From 3106b950f70aba2851091731bff4030087c6eca4 Mon Sep 17 00:00:00 2001
From: L  p R n  d n <guix@lprndn.info>
Date: Wed, 17 Apr 2019 15:47:52 +0200
Subject: [PATCH 10/10] services: Add lightDM service.

* gnu/services/lightdm.scm: New file.
---
 gnu/services/lightdm.scm | 259 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 259 insertions(+)
 create mode 100644 gnu/services/lightdm.scm

diff --git a/gnu/services/lightdm.scm b/gnu/services/lightdm.scm
new file mode 100644
index 0000000000..b280df49ae
--- /dev/null
+++ b/gnu/services/lightdm.scm
@@ -0,0 +1,259 @@
+(define-module (gnu services lightdm)
+  #:use-module (guix gexp)
+  #:use-module (guix records)
+
+  #:use-module (gnu system pam)
+  #:use-module (gnu system shadow)
+
+  #:use-module (gnu services)
+  #:use-module (gnu services dbus)
+  #:use-module (gnu services desktop)
+  #:use-module (gnu services shepherd)
+  #:use-module (gnu services xorg)
+
+  #:use-module (gnu packages admin)
+  #:use-module (gnu packages display-managers)
+  #:use-module (gnu packages freedesktop)
+  #:use-module (gnu packages gnome)
+  #:use-module (gnu packages xorg)
+
+  #:export (lightdm-configuration
+            lightdm-configuration?
+            lightdm-service-type))
+
+(define (lightdm-pam-service)
+  "Return a PAM service for @command{lightdm}."
+  (unix-pam-service
+   "lightdm"
+   #:allow-empty-passwords? #t)
+  ;; (pam-service
+  ;; (name "lightdm")
+  ;; (auth
+  ;; (list
+  ;; Block login if they are globally disabled
+  ;; (pam-entry (control "required") (module "pam_nologin.so"))
+  ;; Load environment from /etc/environment and ~/.pam_environment
+  ;; (pam-entry (control "required") (module "pam_env.so"))
+  ;; Use /etc/passwd and /etc/shadow for passwords
+  ;; (pam-entry (control "required") (module "pam_unix.so"))
+  ;; https://wiki.gentoo.org/wiki/LightDM#Unlock_GNOME_Keyring
+  ;; (pam-entry (control "optional") (module "pam_gnome_keyring.so"))
+  ;; ))
+  ;; Check account is active, change password if required
+  ;; (account
+  ;; (list
+  ;; (pam-entry (control "required") (module "pam_unix.so"))))
+  ;; Allow password to be changed
+  ;; (password
+  ;; (list
+  ;; (pam-entry (control "required") (module "pam_unix.so"))))
+  ;; Setup session
+  ;; (session
+  ;; (list
+  ;; (pam-entry (control "required") (module "pam_unix.so"))
+  ;; https://wiki.gentoo.org/wiki/LightDM#Unlock_GNOME_Keyring
+  ;; (pam-entry (control "optional") (module "pam_gnome_keyring.so")
+  ;; (arguments (list "auto_start")))
+  ;; )))
+  )
+
+(define (lightdm-greeter-pam-service)
+  "Return a PAM service for @command{lightdm-greeter}}."
+  (pam-service
+   (name "lightdm-greeter")
+   (auth
+    (list
+     ;; Load environment from /etc/environment and ~/.pam_environment
+     (pam-entry (control "required") (module "pam_env.so"))
+     ;; Always let the greeter start without authentication
+     (pam-entry (control "required") (module "pam_permit.so"))))
+   ;; No action required for account management
+   (account
+    (list
+     (pam-entry (control "required") (module "pam_permit.so"))))
+   ;; Can't change password
+   (password
+    (list
+     (pam-entry (control "required") (module "pam_deny.so"))))
+   ;; Setup session
+   (session
+    (list
+     (pam-entry (control "required") (module "pam_unix.so"))
+     (pam-entry (control "required") (module "pam_env.so"))))))
+
+(define (lightdm-autologin-pam-service)
+  "Return a PAM service for @command{lightdm-autologin}}."
+  (pam-service
+   (name "lightdm-autologin")
+   (auth
+    (list
+     ;; Block login if they are globally disabled
+     (pam-entry (control "required") (module "pam_nologin.so"))
+     ;; Load environment from /etc/environment and ~/.pam_environment
+     (pam-entry (control "required") (module "pam_env.so"))
+     ;; Allow access without authentication
+     (pam-entry (control "required") (module "pam_permit.so"))))
+   ;; Stop autologin if account requires action
+   (account
+    (list
+     (pam-entry (control "required") (module "pam_unix.so"))))
+   ;; Can't change password
+   (password
+    (list
+     (pam-entry (control "required") (module "pam_deny.so"))))
+   ;; Setup session
+   (session
+    (list
+     (pam-entry (control "required") (module "pam_unix.so"))))))
+
+(define-record-type* <lightdm-configuration>
+  lightdm-configuration make-lightdm-configuration
+  lightdm-configuration?
+
+  (lightdm lightdm-configuration-lightdm
+           (default lightdm))
+  (user lightdm-configuration-user
+        (default "lightdm"))
+  (greeters-directory lightdm-configuration-greeters-directory
+                      (default "/run/current-system/profile/share/xgreeters"))
+  (sessions-directory lightdm-configuration-sessions-directory
+                      (default (string-append
+                                "/run/current-system/profile/share/xsessions"
+                                ":/run/current-system/profile/share/wayland-sessions")))
+
+  ;; Seat configuration
+  (greeter-session lightdm-configuration-greeter-session
+                   (default "lightdm-gtk-greeter"))
+  (xserver-command lightdm-configuration-xserver-command
+                   (default (xorg-start-command)))
+  (pam-service lightdm-configuration-pam-service
+               (default (lightdm-pam-service)))
+  (pam-autologin-service lightdm-configuration-autologin-pam-service
+                         (default (lightdm-autologin-pam-service)))
+  (pam-greeter-service lightdm-configuration-greeter-pam-service
+                       (default (lightdm-greeter-pam-service)))
+  (autologin-user lightdm-configuration-autologin-user
+                  (default ""))
+  (default-session-name lightdm-configuration-default-session
+    (default ""))
+  (autologin-timeout lightdm-configuration-autologin-timeout
+                     (default ""))
+  ;; lightdm-gtk-greeter specifics
+  ;; Maybe it should have its own service
+  (gtk-greeter-theming-packages lightdm-configuration-gtk-greeter-theming-packages
+                                (default (list adwaita-icon-theme)))
+  (gtk-greeter-theme-name lightdm-configuration-gtk-greeter-theme-name
+                          (default ""))
+  (gtk-greeter-icon-theme-name
+   lightdm-configuration-gtk-greeter-icon-theme-name
+   (default "Adwaita"))
+  (gtk-greeter-cursor-theme-name
+   lightdm-configuration-gtk-greeter-cursor-theme-name
+   (default "Adwaita"))
+  (gtk-greeter-cursor-size lightdm-configuration-gtk-greeter-cursor-size
+                           (default 16))
+  (gtk-greeter-background lightdm-configuration-gtk-greeter-background
+                          (default "")))
+
+(define %lightdm-accounts
+  (list (user-group (name "lightdm") (system? #t))
+        (user-account
+         (name "lightdm")
+         (group "lightdm")
+         (system? #t)
+         (comment "LighDM user")
+         (home-directory "/var/lib/lightdm")
+         (shell (file-append shadow "/sbin/nologin")))))
+
+(define (lightdm-configuration-file config)
+  (mixed-text-file "lightdm.conf" "
+[LightDM]
+greeter-user = "          (lightdm-configuration-user config) "
+greeters-directory = "    (lightdm-configuration-greeters-directory config) "
+sessions-directory = "    (lightdm-configuration-sessions-directory config) "
+
+
+[Seat:*]
+xserver-command = "       (lightdm-configuration-xserver-command config) "
+greeter-session = "       (lightdm-configuration-greeter-session config) "
+user-session = "          (lightdm-configuration-default-session config) "
+autologin-user = "        (lightdm-configuration-autologin-user config) "
+autologin-session = "     (lightdm-configuration-default-session config) "
+autologin-user-timeout = " (lightdm-configuration-autologin-timeout config)))
+
+(define (lightdm-gtk-greeter-configuration-file config)
+  (mixed-text-file "lightdm-gtk-greeter.conf" "
+[greeter]
+theme-name = "        (lightdm-configuration-gtk-greeter-theme-name config) "
+icon-theme-name = "   (lightdm-configuration-gtk-greeter-icon-theme-name config) "
+cursor-theme-name = " (lightdm-configuration-gtk-greeter-cursor-theme-name config) "
+cursor-theme-size = " (number->string (lightdm-configuration-gtk-greeter-cursor-size config)) "
+background = "        (lightdm-configuration-gtk-greeter-background config)))
+
+(define (lightdm-shepherd-service config)
+  "Return a <lightdm-service> for LightDM with CONFIG."
+
+  (define lightdm-command
+    #~(list (string-append #$(lightdm-configuration-lightdm config) "/sbin/lightdm")))
+
+  (list (shepherd-service
+         (documentation "LightDM display manager.")
+         (requirement '(dbus-system user-processes host-name))
+         (provision '(display-manager))
+         (respawn? #f)
+         (start #~(lambda ()
+                    (fork+exec-command
+                     (list #$(file-append
+                              (lightdm-configuration-lightdm config)
+                              "/sbin/lightdm"))
+                     #:environment-variables
+                     (list
+                      (string-append
+                       "PATH=/run/current-system/profile/sbin"
+                       ":/run/current-system/profile/bin")))))
+         (stop #~(make-kill-destructor)))))
+
+(define (lightdm-etc-service config)
+  (list `("xdg/lightdm/lightdm.conf.d/lightdm.conf"
+          ,(lightdm-configuration-file config))
+        `("xdg/lightdm/lightdm-gtk-greeter.conf"
+          ,(lightdm-gtk-greeter-configuration-file config))))
+
+(define (lightdm-pam-services config)
+  (list (lightdm-configuration-pam-service config)
+        (lightdm-configuration-greeter-pam-service config)
+        (lightdm-configuration-autologin-pam-service config)))
+
+(define (lightdm-profile-service config)
+  (append (list lightdm-gtk-greeter lightdm)
+          (lightdm-configuration-gtk-greeter-theming-packages config)))
+
+(define (lightdm-activation-service config)
+  (with-imported-modules '((guix build utils))
+    #~(begin
+        (use-modules (guix build utils))
+        (define %user
+          (getpw #$(lightdm-configuration-user config)))
+        (let ((directory "/var/lib/lightdm-data"))
+          (mkdir-p directory)
+          (chown directory (passwd:uid %user) (passwd:gid %user))))))
+
+(define lightdm-service-type
+  (service-type (name 'lightdm)
+                (extensions
+                 (list
+                  (service-extension shepherd-root-service-type
+                                     lightdm-shepherd-service)
+                  (service-extension activation-service-type
+                                     lightdm-activation-service)
+                  (service-extension pam-root-service-type
+                                     lightdm-pam-services)
+                  (service-extension etc-service-type
+                                     lightdm-etc-service)
+                  (service-extension dbus-root-service-type
+                                     (compose list lightdm-configuration-lightdm))
+                  (service-extension account-service-type
+                                     (const %lightdm-accounts))
+                  (service-extension profile-service-type
+                                     lightdm-profile-service)))
+                (default-value (lightdm-configuration))))
-- 
2.21.0