# Shepherd Launcher - Kiosk Mode Sway Configuration # This config makes Sway act as a kiosk environment with a custom launcher ### Variables set $launcher ./target/debug/shepherd-launcher set $hud ./target/debug/shepherd-hud ### Output configuration # Set up displays (adjust as needed for your hardware) output * bg #000000 solid_color # Hide ALL window borders and focus indicators by making them transparent/black # Note: The 5th value is the "child_border" which is the actual visible border client.focused #000000 #000000 #ffffff #000000 #000000 client.focused_inactive #000000 #000000 #888888 #000000 #000000 client.unfocused #000000 #000000 #888888 #000000 #000000 client.urgent #000000 #000000 #ffffff #000000 #000000 client.placeholder #000000 #000000 #888888 #000000 #000000 client.background #000000 # Completely hide focus indicator by hiding the mark hide_edge_borders --i3 both ### Idle configuration # Prevent screen from turning off (adjust timeout as needed) exec swayidle -w \ timeout 600 'swaymsg "output * dpms off"' \ resume 'swaymsg "output * dpms on"' ### Input configuration # Disable touchpad/mouse acceleration if needed input type:pointer { accel_profile flat } ### Key bindings - HEAVILY RESTRICTED for kiosk mode # Disable ALL default Sway keybindings by not setting a modifier # This prevents users from opening terminals, switching workspaces, etc. # Disable TTY switching (Ctrl+Alt+F1-F12) # This is handled by disabling VT switching at the kernel/systemd level # Add this to kernel parameters: vt.handoff=0 # Or in /etc/systemd/logind.conf: NAutoVTs=0 and ReserveVT=0 # Emergency exit for admin (Super+Shift+Escape) - REMOVE IN PRODUCTION bindsym Mod4+Shift+Escape exit ### Window rules for kiosk behavior # Shepherd HUD should always be visible on top (likely uses layer-shell protocol) # Layer shell surfaces are automatically handled by sway and don't need window rules # Make launcher windows fullscreen for_window [app_id="shepherd-launcher"] fullscreen enable # Make other windows fullscreen by default and remove decorations for_window [class=".*"] fullscreen enable, border none, title_format "" for_window [app_id=".*"] fullscreen enable, border none, title_format "" # Minecraft-specific rules (XWayland Electron app) for_window [class="Minecraft.*"] fullscreen enable, border none for_window [class="minecraft-launcher"] fullscreen enable, border none for_window [title="Minecraft.*"] fullscreen enable, border none # Disable window decorations (no title bars) - for all windows default_border none default_floating_border none # Force pixel border of 0 explicitly default_border pixel 0 default_floating_border pixel 0 # Force no border on XWayland windows for_window [shell="xwayland"] border none, border pixel 0 # Tell clients not to draw their own decorations (for apps that respect this) # Note: Many Electron apps ignore this titlebar_border_thickness 0 titlebar_padding 0 0 # Disable gaps gaps inner 0 gaps outer 0 # Force focus mode - only one visible window at a time workspace_layout tabbed focus_follows_mouse no # Prevent window closing via keybindings (no Alt+F4) # Windows can only be closed by the application itself # Hide mouse cursor after inactivity seat * hide_cursor 5000 ### Workspace configuration # Use only one workspace for true kiosk mode workspace 1 output * ### Application startup # Note: shepherdd (daemon) and shepherd-hud are started by run-dev script # before sway launches, so they're already running at this point # Start the shepherd-launcher on startup (the main "home" screen) exec_always $launcher ### Disable workspace switching # No keybindings defined = no switching possible ### Status bar - DISABLED for kiosk mode # bar { # position top # } ### Additional security measures # Disable Xwayland if not needed (prevents X11 escape hatches) # xwayland disable # Prevent floating windows (everything fullscreen) for_window [floating] fullscreen enable # Lock down IPC for security (prevents external control) # ipc { # socket disable # } ### Focused window indicator # Since there's no title bar, no visual indication needed focus_on_window_activation focus ### Mouse bindings - DISABLED # No mouse bindings defined to prevent window manipulation ### Notes for production deployment: # 1. Remove the emergency exit keybinding (Super+Shift+Escape) # 2. Add kernel parameter: vt.handoff=0 # 3. Configure auto-login to this Sway session # 4. Set up systemd to restart Sway if it crashes # 5. Consider using a systemd user service for the launcher # 6. Lock down sudo/root access # 7. Disable virtual console switching in /etc/systemd/logind.conf: # NAutoVTs=0 # ReserveVT=0 # 8. Consider running as a dedicated user account with limited permissions