diff options
author | José Bollo <jose.bollo@iot.bzh> | 2017-11-23 15:44:24 +0100 |
---|---|---|
committer | José Bollo <jose.bollo@iot.bzh> | 2017-11-24 17:44:58 +0100 |
commit | 7998a472352c0272a90c66ab45c4c2758cd6040a (patch) | |
tree | de3fb484fa2bca0850354f611551b049083d1420 /conf/unit | |
parent | 633ebe33015554a14b773053188e2faba0faff04 (diff) |
Rework on systemd start of user sessions
Change-Id: Iad46596435eebdc5c521b572fd8320b52a61d197
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'conf/unit')
-rw-r--r-- | conf/unit/CMakeLists.txt | 31 | ||||
-rw-r--r-- | conf/unit/afm-unit-debug.conf.in | 224 | ||||
-rw-r--r-- | conf/unit/afm-unit.conf.in | 224 | ||||
-rw-r--r-- | conf/unit/generate-unit-conf/Makefile | 25 | ||||
-rw-r--r-- | conf/unit/generate-unit-conf/afm-unit | 149 | ||||
-rw-r--r-- | conf/unit/generate-unit-conf/binder.inc | 46 | ||||
-rw-r--r-- | conf/unit/generate-unit-conf/provided.inc | 38 | ||||
-rw-r--r-- | conf/unit/generate-unit-conf/service.inc | 115 |
8 files changed, 852 insertions, 0 deletions
diff --git a/conf/unit/CMakeLists.txt b/conf/unit/CMakeLists.txt new file mode 100644 index 0000000..69f201d --- /dev/null +++ b/conf/unit/CMakeLists.txt @@ -0,0 +1,31 @@ +########################################################################### +# Copyright 2015, 2016, 2017 IoT.bzh +# +# author: José Bollo <jose.bollo@iot.bzh> +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +########################################################################### + +cmake_minimum_required(VERSION 2.8) + +if(AGL_DEVEL) + configure_file(afm-unit-debug.conf.in afm-unit.conf) +else() + configure_file(afm-unit.conf.in afm-unit.conf) +endif() + +if(NOT USE_SDK) + install(DIRECTORY DESTINATION ${afm_confdir}/unit.env.d) + install(FILES ${CMAKE_CURRENT_BINARY_DIR}/afm-unit.conf DESTINATION ${afm_confdir}) +endif() + diff --git a/conf/unit/afm-unit-debug.conf.in b/conf/unit/afm-unit-debug.conf.in new file mode 100644 index 0000000..8c435d5 --- /dev/null +++ b/conf/unit/afm-unit-debug.conf.in @@ -0,0 +1,224 @@ +;--------------------------------------------------------------------------------- +; File: +; +; afm-unit.conf +; +; Mode: +; +; DEVEL +; +; Role: +; +; Configure how installation of widget produces unit files for systemd +; +; Processing and format: +; +; 1. File load +; +; Lines beginning with ; are firstly removed +; +; 2. File instantiation +; +; Mustache (extended) substitutions are applied using JSON +; data deduced from config.xml file of the widget. +; +; 3. Extraction of units +; +; Extract produced units, pack it (remove empty lines and directives) +; +; Directives: +; +; Any directive occupy one whole line starting with % +; +; - %nl +; +; produce an empty line at the end +; +; - %begin systemd-unit +; - %end systemd-unit +; +; delimit the produced unit +; +; - %systemd-unit user +; - %systemd-unit system +; +; tells the kind of unit (user/system) +; +; - %systemd-unit service NAME +; - %systemd-unit socket NAME +; +; gives the name and type of the unit +; +; - %systemd-unit wanted-by NAME +; +; tells to install a link to unit in the wants of NAME +; +; Setting variables: +; +; AFM uses the feature of systemd that completely ignores options prefixed +; with X- +; +; Consequently, options starting with X-AFM- are recorded as public data +; about the application and options starting starting with X-AFM-- are +; recorded as private data. +; +; Examples: +; +; X-AFM-description={{description}} +; +; Records the description of the unit in the field "description" +; of both the public and private object describing the unit. +; +; X-AFM--wgtdir={{:#metadata.install-dir}} +; +; Records the installation directory path in the field "wgtdir" +; of the private object only. +; +;--------------------------------------------------------------------------------- +{{#targets}} +;--------------------------------------------------------------------------------- +;---- M A I N P A R T O F T H E S E R V I C E ---- +;--------------------------------------------------------------------------------- +%begin systemd-unit +# auto generated by wgtpkg-unit for {{:id}} version {{:version}} target {{:#target}} of {{:idaver}} +%nl +%systemd-unit system +%systemd-unit service afm-{{#required-permission.urn:AGL:permission::public:hidden}}service{{/required-permission.urn:AGL:permission::public:hidden}}{{^required-permission.urn:AGL:permission::public:hidden}}appli{{/required-permission.urn:AGL:permission::public:hidden}}-{{:id}}--{{:ver}}--{{:#target}}@ +[Unit] +Description={{description}} +X-AFM-description={{description}} +X-AFM-name={{name.content}} +X-AFM-shortname={{name.short}} +X-AFM-id={{idaver}}{{^#target=main}}@{{:#target}}{{/#target=main}} +X-AFM-version={{:version}} +X-AFM-author={{author.content}} +X-AFM-author-email={{author.email}} +X-AFM-width={{width}} +X-AFM-height={{height}} +{{#icon}} +X-AFM-icon={{:#metadata.install-dir}}/{{:src}} +{{/icon}} +X-AFM--ID={{:id}} +X-AFM--target-name={{:#target}} +X-AFM--content={{content.src}} +X-AFM--type={{content.type}} +X-AFM--wgtdir={{:#metadata.install-dir}} +X-AFM--workdir=/home/%i/app-data/{{:id}} +%nl +Wants=afm-user-session@%i.target +After=afm-user-setup@%i.service +# Adds check to smack +ConditionSecurity=smack +%nl +# Automatic bound to required api +{{#required-api}} +{{#value=auto|ws}} +BindsTo=afm-api-ws-{{name}}@%i.socket +After=afm-api-ws-{{name}}@%i.socket +{{/value=auto|ws}} +{{/required-api}} +%nl +[Service] +EnvironmentFile=-@afm_confdir@/unit.env.d/* +SmackProcessLabel=User::App::{{:id}} +SuccessExitStatus=0 SIGKILL +User=%i +Slice=user-%i.slice +#CapabilityBoundingSet= +#AmbientCapabilities= +{{#required-permission.urn:AGL:permission::platform:no-oom}}OOMScoreAdjust=-500{{/required-permission.urn:AGL:permission::platform:no-oom}} +{{#required-permission.urn:AGL:permission::partner:real-time}}IOSchedulingClass=realtime{{/required-permission.urn:AGL:permission::partner:real-time}} +{{#required-permission.urn:AGL:permission::public:display}}SupplementaryGroups=display{{/required-permission.urn:AGL:permission::public:display}} +{{^required-permission.urn:AGL:permission::public:syscall:clock}}SystemCallFilter=~@clock{{/required-permission.urn:AGL:permission::public:syscall:clock}} +%nl +WorkingDirectory=-/home/%i/app-data/{{:id}} +ExecStartPre=/bin/mkdir -p /home/%i/app-data/{{:id}} +Environment=AFM_APP_INSTALL_DIR={{:#metadata.install-dir}} +Environment=PATH=/usr/sbin:/usr/bin:/sbin:/bin:{{:#metadata.install-dir}} +Environment=XDG_DATA_HOME=/home/%i/app-data/{{:id}} +Environment=XDG_CONFIG_HOME=/home/%i/app-data/{{:id}} +Environment=XDG_CACHE_HOME=/home/%i/app-data/{{:id}} +Environment=XDG_RUNTIME_DIR=/run/user/%i +Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/%i/bus +Environment=LD_LIBRARY_PATH=$ORIGIN/lib +; Needed to enable debug +Environment=AFM_ID={{idaver}}{{^#target=main}}@{{:#target}}{{/#target=main}} +EnvironmentFile=-/var/run/afm-debug/{{idaver}}{{^#target=main}}@{{:#target}}{{/#target=main}}.env +SyslogIdentifier=afbd-{{idaver}}{{^#target=main}}@{{:#target}}{{/#target=main}} +StandardInput=null +StandardOutput=journal +StandardError=journal +;--------------------------------------------------------------------------------- +;---- text/html application/vnd.agl.native application/vnd.agl.service ---- +;--------------------------------------------------------------------------------- +{{#content.type=text/html|application/vnd.agl.native|application/vnd.agl.service}} +X-AFM-http-port={{:#metadata.http-port}} +Type=notify +ExecStart=/usr/bin/afb-daemon \ + --name afbd-{{idaver}}{{^#target=main}}@{{:#target}}{{/#target=main}} \ + --rootdir={{:#metadata.install-dir}} \ + --workdir=/home/%i/app-data/{{id}} \ + --verbose \ + --verbose \ + --monitoring \ + --port={{:#metadata.http-port}} \ + --token=HELLO \ + --roothttp={{#content.type=application/vnd.agl.service}}.{{/content.type=application/vnd.agl.service}}{{^content.type=application/vnd.agl.service}}{{#required-permission.urn:AGL:permission::public:no-htdocs}}.{{/required-permission.urn:AGL:permission::public:no-htdocs}}{{^required-permission.urn:AGL:permission::public:no-htdocs}}htdocs{{/required-permission.urn:AGL:permission::public:no-htdocs}}{{/content.type=application/vnd.agl.service}} \ + {{#required-permission.urn:AGL:permission::public:applications:read}}--alias=/icons:{{:#metadata.icons-dir}}{{/required-permission.urn:AGL:permission::public:applications:read}} \ + {{#required-api}} \ + {{#value=auto|ws}}--ws-client=unix:/run/user/%i/apis/ws/{{name}}{{/value=auto|ws}} \ + {{#value=dbus}}--dbus-client={{name}}{{/value=dbus}} \ + {{#value=link}}--binding=/run/user/%i/apis/lib/{{name}}{{/value=link}} \ + {{#value=cloud}}--cloud-client={{name}}{{/value=cloud}} \ + {{#value=local}}--binding={{:#metadata.install-dir}}/{{name}}{{/value=local}} \ + {{/required-api}} \ + {{#provided-api}} \ + {{#value=auto|ws}}--ws-server=sd:{{name}}{{/value=auto|ws}} \ + {{#value=dbus}}--dbus-server={{name}}{{/value=dbus}} \ + {{/provided-api}} \ + {{#content.type=text/html}}--exec /usr/bin/web-runtime http://localhost:@p/{{content.src}}?token=@t{{/content.type=text/html}} \ + {{#content.type=application/vnd.agl.native}}--exec {{:#metadata.install-dir}}/{{content.src}} @p @t{{/content.type=application/vnd.agl.native}} +{{/content.type=text/html|application/vnd.agl.native|application/vnd.agl.service}} +;--------------------------------------------------------------------------------- +;---- application/x-executable ---- +;--------------------------------------------------------------------------------- +{{#content.type=application/x-executable}} +ExecStart={{:#metadata.install-dir}}/{{content.src}} +{{/content.type=application/x-executable}} +{{#required-permission.urn:AGL:permission::system:run-by-default}} +;--------------------------------------------------------------------------------- +; auto start +;--------------------------------------------------------------------------------- +[Install] +WantedBy=agl-user-session@.target +%systemd-unit wanted-by agl-user-session@.target +{{/required-permission.urn:AGL:permission::system:run-by-default}} +%end systemd-unit +;--------------------------------------------------------------------------------- +;---- P R O V I D E D A P I S ---- +;--------------------------------------------------------------------------------- +{{#provided-api}} +{{#value=ws|auto}} +%begin systemd-unit +# auto generated by wgtpkg-unit for {{:id}} version {{:version}} target {{:#target}} of {{:idaver}} +%systemd-unit system +%systemd-unit socket afm-api-ws-{{name}}@ +[Unit] +Description=Provides api {{name}} for user %i +After=afm-user-setup@%i.service +[Socket] +SmackLabel=* +ListenStream=/run/user/%i/apis/ws/{{name}} +FileDescriptorName={{name}} +Service=afm-{{#required-permission.urn:AGL:permission::public:hidden}}service{{/required-permission.urn:AGL:permission::public:hidden}}{{^required-permission.urn:AGL:permission::public:hidden}}appli{{/required-permission.urn:AGL:permission::public:hidden}}-{{:id}}--{{:ver}}--{{:#target}}@%i.service +%nl +[Install] +WantedBy=agl-user-session@.target +%systemd-unit wanted-by agl-user-session@.target +%end systemd-unit +{{/value=ws|auto}} +{{/provided-api}} +{{/targets}} +;--------------------------------------------------------------------------------- +; End of file afm-unit.conf mode DEVEL +;--------------------------------------------------------------------------------- diff --git a/conf/unit/afm-unit.conf.in b/conf/unit/afm-unit.conf.in new file mode 100644 index 0000000..64c2f23 --- /dev/null +++ b/conf/unit/afm-unit.conf.in @@ -0,0 +1,224 @@ +;--------------------------------------------------------------------------------- +; File: +; +; afm-unit.conf +; +; Mode: +; +; RELEASE +; +; Role: +; +; Configure how installation of widget produces unit files for systemd +; +; Processing and format: +; +; 1. File load +; +; Lines beginning with ; are firstly removed +; +; 2. File instantiation +; +; Mustache (extended) substitutions are applied using JSON +; data deduced from config.xml file of the widget. +; +; 3. Extraction of units +; +; Extract produced units, pack it (remove empty lines and directives) +; +; Directives: +; +; Any directive occupy one whole line starting with % +; +; - %nl +; +; produce an empty line at the end +; +; - %begin systemd-unit +; - %end systemd-unit +; +; delimit the produced unit +; +; - %systemd-unit user +; - %systemd-unit system +; +; tells the kind of unit (user/system) +; +; - %systemd-unit service NAME +; - %systemd-unit socket NAME +; +; gives the name and type of the unit +; +; - %systemd-unit wanted-by NAME +; +; tells to install a link to unit in the wants of NAME +; +; Setting variables: +; +; AFM uses the feature of systemd that completely ignores options prefixed +; with X- +; +; Consequently, options starting with X-AFM- are recorded as public data +; about the application and options starting starting with X-AFM-- are +; recorded as private data. +; +; Examples: +; +; X-AFM-description={{description}} +; +; Records the description of the unit in the field "description" +; of both the public and private object describing the unit. +; +; X-AFM--wgtdir={{:#metadata.install-dir}} +; +; Records the installation directory path in the field "wgtdir" +; of the private object only. +; +;--------------------------------------------------------------------------------- +{{#targets}} +;--------------------------------------------------------------------------------- +;---- M A I N P A R T O F T H E S E R V I C E ---- +;--------------------------------------------------------------------------------- +%begin systemd-unit +# auto generated by wgtpkg-unit for {{:id}} version {{:version}} target {{:#target}} of {{:idaver}} +%nl +%systemd-unit system +%systemd-unit service afm-{{#required-permission.urn:AGL:permission::public:hidden}}service{{/required-permission.urn:AGL:permission::public:hidden}}{{^required-permission.urn:AGL:permission::public:hidden}}appli{{/required-permission.urn:AGL:permission::public:hidden}}-{{:id}}--{{:ver}}--{{:#target}}@ +[Unit] +Description={{description}} +X-AFM-description={{description}} +X-AFM-name={{name.content}} +X-AFM-shortname={{name.short}} +X-AFM-id={{idaver}}{{^#target=main}}@{{:#target}}{{/#target=main}} +X-AFM-version={{:version}} +X-AFM-author={{author.content}} +X-AFM-author-email={{author.email}} +X-AFM-width={{width}} +X-AFM-height={{height}} +{{#icon}} +X-AFM-icon={{:#metadata.install-dir}}/{{:src}} +{{/icon}} +X-AFM--ID={{:id}} +X-AFM--target-name={{:#target}} +X-AFM--content={{content.src}} +X-AFM--type={{content.type}} +X-AFM--wgtdir={{:#metadata.install-dir}} +X-AFM--workdir=/home/%i/app-data/{{:id}} +%nl +Wants=afm-user-session@%i.target +After=afm-user-setup@%i.service +# Adds check to smack +ConditionSecurity=smack +%nl +# Automatic bound to required api +{{#required-api}} +{{#value=auto|ws}} +BindsTo=afm-api-ws-{{name}}@%i.socket +After=afm-api-ws-{{name}}@%i.socket +{{/value=auto|ws}} +{{/required-api}} +%nl +[Service] +EnvironmentFile=-@afm_confdir@/unit.env.d/* +SmackProcessLabel=User::App::{{:id}} +SuccessExitStatus=0 SIGKILL +User=%i +Slice=user-%i.slice +#CapabilityBoundingSet= +#AmbientCapabilities= +{{#required-permission.urn:AGL:permission::platform:no-oom}}OOMScoreAdjust=-500{{/required-permission.urn:AGL:permission::platform:no-oom}} +{{#required-permission.urn:AGL:permission::partner:real-time}}IOSchedulingClass=realtime{{/required-permission.urn:AGL:permission::partner:real-time}} +{{#required-permission.urn:AGL:permission::public:display}}SupplementaryGroups=display{{/required-permission.urn:AGL:permission::public:display}} +{{^required-permission.urn:AGL:permission::public:syscall:clock}}SystemCallFilter=~@clock{{/required-permission.urn:AGL:permission::public:syscall:clock}} +%nl +WorkingDirectory=-/home/%i/app-data/{{:id}} +ExecStartPre=/bin/mkdir -p /home/%i/app-data/{{:id}} +Environment=AFM_APP_INSTALL_DIR={{:#metadata.install-dir}} +Environment=PATH=/usr/sbin:/usr/bin:/sbin:/bin:{{:#metadata.install-dir}} +Environment=XDG_DATA_HOME=/home/%i/app-data/{{:id}} +Environment=XDG_CONFIG_HOME=/home/%i/app-data/{{:id}} +Environment=XDG_CACHE_HOME=/home/%i/app-data/{{:id}} +Environment=XDG_RUNTIME_DIR=/run/user/%i +Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/%i/bus +Environment=LD_LIBRARY_PATH=$ORIGIN/lib +SyslogIdentifier=afbd-{{idaver}}{{^#target=main}}@{{:#target}}{{/#target=main}} +StandardInput=null +StandardOutput=journal +StandardError=journal +;--------------------------------------------------------------------------------- +;---- text/html application/vnd.agl.native application/vnd.agl.service ---- +;--------------------------------------------------------------------------------- +{{#content.type=text/html|application/vnd.agl.native|application/vnd.agl.service}} +{{^content.type=application/vnd.agl.service}} +X-AFM--http-port={{:#metadata.http-port}} +{{/content.type=application/vnd.agl.service}} +Type=notify +ExecStart=/usr/bin/afb-daemon \ + --name afbd-{{idaver}}{{^#target=main}}@{{:#target}}{{/#target=main}} \ + --rootdir={{:#metadata.install-dir}} \ + --workdir=/home/%i/app-data/{{id}} \ + {{#content.type=application/vnd.agl.service}} \ + --no-httpd \ + {{/content.type=application/vnd.agl.service}}{{^content.type=application/vnd.agl.service}} \ + --port={{:#metadata.http-port}} \ + --random-token \ + --roothttp={{#required-permission.urn:AGL:permission::public:no-htdocs}}.{{/required-permission.urn:AGL:permission::public:no-htdocs}}{{^required-permission.urn:AGL:permission::public:no-htdocs}}htdocs{{/required-permission.urn:AGL:permission::public:no-htdocs}} \ + {{/content.type=application/vnd.agl.service}} \ + {{#required-permission.urn:AGL:permission::public:applications:read}}--alias=/icons:{{:#metadata.icons-dir}}{{/required-permission.urn:AGL:permission::public:applications:read}} \ + {{#required-api}} \ + {{#value=auto|ws}}--ws-client=unix:/run/user/%i/apis/ws/{{name}}{{/value=auto|ws}} \ + {{#value=dbus}}--dbus-client={{name}}{{/value=dbus}} \ + {{#value=link}}--binding=/run/user/%i/apis/lib/{{name}}{{/value=link}} \ + {{#value=cloud}}--cloud-client={{name}}{{/value=cloud}} \ + {{#value=local}}--binding={{:#metadata.install-dir}}/{{name}}{{/value=local}} \ + {{/required-api}} \ + {{#provided-api}} \ + {{#value=auto|ws}}--ws-server=sd:{{name}}{{/value=auto|ws}} \ + {{#value=dbus}}--dbus-server={{name}}{{/value=dbus}} \ + {{/provided-api}} \ + {{#content.type=text/html}}--exec /usr/bin/web-runtime http://localhost:@p/{{content.src}}?token=@t{{/content.type=text/html}} \ + {{#content.type=application/vnd.agl.native}}--exec {{:#metadata.install-dir}}/{{content.src}} @p @t{{/content.type=application/vnd.agl.native}} +{{/content.type=text/html|application/vnd.agl.native|application/vnd.agl.service}} +;--------------------------------------------------------------------------------- +;---- application/x-executable ---- +;--------------------------------------------------------------------------------- +{{#content.type=application/x-executable}} +ExecStart={{:#metadata.install-dir}}/{{content.src}} +{{/content.type=application/x-executable}} +{{#required-permission.urn:AGL:permission::system:run-by-default}} +;--------------------------------------------------------------------------------- +; auto start +;--------------------------------------------------------------------------------- +[Install] +WantedBy=agl-user-session@.target +%systemd-unit wanted-by agl-user-session@.target +{{/required-permission.urn:AGL:permission::system:run-by-default}} +%end systemd-unit +;--------------------------------------------------------------------------------- +;---- P R O V I D E D A P I S ---- +;--------------------------------------------------------------------------------- +{{#provided-api}} +{{#value=ws|auto}} +%begin systemd-unit +# auto generated by wgtpkg-unit for {{:id}} version {{:version}} target {{:#target}} of {{:idaver}} +%systemd-unit system +%systemd-unit socket afm-api-ws-{{name}}@ +[Unit] +Description=Provides api {{name}} for user %i +After=afm-user-setup@%i.service +[Socket] +SmackLabel=* +ListenStream=/run/user/%i/apis/ws/{{name}} +FileDescriptorName={{name}} +Service=afm-{{#required-permission.urn:AGL:permission::public:hidden}}service{{/required-permission.urn:AGL:permission::public:hidden}}{{^required-permission.urn:AGL:permission::public:hidden}}appli{{/required-permission.urn:AGL:permission::public:hidden}}-{{:id}}--{{:ver}}--{{:#target}}@%i.service +%nl +[Install] +WantedBy=agl-user-session@.target +%systemd-unit wanted-by agl-user-session@.target +%end systemd-unit +{{/value=ws|auto}} +{{/provided-api}} +{{/targets}} +;--------------------------------------------------------------------------------- +; End of file afm-unit.conf mode RELEASE +;--------------------------------------------------------------------------------- diff --git a/conf/unit/generate-unit-conf/Makefile b/conf/unit/generate-unit-conf/Makefile new file mode 100644 index 0000000..5f5346b --- /dev/null +++ b/conf/unit/generate-unit-conf/Makefile @@ -0,0 +1,25 @@ +.PHONY: all + +MAIN = afm-unit + +FILES = $(MAIN) binder.inc provided.inc service.inc Makefile + +DIR = .. + +#AFM_CONFIG_DIR ?= /etc/afm +AFM_CONFIG_DIR ?= "@afm_confdir@" + +C = -DAFM_CONFIG_DIR=$(AFM_CONFIG_DIR) + +D = -DAGL_DEVEL + +all: $(DIR)/afm-unit.conf.in $(DIR)/afm-unit-debug.conf.in + +$(DIR)/afm-unit.conf.in: $(FILES) + @echo generating $@ + @m4 $C $< | sed '/^[ \t]*\\*[ \t]*$$/d' > $@ + +$(DIR)/afm-unit-debug.conf.in: $(FILES) + @echo generating $@ + @m4 $C $D $< | sed '/^[ \t]*\\*[ \t]*$$/d' > $@ + diff --git a/conf/unit/generate-unit-conf/afm-unit b/conf/unit/generate-unit-conf/afm-unit new file mode 100644 index 0000000..9a8cd62 --- /dev/null +++ b/conf/unit/generate-unit-conf/afm-unit @@ -0,0 +1,149 @@ +divert(-1) +dnl vim: set filetype=sysctl.conf.m4 syntax=sysctl.conf.m4: +----------------------------------------------------------------------- +-- Set the comment character of m4 to ; instead of # +-- This is needed for substitution within lines starting with # +changecom( ';') + +----------------------------------------------------------------------- +-- +define( `X_EMITS', 1) +define( `X_DIVERTS', `divert(eval(-!X_EMITS()))') +define( `X_PUSH_DIVERTS', `pushdef(`X_EMITS', eval(X_EMITS() && $1))X_DIVERTS()') + +define( `X_IF', `pushdef(`X_COND', $1)X_PUSH_DIVERTS($1)') +define( `X_ELSE', `popdef(`X_EMITS')X_PUSH_DIVERTS(eval(!X_COND))') +define( `X_ELIF', `X_ELSE()X_IF($1)') +define( `X_ENDIF', `popdef(`X_EMITS')popdef(`X_COND')X_DIVERTS()') + +define( `IF', `pushdef(`ELSE',`X_ELSE()')pushdef(`ELIF',`X_ELIF($1)')pushdef(`ENDIF',`X_ENDIF()popdef(`ELSE',`ELIF',`ENDIF')')X_IF($1)') + +----------------------------------------------------------------------- +-- +define( `MUSTACH_ON', `ifelse(`$2',,,`{{#$1}}`$2'{{/$1}}')ifelse(`$3',,,`{{^$1}}`$3'{{/$1}}')') +define( `MUSTACH_IF', `{{#$1}}pushdef(`ELSE',`{{/$1}}{{^$1}}')pushdef(`ENDIF',`{{/$1}}popdef(`ELSE',`ENDIF')')') +define( `MUSTACH_IF_NOT', `{{^$1}}pushdef(`ELSE',`{{/$1}}{{#$1}}')pushdef(`ENDIF',`{{/$1}}popdef(`ELSE',`ENDIF')')') + +----------------------------------------------------------------------- +-- +define( `PERM', `urn:AGL:permission:$1') +define( `REQPERM', `required-permission.PERM($1)') + +define( `ON_PERM', `MUSTACH_ON(REQPERM($1),$2,$3)') +define( `IF_PERM', `MUSTACH_IF(REQPERM($1))') +define( `IF_NOT_PERM', `MUSTACH_IF_NOT(REQPERM($1))') + +define( `ON_CONTENT', `MUSTACH_ON(content.type=$1,$2,$3)') +define( `IF_CONTENT', `MUSTACH_IF(content.type=$1)') +define( `IF_NOT_CONTENT', `MUSTACH_IF_NOT(content.type=$1)') + +define( `ON_VALUE', `MUSTACH_ON(value=$1,$2,$3)') +define( `IF_VALUE', `MUSTACH_IF(value=$1)') +define( `IF_NOT_VALUE', `MUSTACH_IF_NOT(value=$1)') + +----------------------------------------------------------------------- +-- + when home screen will use real ids + use TARGET={{:id}}--{{:ver}}--{{:#target}} + instead of TARGET={{idaver}}{{^#target=main}}@{{:#target}}{{/#target=main}} + +define( `TARGET', `{{idaver}}{{^#target=main}}@{{:#target}}{{/#target=main}}') +define( `UNIT_NAME_BASE', `afm-ON_PERM(`:public:hidden', `service', `appli')-{{:id}}--{{:ver}}--{{:#target}}@') +define( `UNIT_NAME_SERVICE', `UNIT_NAME_BASE%i.service') +define( `UNIT_NAME_SOCKET_FOR', `afm-api-ws-$1@%i.socket') +define( `APP_DATA_DIR', `/home/%i/app-data') +define( `USER_RUN_DIR', `/run/user/%i') + +----------------------------------------------------------------------- +-- +define( `ON_AGL_DEVEL', `ifdef(`AGL_DEVEL', $1, $2)') +define( `IF_AGL_DEVEL', `IF(ON_AGL_DEVEL(1,0))') + +divert(0)dnl +;--------------------------------------------------------------------------------- +; File: +; +; afm-unit.conf +; +; Mode: +; +; ON_AGL_DEVEL(DEVEL, RELEASE) +; +; Role: +; +; Configure how installation of widget produces unit files for systemd +; +; Processing and format: +; +; 1. File load +; +; Lines beginning with ; are firstly removed +; +; 2. File instantiation +; +; Mustache (extended) substitutions are applied using JSON +; data deduced from config.xml file of the widget. +; +; 3. Extraction of units +; +; Extract produced units, pack it (remove empty lines and directives) +; +; Directives: +; +; Any directive occupy one whole line starting with % +; +; - %nl +; +; produce an empty line at the end +; +; - %begin systemd-unit +; - %end systemd-unit +; +; delimit the produced unit +; +; - %systemd-unit user +; - %systemd-unit system +; +; tells the kind of unit (user/system) +; +; - %systemd-unit service NAME +; - %systemd-unit socket NAME +; +; gives the name and type of the unit +; +; - %systemd-unit wanted-by NAME +; +; tells to install a link to unit in the wants of NAME +; +; Setting variables: +; +; AFM uses the feature of systemd that completely ignores options prefixed +; with X- +; +; Consequently, options starting with X-AFM- are recorded as public data +; about the application and options starting starting with X-AFM-- are +; recorded as private data. +; +; Examples: +; +; X-AFM-description={{description}} +; +; Records the description of the unit in the field "description" +; of both the public and private object describing the unit. +; +; X-AFM--wgtdir={{:#metadata.install-dir}} +; +; Records the installation directory path in the field "wgtdir" +; of the private object only. +; +;--------------------------------------------------------------------------------- +{{#targets}} + +include(service.inc) + +include(provided.inc) + +{{/targets}} +;--------------------------------------------------------------------------------- +; End of file afm-unit.conf mode ON_AGL_DEVEL(DEVEL, RELEASE) +;--------------------------------------------------------------------------------- diff --git a/conf/unit/generate-unit-conf/binder.inc b/conf/unit/generate-unit-conf/binder.inc new file mode 100644 index 0000000..98efd4e --- /dev/null +++ b/conf/unit/generate-unit-conf/binder.inc @@ -0,0 +1,46 @@ +dnl vim: set filetype=sysctl.conf.m4 syntax=sysctl.conf.m4: + +IF_AGL_DEVEL +X-AFM-http-port={{:#metadata.http-port}} +ELSE +IF_NOT_CONTENT(application/vnd.agl.service) +X-AFM--http-port={{:#metadata.http-port}} +ENDIF +ENDIF + +Type=notify +ExecStart=/usr/bin/afb-daemon \ + --name afbd-TARGET \ + --rootdir={{:#metadata.install-dir}} \ + --workdir=APP_DATA_DIR/{{id}} \ +IF_AGL_DEVEL \ + --verbose \ + --verbose \ + --monitoring \ + --port={{:#metadata.http-port}} \ + --token=HELLO \ + --roothttp=ON_CONTENT(application/vnd.agl.service, ., ON_PERM(:public:no-htdocs, ., htdocs)) \ +ELSE \ + IF_CONTENT(application/vnd.agl.service) \ + --no-httpd \ + ELSE \ + --port={{:#metadata.http-port}} \ + --random-token \ + --roothttp=ON_PERM(:public:no-htdocs, ., htdocs) \ + ENDIF \ +ENDIF \ + ON_PERM(:public:applications:read, --alias=/icons:{{:#metadata.icons-dir}}) \ + {{#required-api}} \ + ON_VALUE(auto|ws, --ws-client=unix:USER_RUN_DIR/apis/ws/{{name}}) \ + ON_VALUE(dbus, --dbus-client={{name}}) \ + ON_VALUE(link, --binding=USER_RUN_DIR/apis/lib/{{name}}) \ + ON_VALUE(cloud, --cloud-client={{name}}) \ + ON_VALUE(local, --binding={{:#metadata.install-dir}}/{{name}}) \ + {{/required-api}} \ + {{#provided-api}} \ + ON_VALUE(auto|ws, --ws-server=sd:{{name}}) \ + ON_VALUE(dbus, --dbus-server={{name}}) \ + {{/provided-api}} \ + ON_CONTENT(text/html, --exec /usr/bin/web-runtime http://localhost:@p/{{content.src}}?token=@t) \ + ON_CONTENT(application/vnd.agl.native, --exec {{:#metadata.install-dir}}/{{content.src}} @p @t) + diff --git a/conf/unit/generate-unit-conf/provided.inc b/conf/unit/generate-unit-conf/provided.inc new file mode 100644 index 0000000..7e085bd --- /dev/null +++ b/conf/unit/generate-unit-conf/provided.inc @@ -0,0 +1,38 @@ +dnl vim: set filetype=sysctl.conf.m4 syntax=sysctl.conf.m4: +;--------------------------------------------------------------------------------- +;---- P R O V I D E D A P I S ---- +;--------------------------------------------------------------------------------- + +{{#provided-api}} +{{#value=ws|auto}} + +%begin systemd-unit + +# auto generated by wgtpkg-unit for {{:id}} version {{:version}} target {{:#target}} of {{:idaver}} + +%systemd-unit system +%systemd-unit socket afm-api-ws-{{name}}@ +[Unit] +Description=Provides api {{name}} for user %i +After=afm-user-setup@%i.service + +[Socket] +SmackLabel=* +ListenStream=USER_RUN_DIR/apis/ws/{{name}} +FileDescriptorName={{name}} + +Service=UNIT_NAME_SERVICE + +%nl +[Install] +WantedBy=agl-user-session@.target +%systemd-unit wanted-by agl-user-session@.target + +%end systemd-unit + + + +{{/value=ws|auto}} +{{/provided-api}} + + diff --git a/conf/unit/generate-unit-conf/service.inc b/conf/unit/generate-unit-conf/service.inc new file mode 100644 index 0000000..ac10f97 --- /dev/null +++ b/conf/unit/generate-unit-conf/service.inc @@ -0,0 +1,115 @@ +dnl vim: set filetype=sysctl.conf.m4 syntax=sysctl.conf.m4: +;--------------------------------------------------------------------------------- +;---- M A I N P A R T O F T H E S E R V I C E ---- +;--------------------------------------------------------------------------------- +%begin systemd-unit + +# auto generated by wgtpkg-unit for {{:id}} version {{:version}} target {{:#target}} of {{:idaver}} +%nl + +%systemd-unit system +%systemd-unit service UNIT_NAME_BASE + +[Unit] +Description={{description}} +X-AFM-description={{description}} +X-AFM-name={{name.content}} +X-AFM-shortname={{name.short}} +X-AFM-id=TARGET +X-AFM-version={{:version}} +X-AFM-author={{author.content}} +X-AFM-author-email={{author.email}} +X-AFM-width={{width}} +X-AFM-height={{height}} +{{#icon}} +X-AFM-icon={{:#metadata.install-dir}}/{{:src}} +{{/icon}} +X-AFM--ID={{:id}} +X-AFM--target-name={{:#target}} +X-AFM--content={{content.src}} +X-AFM--type={{content.type}} +X-AFM--wgtdir={{:#metadata.install-dir}} +X-AFM--workdir=APP_DATA_DIR/{{:id}} +%nl + +Wants=afm-user-session@%i.target +After=afm-user-setup@%i.service + +# Adds check to smack +ConditionSecurity=smack +%nl + +# Automatic bound to required api +{{#required-api}} +{{#value=auto|ws}} +BindsTo=UNIT_NAME_SOCKET_FOR({{name}}) +After=UNIT_NAME_SOCKET_FOR({{name}}) +{{/value=auto|ws}} +{{/required-api}} +%nl + +[Service] +EnvironmentFile=-AFM_CONFIG_DIR/unit.env.d/* +SmackProcessLabel=User::App::{{:id}} +SuccessExitStatus=0 SIGKILL + +User=%i +Slice=user-%i.slice + +#CapabilityBoundingSet= +#AmbientCapabilities= + +ON_PERM(:platform:no-oom, OOMScoreAdjust=-500) +ON_PERM(:partner:real-time, IOSchedulingClass=realtime) +ON_PERM(:public:display, SupplementaryGroups=display) +ON_PERM(:public:syscall:clock, , SystemCallFilter=~@clock) +%nl + +WorkingDirectory=-APP_DATA_DIR/{{:id}} +ExecStartPre=/bin/mkdir -p APP_DATA_DIR/{{:id}} +Environment=AFM_APP_INSTALL_DIR={{:#metadata.install-dir}} +Environment=PATH=/usr/sbin:/usr/bin:/sbin:/bin:{{:#metadata.install-dir}} +Environment=XDG_DATA_HOME=APP_DATA_DIR/{{:id}} +Environment=XDG_CONFIG_HOME=APP_DATA_DIR/{{:id}} +Environment=XDG_CACHE_HOME=APP_DATA_DIR/{{:id}} +Environment=XDG_RUNTIME_DIR=/run/user/%i +Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/%i/bus +Environment=LD_LIBRARY_PATH=$ORIGIN/lib + +IF_AGL_DEVEL +; Needed to enable debug +Environment=AFM_ID=TARGET +EnvironmentFile=-/var/run/afm-debug/TARGET.env +ENDIF + +SyslogIdentifier=afbd-TARGET +StandardInput=null +StandardOutput=journal +StandardError=journal + +;--------------------------------------------------------------------------------- +;---- text/html application/vnd.agl.native application/vnd.agl.service ---- +;--------------------------------------------------------------------------------- +{{#content.type=text/html|application/vnd.agl.native|application/vnd.agl.service}} +include(binder.inc) +{{/content.type=text/html|application/vnd.agl.native|application/vnd.agl.service}} + +;--------------------------------------------------------------------------------- +;---- application/x-executable ---- +;--------------------------------------------------------------------------------- +{{#content.type=application/x-executable}} +ExecStart={{:#metadata.install-dir}}/{{content.src}} +{{/content.type=application/x-executable}} + +IF_PERM(:system:run-by-default) +;--------------------------------------------------------------------------------- +; auto start +;--------------------------------------------------------------------------------- +[Install] +WantedBy=agl-user-session@.target +%systemd-unit wanted-by agl-user-session@.target +ENDIF + +%end systemd-unit + + |