Merge pull request #3 from ccdc-opensource/use-gnome-remote-desktop

layfield-ccdc · web-flow · commit 3b504bb19a95 · 2025-04-15T10:58:22.000+01:00
Use gnome remote desktop
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
-# Ansible Role: Install XRDP
+# Ansible Role: Setup remote access
 
-Install XRDP on linux machines for remote access
+Install/Setup remote access on linux machines
 
 ## Requirements
 
@@ -18,7 +18,7 @@ None.
 
     - hosts: all
       roles:
-        - ccdc.xrdp_install
+        - ccdc.remote_access
 
 ## License
 
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -1 +1,3 @@
 ---
+rdp_user: ""
+rdp_password: ""
diff --git a/meta/main.yml b/meta/main.yml
@@ -2,10 +2,10 @@
 dependencies: []
 
 galaxy_info:
-  role_name: xrdp_install
+  role_name: remote_access
   namespace: ccdc
   author: sjackson-ccdc
-  description: Install XRDP on linux machines
+  description: Installs/Setup remote access on linux machines
   company: The Cambridge Crystallographic Data Centre
   license: "license (BSD, MIT)"
   min_ansible_version: 2.9
diff --git a/tasks/Ubuntu-24.yml b/tasks/Ubuntu-24.yml
@@ -1,46 +1,35 @@
 ---
-# Fix for xrdp selecting wrong DE. See - https://github.com/neutrinolabs/xrdp/issues/3053
+- name: Install winpr-utils for generating certificate
+  ansible.builtin.package:
+    name: winpr-utils
+    state: present
+  become: true
 
-- name: Run xrdp install
-  ansible.builtin.include_tasks: Ubuntu.yml
+- name: Generate certificate
+  ansible.builtin.command: winpr-makecert -silent -rdp -path ~gnome-remote-desktop rdp-tls
+  become: true
+  become_user: gnome-remote-desktop
 
-- name: Stop xrdp
-  ansible.builtin.service:
-    name: xrdp
-    state: stopped
+- name: Add TLS cert
+  ansible.builtin.command: grdctl --system rdp set-tls-key ~gnome-remote-desktop/rdp-tls.key
   become: true
 
-- name: Download startwm.sh
-  ansible.builtin.get_url:
-    url: https://github.com/neutrinolabs/xrdp/raw/devel/sesman/startwm.sh
-    dest: /etc/xrdp/startwm.sh
-    mode: "755"
-    force: true
+- name: Add TLS key
+  ansible.builtin.command: grdctl --system rdp set-tls-cert ~gnome-remote-desktop/rdp-tls.crt
   become: true
 
-- name: Update file permissions
-  ansible.builtin.file:
-    path: /etc/xrdp/startwm.sh
-    owner: root
-    mode: "755"
+- name: Setup RDP credentials
+  ansible.builtin.command: grdctl --system rdp set-credentials "{{ rdp_user }}" "{{ rdp_password }}"
   become: true
 
-- name: Create default desktop
-  ansible.builtin.file:
-    path: /etc/profile.d/90-xrdp-default-desktop.sh
-    state: touch
-    owner: root
-    mode: "644"
+- name: Enable RDP
+  ansible.builtin.command: grdctl --system rdp enable
   become: true
 
-- name: Set default desktop
-  ansible.builtin.shell: echo "[ -n \"\$XRDP_SESSION\" -a -z \"\$DESKTOP_SESSION\" ] && export DESKTOP_SESSION=$DESKTOP_SESSION" > /etc/profile.d/90-xrdp-default-desktop.sh
-  environment:
-    DESKTOP_SESSION: ubuntu
+- name: Enable RDP service
+  ansible.builtin.command: systemctl --now enable gnome-remote-desktop.service
   become: true
 
-- name: Start xrdp
-  ansible.builtin.service:
-    name: xrdp
-    state: started
+- name: Reboot
+  ansible.builtin.reboot:
   become: true

Original file line number	Diff line number	Diff line change
`@@ -1 +1,3 @@`
`1`	`1`	`---`
	`2`	`+rdp_user: ""`
	`3`	`+rdp_password: ""`