printf "[daemon]\nAutomaticLoginEnable=true\nAutomaticLogin=kiosk\n\n[security]\n\n[xdmcp]\n\n[chooser]\n\n[debug]\n" > /etc/gdm3/daemon.conf # Firefox policy # (I used to put this in /etc/firefox/policies/policies.json instead) mkdir -p /usr/lib/firefox-esr/distribution tee /usr/lib/firefox-esr/distribution/policies.json > /dev/null <<'EOF' { "policies": { "AppAutoUpdate": true, "BackgroundAppUpdate": true, "BlockAboutAddons": true, "BlockAboutConfig": true, "BlockAboutProfiles": true, "BlockAboutSupport": true, "DisableDeveloperTools": true, "BlockAboutAddons": true, "BlockAboutConfig": true, "BlockAboutProfiles": true, "BlockAboutSupport": true, "DisableFeedbackCommands": true, "DisableFirefoxAccounts": true, "DisableFirefoxScreenshots": true, "DisableFirefoxStudies": true, "DisableForgetButton": true, "DisableFormHistory": true, "DisablePocket": true, "DisablePrivateBrowsing": true, "DisableProfileImport": true, "DisableProfileRefresh": true, "DisableSafeMode": true, "DisablePocket": true, "DisableFirefoxScreenshots": true, "DisableSetDesktopBackground": true, "DisableTelemetry": true, "DisplayBookmarksToolbar": "never", "DisplayMenuBar": "never", "EnableTrackingProtection": { "Cryptomining": true, "Fingerprinting": true, "Value": true }, "ExtensionSettings": { "*": { "installation_mode": "allowed" } }, "FirefoxHome": { "Highlights": false, "Pocket": false, "Search": false, "SponsoredPocket": false, "SponsoredTopSites": false, "TopSites": false }, "Homepage": { "StartPage": "homepage", "URL": "https://mahn.ke", "Locked": true }, "ManualAppUpdateOnly": true, "NewTabPage": { "Enabled": false }, "DownloadDirectory": { "Path": "C:\\KioskDownloads", "Locked": true }, "PictureInPicture": { "Enabled": false }, "Preferences": { "extensions.getAddons.showPane": { "Status": "locked", "Type": "boolean", "Value": false }, "ui.key.menuAccessKeyFocuses": { "Status": "locked", "Type": "boolean", "Value": false } }, "PromptForDownloadLocation": false, "StartDownloadsInTempDirectory": false, "DisableAppUpdate": true, "Permissions": { "Camera": "deny", "Microphone": "deny", "Location": "deny", "Notifications": "deny" }, "SanitizeOnShutdown": { "Cache": true, "Cookies": true, "Downloads": true, "FormData": true, "History": true, "OfflineApps": true, "Sessions": true, "SiteSettings": true }, "ShowHomeButton": false, "UserMessaging": { "ExtensionRecommendations": false, "FeatureRecommendations": false, "MoreFromMozilla": false, "SkipOnboarding": false, "UrlbarInterventions": false, "WhatsNew": false, "FirefoxLabs": false, "Locked": false }, "DisplayMenuBar": false, "DisplayBookmarksToolbar": false, "WebsiteFilter": { "Block": [ "" ], "Exceptions": [ "*://*.c3nav.de/*", "*://*.hvv.de/*", "*://engel.events.ccc.de/*", "*://*.chaos.social/*", "*://*.events.ccc.de/*" ] } } } EOF # Bash autostart of sway tee /home/kiosk/.bash_profile > /dev/null <<'EOF' if [ -z "$WAYLAND_DISPLAY" ] && [ "$(tty)" = "/dev/tty1" ]; then exec sway fi EOF # Sway config mkdir -p /home/kiosk/.config/sway/ tee /home/kiosk/.config/sway/config > /dev/null <<'EOF' input type:pointer { events disabled } input type:keyboard { events disabled } input type:touch { events enabled } input * xkb_layout de ## This may not be needed if there is a systemd unit # exec_always firefox --wayland --kiosk EOF # Systemd unit mkdir -p /home/kiosk/.config/systemd/user/ tee /home/kiosk/.config/systemd/user/firefox-kiosk.service > /dev/null <<'EOF' service [Unit] Description=Firefox im Kiosk-Mode [Service] Type=simple TimeoutStartSec=0 ExecStart=/usr/bin/firefox --kiosk Environment=DISPLAY=:0 Restart=always [Install] WantedBy=default.target EOF mkdir -p /home/kiosk/.config/systemd/user/default.target.wants/ ln -s /home/kiosk/.config/systemd/user/firefox-kiosk.service /home/kiosk/.config/systemd/user/default.target.wants/firefox-kiosk.service chown -R kiosk:kiosk /home/kiosk/.config