | # 720 | # Specify absolute path of the custom script to be executed after the 721 | # session is closed. The script can accept session ID, username, node 722 | # host and node port as its input. 723 | # 724 | #UserScriptAfterSessionClose "" 725 | 726 | # 727 | # Specify absolute path of the custom script to be executed before 728 | # the session is reconnected. The script can accept session ID user- 729 | # name, node host and node port as its input. 730 | # 731 | #UserScriptBeforeSessionReconnect "" 732 | 733 | # 734 | # Specify absolute path of the custom script to be executed after the 735 | # session is reconnected. The script can accept session ID username 736 | # node host and node port as its input. 737 | # 738 | #UserScriptAfterSessionReconnect "" 739 | 740 | # 741 | # Specify absolute path of the custom script to be executed before 742 | # the session is disconnected. The script can accept session ID, user- 743 | # name, node host and node port as its input. 744 | # 745 | #UserScriptBeforeSessionDisconnect "" 746 | 747 | # 748 | # Specify absolute path of the custom script to be executed after 749 | # the session is disconnected. The script can accept session ID, user- 750 | # name, node host and node port as its input. 751 | # 752 | #UserScriptAfterSessionDisconnect "" 753 | 754 | # 755 | # Specify absolute path of the custom script to be executed before 756 | # session failure. The script can accept session ID username, node 757 | # host and node port as its input. 758 | # 759 | #UserScriptBeforeSessionFailure "" 760 | 761 | # 762 | # Specify absolute path of the custom script to be executed after 763 | # session failure. The script can accept session ID username, node 764 | # host and node port as its input. 765 | # 766 | #UserScriptAfterSessionFailure "" 767 | 768 | # 769 | # Specify absolute path of the custom script to be executed before 770 | # NX Server creates the new account. The script can accept username 771 | # as its input. 772 | # 773 | #UserScriptBeforeCreateUser "" 774 | 775 | # 776 | # Specify absolute path of the custom script to be executed after 777 | # NX Server has created the new account. The script can accept user- 778 | # name as its input. 779 | # 780 | #UserScriptAfterCreateUser "" 781 | 782 | # 783 | # Specify absolute path of the custom script to be executed before 784 | # NX Server removes the account. The script can accept username as 785 | # its input. 786 | # 787 | #UserScriptBeforeDeleteUser "" 788 | 789 | # 790 | # Specify absolute path of the custom script to be executed after 791 | # NX Server has removed the account. The script can accept username 792 | # as its input. 793 | # 794 | #UserScriptAfterDeleteUser "" 795 | 796 | # 797 | # Specify absolute path of the custom script to be executed before 798 | # NX Server disables the user. The script can accept username as its 799 | # input. 800 | # 801 | #UserScriptBeforeDisableUser "" 802 | 803 | # 804 | # Specify absolute path of the custom script to be executed after 805 | # NX Server has disabled the user. The script can accept username 806 | # as its input. 807 | # 808 | #UserScriptAfterDisableUser "" 809 | 810 | # 811 | # Specify absolute path of the custom script to be executed before 812 | # NX Server enables the user. The script can accept username as its 813 | # input. 814 | # 815 | #UserScriptBeforeEnableUser "" 816 | 817 | # 818 | # Specify absolute path of the custom script to be executed after 819 | # NX Server has enabled the user. The script can accept username 820 | # as its input. 821 | # 822 | #UserScriptAfterEnableUser "" 823 | 824 | # 825 | # Specify absolute path of the script to be executed before 826 | # the server daemon is started. 827 | # 828 | #ScriptBeforeServerDaemonStart "" 829 | 830 | # 831 | # Specify absolute path of the script to be executed after 832 | # the server daemon is started. 833 | # 834 | #ScriptAfterServerDaemonStart "" 835 | 836 | # 837 | # Specify absolute path of the script to be executed before 838 | # the server daemon is stopped. 839 | # 840 | #ScriptBeforeServerDaemonStop "" 841 | 842 | # 843 | # Specify absolute path of the script to be executed after 844 | # the server daemon is stopped. 845 | # 846 | #ScriptAfterServerDaemonStop "" 847 | 848 | # 849 | # Allow the root user (or Administrator on a Windows machine) to 850 | # run NX sessions. 851 | # 852 | # 1: Enabled. Allow an NX user to run sessions as user with 853 | # administrative rights. 854 | # 855 | # 0: Disabled. NX Server forbids an NX user to log in as user 856 | # having administrative privileges. 857 | # 858 | #EnableAdministratorLogin 1 859 | 860 | # 861 | # Specify path to the SSH client. 862 | # 863 | #SSHClient /usr/bin/ssh 864 | 865 | # 866 | # Enable or disable broadcasting the required information to let 867 | # other computers discover this host on the local network. 868 | # 869 | # 1: Enabled. Other computers on the local network can find 870 | # this host machine. 871 | # 872 | # 0: Disabled. This computer cannot be found on the local 873 | # network but it's still reachable by providing its IP 874 | # or hostname. 875 | # 876 | #EnableNetworkBroadcast 1 877 | 878 | # 879 | # Specify a list of comma-separated session types available on this 880 | # server. 881 | # 882 | AvailableSessionTypes unix-remote,unix-console,unix-default,unix-application,physical-desktop,shadow,unix-xsession-default,unix-xdm 883 | 884 | # 885 | # Specify how the node process is run. 886 | # 887 | # 1: Noshell. Execute script to run the node process directly. 888 | # 889 | # 0: Shellmode. Execute script to run the node process by 890 | # invoking the bash shell. 891 | # 892 | #RunNodeMode 0 893 | 894 | # 895 | # Enable the server to automatically configure the firewall for all 896 | # the configured services. On platforms that don't support adding 897 | # the specific executables to a white list, the needed ports are 898 | # added at server startup and removed at server shutdown, or when, 899 | # at run-time, a new port is needed. The default value is 1. 900 | # 901 | # 1: Enabled. NoMachine opens the required ports in the firewall. 902 | # 903 | # 0: Disabled. Firewall must be configured manually. By default 904 | # the required ports are TCP ports 4000 for NX, 4080 and 4443 905 | # for HTTP and UDP ports in the range 4011-4999 range. 906 | # 907 | #EnableFirewallConfiguration 1 908 | 909 | # 910 | # Enable or disable logging to the system log file, e.g. syslog 911 | # on UNIX based systems and Events log on Windows platforms. 912 | # 913 | # 1: Enabled. The webplayer and webclient applications will log. 914 | # to the system log file. 915 | # 916 | # 0: Disabled. This is the default value, webplayer and webclient 917 | # will log to the file specified in the SystemLogFile key. 918 | # 919 | #EnableSyslogSupport 0 920 | 921 | # 922 | # Set for how long the server has to keep alive virtual desktops in 923 | # status disconnected. When the time is expired, the server will 924 | # terminate virtual desktops if no user are connected there. 925 | # 926 | # 0: Virtual desktops in status disconnected are never terminated. 927 | # This is the default. 928 | # 929 | # >0: Keep Disconnected session alive for this number 930 | # of seconds. 931 | # 932 | #DisconnectedSessionExpiry 0 933 | 934 | # 935 | # Enable or disable NoMachine server checking at start up the status 936 | # of the Windows Net Logon service. 937 | # 938 | # 1: Enabled. The server will delay its start up until Net Logon is 939 | # up and running. This is required when the NoMachine server host 940 | # is an ActiveDirectory client. If Net Logon fails to start, No- 941 | # Machine server will be not available on this host and the start 942 | # up procedure will report an error. 943 | # 944 | # 0: Disabled. NoMachine server will start without verifying if Net 945 | # Logon is up and running. This is the default setting. 946 | # 947 | #NetLogonDependency 0 948 | 949 | # 950 | # Set for how long the server will wait for the authentication phase 951 | # to be completed on the system. By default timeout is set to 30 952 | # seconds. Increase this value when the authentication process on 953 | # the system takes longer. This setting applies also to two-factor 954 | # authentication. 955 | # 956 | #AuthorizationTimeout 30 957 | 958 | # 959 | # Enable or disable the automatic creation of an X11 display when no 960 | # X servers are running on this host (e.g. headless machine) to let 961 | # users connect to the desktop. This setting applies to NoMachine 962 | # servers not supporting virtual desktops and permits to have one 963 | # single display. 964 | # 965 | # 1: Enabled. NoMachine will create automatically the new display at 966 | # server startup. This setting has to be used in conjunction with 967 | # 'DisplayOwner' and 'DisplayGeometry'. 968 | # 969 | # 0: Disabled. NoMachine will prompt the user for creating the new 970 | # display. This is the default. 971 | # 972 | #CreateDisplay 0 973 | 974 | # 975 | # When 'CreateDisplay' is enabled, specify the display owner and let 976 | # NoMachine create the new display without querying the user. If the 977 | # server supports only one concurrent connection, the connecting user 978 | # must be the display owner set in this key. 979 | # 980 | #DisplayOwner "" 981 | DisplayOwner user 982 | 983 | # 984 | # When 'CreateDisplay' is enabled, specify the resolution of the new 985 | CreateDisplay 1 986 | # desktop in the WxH format. Default is 800x600. 987 | # 988 | #DisplayGeometry 800x600 989 | DisplayGeometry 800x600 990 | 991 | # 992 | # Enable or disable support for Kerberos ticket-based authentication 993 | # for connections by NX protocol. 994 | # 995 | # 1: Enabled. Kerberos ticket-based authentication is supported when 996 | # users connect by the NX protocol. 997 | # 998 | # 0: Disabled. Kerberos ticket-based authentication is not supported 999 | # for connections by NX protocol. This is the default. 1000 | # 1001 | #EnableNXKerberosAuthentication 0 1002 | 1003 | # 1004 | # Set for how long the server will wait for the kerberos response 1005 | # from kerberos kdc server. By default timeout is set to 10 seconds. 1006 | # Increase this value when the authentication process on the system 1007 | # takes longer. 1008 | # 1009 | #NXKerberosAuthenticationTimeout 10 1010 | 1011 | # 1012 | # Set the maximum size for the Kerberos authentication request, by 1013 | # default 1048576 bytes. 1014 | # 1015 | #NXKerberosRequestLimit 1048576 1016 | 1017 | # 1018 | # Enable or disable support for Kerberos ticket forwarding to the 1019 | # remote node when the user didn't authenticate with Kerberos, but 1020 | # their Kerberos ticket is already available on the server system. 1021 | # This key applies to a multi-node environment only and it's di- 1022 | # sabled by default 1023 | # 1024 | # 1: Enabled. User's Kerberos ticket already available on the 1025 | # NoMachine server system will be forwarded to the remote node 1026 | # where the user's session is started. 1027 | # 1028 | # 0: Disabled. User's Kerberos ticket will not be forwarded to the 1029 | # remote node where the user's session is started. 1030 | # 1031 | #EnableNXKerberosForwardingToRemote 0 1032 | 1033 | # 1034 | # Blanking the physical screen of the machine when somebody connects. 1035 | # 1036 | # 1: Enabled. The physical screen of this machine is blanked and the 1037 | # local user cannot interact with the desktop while somebody is 1038 | # connected. 1039 | # 1040 | # 0: Disabled. The physical desktop of this machine is not blanked 1041 | # when somebody is connected. All operations made from the remote 1042 | # user are visible to the local user and the local user can interact 1043 | # with the desktop. This is the default. 1044 | # 1045 | #EnableScreenBlanking 0 1046 | 1047 | # 1048 | # Activate the system lock screen when the NoMachine user disconnects 1049 | # from the physical display. 1050 | # 1051 | # 1: Enabled. When the user disconnects, the physical screen of this 1052 | # host will be locked. 1053 | # 1054 | # 0: Disabled. When the user disconnects, the screen state will not 1055 | # change. This is the default. 1056 | # 1057 | #EnableLockScreen 0 1058 | 1059 | # 1060 | # Enable or disable support for SSL client authentication in the NX 1061 | # service. 1062 | # 1063 | # 1: Enabled. The NX service, nxd, uses the client side certificate 1064 | # to validate the connecting client against a list of allowed 1065 | # clients. Only clients owning a certificate valid for this NX 1066 | # service can authenticate with this method. 1067 | # 1068 | # 0: Disabled. Authentication by using a client side certificate 1069 | # is not possible. 1070 | # 1071 | # This option applies to connections by NX protocol only and it's 1072 | # disabled by default. 1073 | # 1074 | #EnableNXClientAuthentication 0 1075 | 1076 | # 1077 | # Specify how clients will have to authenticate to the server, by 1078 | # default all the available methods are supported. This corresponds 1079 | # to value all. To specify a subset of methods use a comma-separated 1080 | # list. 1081 | # 1082 | # Supported methods for connections by NX protocol are: 1083 | # NX-password : Password authentication. 1084 | # NX-private-key: Key-based authentication. 1085 | # NX-kerberos : Kerberos ticket-based authentication. 1086 | # 1087 | # Supported method for connections by SSH protocol is: 1088 | # SSH-system : All methods supported for the system login. 1089 | # SSH authentication methods for the system login 1090 | # have to be set on the system for example in the 1091 | # PAM configuration. 1092 | # 1093 | # For example: 1094 | # AcceptedAuthenticationMethods NX-private-key,SSH-system 1095 | # 1096 | # This key has to be used in conjunction with ClientConnectionMethod. 1097 | # See also the EnableNXClientAuthentication key for enabling SSL 1098 | # client authentication for connections by NX protocol. 1099 | # 1100 | #AcceptedAuthenticationMethods all 1101 | 1102 | # 1103 | # Configure behavior of the NoMachine menu to be displayed inside the 1104 | # session: hide the welcome panels shown at session startup, prevent 1105 | # users from changing settings or use specific services. Default is 1106 | # 'all', welcome panels are shown and the menu can be used without 1107 | # restrictions. Set this key to 'none' for hiding both welcome panels 1108 | # and the NoMachine menu (clicking on the page peel or pressing ctrl+ 1109 | # alt+0 will not open it). Give a comma-separated list of values to 1110 | # indicate which items should be made available to users. 1111 | # 1112 | # Available values for client and web sessions are: welcome,input, 1113 | # display,display-mode,display-settings,connection. Client sessions 1114 | # support also: devices,devices-disk,devices-printer,devices-usb, 1115 | # devices-network,devices-smartcard,audio,audio-settings,mic,mic- 1116 | # settings,recording. For web sessions instead it's possible to set 1117 | # also: keyboard,clipboard. 1118 | # 1119 | #ClientMenuConfiguration all 1120 | 1121 | # 1122 | # Enable or disable users to store their access credentials on their 1123 | # devices when they connect via NoMachine client or in the browser's 1124 | # cookie in case of web sessions. Accepted values are: 1125 | # 1126 | # player: Allow only users connected via NoMachine client to save 1127 | # username and password in their connection file. 1128 | # 1129 | # webplayer: Allow only users connected via web to store username and 1130 | # password in the browser's cookies, if enabled. 1131 | # 1132 | # both: Users connected via client or via web can always choose to 1133 | # store their credentials. 1134 | # 1135 | # none: Do not permit users to save their username and password. 1136 | # Users will be requested to insert their credentials at 1137 | # each new connection via NoMachine client or web. 1138 | # 1139 | # 1140 | #EnableClientCredentialsStoring both 1141 | 1142 | # 1143 | # Enable or disable strict GSSAPI host credential check for Kerberos 1144 | # authentication. When enabled, authentication is done against the 1145 | # host service on the current hostname. If disabled, authentication 1146 | # is done against any requested service key stored in the keytab file. 1147 | # 1148 | # 1: Enabled. Kerberos authentication is made strictly against hostname 1149 | # host service. This is the default. 1150 | # 1151 | # 0: Disabled. Allow relaxed GSSAPI host credential check, and make 1152 | # possible to authenticate against GSSAPI host service with a 1153 | # different name than hostname. 1154 | # 1155 | #NXGSSAPIStrictAcceptorCheck 1 1156 | 1157 | # 1158 | # Enable or disable this server accepting direct connections to its 1159 | # IP or hostname when it's federated in a multi-server environment. 1160 | # 1161 | # 1: Enabled. Users are allowed to connect to this NoMachine server. 1162 | # 1163 | # 0: Disabled. Users have to connect to the main server ruling the 1164 | # multi-host environment in order to reach this server. 1165 | # 1166 | #EnableServerRole 1 1167 | 1168 | # 1169 | # Set the log level of NoMachine Web Player. Web Player logs all events 1170 | # that are <= to the level specified below, according to the following 1171 | # convention: 1172 | # 1173 | # KERN_ERR 3: Error condition. 1174 | # KERN_INFO 6: Informational. 1175 | # KERN_DEBUG 7: Debug-level messages. 1176 | # 1177 | # The suggested values are: 1178 | # 1179 | # 6: Default value. Only relevant events are logged. 1180 | # 1181 | # 7: Set the log level to debug. 1182 | # 1183 | #WebSessionLogLevel 6 1184 | 1185 | # 1186 | # Specify user name of NoMachine HTTP Server owner. 1187 | # 1188 | #ApacheUname nxhtd 1189 | 1190 | # 1191 | # Specify group name of NoMachine HTTP Server owner. 1192 | # 1193 | #ApacheGname nxhtd 1194 | 1195 | # 1196 | # Allow NoMachine HTTP Server to serve content of Web Player applica- 1197 | # tion. 1198 | # 1199 | # 1: Enabled. Users can access the Web Player application. 1200 | # 1201 | # 0: Disabled. The Web Player application is not accessible. 1202 | # 1203 | #EnableWebPlayer 1 1204 | 1205 | # 1206 | # Specify the absolute path for the Web Player graphic interface and 1207 | # for storing session images generated by the X11 agent. 1208 | # 1209 | #WebDirPath /usr/NX/share/htdocs/nxwebplayer 1210 | 1211 | # 1212 | # Make Web Player request user credentials to connect to the server 1213 | # or try to connect automatically as a guest user on the server: 1214 | # 1215 | # 1: Enabled. Web Player tries to log-in to server as a guest 1216 | # without the need for user intervention. Server must support 1217 | # the automatic generation of guest accounts and have this 1218 | # functionality enabled. 1219 | # 1220 | # 0: Disabled. Web Player prompts the user asking for access 1221 | # credentials to log-in to server. Users can provide either 1222 | # their username and password or to try to log-in as a guest 1223 | # if the server supports it. 1224 | # 1225 | #EnableWebGuest 0 1226 | 1227 | # 1228 | # Show the tutorial wizard for the menu panel at session startup. 1229 | # 1230 | # 1: Enabled. Display the tutorial screenshots. 1231 | # 1232 | # 0: Disabled. Do not show the tutorial. 1233 | # 1234 | #EnableWebMenuTutorial 1 1235 | 1236 | # 1237 | # Make Web Player change connection name: 1238 | # 1239 | # 1: Enabled. Allows to have displayed name from Section "Server" 1240 | # directive. 1241 | # 1242 | # 0: Disabled. Allows to see hostname of the server displayed. 1243 | # 1244 | #EnableWebConnectionName 0 1245 | 1246 | # 1247 | # Specify the method to be used for browser-server communication. By 1248 | # default this keys is set to 'classic'. To use WebRTC technology 1249 | # set this key to 'classic,webrtc'. In this case HTML5 real-time 1250 | # communication will be used when the browser supports WebRTC and 1251 | # will fall back to the classic web media exchange protocol in case 1252 | # of browser not supporting WebRTC. 1253 | # 1254 | #AcceptedWebMethods classic 1255 | 1256 | # 1257 | # Specify for how many seconds the automatically generated password 1258 | # must be valid. The default value is 60 seconds. 1259 | # 1260 | #OneTimePasswordValidityPeriod 60 1261 | 1262 | # 1263 | # Specify the GUI language. Available languages are: English (default) 1264 | # French, German, Italian, Spanish, Polish, Portuguese and Russian. 1265 | # Users will be still able to change the language in the GUI. 1266 | # 1267 | #WebSessionLanguage English 1268 | 1269 | # 1270 | # Specify the GUI theme, sunshine (default) or moonlight. Users will 1271 | # be still able to change GUI theme in the GUI.. 1272 | # 1273 | #WebSessionTheme sunshine 1274 | 1275 | # 1276 | # Specify the wave theme, red (default), light gray or dark gray. 1277 | # Users will be still able to change wave theme in the GUI. 1278 | # 1279 | #WebSessionWave red 1280 | 1281 | # 1282 | # Enable or disable the debug tool when the server program is launched. 1283 | # 1284 | # 1: Enabled. The debug tool specified in the CommandDebug key will 1285 | # be run to debug the server program. This can slow down the exe- 1286 | # cution of the server. 1287 | # 1288 | # 0: Disabled. Debug tool is not run. 1289 | # 1290 | #EnableDebug 0 1291 | 1292 | # 1293 | # Specify absolute path of the command to launch a debug tool. 1294 | # 1295 | #CommandDebug "" 1296 | 1297 | # 1298 | # Specify path and commands of the debug tool in a comma-separated 1299 | # list, e.g. accepted command for Valgrind is '/usr/bin/valgrind.bin'. 1300 | # 1301 | #AcceptedDebuggerCommands /usr/bin/valgrind.bin 1302 | 1303 | # 1304 | # Append arguments to the command used by the server to launch the 1305 | # debug tool 1306 | # 1307 | # Multiple parameters can be specified by separating them with a blank 1308 | # character. For security reasons, no shell interpretation is made. 1309 | # 1310 | #DebugOptions "" 1311 | 1312 | # 1313 | # The Section directive allows to define settings for the server 1314 | # where the Web Player will connect. Edit lines below to define a 1315 | # server different from localhost. Protocol is by default 'NX' as 1316 | # well as port is '4000'. To use SSH service, specify 'system' to 1317 | # authorize with system password. In this case NoMachine uses by 1318 | # default port 4022 on Windows and port 22 on the other operating 1319 | # systems. 1320 | # 1321 | Section "Server" 1322 | 1323 | Name "Connection to localhost" 1324 | Host 127.0.0.1 1325 | Protocol NX 1326 | Port 4000 1327 | 1328 | EndSection 1329 | 1330 | # 1331 | # When WebRTC is enabled, set parameters for STUN/TURN utilities to 1332 | # permit NAT traversal for peer to peer direct video, audio and data 1333 | # streaming. Replace 'hostname' and 'portnumber' with the ip or host 1334 | # name of the network server; replace 'username' and 'password' with 1335 | # username and password to be used for authenticating to such server. 1336 | # If a TURN server has to be contacted, duplicate section below, set 1337 | # it to Section "TURN" and provide the appropriate values for Host, 1338 | # Port, User and Password parameters. Define multiple sections for 1339 | # different STUN or TURN servers to provide an alternative server 1340 | # in case the first of the list is not reachable. 1341 | # 1342 | # Section "STUN" 1343 | # 1344 | # Host hostname 1345 | # Port portnumber 1346 | # User username 1347 | # Password password 1348 | # 1349 | # EndSection 1350 | 1351 | -------------------------------------------------------------------------------- /configs/xfce4/desktop/icons.screen0-1295x498.rc: -------------------------------------------------------------------------------- 1 | [xfdesktop-version-4.10.3+-rcfile_format] 2 | 4.10.3+=true 3 | 4 | [Trash] 5 | row=0 6 | col=0 7 | 8 | [/] 9 | row=1 10 | col=0 11 | 12 | [/home/user] 13 | row=2 14 | col=0 15 | 16 | -------------------------------------------------------------------------------- /configs/xfce4/desktop/icons.screen0-1295x542.rc: -------------------------------------------------------------------------------- 1 | [xfdesktop-version-4.10.3+-rcfile_format] 2 | 4.10.3+=true 3 | 4 | [Trash] 5 | row=0 6 | col=0 7 | 8 | [/] 9 | row=1 10 | col=0 11 | 12 | [/home/user] 13 | row=2 14 | col=0 15 | 16 | -------------------------------------------------------------------------------- /configs/xfce4/desktop/icons.screen0-1295x622.rc: -------------------------------------------------------------------------------- 1 | [xfdesktop-version-4.10.3+-rcfile_format] 2 | 4.10.3+=true 3 | 4 | [Trash] 5 | row=0 6 | col=0 7 | 8 | [/] 9 | row=1 10 | col=0 11 | 12 | [/home/user] 13 | row=2 14 | col=0 15 | 16 | -------------------------------------------------------------------------------- /configs/xfce4/desktop/icons.screen0-784x504.rc: -------------------------------------------------------------------------------- 1 | [xfdesktop-version-4.10.3+-rcfile_format] 2 | 4.10.3+=true 3 | 4 | [Trash] 5 | row=0 6 | col=0 7 | 8 | [/] 9 | row=1 10 | col=0 11 | 12 | [/home/user] 13 | row=2 14 | col=0 15 | 16 | -------------------------------------------------------------------------------- /configs/xfce4/desktop/icons.screen0-784x584.rc: -------------------------------------------------------------------------------- 1 | [xfdesktop-version-4.10.3+-rcfile_format] 2 | 4.10.3+=true 3 | 4 | [Trash] 5 | row=0 6 | col=0 7 | 8 | [/] 9 | row=1 10 | col=0 11 | 12 | [/home/user] 13 | row=2 14 | col=0 15 | 16 | -------------------------------------------------------------------------------- /configs/xfce4/helpers.rc: -------------------------------------------------------------------------------- 1 | WebBrowser=chromium-browser 2 | -------------------------------------------------------------------------------- /configs/xfce4/panel/launcher-10/15320870362.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Version=1.0 3 | Type=Application 4 | Exec=exo-open --launch FileManager %u 5 | Icon=system-file-manager 6 | StartupNotify=true 7 | Terminal=false 8 | Categories=Utility;X-XFCE;X-Xfce-Toplevel; 9 | OnlyShowIn=XFCE; 10 | X-XFCE-MimeType=inode/directory;x-scheme-handler/trash; 11 | Name=File Manager 12 | Name[de]=Dateiverwaltung 13 | Comment=Browse the file system 14 | Comment[de]=Das Dateisystem durchsuchen, um einen eigenen Befehl zu wählen 15 | X-XFCE-Source=file:///usr/share/applications/exo-file-manager.desktop 16 | -------------------------------------------------------------------------------- /configs/xfce4/panel/launcher-12/15320870364.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Version=1.0 3 | Exec=xfce4-appfinder 4 | Icon=edit-find 5 | StartupNotify=true 6 | Terminal=false 7 | Type=Application 8 | Categories=Utility;X-XFCE; 9 | Name=Application Finder 10 | Name[de]=Anwendungsfinder 11 | Comment=Find and launch applications installed on your system 12 | Comment[de]=Im System installierte Anwendungen finden und starten 13 | X-XFCE-Source=file:///usr/share/applications/xfce4-appfinder.desktop 14 | -------------------------------------------------------------------------------- /configs/xfce4/panel/launcher-16/15320872325.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Version=1.0 3 | Name=Chromium Web Browser 4 | Name[de]=Chromium-Webbrowser 5 | GenericName=Web Browser 6 | GenericName[de]=Web-Browser 7 | Comment=Access the Internet 8 | Comment[de]=Internetzugriff 9 | Exec=chromium-browser --no-sandbox 10 | Terminal=false 11 | X-MultipleArgs=false 12 | Type=Application 13 | Icon=chromium-browser 14 | Categories=Network;WebBrowser; 15 | MimeType=text/html;text/xml;application/xhtml_xml;x-scheme-handler/http;x-scheme-handler/https; 16 | StartupNotify=true 17 | Actions=NewWindow;Incognito;TempProfile; 18 | X-AppInstall-Package=chromium-browser 19 | X-XFCE-Source=file:///usr/share/applications/chromium-browser.desktop 20 | 21 | Path= 22 | 23 | [Desktop Action NewWindow] 24 | Name=Open a New Window 25 | Name[de]=Ein neues Fenster öffnen 26 | Exec=chromium-browser 27 | 28 | [Desktop Action Incognito] 29 | Name=Open a New Window in incognito mode 30 | Name[de]=Ein neues Fenster im Inkognito-Modus öffnen 31 | Exec=chromium-browser --incognito 32 | 33 | [Desktop Action TempProfile] 34 | Name=Open a New Window with a temporary profile 35 | Name[de]=Ein neues Fenster mit einem temporären Profil öffnen 36 | Exec=chromium-browser --temp-profile 37 | -------------------------------------------------------------------------------- /configs/xfce4/panel/launcher-9/15320870361.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Version=1.0 3 | Type=Application 4 | Exec=exo-open --launch TerminalEmulator 5 | Icon=utilities-terminal 6 | StartupNotify=true 7 | Terminal=false 8 | Categories=Utility;X-XFCE;X-Xfce-Toplevel; 9 | OnlyShowIn=XFCE; 10 | Name=Terminal Emulator 11 | Name[de]=Terminal 12 | Comment=Use the command line 13 | Comment[de]=Befehlszeile verwenden 14 | X-XFCE-Source=file:///usr/share/applications/exo-terminal-emulator.desktop 15 | -------------------------------------------------------------------------------- /configs/xfce4/xfconf/xfce-perchannel-xml/thunar.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | -------------------------------------------------------------------------------- /configs/xfce4/xfconf/xfce-perchannel-xml/xfce4-appfinder.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | -------------------------------------------------------------------------------- /configs/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | -------------------------------------------------------------------------------- /configs/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | -------------------------------------------------------------------------------- /configs/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | -------------------------------------------------------------------------------- /configs/xfce4/xfconf/xfce-perchannel-xml/xfce4-settings-editor.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | -------------------------------------------------------------------------------- /configs/xfce4/xfconf/xfce-perchannel-xml/xfce4-settings-manager.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /configs/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.5' 2 | services: 3 | app: 4 | build: 5 | context: . 6 | target: vdi 7 | image: vdi:latest 8 | 9 | 10 | environment: 11 | - PASSWORD=password 12 | - USER=user 13 | - KEYMAP="de" 14 | 15 | cap_add: 16 | - SYS_PTRACE 17 | stdin_open: true 18 | tty: true 19 | 20 | ports: 21 | - 4001:4000/tcp 22 | - 4443:4443/tcp 23 | # - 4080:4080/tcp 24 | 25 | # volumes: 26 | # - ./configs/server.cfg:/usr/NX/etc/server.cfg 27 | # - ./configs/node.cfg:/usr/NX/etc/node.cfg 28 | # - ./configs/bash_profile:/home/user/.bash_profile # for keyboard layout 29 | # - ./configs/xfce4:/home/user/.config/xfce4 # XFCE4 config; setup for Desktop Look&Feel 30 | # - ./volumes/home:/home 31 | # - ./volumes/Downloads:/home/user/Downloads 32 | # - /tmp/1/Downloads:/home/user/Downloads 33 | # networks: 34 | # - backend 35 | 36 | labels: 37 | - "traefik.docker.network=backend" 38 | - "traefik.domain=vdi.dtpnk.tech" 39 | - "traefik.frontend.rule=Host:vdi.dtpnk.tech" 40 | - "traefik.enable=true" 41 | - "traefik.port=4080" 42 | # - "traefik.frontend.passHostHeader=true" 43 | # - "traefik.frontend.whiteList.useXForwardedFor=true" 44 | 45 | # networks: 46 | # backend: 47 | # external: true 48 | -------------------------------------------------------------------------------- /install/nomachine-enterprise-desktop-evaluation_6.5.6_10_amd64.deb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devben-io/docker-vdi/969afc31bdfee494378922abe2893e59f56d2974/install/nomachine-enterprise-desktop-evaluation_6.5.6_10_amd64.deb -------------------------------------------------------------------------------- /install/nomachine_6.5.6_9_amd64.deb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devben-io/docker-vdi/969afc31bdfee494378922abe2893e59f56d2974/install/nomachine_6.5.6_9_amd64.deb -------------------------------------------------------------------------------- /nxserver.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | groupadd -r $USER -g 433 \ 3 | && useradd -u 431 -r -g $USER -d /home/$USER -s /bin/bash -c "$USER" $USER \ 4 | && adduser $USER sudo \ 5 | && mkdir -p /home/$USER \ 6 | && chown -R $USER:$USER /home/$USER \ 7 | && echo $USER':'$PASSWORD | chpasswd 8 | /etc/NX/nxserver --startup 9 | 10 | tail -f /usr/NX/var/log/nxserver.log 11 | --------------------------------------------------------------------------------