Fix PDF XDG handler and add a new handler for JPG and PNG images

Signed-off-by: Yuri Nesterov <[email protected]>

modules/common/services/default.nix

@@ -7,7 +7,8 @@
     ./wifi.nix
     ./firmware.nix
     ./desktop.nix
-    ./pdfopen.nix
+    ./xdgopener.nix
+    ./xdghandlers.nix
     ./namespaces.nix
     ./yubikey.nix
     ./bluetooth.nix

modules/common/services/xdghandlers.nix

@@ -0,0 +1,67 @@
+# Copyright 2022-2024 TII (SSRC) and the Ghaf contributors
+# SPDX-License-Identifier: Apache-2.0
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  cfg = config.ghaf.services.xdghandlers;
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    ;
+  # XDG item for PDF
+  xdgPdfItem = pkgs.makeDesktopItem {
+    name = "ghaf-pdf-xdg";
+    desktopName = "Ghaf PDF Viewer";
+    exec = "${xdgOpenFile}/bin/xdgopenfile pdf %f";
+    mimeTypes = [ "application/pdf" ];
+    noDisplay = true;
+  };
+  # XDG item for JPG and PNG
+  xdgImageItem = pkgs.makeDesktopItem {
+    name = "ghaf-image-xdg";
+    desktopName = "Ghaf Image Viewer";
+    exec = "${xdgOpenFile}/bin/xdgopenfile image %f";
+    mimeTypes = [
+      "image/jpeg"
+      "image/png"
+    ];
+    noDisplay = true;
+  };
+  # The xdgopenfile script sends a command to the GUIVM with the file path and type over TCP connection
+  xdgOpenFile = pkgs.writeShellScriptBin "xdgopenfile" ''
+    type=$1
+    filename=$2
+    filepath=$(/run/current-system/sw/bin/realpath "$filename")
+    if [[ -z "$filepath" ]]; then
+      echo "File path is empty in the XDG open script" | systemd-cat -p info
+      exit 1
+    fi
+    if [[ "$type" != "pdf" && "$type" != "image" ]]; then
+      echo "Unknown file type in the XDF open script" | systemd-cat -p info
+      exit 1
+    fi
+    echo "Opening $filepath with type $type" | systemd-cat -p info
+    echo -e "$type\n$filepath" | ${pkgs.netcat}/bin/nc -N gui-vm ${toString config.ghaf.services.xdgopener.xdgPort}
+  '';
+in
+{
+  options.ghaf.services.xdghandlers = {
+    enable = mkEnableOption "Enable Ghaf XDG handlers";
+  };
+  config = mkIf cfg.enable {
+    environment.systemPackages = [
+      pkgs.xdg-utils
+      xdgPdfItem
+      xdgImageItem
+      xdgOpenFile
+    ];
+
+    xdg.mime.defaultApplications."application/pdf" = "ghaf-pdf-xdg.desktop";
+    xdg.mime.defaultApplications."image/jpeg" = "ghaf-image-xdg.desktop";
+    xdg.mime.defaultApplications."image/png" = "ghaf-image-xdg.desktop";
+  };
+}

modules/common/services/xdgopener.nix

@@ -0,0 +1,68 @@
+# Copyright 2022-2024 TII (SSRC) and the Ghaf contributors
+# SPDX-License-Identifier: Apache-2.0
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  inherit (builtins) toString;
+  inherit (lib)
+    mkEnableOption
+    mkOption
+    mkIf
+    types
+    ;
+  cfg = config.ghaf.services.xdgopener;
+
+  # TODO: Fix the path to get the sshKeyPath so that
+  # ghaf-xdg-open can be exported as a normal package from
+  # packaged/flake-module.nix and hence easily imported
+  # into all targets
+  ghaf-xdg-open = pkgs.callPackage ../../../packages/ghaf-xdg-open {
+    inherit (config.ghaf.security.sshKeys) sshKeyPath;
+  };
+in
+{
+  options.ghaf.services.xdgopener = {
+    enable = mkEnableOption "Enable the XDG opening service";
+    xdgPort = mkOption {
+      type = types.int;
+      default = 1200;
+      description = "TCP port for the XDG socket";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    # XDG handler service receives a file path and type over TCP connection and executes ghaf-xdg-open script
+    systemd = {
+      sockets."xdg" = {
+        unitConfig = {
+          Description = "Ghaf XDG socket";
+        };
+        socketConfig = {
+          ListenStream = "${toString cfg.xdgPort}";
+          Accept = "yes";
+        };
+        wantedBy = [ "sockets.target" ];
+      };
+
+      services."xdg@" = {
+        description = "XDG opener";
+        serviceConfig = {
+          # The user 'ghaf' is used here to access SSH keys for the scp command
+          # This is required to copy files to the zathuravm
+          User = "ghaf";
+          ExecStart = "${ghaf-xdg-open}/bin/ghaf-xdg-open";
+          StandardInput = "socket";
+          StandardOutput = "journal";
+          StandardError = "journal";
+        };
+      };
+    };
+
+    # Open TCP port for the XDG socket
+    networking.firewall.allowedTCPPorts = [ cfg.xdgPort ];
+  };
+}

modules/desktop/graphics/labwc.nix

@@ -74,6 +74,10 @@ in
           identifier = "org.pwmt.zathura";
           colour = "#122263";
         }
+        {
+          identifier = "pqiv";
+          colour = "#122263";
+        }
         {
           identifier = "Element";
           colour = "#337aff";

modules/microvm/virtualization/microvm/guivm.nix

@@ -86,6 +86,7 @@ let
             };
             services.disks.enable = true;
             services.disks.fileManager = "${pkgs.pcmanfm}/bin/pcmanfm";
+            services.xdghandlers.enable = true;
           };
 
           systemd.services."waypipe-ssh-keygen" =

modules/microvm/virtualization/microvm/modules.nix

@@ -70,9 +70,9 @@ let
       config.ghaf.services.desktop.enable = true;
     };
 
-    # PDF opener
-    pdfOpener = {
-      config.ghaf.services.pdfopener.enable = true;
+    # XDG opener
+    xdgOpener = {
+      config.ghaf.services.xdgopener.enable = true;
     };
 
     # Yubikey module
@@ -165,7 +165,7 @@ in
         serviceModules.desktop
         serviceModules.fprint
         serviceModules.yubikey
-        serviceModules.pdfOpener
+        serviceModules.xdgOpener
         serviceModules.commonNamespace
         serviceModules.givc
         referenceProgramsModule

modules/reference/appvms/business.nix

@@ -9,7 +9,6 @@
 }:
 let
   #TODO: Move this to a common place
-  xdgPdfPort = 1200;
   name = "business";
   tiiVpnAddr = "151.253.154.18";
   vpnOnlyAddr = "${tiiVpnAddr},jira.tii.ae,access.tii.ae,confluence.tii.ae,i-service.tii.ae,catalyst.atrc.ae";
@@ -20,33 +19,13 @@ let
 in
 {
   name = "${name}";
-  packages =
-    let
-      # PDF XDG handler is executed when the user opens a PDF file in the browser
-      # The xdgopenpdf script sends a command to the guivm with the file path over TCP connection
-      xdgPdfItem = pkgs.makeDesktopItem {
-        name = "ghaf-pdf";
-        desktopName = "Ghaf PDF handler";
-        exec = "${xdgOpenPdf}/bin/xdgopenpdf %u";
-        mimeTypes = [ "application/pdf" ];
-      };
-      xdgOpenPdf = pkgs.writeShellScriptBin "xdgopenpdf" ''
-        filepath=$(/run/current-system/sw/bin/realpath "$1")
-        echo "Opening $filepath" | systemd-cat -p info
-        echo $filepath | ${pkgs.netcat}/bin/nc -N gui-vm ${toString xdgPdfPort}
-      '';
-    in
-    [
-      pkgs.chromium
-      pkgs.xdg-utils
-      xdgPdfItem
-      xdgOpenPdf
-      pkgs.globalprotect-openconnect
-      pkgs.losslesscut-bin
-      pkgs.openconnect
-      pkgs.gnome-text-editor
-    ]
-    ++ lib.optionals config.ghaf.profiles.debug.enable [ pkgs.tcpdump ];
+  packages = [
+    pkgs.chromium
+    pkgs.globalprotect-openconnect
+    pkgs.losslesscut-bin
+    pkgs.openconnect
+    pkgs.gnome-text-editor
+  ] ++ lib.optionals config.ghaf.profiles.debug.enable [ pkgs.tcpdump ];
 
   # TODO create a repository of mac addresses to avoid conflicts
   macAddress = "02:00:00:03:10:01";
@@ -113,10 +92,9 @@ in
             csdWrapper = "${pkgs.openconnect}/libexec/openconnect/hipreport.sh";
           };
         };
-      };
 
-      # Set default PDF XDG handler
-      xdg.mime.defaultApplications."application/pdf" = "ghaf-pdf.desktop";
+        services.xdghandlers.enable = true;
+      };
 
       # Enable dconf and icon pack for gnome text editor
       programs.dconf.enable = true;

modules/reference/appvms/chromium.nix

@@ -8,34 +8,13 @@
   ...
 }:
 let
-  xdgPdfPort = 1200;
   name = "chromium";
 in
 {
   name = "${name}";
-  packages =
-    let
-      # PDF XDG handler is executed when the user opens a PDF file in the browser
-      # The xdgopenpdf script sends a command to the guivm with the file path over TCP connection
-      xdgPdfItem = pkgs.makeDesktopItem {
-        name = "ghaf-pdf";
-        desktopName = "Ghaf PDF handler";
-        exec = "${xdgOpenPdf}/bin/xdgopenpdf %u";
-        mimeTypes = [ "application/pdf" ];
-      };
-      xdgOpenPdf = pkgs.writeShellScriptBin "xdgopenpdf" ''
-        filepath=$(/run/current-system/sw/bin/realpath "$1")
-        echo "Opening $filepath" | systemd-cat -p info
-        echo $filepath | ${pkgs.netcat}/bin/nc -N gui-vm ${toString xdgPdfPort}
-      '';
-    in
-    [
-      pkgs.chromium
-      pkgs.xdg-utils
-      xdgPdfItem
-      xdgOpenPdf
-    ]
-    ++ lib.optional config.ghaf.development.debug.tools.enable pkgs.alsa-utils;
+  packages = [
+    pkgs.chromium
+  ] ++ lib.optional config.ghaf.development.debug.tools.enable pkgs.alsa-utils;
   # TODO create a repository of mac addresses to avoid conflicts
   macAddress = "02:00:00:03:05:01";
   ramMb = 6144;
@@ -67,11 +46,8 @@ in
           }
         ];
       };
-
       ghaf.reference.programs.chromium.enable = true;
-
-      # Set default PDF XDG handler
-      xdg.mime.defaultApplications."application/pdf" = "ghaf-pdf.desktop";
+      ghaf.services.xdghandlers.enable = true;
     }
   ];
   borderColor = "#630505";

modules/reference/appvms/comms.nix

@@ -32,6 +32,8 @@ in
   cores = 4;
   extraModules = [
     {
+      imports = [ ../programs/chromium.nix ];
+
       systemd = {
         services = {
           element-gps = {
@@ -95,6 +97,8 @@ in
           }
         ];
       };
+      ghaf.reference.programs.chromium.enable = true;
+      ghaf.services.xdghandlers.enable = true;
     }
   ];
   borderColor = "#337aff";

modules/reference/appvms/zathura.nix

@@ -9,7 +9,10 @@
 }:
 {
   name = "zathura";
-  packages = [ pkgs.zathura ];
+  packages = [
+    pkgs.zathura
+    pkgs.pqiv
+  ];
   macAddress = "02:00:00:03:07:01";
   ramMb = 512;
   cores = 1;