nixos/xscreensaver: init module

This adds a NixOS module for XScreenSaver (from @aidalgol in #130218, with a few updates). The module: * Installs XScreenSaver * Sets up a suid wrapper for xscreensaver-auth * Sets up a user service for xscreensaver The suid wrapper should function correctly when xscreensaver is installed via the derivation update in 40a00547b71. Co-authored-by: Aidan Gauland <aidalgol@fastmail.net> Co-authored-by: Anderson Torres <torres.anderson.85@protonmail.com>
2023-11-23 12:31:34 -08:00 · 2023-11-23 12:31:34 -08:00 · 54020c36a2
commit 54020c36a2
parent 2034ea01b9
2 changed files with 41 additions and 0 deletions
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@ -1406,6 +1406,7 @@
  ./services/x11/xautolock.nix
  ./services/x11/xbanish.nix
  ./services/x11/xfs.nix
+  ./services/x11/xscreensaver.nix
  ./services/x11/xserver.nix
  ./system/activation/activatable-system.nix
  ./system/activation/activation-script.nix
--- a/nixos/modules/services/x11/xscreensaver.nix
+++ b/nixos/modules/services/x11/xscreensaver.nix
@ -0,0 +1,40 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.services.xscreensaver;
+in
+{
+  options.services.xscreensaver = {
+    enable = lib.mkEnableOption "xscreensaver user service";
+
+    package = lib.mkOption {
+      type = lib.types.package;
+      default = pkgs.xscreensaver;
+      defaultText = lib.literalExpression "pkgs.xscreensaver";
+      description = "Which xscreensaver package to use.";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    # Make xscreensaver-auth setuid root so that it can (try to) prevent the OOM
+    # killer from unlocking the screen.
+    security.wrappers.xscreensaver-auth = {
+      setuid = true;
+      owner = "root";
+      group = "root";
+      source = "${pkgs.xscreensaver}/libexec/xscreensaver/xscreensaver-auth";
+    };
+
+    systemd.user.services.xscreensaver = {
+      enable = true;
+      description = "XScreenSaver";
+      after = [ "graphical-session-pre.target" ];
+      partOf = [ "graphical-session.target" ];
+      wantedBy = [ "graphical-session.target" ];
+      path = [ cfg.package ];
+      serviceConfig.ExecStart = "${cfg.package}/bin/xscreensaver -no-splash";
+    };
+  };
+
+  meta.maintainers = with lib.maintainers; [ vancluever AndersonTorres ];
+}