[jackhill/guix/guix.git] / gnu / services / sddm.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016 David Craven <david@craven.ch>
;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu services sddm)
  #:use-module (gnu packages admin)
  #:use-module (gnu packages display-managers)
  #:use-module (gnu packages freedesktop)
  #:use-module (gnu packages xorg)
  #:use-module (gnu services)
  #:use-module (gnu services shepherd)
  #:use-module (gnu services xorg)
  #:use-module (gnu system pam)
  #:use-module (gnu system shadow)
  #:use-module (guix gexp)
  #:use-module (guix records)
  #:export (sddm-configuration
            sddm-configuration?
            sddm-service-type
            sddm-service))

(define-record-type* <sddm-configuration>
  sddm-configuration      make-sddm-configuration
  sddm-configuration?
  (sddm                   sddm-configuration-sddm
                          (default sddm))

  ;; [General]
  ;; valid values are x11 and wayland
  ;; currently doesn't do anything is enabled by wayland greeter PR
  (display-server         sddm-configuration-display-server
                          (default "x11"))
  ;; valid values are on, off or none
  (numlock                sddm-configuration-numlock
                          (default "on"))
  (halt-command           sddm-configuration-halt-command
                          (default (file-append shepherd "/sbin/halt")))
  (reboot-command         sddm-configuration-reboot-command
                          (default (file-append shepherd "/sbin/reboot")))

  ;; [Theme]
  ;; valid values are elarun or maldives
  (theme                  sddm-configuration-theme
                          (default "maldives"))
  (themes-directory       sddm-configuration-themes-directory
                          (default "/run/current-system/profile/share/sddm/themes"))
  (faces-directory        sddm-configuration-faces-directory
                          (default "/run/current-system/profile/share/sddm/faces"))

  ;; [Users]
  (default-path           sddm-configuration-default-path
                          (default "/run/current-system/profile/bin"))
  (minimum-uid            sddm-configuration-minimum-uid
                          (default 1000))
  (maximum-uid            sddm-configuration-maximum-uid
                          (default 2000))
  (remember-last-user?    sddm-configuration-remember-last-user?
                          (default #t))
  (remember-last-session? sddm-configuration-remember-last-session?
                          (default #t))
  (hide-users             sddm-configuration-hide-users
                          (default ""))
  (hide-shells            sddm-configuration-hide-shells
                          (default (file-append shadow "/sbin/nologin")))

  ;; [Wayland]
  (session-command        sddm-configuration-session-command
                          (default (file-append sddm "/share/sddm/scripts/wayland-session")))
  (sessions-directory     sddm-configuration-sessions-directory
                          (default "/run/current-system/profile/share/wayland-sessions"))
  ;; [X11]
  (xorg-configuration     sddm-configuration-xorg
                          (default (xorg-configuration)))
  (xauth-path             sddm-configuration-xauth-path
                          (default (file-append xauth "/bin/xauth")))
  (xephyr-path            sddm-configuration-xephyr-path
                          (default (file-append xorg-server "/bin/Xephyr")))
  (xdisplay-start         sddm-configuration-xdisplay-start
                          (default (file-append sddm "/share/sddm/scripts/Xsetup")))
  (xdisplay-stop          sddm-configuration-xdisplay-stop
                          (default (file-append sddm "/share/sddm/scripts/Xstop")))
  (xsession-command       sddm-configuration-xsession-command
                          (default (xinitrc)))
  (xsessions-directory    sddm-configuration-xsessions-directory
                          (default "/run/current-system/profile/share/xsessions"))
  (minimum-vt             sddm-configuration-minimum-vt
                          (default 7))

  ;; [Autologin]
  (auto-login-user        sddm-configuration-auto-login-user
                          (default ""))
  ;; valid values are xfce.desktop gnome.desktop weston.desktop hawaii.desktop
  (auto-login-session     sddm-configuration-auto-login-session
                          (default ""))
  (relogin?               sddm-configuration-relogin?
                          (default #f)))

(define (sddm-configuration-file config)
  (mixed-text-file "sddm.conf" "
[General]
DisplayServer="        (sddm-configuration-display-server config)              "
Numlock="              (sddm-configuration-numlock config)                     "
HaltCommand="          (sddm-configuration-halt-command config)                "
RebootCommand="        (sddm-configuration-reboot-command config)              "

[Users]
DefaultPath="          (sddm-configuration-default-path config)                "
MinimumUid="           (number->string (sddm-configuration-minimum-uid config))"
MaximumUid="           (number->string (sddm-configuration-maximum-uid config))"
RememberLastUser="     (if (sddm-configuration-remember-last-user? config)
                           "true" "false")                                     "
RememberLastSession="  (if (sddm-configuration-remember-last-session? config)
                           "true" "false")                                     "
HideUsers="            (sddm-configuration-hide-users config)                  "
Hideshells="           (sddm-configuration-hide-shells config)                 "

[Theme]
Current="              (sddm-configuration-theme config)                       "
ThemeDir="             (sddm-configuration-themes-directory config)            "
FacesDir="             (sddm-configuration-faces-directory config)             "

[Wayland]
SessionCommand="       (sddm-configuration-session-command config)             "
SessionDir="           (sddm-configuration-sessions-directory config)          "

[X11]
ServerPath="           (xorg-configuration-server
                        (sddm-configuration-xorg config)) "/bin/X"             "
XauthPath="            (sddm-configuration-xauth-path config)                  "
XephyrPath="           (sddm-configuration-xephyr-path config)                 "
DisplayCommand="       (sddm-configuration-xdisplay-start config)              "
DisplayStopCommand="   (sddm-configuration-xdisplay-stop config)               "
SessionCommand="       (sddm-configuration-xsession-command config)            "
SessionDir="           (sddm-configuration-xsessions-directory config)         "
MinimumVT="            (number->string (sddm-configuration-minimum-vt config)) "
ServerArguments="      (string-join
                        (xorg-configuration-server-arguments
                         (sddm-configuration-xorg config)))           "

[Autologin]
User="                 (sddm-configuration-auto-login-user config)             "
Session="              (sddm-configuration-auto-login-session config)          "
Relogin="              (if (sddm-configuration-relogin? config)
                           "true" "false")                                     "
"))

(define (sddm-shepherd-service config)
  "Return a <shepherd-service> for sddm with CONFIG."

  (define sddm-command
    #~(list (string-append #$(sddm-configuration-sddm config) "/bin/sddm")))

  (list (shepherd-service
         (documentation "SDDM display manager.")
         (requirement '(user-processes))
         (provision '(display-manager))
         (start #~(make-forkexec-constructor #$sddm-command))
         (stop #~(make-kill-destructor)))))

(define (sddm-etc-service config)
  (list `("sddm.conf" ,(sddm-configuration-file config))))

(define (sddm-pam-service)
  "Return a PAM service for @command{sddm}."
  (pam-service
   (name "sddm")
   (auth
    (list
     (pam-entry
      (control "requisite")
      (module "pam_nologin.so"))
     (pam-entry
      (control "required")
      (module "pam_env.so"))
     (pam-entry
      (control "required")
      (module "pam_succeed_if.so")
      (arguments (list "uid >= 1000" "quiet")))
     ;; should be factored out into system-auth
     (pam-entry
      (control "required")
      (module "pam_unix.so"))))
   (account
    (list
     ;; should be factored out into system-account
     (pam-entry
      (control "required")
      (module "pam_unix.so"))))
   (password
    (list
     ;; should be factored out into system-password
     (pam-entry
      (control "required")
      (module "pam_unix.so")
      (arguments (list "sha512" "shadow" "try_first_pass")))))
   (session
    (list
     ;; lfs has a required pam_limits.so
     ;; should be factored out into system-session
     (pam-entry
      (control "required")
      (module "pam_unix.so"))))))

(define (sddm-greeter-pam-service)
  "Return a PAM service for @command{sddm-greeter}."
  (pam-service
   (name "sddm-greeter")
   (auth
    (list
     ;; Load environment from /etc/environment and ~/.pam_environment
     (pam-entry
      (control "required")
      (module "pam_env.so"))
     ;; Always let the greeter start without authentication
     (pam-entry
      (control "required")
      (module "pam_permit.so"))))
   (account
    (list
     ;; No action required for account management
     (pam-entry
      (control "required")
      (module "pam_permit.so"))))
   (password
    (list
     ;; Can't change password
     (pam-entry
      (control "required")
      (module "pam_deny.so"))))
   (session
    (list
     ;; Setup session
     (pam-entry
      (control "required")
      (module "pam_unix.so"))))))

(define (sddm-autologin-pam-service)
  "Return a PAM service for @command{sddm-autologin}"
  (pam-service
   (name "sddm-autologin")
   (auth
    (list
     (pam-entry
      (control "requisite")
      (module "pam_nologin.so"))
     (pam-entry
      (control "required")
      (module "pam_succeed_if.so")
      (arguments (list "uid >= 1000" "quiet")))
     (pam-entry
      (control "required")
      (module "pam_permit.so"))))
   (account
    (list
     (pam-entry
      (control "include")
      (module "sddm"))))
   (password
    (list
     (pam-entry
      (control "required")
      (module "pam_deny.so"))))
   (session
    (list
     (pam-entry
      (control "include")
      (module "sddm"))))))

(define (sddm-pam-services config)
  (list (sddm-pam-service)
        (sddm-greeter-pam-service)
        (sddm-autologin-pam-service)))

(define %sddm-accounts
  (list (user-group (name "sddm") (system? #t))
        (user-account
         (name "sddm")
         (group "sddm")
         (system? #t)
         (comment "SDDM user")
         (home-directory "/var/lib/sddm")
         (shell (file-append shadow "/sbin/nologin")))))

;; Add default themes to profile
(define sddm-profile-service
  (compose list sddm-configuration-sddm))

(define sddm-service-type
  (service-type (name 'sddm)
                (extensions
                  (list (service-extension shepherd-root-service-type
                                           sddm-shepherd-service)
                        (service-extension etc-service-type
                                           sddm-etc-service)
                        (service-extension pam-root-service-type
                                           sddm-pam-services)
                        (service-extension account-service-type
                                           (const %sddm-accounts))
                        (service-extension profile-service-type
                                           sddm-profile-service)))))

(define* (sddm-service #:optional (config (sddm-configuration)))
  "Run the @uref{https://github.com/sddm/sddm,SSDM display manager}
with the given @var{config}, a @code{<sddm-configuration>} object."
  (service sddm-service-type config))
Commit	Line	Data
935644c0 DC	1	;;; GNU Guix --- Functional package management for GNU
935644c0 DC	2	;;; Copyright © 2016 David Craven <david@craven.ch>
554b8607	3	;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org>
935644c0 DC	4	;;;
	5	;;; This file is part of GNU Guix.
	6	;;;
	7	;;; GNU Guix is free software; you can redistribute it and/or modify it
	8	;;; under the terms of the GNU General Public License as published by
	9	;;; the Free Software Foundation; either version 3 of the License, or (at
	10	;;; your option) any later version.
	11	;;;
	12	;;; GNU Guix is distributed in the hope that it will be useful, but
	13	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
	14	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	15	;;; GNU General Public License for more details.
	16	;;;
	17	;;; You should have received a copy of the GNU General Public License
	18	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
	19
	20	(define-module (gnu services sddm)
	21	#:use-module (gnu packages admin)
	22	#:use-module (gnu packages display-managers)
	23	#:use-module (gnu packages freedesktop)
	24	#:use-module (gnu packages xorg)
	25	#:use-module (gnu services)
	26	#:use-module (gnu services shepherd)
	27	#:use-module (gnu services xorg)
	28	#:use-module (gnu system pam)
	29	#:use-module (gnu system shadow)
	30	#:use-module (guix gexp)
	31	#:use-module (guix records)
	32	#:export (sddm-configuration
6f30a55c	33	sddm-configuration?
935644c0 DC	34	sddm-service-type
	35	sddm-service))
	36
	37	(define-record-type* <sddm-configuration>
	38	sddm-configuration make-sddm-configuration
	39	sddm-configuration?
	40	(sddm sddm-configuration-sddm
	41	(default sddm))
	42
	43	;; [General]
	44	;; valid values are x11 and wayland
	45	;; currently doesn't do anything is enabled by wayland greeter PR
	46	(display-server sddm-configuration-display-server
	47	(default "x11"))
	48	;; valid values are on, off or none
	49	(numlock sddm-configuration-numlock
	50	(default "on"))
	51	(halt-command sddm-configuration-halt-command
9e41130b	52	(default (file-append shepherd "/sbin/halt")))
935644c0	53	(reboot-command sddm-configuration-reboot-command
9e41130b	54	(default (file-append shepherd "/sbin/reboot")))
935644c0 DC	55
	56	;; [Theme]
	57	;; valid values are elarun or maldives
	58	(theme sddm-configuration-theme
	59	(default "maldives"))
	60	(themes-directory sddm-configuration-themes-directory
	61	(default "/run/current-system/profile/share/sddm/themes"))
	62	(faces-directory sddm-configuration-faces-directory
	63	(default "/run/current-system/profile/share/sddm/faces"))
	64
	65	;; [Users]
	66	(default-path sddm-configuration-default-path
	67	(default "/run/current-system/profile/bin"))
	68	(minimum-uid sddm-configuration-minimum-uid
	69	(default 1000))
	70	(maximum-uid sddm-configuration-maximum-uid
	71	(default 2000))
	72	(remember-last-user? sddm-configuration-remember-last-user?
	73	(default #t))
	74	(remember-last-session? sddm-configuration-remember-last-session?
	75	(default #t))
	76	(hide-users sddm-configuration-hide-users
	77	(default ""))
	78	(hide-shells sddm-configuration-hide-shells
9e41130b	79	(default (file-append shadow "/sbin/nologin")))
935644c0 DC	80
	81	;; [Wayland]
	82	(session-command sddm-configuration-session-command
9e41130b	83	(default (file-append sddm "/share/sddm/scripts/wayland-session")))
935644c0 DC	84	(sessions-directory sddm-configuration-sessions-directory
	85	(default "/run/current-system/profile/share/wayland-sessions"))
	86	;; [X11]
554b8607 LC	87	(xorg-configuration sddm-configuration-xorg
554b8607 LC	88	(default (xorg-configuration)))
935644c0	89	(xauth-path sddm-configuration-xauth-path
9e41130b	90	(default (file-append xauth "/bin/xauth")))
935644c0	91	(xephyr-path sddm-configuration-xephyr-path
9e41130b	92	(default (file-append xorg-server "/bin/Xephyr")))
935644c0	93	(xdisplay-start sddm-configuration-xdisplay-start
9e41130b	94	(default (file-append sddm "/share/sddm/scripts/Xsetup")))
935644c0	95	(xdisplay-stop sddm-configuration-xdisplay-stop
9e41130b	96	(default (file-append sddm "/share/sddm/scripts/Xstop")))
935644c0 DC	97	(xsession-command sddm-configuration-xsession-command
	98	(default (xinitrc)))
	99	(xsessions-directory sddm-configuration-xsessions-directory
	100	(default "/run/current-system/profile/share/xsessions"))
	101	(minimum-vt sddm-configuration-minimum-vt
	102	(default 7))
935644c0 DC	103
	104	;; [Autologin]
	105	(auto-login-user sddm-configuration-auto-login-user
	106	(default ""))
	107	;; valid values are xfce.desktop gnome.desktop weston.desktop hawaii.desktop
	108	(auto-login-session sddm-configuration-auto-login-session
	109	(default ""))
	110	(relogin? sddm-configuration-relogin?
	111	(default #f)))
	112
	113	(define (sddm-configuration-file config)
	114	(mixed-text-file "sddm.conf" "
	115	[General]
	116	DisplayServer=" (sddm-configuration-display-server config) "
	117	Numlock=" (sddm-configuration-numlock config) "
	118	HaltCommand=" (sddm-configuration-halt-command config) "
	119	RebootCommand=" (sddm-configuration-reboot-command config) "
	120
	121	[Users]
	122	DefaultPath=" (sddm-configuration-default-path config) "
	123	MinimumUid=" (number->string (sddm-configuration-minimum-uid config))"
	124	MaximumUid=" (number->string (sddm-configuration-maximum-uid config))"
	125	RememberLastUser=" (if (sddm-configuration-remember-last-user? config)
	126	"true" "false") "
	127	RememberLastSession=" (if (sddm-configuration-remember-last-session? config)
	128	"true" "false") "
	129	HideUsers=" (sddm-configuration-hide-users config) "
	130	Hideshells=" (sddm-configuration-hide-shells config) "
	131
	132	[Theme]
	133	Current=" (sddm-configuration-theme config) "
	134	ThemeDir=" (sddm-configuration-themes-directory config) "
	135	FacesDir=" (sddm-configuration-faces-directory config) "
	136
	137	[Wayland]
	138	SessionCommand=" (sddm-configuration-session-command config) "
	139	SessionDir=" (sddm-configuration-sessions-directory config) "
	140
	141	[X11]
554b8607	142	ServerPath=" (xorg-configuration-server
b283d5f6	143	(sddm-configuration-xorg config)) "/bin/X" "
935644c0 DC	144	XauthPath=" (sddm-configuration-xauth-path config) "
	145	XephyrPath=" (sddm-configuration-xephyr-path config) "
	146	DisplayCommand=" (sddm-configuration-xdisplay-start config) "
	147	DisplayStopCommand=" (sddm-configuration-xdisplay-stop config) "
	148	SessionCommand=" (sddm-configuration-xsession-command config) "
	149	SessionDir=" (sddm-configuration-xsessions-directory config) "
	150	MinimumVT=" (number->string (sddm-configuration-minimum-vt config)) "
554b8607 LC	151	ServerArguments=" (string-join
	152	(xorg-configuration-server-arguments
	153	(sddm-configuration-xorg config))) "
935644c0 DC	154
	155	[Autologin]
	156	User=" (sddm-configuration-auto-login-user config) "
	157	Session=" (sddm-configuration-auto-login-session config) "
	158	Relogin=" (if (sddm-configuration-relogin? config)
	159	"true" "false") "
	160	"))
	161
	162	(define (sddm-shepherd-service config)
	163	"Return a <shepherd-service> for sddm with CONFIG."
	164
	165	(define sddm-command
	166	#~(list (string-append #$(sddm-configuration-sddm config) "/bin/sddm")))
	167
	168	(list (shepherd-service
	169	(documentation "SDDM display manager.")
	170	(requirement '(user-processes))
	171	(provision '(display-manager))
	172	(start #~(make-forkexec-constructor #$sddm-command))
	173	(stop #~(make-kill-destructor)))))
	174
	175	(define (sddm-etc-service config)
	176	(list `("sddm.conf" ,(sddm-configuration-file config))))
	177
	178	(define (sddm-pam-service)
	179	"Return a PAM service for @command{sddm}."
	180	(pam-service
	181	(name "sddm")
	182	(auth
	183	(list
	184	(pam-entry
	185	(control "requisite")
	186	(module "pam_nologin.so"))
	187	(pam-entry
	188	(control "required")
	189	(module "pam_env.so"))
	190	(pam-entry
	191	(control "required")
	192	(module "pam_succeed_if.so")
	193	(arguments (list "uid >= 1000" "quiet")))
	194	;; should be factored out into system-auth
	195	(pam-entry
	196	(control "required")
	197	(module "pam_unix.so"))))
	198	(account
	199	(list
	200	;; should be factored out into system-account
	201	(pam-entry
	202	(control "required")
	203	(module "pam_unix.so"))))
	204	(password
	205	(list
	206	;; should be factored out into system-password
	207	(pam-entry
	208	(control "required")
	209	(module "pam_unix.so")
	210	(arguments (list "sha512" "shadow" "try_first_pass")))))
	211	(session
	212	(list
	213	;; lfs has a required pam_limits.so
	214	;; should be factored out into system-session
	215	(pam-entry
	216	(control "required")
	217	(module "pam_unix.so"))))))
218
219	(define (sddm-greeter-pam-service)
220	"Return a PAM service for @command{sddm-greeter}."
221	(pam-service
222	(name "sddm-greeter")
223	(auth
224	(list
d1f30631	225	;; Load environment from /etc/environment and ~/.pam_environment
935644c0 DC	226	(pam-entry
	227	(control "required")
	228	(module "pam_env.so"))
	229	;; Always let the greeter start without authentication
	230	(pam-entry
	231	(control "required")
	232	(module "pam_permit.so"))))
	233	(account
	234	(list
	235	;; No action required for account management
	236	(pam-entry
	237	(control "required")
	238	(module "pam_permit.so"))))
	239	(password
	240	(list
	241	;; Can't change password
	242	(pam-entry
	243	(control "required")
	244	(module "pam_deny.so"))))
	245	(session
	246	(list
	247	;; Setup session
	248	(pam-entry
	249	(control "required")
	250	(module "pam_unix.so"))))))
	251
	252	(define (sddm-autologin-pam-service)
	253	"Return a PAM service for @command{sddm-autologin}"
	254	(pam-service
	255	(name "sddm-autologin")
	256	(auth
	257	(list
	258	(pam-entry
	259	(control "requisite")
	260	(module "pam_nologin.so"))
	261	(pam-entry
	262	(control "required")
	263	(module "pam_succeed_if.so")
	264	(arguments (list "uid >= 1000" "quiet")))
	265	(pam-entry
	266	(control "required")
	267	(module "pam_permit.so"))))
	268	(account
	269	(list
	270	(pam-entry
	271	(control "include")
	272	(module "sddm"))))
	273	(password
	274	(list
	275	(pam-entry
	276	(control "required")
	277	(module "pam_deny.so"))))
	278	(session
	279	(list
	280	(pam-entry
	281	(control "include")
	282	(module "sddm"))))))
	283
	284	(define (sddm-pam-services config)
	285	(list (sddm-pam-service)
	286	(sddm-greeter-pam-service)
	287	(sddm-autologin-pam-service)))
	288
	289	(define %sddm-accounts
290	(list (user-group (name "sddm") (system? #t))
291	(user-account
292	(name "sddm")
293	(group "sddm")
294	(system? #t)
295	(comment "SDDM user")
296	(home-directory "/var/lib/sddm")
9e41130b	297	(shell (file-append shadow "/sbin/nologin")))))
935644c0 DC	298
	299	;; Add default themes to profile
	300	(define sddm-profile-service
	301	(compose list sddm-configuration-sddm))
	302
	303	(define sddm-service-type
	304	(service-type (name 'sddm)
	305	(extensions
	306	(list (service-extension shepherd-root-service-type
	307	sddm-shepherd-service)
	308	(service-extension etc-service-type
	309	sddm-etc-service)
	310	(service-extension pam-root-service-type
	311	sddm-pam-services)
	312	(service-extension account-service-type
	313	(const %sddm-accounts))
	314	(service-extension profile-service-type
	315	sddm-profile-service)))))
	316
	317	(define* (sddm-service #:optional (config (sddm-configuration)))
	318	"Run the @uref{https://github.com/sddm/sddm,SSDM display manager}
	319	with the given @var{config}, a @code{<sddm-configuration>} object."
	320	(service sddm-service-type config))