profiles/workstation: Use autoLogin on LUKS

After countless boots with unlocking my LUKS containers and thereafter
logging in via lightdm I started to wonder whether it really makes sense
to do the latter.

All of my workstations are single-user, I usually don't switch my
session type (and even if, then via system configuration) and if someone
manages to unlock my LUKS containers, it's really trivial to circumvent
the user authentication.

So if I'm not forgetting about something big[TM], the only purpose this
additional auth serves is me being annoyed for no reason, so let's
disable it if the configuration indicates that LUKS is used.

Signed-off-by: aszlig <aszlig@nix.build>

1 files changed, 28 insertions, 19 deletions

diff --git a/modules/user/aszlig/profiles/workstation/default.nix b/modules/user/aszlig/profiles/workstation/default.nix
index 12d50b6b..bfc86c9e 100644
--- a/modules/user/aszlig/profiles/workstation/default.nix
+++ b/modules/user/aszlig/profiles/workstation/default.nix
@@ -3,7 +3,8 @@
 let
   cfg = config.vuizvui.user.aszlig.profiles.workstation;
   inherit (config.services.xserver) xrandrHeads;
-  faceSize = if config.hardware.video.hidpi.enable then 10 else 12;
+  hidpi = config.hardware.video.hidpi.enable;
+  faceSize = if hidpi then 10 else 12;
 in {
   options.vuizvui.user.aszlig.profiles.workstation = {
     enable = lib.mkEnableOption "Workstation profile for aszlig";
@@ -190,24 +191,32 @@ in {
         enable = true;
         layout = "dvorak";
 
-        displayManager.lightdm.enable = true;
-        displayManager.defaultSession = "none+i3";
-        displayManager.sessionCommands = ''
-          ${pkgs.xorg.xrdb}/bin/xrdb "${pkgs.writeText "xrdb.config" ''
-            XTerm*termName:            xterm-direct
-            XTerm*directColor:         true
-            XTerm*faceName:            MxPlus IBM VGA 8x16
-            XTerm*faceSize:            ${toString faceSize}
-            XTerm*renderFont:          true
-            XTerm*saveLines:           10000
-            XTerm*bellIsUrgent:        true
-            XTerm*background:          black
-            XTerm*foreground:          grey
-
-            XTerm*backarrowKeyIsErase: true
-            XTerm*ptyInitialErase:     true
-          ''}"
-        '';
+        displayManager = {
+          lightdm.enable = true;
+          defaultSession = "none+i3";
+          sessionCommands = ''
+            ${pkgs.xorg.xrdb}/bin/xrdb "${pkgs.writeText "xrdb.config" ''
+              XTerm*termName:            xterm-direct
+              XTerm*directColor:         true
+              XTerm*faceName:            MxPlus IBM VGA 8x16
+              XTerm*faceSize:            ${toString faceSize}
+              XTerm*renderFont:          true
+              XTerm*saveLines:           10000
+              XTerm*bellIsUrgent:        true
+              XTerm*background:          black
+              XTerm*foreground:          grey
+
+              XTerm*backarrowKeyIsErase: true
+              XTerm*ptyInitialErase:     true
+            ''}"
+          '';
+        } // lib.optionalAttrs (config.boot.initrd.luks.devices != {}) {
+          # All of my workstations are single-user machines with encrypted root
+          # and swap, so there is no need to prompt another time for a password
+          # or passphrase.
+          autoLogin.enable = true;
+          autoLogin.user = "aszlig";
+        };
       };
     };