From 6403c0d3ba4e2bf53ff2cec1b151f5290a94cec1 Mon Sep 17 00:00:00 2001
From: Davide Cavalca <davide@cavalca.name>
Date: Mon, 28 Oct 2024 23:26:41 -0700
Subject: [PATCH] Add kiosk profile

This adds a profile for a kiosk-style appliance leveraging gnome-kiosk.
The user can customize the application run on first boot, or at image
build time with something like the following in `tmpfiles.d`:

```
d     /home/kiosk/.config                      0755 kiosk kiosk - -
f     /home/kiosk/.config/gnome-initial-setup-done 0644 kiosk kiosk - -
d     /home/kiosk/.local                       0755 kiosk kiosk - -
d     /home/kiosk/.local/bin                   0755 kiosk kiosk - -
C     /home/kiosk/.local/bin/gnome-kiosk-script 0755 kiosk kiosk -
```

Signed-off-by: Davide Cavalca <davide@cavalca.name>
---
 mkosi.profiles/kiosk/mkosi.conf                   | 12 ++++++++++++
 .../system-preset/05-particleos-kiosk.preset      |  3 +++
 .../usr/lib/sysusers.d/10-particleos-kiosk.conf   |  4 ++++
 .../usr/lib/tmpfiles.d/10-particleos-kiosk.conf   |  8 ++++++++
 .../usr/share/factory/etc/gdm/custom.conf         | 15 +++++++++++++++
 .../factory/var/lib/AccountsService/users/kiosk   |  5 +++++
 6 files changed, 47 insertions(+)
 create mode 100644 mkosi.profiles/kiosk/mkosi.conf
 create mode 100644 mkosi.profiles/kiosk/mkosi.extra/usr/lib/systemd/system-preset/05-particleos-kiosk.preset
 create mode 100644 mkosi.profiles/kiosk/mkosi.extra/usr/lib/sysusers.d/10-particleos-kiosk.conf
 create mode 100644 mkosi.profiles/kiosk/mkosi.extra/usr/lib/tmpfiles.d/10-particleos-kiosk.conf
 create mode 100644 mkosi.profiles/kiosk/mkosi.extra/usr/share/factory/etc/gdm/custom.conf
 create mode 100644 mkosi.profiles/kiosk/mkosi.extra/usr/share/factory/var/lib/AccountsService/users/kiosk

diff --git a/mkosi.profiles/kiosk/mkosi.conf b/mkosi.profiles/kiosk/mkosi.conf
new file mode 100644
index 0000000..8c7291b
--- /dev/null
+++ b/mkosi.profiles/kiosk/mkosi.conf
@@ -0,0 +1,12 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+# Requires desktop profile
+
+[Match]
+Distribution=fedora
+
+[Content]
+Packages=
+        gdm
+        gnome-kiosk-script-session
+        gnome-text-editor
diff --git a/mkosi.profiles/kiosk/mkosi.extra/usr/lib/systemd/system-preset/05-particleos-kiosk.preset b/mkosi.profiles/kiosk/mkosi.extra/usr/lib/systemd/system-preset/05-particleos-kiosk.preset
new file mode 100644
index 0000000..1f4ce39
--- /dev/null
+++ b/mkosi.profiles/kiosk/mkosi.extra/usr/lib/systemd/system-preset/05-particleos-kiosk.preset
@@ -0,0 +1,3 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+disable systemd-homed-firstboot.service
diff --git a/mkosi.profiles/kiosk/mkosi.extra/usr/lib/sysusers.d/10-particleos-kiosk.conf b/mkosi.profiles/kiosk/mkosi.extra/usr/lib/sysusers.d/10-particleos-kiosk.conf
new file mode 100644
index 0000000..f8cec65
--- /dev/null
+++ b/mkosi.profiles/kiosk/mkosi.extra/usr/lib/sysusers.d/10-particleos-kiosk.conf
@@ -0,0 +1,4 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+#Type Name       ID                  GECOS              Home directory Shell
+u     kiosk      -                   "Kiosk"            /home/kiosk    /sbin/nologin
diff --git a/mkosi.profiles/kiosk/mkosi.extra/usr/lib/tmpfiles.d/10-particleos-kiosk.conf b/mkosi.profiles/kiosk/mkosi.extra/usr/lib/tmpfiles.d/10-particleos-kiosk.conf
new file mode 100644
index 0000000..837bbc8
--- /dev/null
+++ b/mkosi.profiles/kiosk/mkosi.extra/usr/lib/tmpfiles.d/10-particleos-kiosk.conf
@@ -0,0 +1,8 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+#Type Path                                     Mode User Group Age         Argument
+d     /home/kiosk                              0700 kiosk kiosk - -
+d     /var/lib/AccountsService/users           0700 root root - -
+C     /var/lib/AccountsService/users/kiosk     0600 root root - -
+L     /etc/gdm
+L     /etc/dbus-1
diff --git a/mkosi.profiles/kiosk/mkosi.extra/usr/share/factory/etc/gdm/custom.conf b/mkosi.profiles/kiosk/mkosi.extra/usr/share/factory/etc/gdm/custom.conf
new file mode 100644
index 0000000..114372b
--- /dev/null
+++ b/mkosi.profiles/kiosk/mkosi.extra/usr/share/factory/etc/gdm/custom.conf
@@ -0,0 +1,15 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[daemon]
+AutomaticLoginEnable=true
+AutomaticLogin=kiosk
+
+[security]
+
+[xdmcp]
+
+[chooser]
+
+[debug]
+# Uncomment the line below to turn on debugging
+#Enable=true
diff --git a/mkosi.profiles/kiosk/mkosi.extra/usr/share/factory/var/lib/AccountsService/users/kiosk b/mkosi.profiles/kiosk/mkosi.extra/usr/share/factory/var/lib/AccountsService/users/kiosk
new file mode 100644
index 0000000..0e95365
--- /dev/null
+++ b/mkosi.profiles/kiosk/mkosi.extra/usr/share/factory/var/lib/AccountsService/users/kiosk
@@ -0,0 +1,5 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[User]
+Session=gnome-kiosk-script-wayland
+SystemAccount=false