182 lines
No EOL
4.4 KiB
Bash
182 lines
No EOL
4.4 KiB
Bash
printf "[daemon]\nAutomaticLoginEnable=true\nAutomaticLogin=kiosk\n\n[security]\n\n[xdmcp]\n\n[chooser]\n\n[debug]\n" > /etc/gdm3/daemon.conf
|
|
|
|
|
|
# Firefox policy
|
|
# (I used to put this in /etc/firefox/policies/policies.json instead)
|
|
mkdir -p /usr/lib/firefox-esr/distribution
|
|
tee /usr/lib/firefox-esr/distribution/policies.json > /dev/null <<'EOF'
|
|
{
|
|
"policies": {
|
|
"AppAutoUpdate": true,
|
|
"BackgroundAppUpdate": true,
|
|
"BlockAboutAddons": true,
|
|
"BlockAboutConfig": true,
|
|
"BlockAboutProfiles": true,
|
|
"BlockAboutSupport": true,
|
|
"DisableDeveloperTools": true,
|
|
"BlockAboutAddons": true,
|
|
"BlockAboutConfig": true,
|
|
"BlockAboutProfiles": true,
|
|
"BlockAboutSupport": true,
|
|
"DisableFeedbackCommands": true,
|
|
"DisableFirefoxAccounts": true,
|
|
"DisableFirefoxScreenshots": true,
|
|
"DisableFirefoxStudies": true,
|
|
"DisableForgetButton": true,
|
|
"DisableFormHistory": true,
|
|
"DisablePocket": true,
|
|
"DisablePrivateBrowsing": true,
|
|
"DisableProfileImport": true,
|
|
"DisableProfileRefresh": true,
|
|
"DisableSafeMode": true,
|
|
"DisablePocket": true,
|
|
"DisableFirefoxScreenshots": true,
|
|
"DisableSetDesktopBackground": true,
|
|
"DisableTelemetry": true,
|
|
"DisplayBookmarksToolbar": "never",
|
|
"DisplayMenuBar": "never",
|
|
"EnableTrackingProtection": {
|
|
"Cryptomining": true,
|
|
"Fingerprinting": true,
|
|
"Value": true
|
|
},
|
|
"ExtensionSettings": {
|
|
"*": {
|
|
"installation_mode": "allowed"
|
|
}
|
|
},
|
|
"FirefoxHome": {
|
|
"Highlights": false,
|
|
"Pocket": false,
|
|
"Search": false,
|
|
"SponsoredPocket": false,
|
|
"SponsoredTopSites": false,
|
|
"TopSites": false
|
|
},
|
|
"Homepage": {
|
|
"StartPage": "homepage",
|
|
"URL": "https://mahn.ke",
|
|
"Locked": true
|
|
},
|
|
"ManualAppUpdateOnly": true,
|
|
"NewTabPage": {
|
|
"Enabled": false
|
|
},
|
|
"DownloadDirectory": {
|
|
"Path": "C:\\KioskDownloads",
|
|
"Locked": true
|
|
},
|
|
"PictureInPicture": {
|
|
"Enabled": false
|
|
},
|
|
"Preferences": {
|
|
"extensions.getAddons.showPane": {
|
|
"Status": "locked",
|
|
"Type": "boolean",
|
|
"Value": false
|
|
},
|
|
"ui.key.menuAccessKeyFocuses": {
|
|
"Status": "locked",
|
|
"Type": "boolean",
|
|
"Value": false
|
|
}
|
|
},
|
|
"PromptForDownloadLocation": false,
|
|
"StartDownloadsInTempDirectory": false,
|
|
"DisableAppUpdate": true,
|
|
"Permissions": {
|
|
"Camera": "deny",
|
|
"Microphone": "deny",
|
|
"Location": "deny",
|
|
"Notifications": "deny"
|
|
},
|
|
"SanitizeOnShutdown": {
|
|
"Cache": true,
|
|
"Cookies": true,
|
|
"Downloads": true,
|
|
"FormData": true,
|
|
"History": true,
|
|
"OfflineApps": true,
|
|
"Sessions": true,
|
|
"SiteSettings": true
|
|
},
|
|
"ShowHomeButton": false,
|
|
"UserMessaging": {
|
|
"ExtensionRecommendations": false,
|
|
"FeatureRecommendations": false,
|
|
"MoreFromMozilla": false,
|
|
"SkipOnboarding": false,
|
|
"UrlbarInterventions": false,
|
|
"WhatsNew": false,
|
|
"FirefoxLabs": false,
|
|
"Locked": false
|
|
},
|
|
"DisplayMenuBar": false,
|
|
"DisplayBookmarksToolbar": false,
|
|
"WebsiteFilter": {
|
|
"Block": [
|
|
"<all_urls>"
|
|
],
|
|
"Exceptions": [
|
|
"*://*.c3nav.de/*",
|
|
"*://*.hvv.de/*",
|
|
"*://engel.events.ccc.de/*",
|
|
"*://*.chaos.social/*",
|
|
"*://*.events.ccc.de/*"
|
|
]
|
|
}
|
|
}
|
|
}
|
|
EOF
|
|
|
|
# Bash autostart of sway
|
|
tee /home/kiosk/.bash_profile > /dev/null <<'EOF'
|
|
if [ -z "$WAYLAND_DISPLAY" ] && [ "$(tty)" = "/dev/tty1" ]; then
|
|
exec sway
|
|
fi
|
|
EOF
|
|
|
|
# Sway config
|
|
mkdir -p /home/kiosk/.config/sway/
|
|
tee /home/kiosk/.config/sway/config > /dev/null <<'EOF'
|
|
input type:pointer {
|
|
events disabled
|
|
}
|
|
|
|
input type:keyboard {
|
|
events disabled
|
|
}
|
|
|
|
input type:touch {
|
|
events enabled
|
|
}
|
|
|
|
input * xkb_layout de
|
|
|
|
## This may not be needed if there is a systemd unit
|
|
# exec_always firefox --wayland --kiosk
|
|
EOF
|
|
|
|
|
|
# Systemd unit
|
|
mkdir -p /home/kiosk/.config/systemd/user/
|
|
tee /home/kiosk/.config/systemd/user/firefox-kiosk.service > /dev/null <<'EOF'
|
|
service
|
|
[Unit]
|
|
Description=Firefox im Kiosk-Mode
|
|
|
|
[Service]
|
|
Type=simple
|
|
TimeoutStartSec=0
|
|
ExecStart=/usr/bin/firefox --kiosk
|
|
Environment=DISPLAY=:0
|
|
Restart=always
|
|
|
|
[Install]
|
|
WantedBy=default.target
|
|
EOF
|
|
mkdir -p /home/kiosk/.config/systemd/user/default.target.wants/
|
|
ln -s /home/kiosk/.config/systemd/user/firefox-kiosk.service /home/kiosk/.config/systemd/user/default.target.wants/firefox-kiosk.service
|
|
|
|
|
|
chown -R kiosk:kiosk /home/kiosk/.config |