colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/systemd-lock-handler: init

Browse Source
This commit is contained in:
Olli Helenius 2023-10-05 17:52:07 +03:00
parent 28f40adf8c
commit e103c5cfcf
No known key found for this signature in database
GPG Key ID: 67235CC88F41DE3C
7 changed files with 139 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/doc/manual/release-notes/rl-2405.section.md
View File

@ -67,6 +67,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- [RustDesk](https://rustdesk.com), a full-featured open source remote control alternative for self-hosting and security with minimal configuration. Alternative to TeamViewer.
- [systemd-lock-handler](https://git.sr.ht/~whynothugo/systemd-lock-handler/), a bridge between logind D-Bus events and systemd targets. Available as [services.systemd-lock-handler.enable](#opt-services.systemd-lock-handler.enable).
## Backward Incompatibilities {#sec-release-24.05-incompatibilities}
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->

1
nixos/modules/module-list.nix
View File

@ -1236,6 +1236,7 @@
./services/system/saslauthd.nix
./services/system/self-deploy.nix
./services/system/systembus-notify.nix
./services/system/systemd-lock-handler.nix
./services/system/uptimed.nix
./services/system/zram-generator.nix
./services/torrent/deluge.nix

47
nixos/modules/services/system/systemd-lock-handler.md Normal file
View File

@ -0,0 +1,47 @@
# systemd-lock-handler {#module-services-systemd-lock-handler}
The `systemd-lock-handler` module provides a service that bridges
D-Bus events from `logind` to user-level systemd targets:
- `lock.target` started by `loginctl lock-session`,
- `unlock.target` started by `loginctl unlock-session` and
- `sleep.target` started by `systemctl suspend`.
You can create a user service that starts with any of these targets.
For example, to create a service for `swaylock`:
```nix
{
services.systemd-lock-handler.enable = true;
systemd.user.services.swaylock = {
description = "Screen locker for Wayland";
documentation = ["man:swaylock(1)"];
# If swaylock exits cleanly, unlock the session:
onSuccess = ["unlock.target"];
# When lock.target is stopped, stops this too:
partOf = ["lock.target"];
# Delay lock.target until this service is ready:
before = ["lock.target"];
wantedBy = ["lock.target"];
serviceConfig = {
# systemd will consider this service started when swaylock forks...
Type = "forking";
# ... and swaylock will fork only after it has locked the screen.
ExecStart = "${lib.getExe pkgs.swaylock} -f";
# If swaylock crashes, always restart it immediately:
Restart = "on-failure";
RestartSec = 0;
};
};
}
```
See [upstream documentation](https://sr.ht/~whynothugo/systemd-lock-handler) for more information.

27
nixos/modules/services/system/systemd-lock-handler.nix Normal file
View File

@ -0,0 +1,27 @@
{ config
, pkgs
, lib
, ...
}:
let
cfg = config.services.systemd-lock-handler;
inherit (lib) mkIf mkEnableOption mkPackageOption;
in
{
options.services.systemd-lock-handler = {
enable = mkEnableOption (lib.mdDoc "systemd-lock-handler");
package = mkPackageOption pkgs "systemd-lock-handler" { };
};
config = mkIf cfg.enable {
systemd.packages = [ cfg.package ];
# https://github.com/NixOS/nixpkgs/issues/81138
systemd.user.services.systemd-lock-handler.wantedBy = [ "default.target" ];
};
meta = {
maintainers = with lib.maintainers; [ liff ];
doc = ./systemd-lock-handler.md;
};
}

1
nixos/tests/all-tests.nix
View File

@ -856,6 +856,7 @@ in {
systemd-journal = handleTest ./systemd-journal.nix {};
systemd-journal-gateway = handleTest ./systemd-journal-gateway.nix {};
systemd-journal-upload = handleTest ./systemd-journal-upload.nix {};
systemd-lock-handler = runTestOn ["aarch64-linux" "x86_64-linux"] ./systemd-lock-handler.nix;
systemd-machinectl = handleTest ./systemd-machinectl.nix {};
systemd-networkd = handleTest ./systemd-networkd.nix {};
systemd-networkd-dhcpserver = handleTest ./systemd-networkd-dhcpserver.nix {};

56
nixos/tests/systemd-lock-handler.nix Normal file
View File

@ -0,0 +1,56 @@
{ lib, ... }: {
name = "systemd-lock-handler";
meta.maintainers = with lib.maintainers; [ liff ];
enableOCR = true;
nodes.machine = { config, pkgs, lib, ... }:
let
touch = "${lib.getBin pkgs.coreutils}/bin/touch";
in
{
imports = [ common/wayland-cage.nix ];
services.systemd-lock-handler.enable = true;
systemd.user.services = {
test-lock = {
partOf = [ "lock.target" ];
onSuccess = [ "unlock.target" ];
before = [ "lock.target" ];
wantedBy = [ "lock.target" ];
serviceConfig.ExecStart = "${touch} /tmp/lock.target.activated";
};
test-unlock = {
partOf = [ "unlock.target" ];
after = [ "unlock.target" ];
wantedBy = [ "unlock.target" ];
serviceConfig.ExecStart = "${touch} /tmp/unlock.target.activated";
};
test-sleep = {
partOf = [ "sleep.target" ];
before = [ "sleep.target" ];
wantedBy = [ "sleep.target" ];
serviceConfig.ExecStart = "${touch} /tmp/sleep.target.activated";
};
};
};
testScript = ''
machine.wait_for_unit('graphical.target')
machine.wait_for_text('alice@machine')
machine.send_chars('loginctl lock-session\n')
machine.wait_for_file('/tmp/lock.target.activated')
machine.wait_for_file('/tmp/unlock.target.activated')
machine.send_chars('systemctl suspend\n')
# wait_for_file wont complete before the machine is asleep,
# so well watch the log instead.
machine.wait_for_console_text('Started test-sleep.service.')
# The VM is asleep, regular shutdown wont work.
machine.crash()
'';
}

6
pkgs/by-name/sy/systemd-lock-handler/package.nix
View File

@ -2,6 +2,7 @@
, fetchFromSourcehut
, buildGoModule
, nix-update-script
, nixosTests
}:
buildGoModule rec {
@ -17,7 +18,10 @@ buildGoModule rec {
vendorHash = "sha256-dWzojV3tDA5lLdpAQNC9NaADGyvV7dNOS3x8mfgNNtA=";
passthru.updateScript = nix-update-script { };
passthru = {
updateScript = nix-update-script { };
tests = nixosTests.systemd-lock-handler;
};
# The Makefile expects to find the binary in the source root. Make
# the one built by `buildGoModule` available so that `make install`