nixos/lightdm: support greeter-less auto login

This adds configuration options for automatic login and disabling the
greeter (this should avoid the dependency on gtk).

1 files changed, 96 insertions, 4 deletions

diff --git a/nixos/modules/services/x11/display-managers/lightdm.nix b/nixos/modules/services/x11/display-managers/lightdm.nix
index ac7db3d9adc4..47786f0a4321 100644
--- a/nixos/modules/services/x11/display-managers/lightdm.nix
+++ b/nixos/modules/services/x11/display-managers/lightdm.nix
@@ -4,7 +4,8 @@ with lib;
 
 let
 
-  dmcfg = config.services.xserver.displayManager;
+  xcfg = config.services.xserver;
+  dmcfg = xcfg.displayManager;
   xEnv = config.systemd.services."display-manager".environment;
   cfg = dmcfg.lightdm;
 
@@ -36,16 +37,31 @@ let
   lightdmConf = writeText "lightdm.conf"
     ''
       [LightDM]
-      greeter-user = ${config.users.extraUsers.lightdm.name}
-      greeters-directory = ${cfg.greeter.package}
+      ${optionalString cfg.greeter.enable ''
+        greeter-user = ${config.users.extraUsers.lightdm.name}
+        greeters-directory = ${cfg.greeter.package}
+      ''}
       sessions-directory = ${dmcfg.session.desktops}
 
       [Seat:*]
       xserver-command = ${xserverWrapper}
       session-wrapper = ${dmcfg.session.script}
-      greeter-session = ${cfg.greeter.name}
+      ${optionalString cfg.greeter.enable ''
+        greeter-session = ${cfg.greeter.name}
+      ''}
+      ${optionalString cfg.autoLogin.enable ''
+        autologin-user = ${cfg.autoLogin.user}
+        autologin-user-timeout = ${toString cfg.autoLogin.timeout}
+        autologin-session = ${defaultSessionName}
+      ''}
       ${cfg.extraSeatDefaults}
     '';
+
+  defaultSessionName =
+    let
+      dm = xcfg.desktopManager.default;
+      wm = xcfg.windowManager.default;
+    in dm + optionalString (wm != "none") (" + " + wm);
 in
 {
   # Note: the order in which lightdm greeter modules are imported
@@ -68,6 +84,14 @@ in
       };
 
       greeter =  {
+        enable = mkOption {
+          type = types.bool;
+          default = true;
+          description = ''
+            If set to false, run lightdm in greeterless mode. This only works if autologin
+            is enabled and autoLogin.timeout is zero.
+          '';
+        };
         package = mkOption {
           type = types.package;
           description = ''
@@ -102,10 +126,67 @@ in
         description = "Extra lines to append to SeatDefaults section.";
       };
 
+      autoLogin = mkOption {
+        default = {};
+        description = ''
+          Configuration for automatic login.
+        '';
+
+        type = types.submodule {
+          options = {
+            enable = mkOption {
+              type = types.bool;
+              default = false;
+              description = ''
+                Automatically log in as the specified <option>autoLogin.user</option>.
+              '';
+            };
+
+            user = mkOption {
+              type = types.nullOr types.str;
+              default = null;
+              description = ''
+                User to be used for the automatic login.
+              '';
+            };
+
+            timeout = mkOption {
+              type = types.int;
+              default = 0;
+              description = ''
+                Show the greeter for this many seconds before automatic login occurs.
+              '';
+            };
+          };
+        };
+      };
+
     };
   };
 
   config = mkIf cfg.enable {
+
+    assertions = [
+      { assertion = cfg.autoLogin.enable -> cfg.autoLogin.user != null;
+        message = ''
+          LightDM auto-login requires services.xserver.displayManager.lightdm.autoLogin.user to be set
+        '';
+      }
+      { assertion = cfg.autoLogin.enable -> elem defaultSessionName dmcfg.session.names;
+        message = ''
+          LightDM auto-login requires that services.xserver.desktopManager.default and
+          services.xserver.windowMananger.default are set to valid values. The current
+          default session: ${defaultSessionName} is not valid.
+        '';
+      }
+      { assertion = !cfg.greeter.enable -> (cfg.autoLogin.enable && cfg.autoLogin.timeout == 0);
+        message = ''
+          LightDM can only run without greeter if automatic login is enabled and the timeout for it
+          is set to zero.
+        '';
+      }
+    ];
+
     services.xserver.displayManager.slim.enable = false;
 
     services.xserver.displayManager.job = {
@@ -144,6 +225,17 @@ in
         session  optional ${pkgs.systemd}/lib/security/pam_systemd.so
       '';
     };
+    security.pam.services.lightdm-autologin.text = ''
+        auth     requisite pam_nologin.so
+        auth     required  pam_succeed_if.so uid >= 1000 quiet
+        auth     required  pam_permit.so
+
+        account  include   lightdm
+
+        password include   lightdm
+
+        session  include   lightdm
+    '';
 
     users.extraUsers.lightdm = {
       createHome = true;