I have seen that there was post about MeshCentral not working on NixOS.
I wanted to give a try, and see if anyone found something new?
For example I am able to get the MeshCentral agent connected to my server using Flake, but it has only limites sh shell, what I believe is not even the main host, as it has no bash or nixos commands.
Also i cannot connect to remote desktop using it.
This is my flake for its contstruction:
{ config, pkgs, lib, ... }:
let
# --- Configuration Variables (Replace these with your actual values) ---
serverUrl = "https://meshcentral.example.com";
meshId = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
machineId = "6"; # Agent ID for Linux x86_64, based on the script logic
# --- Fetching Agent Executable (meshagent) ---
# Note: The URL includes the machineId
meshAgent = pkgs.fetchurl {
url = "${serverUrl}/meshagents?id=${machineId}";
# !! IMPORTANT: Replace this with the actual SHA-256 hash of the downloaded binary.
# To get the hash: download the file, then run 'nix-hash --base32 --type sha256 <filename>'
# curl -sL "$url" | sha256sum -b | awk '{ print $1 }'
sha256 = "00000000000000000000000000000";
};
# --- Fetching Configuration File (meshagent.msh) ---
# Note: The URL includes the long meshId
meshSettings = pkgs.fetchurl {
url = "${serverUrl}/meshsettings?id=${meshId}";
# !! IMPORTANT: Replace this with the actual SHA-256 hash of the settings file.
# curl -sL "$url" | sha256sum | awk '{ print $1 }'
sha256 = "000000000000000000000000000000";
};
in
{
# 1. Enable nix-ld to run the proprietary binary
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
stdenv.cc.cc.lib
openssl
zlib
];
# 2. Define the systemd service
systemd.services.meshcentral-agent = {
description = "MeshCentral Agent";
wantedBy = [ "multi-user.target" "graphical.target" ];
# 3. Copy the binary and config to a writable service state directory
# The agent requires its .msh file to be alongside the binary, and it must be writable for updates/logs.
preStart = ''
# Ensure the state directory exists
mkdir -p /var/lib/meshcentral-agent
# Copy the immutable binary and settings file from the Nix store
cp ${meshAgent} /var/lib/meshcentral-agent/meshagent
cp ${meshSettings} /var/lib/meshcentral-agent/meshagent.msh
# Give execute permissions
chmod +x /var/lib/meshcentral-agent/meshagent
'';
unitConfig = {
# We must use the raw systemd name here, as the camelCase fails.
# This block is used for options that might belong in the [Unit] section.
ExecStartPre = lib.optionalString config.services.xserver.enable ''
if [ -n "$XAUTHORITY" ]; then
xauthority_path="$XAUTHORITY"
else
# Find the current user's Xauthority path.
# !!! Ensure 'yourusername' is replaced with your actual user name !!!
xauthority_path="/run/user/$(id -u ${config.users.users.yourusername.name})/xauth"
fi
export XAUTHORITY=$xauthority_path
'';
};
# 4. Define the execution command
# The agent is run from its state directory
serviceConfig = {
Type = "simple";
Restart = "always";
WorkingDirectory = "/var/lib/meshcentral-agent";
ExecStart = "/var/lib/meshcentral-agent/meshagent"; # The agent runs on its own from the config file
User = "root"; # MeshCentral typically runs as root for full system access
StateDirectory = "meshcentral-agent"; # Ensures /var/lib/meshcentral-agent exists and is managed
Environment = lib.mkForce [
# 1. PATH override (Resolves the conflict and provides bash)
"PATH=${pkgs.lib.makeBinPath [ pkgs.coreutils pkgs.bash ]}"
# 2. DISPLAY override (Needed for graphical access)
"DISPLAY=:0"
];
};
};
# 5. Disable the default error-triggering stub
environment.stub-ld.enable = false;
}