deepState/trivionomicon
3
0
Fork 1
Code Issues Pull requests Releases Wiki Activity Actions

Compare commits

base: deepState:789b1780cb5f3b309497466bf73e1389c281cc13
Branches Tags
deepState:master
deepState:idopte
deepState:firefox
..
compare: deepState:26f1fa436a662baa59a4717138dbfb14c5d48911
Branches Tags
deepState:master
deepState:idopte
deepState:firefox

2 commits
789b1780cb ... 26f1fa436a

Author SHA1 Message Date
Alejandro Soto
26f1fa436a trivionomicon: athena-bccr: run update-gaudi during build if gaudiHash is given 2026-03-09 15:42:13 -06:00
Alejandro Soto
286c49e369 trivionomicon: athena-bccr: add support for mirrors 2026-03-09 15:25:31 -06:00
5 changed files with 61 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

7
modules/athena-bccr/hm.nix
View file

@ -5,7 +5,12 @@
doctrine, doctrine,
... ...
}: let }: let
athena = pkgs.${doctrine.prefix}.athena-bccr.${cfg.release}; athena =
(pkgs.${doctrine.prefix}.athena-bccr.override {
inherit (cfg) mirror;
}).${
cfg.release
};
in { in {
home.packages = [ home.packages = [
athena.firmador athena.firmador

12
modules/athena-bccr/options.nix
View file

@ -7,6 +7,12 @@ with lib.types; {
description = "hash of the Gaudi client"; description = "hash of the Gaudi client";
}; };
mirror = lib.mkOption {
type = nullOr str;
default = null;
description = "release zip mirror base URL, if null then the release zip must be manually added to the Nix store";
};
release = lib.mkOption { release = lib.mkOption {
type = str; type = str;
default = "latest"; default = "latest";
@ -21,6 +27,12 @@ with lib.types; {
description = "user group with full access to the smartcard reader"; description = "user group with full access to the smartcard reader";
}; };
mirror = lib.mkOption {
type = nullOr str;
default = null;
description = "release zip mirror base URL, if null then the release zip must be manually added to the Nix store";
};
release = lib.mkOption { release = lib.mkOption {
type = str; type = str;
default = "latest"; default = "latest";

8
modules/athena-bccr/sys.nix
View file

@ -6,7 +6,13 @@
doctrine, doctrine,
... ...
}: let }: let
athena = pkgs.${doctrine.prefix}.athena-bccr.${cfg.release}; athena =
(pkgs.${doctrine.prefix}.athena-bccr.override {
inherit (cfg) mirror;
}).${
cfg.release
};
inherit (athena) vendor; inherit (athena) vendor;
driver = athena.card-driver.lib; driver = athena.card-driver.lib;

3
pkgs/athena-bccr/default.nix
View file

@ -1,6 +1,7 @@
{ {
callPackage, callPackage,
lib, lib,
mirror ? null,
}: let }: let
latest = "deb64-rev26.2"; latest = "deb64-rev26.2";
@ -18,7 +19,7 @@
pkgsForRelease = release: let pkgsForRelease = release: let
inherit (unwrapped) card-driver bccr-cacerts; inherit (unwrapped) card-driver bccr-cacerts;
unwrapped = overrideUnwrapped {inherit release;} {}; unwrapped = overrideUnwrapped {inherit mirror release;} {};
pkcs11-module = "${card-driver.lib}/${card-driver.pkcs11-path}"; pkcs11-module = "${card-driver.lib}/${card-driver.pkcs11-path}";
in { in {
inherit card-driver bccr-cacerts pkcs11-module; inherit card-driver bccr-cacerts pkcs11-module;

48
pkgs/athena-bccr/unwrapped.nix
View file

@ -1,5 +1,7 @@
{ {
fetchurl,
lib, lib,
mirror ? null,
requireFile, requireFile,
release, release,
gaudiHash ? null, gaudiHash ? null,
@ -7,20 +9,32 @@
}: let }: let
inherit (release) srcPaths vendor; inherit (release) srcPaths vendor;
src = requireFile { url =
url = "https://soportefirmadigital.com"; if mirror != null
then "${mirror}/${release.filename}"
else "https://soportefirmadigital.com";
fetchSrc =
if mirror != null
then fetchurl
else requireFile;
src = fetchSrc {
name = release.filename; name = release.filename;
inherit url;
inherit (release) hash; inherit (release) hash;
}; };
gaudiUpdateSrc = {update-gaudi}: gaudiUpdateSrc = {
requireFile { update-gaudi,
url = "${update-gaudi}"; runCommand,
name = "gaudi-update-${release.name}.zip"; }:
runCommand "gaudi-update-${release.name}.zip" {
hash = gaudiHash; outputHash = gaudiHash;
}; } ''
${update-gaudi} $out
'';
moduleFromDeb = name: args @ { moduleFromDeb = name: args @ {
stdenv, stdenv,
@ -176,6 +190,7 @@ in
pkgs, pkgs,
stdenv, stdenv,
unzip, unzip,
runCommand,
writeShellScriptBin, writeShellScriptBin,
update-gaudi, update-gaudi,
... ...
@ -186,7 +201,7 @@ in
}; };
fakeSudo = writeShellScriptBin "sudo" ""; fakeSudo = writeShellScriptBin "sudo" "";
gaudiUpdate = gaudiUpdateSrc {inherit update-gaudi;}; gaudiUpdate = gaudiUpdateSrc {inherit runCommand update-gaudi;};
in in
moduleFromDeb "gaudi" { moduleFromDeb "gaudi" {
inherit dpkg stdenv unzip; inherit dpkg stdenv unzip;
@ -288,17 +303,20 @@ in
wget --ca-certificate="$ca_cert" "$base_url/bccr-firma-fva-clienteMultiplataforma.jar" wget --ca-certificate="$ca_cert" "$base_url/bccr-firma-fva-clienteMultiplataforma.jar"
wget --ca-certificate="$ca_cert" "$base_url/ServicioActualizadorClienteBCCR.jar" wget --ca-certificate="$ca_cert" "$base_url/ServicioActualizadorClienteBCCR.jar"
if [ -n "$1" ]; then
zip_path="$1"
else
zip_path="$PWD/gaudi-update-${release.name}.zip"
fi
# https://gist.github.com/stokito/c588b8d6a6a0aee211393d68eea678f2 # https://gist.github.com/stokito/c588b8d6a6a0aee211393d68eea678f2
TZ=UTC find . -exec touch --no-dereference -a -m -t 198002010000.00 {} + TZ=UTC find . -exec touch --no-dereference -a -m -t 198002010000.00 {} +
zip_path="$PWD/gaudi-update-${release.name}.zip"
TZ=UTC zip -q --move --recurse-paths --symlinks -X "$zip_path" . TZ=UTC zip -q --move --recurse-paths --symlinks -X "$zip_path" .
TZ=UTC touch -a -m -t 198002010000.00 "$zip_path" TZ=UTC touch -a -m -t 198002010000.00 "$zip_path"
set -x if [ -z "$1" ]; then
nix-store --add-fixed sha256 "$zip_path"
set +x
echo -e "\ngaudiHash: $(nix-hash --to-sri --type sha256 $(sha256sum "$zip_path" | cut -d' ' -f1))" echo -e "\ngaudiHash: $(nix-hash --to-sri --type sha256 $(sha256sum "$zip_path" | cut -d' ' -f1))"
fi
''; '';
} }
// lib.optionalAttrs (vendor == "athena") { // lib.optionalAttrs (vendor == "athena") {