swendel/nixpkgs
1
0
Fork 0
mirror of https://github.com/SebastianWendel/nixpkgs.git synced 2024-09-21 04:49:01 +02:00
Code Issues Packages Projects Releases Wiki Activity

nixos/geoclue2: make configurable, can whitelist applications

Browse source 
All options within geoclue.conf[0] have been made configurable.

Additonally, we can now specify whether or not GeoClue
should ask the agent to authorize an application like so:
```
services.geoclue2.appConfig."redshift" = {
  isAllowed = true;
  isSystem = true;
};
```

[0]: https://gitlab.freedesktop.org/geoclue/geoclue/blob/2.5.2/data/geoclue.conf.in

Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
This commit is contained in:
LeOtaku 2019-05-02 00:08:56 +02:00 committed by worldofpeace
parent e2bbc6fb46
commit 2d93f57db5
1 changed files with 183 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

186
nixos/modules/services/desktops/geoclue2.nix
View file

@ -7,6 +7,56 @@ with lib;
let let
# the demo agent isn't built by default, but we need it here # the demo agent isn't built by default, but we need it here
package = pkgs.geoclue2.override { withDemoAgent = config.services.geoclue2.enableDemoAgent; }; package = pkgs.geoclue2.override { withDemoAgent = config.services.geoclue2.enableDemoAgent; };
cfg = config.services.geoclue2;
defaultWhitelist = [ "gnome-shell" "io.elementary.desktop.agent-geoclue2" ];
appConfigModule = types.submodule ({ name, ... }: {
options = {
desktopID = mkOption {
type = types.str;
description = "Desktop ID of the application.";
};
isAllowed = mkOption {
type = types.bool;
default = null;
description = ''
Whether the application will be allowed access to location information.
'';
};
isSystem = mkOption {
type = types.bool;
default = null;
description = ''
Whether the application is a system component or not.
'';
};
users = mkOption {
type = types.listOf types.str;
default = [];
description = ''
List of UIDs of all users for which this application is allowed location
info access, Defaults to an empty string to allow it for all users.
'';
};
};
config.desktopID = mkDefault name;
});
appConfigToINICompatible = _: { desktopID, isAllowed, isSystem, users, ... }: {
name = desktopID;
value = {
allowed = isAllowed;
system = isSystem;
users = concatStringsSep ";" users;
};
};
in in
{ {
@ -35,13 +85,102 @@ in
''; '';
}; };
enableNmea = mkOption {
type = types.bool;
default = true;
description = ''
Whether to fetch location from NMEA sources on local network.
'';
};
enable3G = mkOption {
type = types.bool;
default = true;
description = ''
Whether to enable 3G source.
'';
};
enableCDMA = mkOption {
type = types.bool;
default = true;
description = ''
Whether to enable CDMA source.
'';
};
enableModemGPS = mkOption {
type = types.bool;
default = true;
description = ''
Whether to enable Modem-GPS source.
'';
};
enableWifi = mkOption {
type = types.bool;
default = true;
description = ''
Whether to enable WiFi source.
'';
};
geoProviderUrl = mkOption {
type = types.str;
default = "https://location.services.mozilla.com/v1/geolocate?key=geoclue";
example = "https://www.googleapis.com/geolocation/v1/geolocate?key=YOUR_KEY";
description = ''
The url to the wifi GeoLocation Service.
'';
};
submitData = mkOption {
type = types.bool;
default = false;
description = ''
Whether to submit data to a GeoLocation Service.
'';
};
submissionUrl = mkOption {
type = types.str;
default = "https://location.services.mozilla.com/v1/submit?key=geoclue";
description = ''
The url to submit data to a GeoLocation Service.
'';
};
submissionNick = mkOption {
type = types.str;
default = "geoclue";
description = ''
A nickname to submit network data with.
Must be 2-32 characters long.
'';
};
appConfig = mkOption {
type = types.loaOf appConfigModule;
default = {};
example = literalExample ''
"com.github.app" = {
isAllowed = true;
isSystem = true;
users = [ "300" ];
};
'';
description = ''
Specify extra settings per application.
'';
};
}; };
}; };
###### implementation ###### implementation
config = mkIf config.services.geoclue2.enable { config = mkIf cfg.enable {
environment.systemPackages = [ package ]; environment.systemPackages = [ package ];
@ -49,9 +188,14 @@ in
systemd.packages = [ package ]; systemd.packages = [ package ];
# restart geoclue service when the configuration changes
systemd.services."geoclue".restartTriggers = [
config.environment.etc."geoclue/geoclue.conf".source
];
# this needs to run as a user service, since it's associated with the # this needs to run as a user service, since it's associated with the
# user who is making the requests # user who is making the requests
systemd.user.services = mkIf config.services.geoclue2.enableDemoAgent { systemd.user.services = mkIf cfg.enableDemoAgent {
"geoclue-agent" = { "geoclue-agent" = {
description = "Geoclue agent"; description = "Geoclue agent";
script = "${package}/libexec/geoclue-2.0/demos/agent"; script = "${package}/libexec/geoclue-2.0/demos/agent";
@ -62,7 +206,41 @@ in
}; };
}; };
environment.etc."geoclue/geoclue.conf".source = "${package}/etc/geoclue/geoclue.conf"; services.geoclue2.appConfig."epiphany" = {
}; isAllowed = true;
isSystem = false;
};
services.geoclue2.appConfig."firefox" = {
isAllowed = true;
isSystem = false;
};
environment.etc."geoclue/geoclue.conf".text =
generators.toINI {} ({
agent = {
whitelist = concatStringsSep ";"
(optional cfg.enableDemoAgent "geoclue-demo-agent" ++ defaultWhitelist);
};
network-nmea = {
enable = cfg.enableNmea;
};
"3g" = {
enable = cfg.enable3G;
};
cdma = {
enable = cfg.enableCDMA;
};
modem-gps = {
enable = cfg.enableModemGPS;
};
wifi = {
enable = cfg.enableWifi;
url = cfg.geoProviderUrl;
submit-data = boolToString cfg.submitData;
submission-url = cfg.submissionUrl;
submission-nick = cfg.submissionNick;
};
} // mapAttrs' appConfigToINICompatible cfg.appConfig);
};
} }