blob: 381aeefe2e67a6333f56b4c8ac05c9ef1f0b8188 (
plain) (
tree)
|
|
#!/bin/sh
: ${desktop_access_gid:='40000'}
: ${sddm_min_uid:='10000'}
: ${sddm_max_uid:='19999'}
: ${cups_host:='cups'}
: ${ublock_whitelist:=''}
: ${chrome_flags:=''}
sddm_user=sddm
cups_conf_dir=/usr/local/etc/cups
if [ "${enable_idm:-}" = false ]; then
desktop_access_role=operator
else
ldap_add "cn=${desktop_access_role},${roles_basedn}" <<EOF
objectClass: groupOfMembers
objectClass: posixGroup
cn: ${desktop_access_role}
gidNumber: ${desktop_access_gid}
EOF
fi
# Load linux kernel modules.
sysrc -v linux_enable=YES
# Enable FUSE.
sysrc -v kld_list+=fusefs
# Install packages common to all DEs.
pkg install -y $desktop_common_packages
# Install profile script for improving experience on NFS homedirs.
install_file -m 0555 /etc/profile.d/local-homedir.sh
# Create ZFS dataset for local homedirs.
create_dataset -o mountpoint=/usr/local/home "${state_dataset}/home"
zfs set \
com.sun:auto-snapshot:hourly=true \
com.sun:auto-snapshot:daily=true \
com.sun:auto-snapshot:weekly=true \
"${state_dataset}/home"
# Enable sndio.
sysrc -v sndiod_enable=YES
service sndiod status || service sndiod start
# Create local group for desktop-access.
# This is for *local* users that need access to the drm device.
add_group -g "$desktop_access_gid" "$desktop_access_role"
# Create desktop devfs ruleset.
install_template -m 0644 /etc/devfs.rules
sysrc -v "devfs_system_ruleset=${devfs_local_ruleset_name}"
service devfs restart
# Enable webcamd.
sysrc -v webcamd_enable=YES
service webcamd status || service webcamd start
# Create xdg autostart entry to add our Root CA to Chrome's certificate store.
install_file -m 0644 /usr/local/etc/xdg/autostart/nss-trust-root-ca.desktop
install_file -m 0555 /usr/local/libexec/nss-trust-root-ca
# Install gajim desktop file.
install_file -m 0644 /usr/local/share/applications/gajim.desktop
case $desktop_type in
i3)
pkg install -y $desktop_i3_packages
;;
kde)
# Install KDE packages.
pkg install -y $desktop_kde_packages
# Add sddm user to drm access group.
pw groupmod "$desktop_access_role" -m "$sddm_user"
# Configure pam services.
install_file -m 0644 \
/etc/pam.d/sddm \
/etc/pam.d/kde
# Copy SDDM config file.
install_template -m 0644 /usr/local/etc/sddm.conf
# Create profile script for KDE environment variables.
install_file -m 0644 /etc/profile.d/kde.sh
# Create SDDM local homedir.
install_directory -o sddm -g sddm -m 0700 /usr/local/home/sddm
# Create shutdown script to cleanup lingering processes.
install_directory -m 0755 \
/usr/local/etc/xdg/plasma-workspace \
/usr/local/etc/xdg/plasma-workspace/shutdown
install_file -m 0555 /usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh
# Disable baloo file search.
# Don't know anyone that uses it, and litters $HOME with .nfs files whenever
# any file is deleted.
install_file -m 0644 /usr/local/etc/xdg/baloofilerc
# Disable user switching
# Broken with consolekit: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221452
# VT switch causes loss of graphics acceleration: https://github.com/freebsd/drm-kmod/issues/175
install_file -m 0644 /usr/local/etc/xdg/kdeglobals
# Enable sddm.
sysrc -v sddm_enable=YES
;;
esac
# Tune sysctls for desktop usage.
set_sysctl \
net.local.stream.recvspace=65536 \
net.local.stream.sendspace=65536 \
kern.sched.preempt_thresh=224 \
vfs.usermount=1
set_loader_conf \
kern.ipc.shmseg=1024 \
kern.ipc.shmmni=1024 \
kern.maxproc=100000 \
hw.pci.do_power_nodriver=3
# Create policy file for firefox.
install_directory -m 0755 /usr/local/lib/firefox/distribution
install_template -m 0644 /usr/local/lib/firefox/distribution/policies.json
# Create policy file for thunderbird.
install_directory -m 0755 /usr/local/lib/thunderbird/distribution
install_template -m 0644 /usr/local/lib/thunderbird/distribution/policies.json
# Create policy file for chromium.
install_directory -m 0755 \
/usr/local/etc/chromium/policies \
/usr/local/etc/chromium/policies/managed
install_template -m 0644 /usr/local/etc/chromium/policies/managed/policies.json
# Configure libreoffice
install_file -m 0644 /usr/local/lib/libreoffice/program/sofficerc
# Add terminus font to X11
install_file -m 0644 /usr/local/etc/X11/xorg.conf.d/terminus.conf
# Create xdg override directory.
install_directory -m 0755 \
"${xdg_override_dir}" \
"${xdg_override_dir}/applications"
# Create xdg application overrides.
install_template -m 0644 \
"${xdg_override_dir}/applications/signal-desktop.desktop" \
"${xdg_override_dir}/applications/chromium-browser.desktop"
# Create polkit rules for shutdown/reboot/suspend
install_template -m 0644 /usr/local/etc/polkit-1/rules.d/51-desktop.rules
# Enable dbus.
sysrc -v dbus_enable=YES
service dbus status || service dbus start
# Configure CUPS.
pkg install -y cups
install_template -m 0644 "${cups_conf_dir}/client.conf"
# Configure graphics drivers.
case $graphics_type in
intel)
pkg install -y drm-kmod libva-intel-media-driver
sysrc -v kld_list+=i915kms
load_kernel_module i915kms
set_loader_conf \
compat.linuxkpi.i915_enable_fbc=1 \
compat.linuxkpi.i915_fastboot=1
;;
esac
# On some graphics cards, kern.vt.suspendswitch=1 (the default) breaks graphics
# acceleration after resuming from sleep.
set_sysctl kern.vt.suspendswitch="${vt_suspendswitch:-1}"
# Start login manager.
case $desktop_type in
kde)
# We have to redirect the output here because sddm holds FDs open :(
service sddm status || service sddm start > /dev/null 2>&1 < /dev/null || die 'failed to start sddm'
;;
esac
|
