about summary refs log tree commit diff
path: root/modules/vlock/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/vlock/default.nix')
-rw-r--r--modules/vlock/default.nix51
1 files changed, 51 insertions, 0 deletions
diff --git a/modules/vlock/default.nix b/modules/vlock/default.nix
new file mode 100644
index 00000000..11e9a475
--- /dev/null
+++ b/modules/vlock/default.nix
@@ -0,0 +1,51 @@
+{ pkgs, config, lib, ... }:
+
+let
+  messageFile = pkgs.runCommand "message.cat" {} ''
+    echo -en '\e[H\e[2J\e[?25l' > "$out"
+    "${pkgs.aacolorize}/bin/aacolorize" \
+      "${./message.cat}" "${./message.colmap}" \
+      >> "$out"
+  '';
+
+  esc = "\\\\033";
+  unlockCSI = "${esc}[16;39H${esc}[?25h${esc}[K";
+
+  vlock = lib.overrideDerivation pkgs.vlock (o: {
+    postPatch = (o.postPatch or "") + ''
+      echo -n '"' > src/message.h
+      sed -e ':nl;N;$!bnl;s/[\\"]/\\&/g;s/\n/\\n/g' "${messageFile}" \
+        >> src/message.h
+      sed -i -e '$s/$/"/' src/message.h
+      sed -i -e 's!getenv("VLOCK_MESSAGE")!\n#include "message.h"\n!' \
+        src/vlock-main.c
+      sed -i -re 's/(fprintf[^"]*")(.*user)/\1${unlockCSI}\2/' \
+        src/auth-pam.c
+    '';
+  });
+in {
+  options.vuizvui.vlock.enable = lib.mkEnableOption "console lock";
+
+  config.systemd.sockets.vlock = {
+    description = "Console Lock Socket";
+    wantedBy = [ "sockets.target" ];
+    socketConfig.ListenStream = "/run/console-lock.sock";
+    socketConfig.Accept = true;
+  };
+
+  config.systemd.services."vlock@" = lib.mkIf config.vuizvui.vlock.enable {
+    description = "Lock All Consoles";
+    serviceConfig.Type = "oneshot";
+
+    #environment.USER = "%i"; XXX
+    environment.USER = "aszlig";
+
+    script = ''
+      retval=0
+      oldvt="$("${pkgs.kbd}/bin/fgconsole")"
+      "${vlock}/bin/vlock" -asn || retval=$?
+      if [ $retval -ne 0 ]; then "${pkgs.kbd}/bin/chvt" "$oldvt"; fi
+      exit $retval
+    '';
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-11 10:57:17 +0000