nixos/modules/services/x11/display-managers/sddm.nix at 15.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / x11 / display-managers / sddm.nix
at 15.09-beta 2.8 kB view raw
  1{ config, lib, pkgs, ... }:
  2
  3with lib;
  4
  5let
  6
  7  xcfg = config.services.xserver;
  8  dmcfg = xcfg.displayManager;
  9  cfg = dmcfg.sddm;
 10  xEnv = config.systemd.services."display-manager".environment;
 11
 12  xserverWrapper = pkgs.writeScript "xserver-wrapper" ''
 13    #!/bin/sh
 14    ${concatMapStrings (n: "export ${n}=\"${getAttr n xEnv}\"\n") (attrNames xEnv)}
 15    exec ${dmcfg.xserverBin} ${dmcfg.xserverArgs} "$@"
 16  '';
 17
 18  cfgFile = pkgs.writeText "sddm.conf" ''
 19    [General]
 20    HaltCommand=${pkgs.systemd}/bin/systemctl poweroff
 21    RebootCommand=${pkgs.systemd}/bin/systemctl reboot
 22
 23    [Theme]
 24    Current=${cfg.theme}
 25
 26    [Users]
 27    MaximumUid=${toString config.ids.uids.nixbld}
 28    HideUsers=${concatStringsSep "," dmcfg.hiddenUsers}
 29    HideShells=/run/current-system/sw/bin/nologin
 30
 31    [XDisplay]
 32    MinimumVT=${toString xcfg.tty}
 33    ServerPath=${xserverWrapper}
 34    XephyrPath=${pkgs.xorg.xorgserver}/bin/Xephyr
 35    SessionCommand=${dmcfg.session.script}
 36    SessionDir=${dmcfg.session.desktops}
 37    XauthPath=${pkgs.xorg.xauth}/bin/xauth
 38  '';
 39
 40in
 41{
 42  options = {
 43
 44    services.xserver.displayManager.sddm = {
 45      enable = mkOption {
 46        type = types.bool;
 47        default = false;
 48        description = ''
 49          Whether to enable sddm as the display manager.
 50        '';
 51      };
 52
 53      theme = mkOption {
 54        type = types.str;
 55        default = "maui";
 56        description = ''
 57          Greeter theme to use.
 58        '';
 59      };
 60    };
 61
 62  };
 63
 64  config = mkIf cfg.enable {
 65
 66    services.xserver.displayManager.slim.enable = false;
 67
 68    services.xserver.displayManager.job = {
 69      logsXsession = true;
 70
 71      #execCmd = "${pkgs.sddm}/bin/sddm";
 72      execCmd = "exec ${pkgs.sddm}/bin/sddm";
 73    };
 74
 75    security.pam.services = {
 76      sddm = {
 77        allowNullPassword = true;
 78        startSession = true;
 79      };
 80
 81      sddm-greeter.text = ''
 82        auth     required       pam_succeed_if.so audit quiet_success user = sddm
 83        auth     optional       pam_permit.so
 84
 85        account  required       pam_succeed_if.so audit quiet_success user = sddm
 86        account  sufficient     pam_unix.so
 87
 88        password required       pam_deny.so
 89
 90        session  required       pam_succeed_if.so audit quiet_success user = sddm
 91        session  required       pam_env.so envfile=${config.system.build.pamEnvironment}
 92        session  optional       ${pkgs.systemd}/lib/security/pam_systemd.so
 93        session  optional       pam_keyinit.so force revoke
 94        session  optional       pam_permit.so
 95      '';
 96    };
 97
 98    users.extraUsers.sddm = {
 99      createHome = true;
100      home = "/var/lib/sddm";
101      group = "sddm";
102      uid = config.ids.uids.sddm;
103    };
104
105    environment.etc."sddm.conf".source = cfgFile;
106
107    users.extraGroups.sddm.gid = config.ids.gids.sddm;
108
109  };
110}