fabian/nix
1
0
Fork 2
Code Issues 16 Pull requests Projects Releases Packages Wiki Activity

Merge commit '652871f78f'

Browse source
This commit is contained in:
Fabian Montero 2026-03-24 22:47:54 -06:00
commit f586e8afae
Signed by: fabian
GPG key ID: 3EDA9AE3937CCDE3
9 changed files with 290 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

6
trivionomicon/modules/athena-bccr/hm.nix
View file

@ -5,7 +5,11 @@
doctrine,
...
}: let
athena = pkgs.${doctrine.prefix}.athena-bccr.${cfg.release};
releases = pkgs.${doctrine.prefix}.athena-bccr.override {
inherit (cfg) mirror vendor;
};
athena = releases.${cfg.release};
in {
home.packages = [
athena.firmador

36
trivionomicon/modules/athena-bccr/options.nix
View file

@ -1,30 +1,40 @@
{lib, ...}:
with lib.types; {
with lib.types; let
mirror = lib.mkOption {
type = nullOr str;
default = null;
description = "release zip mirror base URL, if null then the release zip must be manually added to the Nix store";
};
release = lib.mkOption {
type = str;
default = "latest";
description = "pinned athena-bccr release tag";
};
vendor = lib.mkOption {
type = enum ["athena" "idopte"];
default = "idopte";
description = "driver dvendor";
};
in {
hm = {
inherit mirror release vendor;
gaudiHash = lib.mkOption {
type = nullOr str;
default = null;
description = "hash of the Gaudi client";
};
release = lib.mkOption {
type = str;
default = "latest";
description = "pinned athena-bccr release tag";
};
};
sys = {
inherit mirror release vendor;
group = lib.mkOption {
type = str;
default = "users";
description = "user group with full access to the smartcard reader";
};
release = lib.mkOption {
type = str;
default = "latest";
description = "pinned athena-bccr release tag";
};
};
}

59
trivionomicon/modules/athena-bccr/sys.nix
View file

@ -1,12 +1,20 @@
{
config,
pkgs,
lib,
cfg,
doctrine,
...
}: let
athena = pkgs.${doctrine.prefix}.athena-bccr.${cfg.release};
inherit (athena) vendor;
releases = pkgs.${doctrine.prefix}.athena-bccr.override {
inherit (cfg) mirror vendor;
};
athena = releases.${cfg.release};
driver = athena.card-driver.lib;
scmiddleware = "${driver}/lib/SCMiddleware";
inherit (cfg) vendor;
in {
environment = {
etc =
@ -16,7 +24,12 @@ in {
'';
}
// lib.optionalAttrs (vendor == "athena") {
"Athena".source = "${athena.card-driver}/etc/Athena";
"Athena".source = "${driver}/etc/Athena";
}
// lib.optionalAttrs (vendor == "idopte") {
"idoss.conf".source = "${driver}/etc/idoss.conf";
"idoss.lic".source = "${driver}/etc/idoss.lic";
"SCMiddleware".source = scmiddleware;
};
systemPackages = [athena.card-driver];
@ -43,10 +56,42 @@ in {
services = {
pcscd.enable = true;
udev.extraRules = ''
# Athena Smartcard Solutions, Inc. ASEDrive V3CR
ATTRS{idVendor}=="0dc3", ATTRS{idProduct}=="1004", MODE="660", GROUP="${cfg.group}", TAG+="uaccess"
'';
udev.extraRules =
lib.optionalString (vendor == "athena") ''
# Athena Smartcard Solutions, Inc. ASEDrive V3CR
ATTRS{idVendor}=="0dc3", ATTRS{idProduct}=="1004", MODE="660", GROUP="${cfg.group}", TAG+="uaccess"
''
+ lib.optionalString (vendor == "idopte") ''
# Bit4id Srl miniLector-s
ACTION=="add", SUBSYSTEM=="usb", ENV{PRODUCT}=="25dd/1101*", RUN+="${config.systemd.package}/bin/systemctl start --no-block idopte-reader.target"
ACTION=="remove", SUBSYSTEM=="usb", ENV{PRODUCT}=="25dd/1101*", RUN+="${config.systemd.package}/bin/systemctl stop --no-block idopte-reader.target"
'';
};
systemd = lib.mkIf (vendor == "idopte") {
#TODO: make this run as a non-root user
services.idopte-cache = {
description = "Idopte cache server";
after = ["smartcard.target"];
bindsTo = ["idopte-reader.target"];
wantedBy = ["idopte-reader.target"];
serviceConfig = {
Type = "forking";
PIDFile = "/run/idoCacheSrv.pid";
RuntimeDirectory = "idoss";
ExecStart = "${scmiddleware}/idocachesrv";
};
};
targets.idopte-reader = {
description = "Idopte USB reader inserted";
wants = ["smartcard.target"];
before = ["smartcard.target"];
};
};
users.groups.${cfg.group} = {};