refactor: change kiosk parameter from Option<bool> to bool

Simplifies the setup API by making kiosk mandatory at the protocol level, with platform-specific filtering applied at the database layer.
2026-03-31 04:23:40 +00:00 · 2026-03-16 13:39:04 -06:00
parent 90d8d39adf
commit 8562e1e19d
9 changed files with 27 additions and 30 deletions
--- a/core/src/backup/restore.rs
+++ b/core/src/backup/restore.rs
@@ -10,6 +10,7 @@ use tracing::instrument;
 use ts_rs::TS;
 use super::target::BackupTargetId;
 use crate::PackageId;
 use crate::backup::os::OsBackup;
 use crate::context::setup::SetupResult;
 use crate::context::{RpcContext, SetupContext};
@@ -26,7 +27,6 @@ use crate::service::service_map::DownloadInstallFuture;
 use crate::setup::SetupExecuteProgress;
 use crate::system::{save_language, sync_kiosk};
 use crate::util::serde::{IoFormat, Pem};
 use crate::{PLATFORM, PackageId};
 #[derive(Deserialize, Serialize, Parser, TS)]
 #[serde(rename_all = "camelCase")]
@@ -90,7 +90,7 @@ pub async fn recover_full_server(
    recovery_source: TmpMountGuard,
    server_id: &str,
    recovery_password: &str,
-    kiosk: Option<bool>,
+    kiosk: bool,
    hostname: Option<ServerHostnameInfo>,
    SetupExecuteProgress {
        init_phases,
@@ -123,7 +123,6 @@ pub async fn recover_full_server(
        os_backup.account.hostname = h;
    }
    let kiosk = Some(kiosk.unwrap_or(true)).filter(|_| &*PLATFORM != "raspberrypi");
    sync_kiosk(kiosk).await?;
    let language = ctx.language.peek(|a| a.clone());
--- a/core/src/db/model/mod.rs
+++ b/core/src/db/model/mod.rs
@@ -31,7 +31,7 @@ pub struct Database {
 impl Database {
    pub fn init(
        account: &AccountInfo,
-        kiosk: Option<bool>,
+        kiosk: bool,
        language: Option<InternedString>,
        keyboard: Option<KeyboardOptions>,
    ) -> Result<Self, Error> {
--- a/core/src/db/model/public.rs
+++ b/core/src/db/model/public.rs
@@ -49,7 +49,7 @@ pub struct Public {
 impl Public {
    pub fn init(
        account: &AccountInfo,
-        kiosk: Option<bool>,
+        kiosk: bool,
        language: Option<InternedString>,
        keyboard: Option<KeyboardOptions>,
    ) -> Result<Self, Error> {
@@ -149,7 +149,7 @@ impl Public {
                echoip_urls: default_echoip_urls(),
                ram: 0,
                devices: Vec::new(),
-                kiosk,
+                kiosk: Some(kiosk).filter(|_| &*PLATFORM != "raspberrypi"),
                language,
                keyboard,
            },
--- a/core/src/init.rs
+++ b/core/src/init.rs
@@ -174,7 +174,9 @@ pub async fn init(
    local_auth.complete();
    // Re-enroll MOK on every boot if Secure Boot key exists but isn't enrolled yet
-    if let Err(e) = crate::util::mok::enroll_mok(std::path::Path::new(crate::util::mok::DKMS_MOK_PUB)).await {
+    if let Err(e) =
        crate::util::mok::enroll_mok(std::path::Path::new(crate::util::mok::DKMS_MOK_PUB)).await
    {
        tracing::warn!("MOK enrollment failed: {e}");
    }
@@ -369,7 +371,7 @@ pub async fn init(
    enable_zram.complete();
    update_server_info.start();
-    sync_kiosk(server_info.as_kiosk().de()?).await?;
+    sync_kiosk(server_info.as_kiosk().de()?.unwrap_or(false)).await?;
    let ram = get_mem_info().await?.total.0 as u64 * 1024 * 1024;
    let devices = lshw().await?;
    let status_info = ServerStatus {
--- a/core/src/setup.rs
+++ b/core/src/setup.rs
@@ -115,7 +115,7 @@ pub async fn list_disks(ctx: SetupContext) -> Result<Vec<DiskInfo>, Error> {
 async fn setup_init(
    ctx: &SetupContext,
    password: Option<String>,
-    kiosk: Option<bool>,
+    kiosk: bool,
    hostname: Option<ServerHostnameInfo>,
    init_phases: InitPhases,
 ) -> Result<(AccountInfo, InitResult), Error> {
@@ -137,9 +137,8 @@ async fn setup_init(
            account.save(m)?;
            let info = m.as_public_mut().as_server_info_mut();
            info.as_password_hash_mut().ser(&account.password)?;
-            if let Some(kiosk) = kiosk {
+            info.as_kiosk_mut()
-                info.as_kiosk_mut().ser(&Some(kiosk))?;
+                .ser(&Some(kiosk).filter(|_| &*PLATFORM != "raspberrypi"))?;
            }
            if let Some(language) = language.clone() {
                info.as_language_mut().ser(&Some(language))?;
            }
@@ -174,8 +173,7 @@ async fn setup_init(
 pub struct AttachParams {
    pub password: Option<EncryptedWire>,
    pub guid: InternedString,
-    #[ts(optional)]
+    pub kiosk: bool,
    pub kiosk: Option<bool>,
 }
 #[instrument(skip_all)]
@@ -411,8 +409,7 @@ pub struct SetupExecuteParams {
    guid: InternedString,
    password: Option<EncryptedWire>,
    recovery_source: Option<RecoverySource<EncryptedWire>>,
-    #[ts(optional)]
+    kiosk: bool,
    kiosk: Option<bool>,
    name: Option<InternedString>,
    hostname: Option<InternedString>,
 }
@@ -549,7 +546,7 @@ pub async fn execute_inner(
    guid: InternedString,
    password: Option<String>,
    recovery_source: Option<RecoverySource<String>>,
-    kiosk: Option<bool>,
+    kiosk: bool,
    hostname: Option<ServerHostnameInfo>,
 ) -> Result<(SetupResult, RpcContext), Error> {
    let progress = &ctx.progress;
@@ -622,7 +619,7 @@ async fn fresh_setup(
    ctx: &SetupContext,
    guid: InternedString,
    password: &str,
-    kiosk: Option<bool>,
+    kiosk: bool,
    hostname: Option<ServerHostnameInfo>,
    SetupExecuteProgress {
        init_phases,
@@ -633,7 +630,6 @@ async fn fresh_setup(
    let account = AccountInfo::new(password, root_ca_start_time().await, hostname)?;
    let db = ctx.db().await?;
    let kiosk = Some(kiosk.unwrap_or(true)).filter(|_| &*PLATFORM != "raspberrypi");
    sync_kiosk(kiosk).await?;
    let language = ctx.language.peek(|a| a.clone());
@@ -684,7 +680,7 @@ async fn recover(
    recovery_source: BackupTargetFS,
    server_id: String,
    recovery_password: String,
-    kiosk: Option<bool>,
+    kiosk: bool,
    hostname: Option<ServerHostnameInfo>,
    progress: SetupExecuteProgress,
 ) -> Result<(SetupResult, RpcContext), Error> {
@@ -709,7 +705,7 @@ async fn migrate(
    guid: InternedString,
    old_guid: &str,
    password: Option<String>,
-    kiosk: Option<bool>,
+    kiosk: bool,
    hostname: Option<ServerHostnameInfo>,
    SetupExecuteProgress {
        init_phases,
--- a/core/src/system/mod.rs
+++ b/core/src/system/mod.rs
@@ -319,13 +319,11 @@ pub fn kernel_logs<C: Context + AsRef<RpcContinuations>>() -> ParentHandler<C, L
 const DISABLE_KIOSK_PATH: &str =
    "/media/startos/config/overlay/etc/systemd/system/getty@tty1.service.d/autologin.conf";
-pub async fn sync_kiosk(kiosk: Option<bool>) -> Result<(), Error> {
+pub async fn sync_kiosk(kiosk: bool) -> Result<(), Error> {
-    if let Some(kiosk) = kiosk {
+    if kiosk {
-        if kiosk {
+        enable_kiosk().await?;
-            enable_kiosk().await?;
+    } else {
-        } else {
+        disable_kiosk().await?;
            disable_kiosk().await?;
        }
    }
    Ok(())
 }
--- a/sdk/base/lib/osBindings/AttachParams.ts
+++ b/sdk/base/lib/osBindings/AttachParams.ts
@@ -4,5 +4,5 @@ import type { EncryptedWire } from './EncryptedWire'
 export type AttachParams = {
  password: EncryptedWire | null
  guid: string
-  kiosk?: boolean
+  kiosk: boolean
 }
--- a/sdk/base/lib/osBindings/SetupExecuteParams.ts
+++ b/sdk/base/lib/osBindings/SetupExecuteParams.ts
@@ -6,7 +6,7 @@ export type SetupExecuteParams = {
  guid: string
  password: EncryptedWire | null
  recoverySource: RecoverySource<EncryptedWire> | null
-  kiosk?: boolean
+  kiosk: boolean
  name: string | null
  hostname: string | null
 }
--- a/web/projects/setup-wizard/src/app/services/state.service.ts
+++ b/web/projects/setup-wizard/src/app/services/state.service.ts
@@ -72,6 +72,7 @@ export class StateService {
    await this.api.attach({
      guid: this.dataDriveGuid,
      password: password ? await this.api.encrypt(password) : null,
      kiosk: this.kiosk,
    })
  }
@@ -106,6 +107,7 @@ export class StateService {
      name,
      hostname,
      recoverySource,
      kiosk: this.kiosk,
    })
  }