swaylock, schlock: convert to services
This commit is contained in:
parent
4f56acc316
commit
f58bcb4767
|
@ -11,14 +11,32 @@ let
|
|||
in
|
||||
{
|
||||
sane.programs.schlock = {
|
||||
configOption = with lib; mkOption {
|
||||
default = {};
|
||||
type = types.submodule {
|
||||
options.autolock = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
integrate with things like `swayidle` to auto-lock when appropriate.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
sandbox.method = "bwrap";
|
||||
sandbox.whitelistWayland = true;
|
||||
|
||||
secrets.".config/schlock/schlock.pin" = ../../../secrets/common/schlock.pin.bin;
|
||||
|
||||
services.schlock = {
|
||||
description = "schlock mobile-friendly screen locker";
|
||||
command = ''schlock -p "$HOME/.config/schlock/schlock.pin"'';
|
||||
restartCondition = "on-failure";
|
||||
};
|
||||
};
|
||||
|
||||
sane.programs.swayidle.config = lib.mkIf cfg.enabled {
|
||||
actions.schlock.desktop = "schlock.desktop";
|
||||
actions.schlock.delay = 1800;
|
||||
sane.programs.swayidle.config = lib.mkIf (cfg.enabled && cfg.config.autolock) {
|
||||
actions.lock.service = "schlock";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -9,10 +9,23 @@ let
|
|||
options.command = mkOption {
|
||||
type = types.str;
|
||||
default = name;
|
||||
description = ''
|
||||
shell command to run, e.g. "swaylock --indicator-idle-visible".
|
||||
'';
|
||||
};
|
||||
options.desktop = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
name of a .desktop file to launch, e.g. "swaylock.desktop".
|
||||
'';
|
||||
};
|
||||
options.service = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
name of a user service to start.
|
||||
'';
|
||||
};
|
||||
options.delay = mkOption {
|
||||
type = types.int;
|
||||
|
@ -20,7 +33,14 @@ let
|
|||
how many seconds of idle time before triggering the command.
|
||||
'';
|
||||
};
|
||||
config.command = lib.mkIf (config.desktop != null) "sane-open --application ${config.desktop}";
|
||||
config.command = lib.mkMerge [
|
||||
(lib.mkIf (config.desktop != null) (
|
||||
lib.escapeShellArgs [ "sane-open" "--application" "${config.desktop}" ])
|
||||
)
|
||||
(lib.mkIf (config.service != null) (
|
||||
lib.escapeShellArgs [ "s6-rc" "start" "${config.service}" ])
|
||||
)
|
||||
];
|
||||
});
|
||||
screenOff = pkgs.writeShellScriptBin "screen-off" ''
|
||||
swaymsg -- output '*' power false
|
||||
|
@ -46,9 +66,17 @@ in
|
|||
command = "${screenOff}/bin/screen-off";
|
||||
delay = lib.mkDefault 1500; # 1500s = 25min
|
||||
};
|
||||
config.actions.lock = {
|
||||
# define a well-known action mostly to prevent accidentally shipping overlapping screen lockers...
|
||||
delay = lib.mkDefault 1800; # 1800 = 30min
|
||||
# enable by default, but only if something else has installed a locker.
|
||||
enable = lib.mkDefault cfg.actions.lock.command != "";
|
||||
command = lib.mkDefault "";
|
||||
};
|
||||
|
||||
sandbox.method = "bwrap";
|
||||
sandbox.whitelistDbus = [ "user" ]; #< might need system too, for inhibitors
|
||||
sandbox.whitelistS6 = true;
|
||||
sandbox.whitelistWayland = true;
|
||||
sandbox.extraRuntimePaths = [ "sway" ];
|
||||
|
||||
|
|
|
@ -4,18 +4,31 @@ let
|
|||
in
|
||||
{
|
||||
sane.programs.swaylock = {
|
||||
packageUnwrapped = pkgs.swaylock.overrideAttrs (upstream: {
|
||||
nativeBuildInputs = (upstream.nativeBuildInputs or []) ++ [
|
||||
pkgs.copyDesktopItems
|
||||
];
|
||||
desktopItems = (upstream.desktopItems or []) ++ [
|
||||
(pkgs.makeDesktopItem {
|
||||
name = "swaylock";
|
||||
exec = "swaylock --indicator-idle-visible --indicator-radius 100 --indicator-thickness 30";
|
||||
desktopName = "Sway session locker";
|
||||
})
|
||||
];
|
||||
});
|
||||
configOption = with lib; mkOption {
|
||||
default = {};
|
||||
type = types.submodule {
|
||||
options.autolock = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
integrate with things like `swayidle` to auto-lock when appropriate.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# packageUnwrapped = pkgs.swaylock.overrideAttrs (upstream: {
|
||||
# nativeBuildInputs = (upstream.nativeBuildInputs or []) ++ [
|
||||
# pkgs.copyDesktopItems
|
||||
# ];
|
||||
# desktopItems = (upstream.desktopItems or []) ++ [
|
||||
# (pkgs.makeDesktopItem {
|
||||
# name = "swaylock";
|
||||
# exec = "swaylock --indicator-idle-visible --indicator-radius 100 --indicator-thickness 30";
|
||||
# desktopName = "Sway session locker";
|
||||
# })
|
||||
# ];
|
||||
# });
|
||||
|
||||
sandbox.method = "bwrap";
|
||||
sandbox.extraPaths = [
|
||||
|
@ -26,11 +39,16 @@ in
|
|||
"/etc/shadow"
|
||||
];
|
||||
sandbox.whitelistWayland = true;
|
||||
|
||||
services.swaylock = {
|
||||
description = "swaylock screen locker";
|
||||
command = "swaylock --indicator-idle-visible --indicator-radius 100 --indicator-thickness 30";
|
||||
restartCondition = "on-failure";
|
||||
};
|
||||
};
|
||||
|
||||
sane.programs.swayidle.config = lib.mkIf cfg.enabled {
|
||||
actions.swaylock.desktop = "swaylock.desktop";
|
||||
actions.swaylock.delay = 1800;
|
||||
sane.programs.swayidle.config = lib.mkIf (cfg.enabled && cfg.config.autolock) {
|
||||
actions.lock.service = "swaylock";
|
||||
};
|
||||
|
||||
security.pam.services = lib.mkIf cfg.enabled {
|
||||
|
|
Loading…
Reference in New Issue
Block a user