fabian/nix
1
0
Fork 2
Code Issues 16 Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: fabian:21466c9743c4bb1f9d9ead99c8a881b28ea70f24
Branches Tags
fabian:master
fabian:v0.1
..
compare: fabian:cd782aadc91b16fd6f2badbba69668fc75bd3248
Branches Tags
fabian:master
fabian:v0.1

No commits in common. "21466c9743c4bb1f9d9ead99c8a881b28ea70f24" and "cd782aadc91b16fd6f2badbba69668fc75bd3248" have entirely different histories.
21466c9743 ... cd782aadc9

11 changed files with 70 additions and 292 deletions
Download patch file Download diff file Expand all files Collapse all files

1
home/modules/defaultDesktopPack.nix
View file

@ -42,7 +42,6 @@ in {
vpsfree-client vpsfree-client
vscodium-fhs vscodium-fhs
zola zola
trivium.ibkr-tws
]; ];
trivium = { trivium = {

1
pkgs/config/unfree.nix
View file

@ -9,5 +9,4 @@ with lib;
"steam-original" "steam-original"
"steam-unwrapped" "steam-unwrapped"
"steam-run" "steam-run"
"ibkr-tws"
] ]

6
trivionomicon/modules/athena-bccr/hm.nix
View file

@ -5,11 +5,7 @@
doctrine, doctrine,
... ...
}: let }: let
releases = pkgs.${doctrine.prefix}.athena-bccr.override { athena = pkgs.${doctrine.prefix}.athena-bccr.${cfg.release};
inherit (cfg) mirror vendor;
};
athena = releases.${cfg.release};
in { in {
home.packages = [ home.packages = [
athena.firmador athena.firmador

36
trivionomicon/modules/athena-bccr/options.nix
View file

@ -1,40 +1,30 @@
{lib, ...}: {lib, ...}:
with lib.types; let with lib.types; {
mirror = lib.mkOption {
type = nullOr str;
default = null;
description = "release zip mirror base URL, if null then the release zip must be manually added to the Nix store";
};
release = lib.mkOption {
type = str;
default = "latest";
description = "pinned athena-bccr release tag";
};
vendor = lib.mkOption {
type = enum ["athena" "idopte"];
default = "idopte";
description = "driver dvendor";
};
in {
hm = { hm = {
inherit mirror release vendor;
gaudiHash = lib.mkOption { gaudiHash = lib.mkOption {
type = nullOr str; type = nullOr str;
default = null; default = null;
description = "hash of the Gaudi client"; description = "hash of the Gaudi client";
}; };
release = lib.mkOption {
type = str;
default = "latest";
description = "pinned athena-bccr release tag";
};
}; };
sys = { sys = {
inherit mirror release vendor;
group = lib.mkOption { group = lib.mkOption {
type = str; type = str;
default = "users"; default = "users";
description = "user group with full access to the smartcard reader"; description = "user group with full access to the smartcard reader";
}; };
release = lib.mkOption {
type = str;
default = "latest";
description = "pinned athena-bccr release tag";
};
}; };
} }

59
trivionomicon/modules/athena-bccr/sys.nix
View file

@ -1,20 +1,12 @@
{ {
config,
pkgs, pkgs,
lib, lib,
cfg, cfg,
doctrine, doctrine,
... ...
}: let }: let
releases = pkgs.${doctrine.prefix}.athena-bccr.override { athena = pkgs.${doctrine.prefix}.athena-bccr.${cfg.release};
inherit (cfg) mirror vendor; inherit (athena) vendor;
};
athena = releases.${cfg.release};
driver = athena.card-driver.lib;
scmiddleware = "${driver}/lib/SCMiddleware";
inherit (cfg) vendor;
in { in {
environment = { environment = {
etc = etc =
@ -24,12 +16,7 @@ in {
''; '';
} }
// lib.optionalAttrs (vendor == "athena") { // lib.optionalAttrs (vendor == "athena") {
"Athena".source = "${driver}/etc/Athena"; "Athena".source = "${athena.card-driver}/etc/Athena";
}
// lib.optionalAttrs (vendor == "idopte") {
"idoss.conf".source = "${driver}/etc/idoss.conf";
"idoss.lic".source = "${driver}/etc/idoss.lic";
"SCMiddleware".source = scmiddleware;
}; };
systemPackages = [athena.card-driver]; systemPackages = [athena.card-driver];
@ -56,42 +43,10 @@ in {
services = { services = {
pcscd.enable = true; pcscd.enable = true;
udev.extraRules = udev.extraRules = ''
lib.optionalString (vendor == "athena") '' # Athena Smartcard Solutions, Inc. ASEDrive V3CR
# Athena Smartcard Solutions, Inc. ASEDrive V3CR ATTRS{idVendor}=="0dc3", ATTRS{idProduct}=="1004", MODE="660", GROUP="${cfg.group}", TAG+="uaccess"
ATTRS{idVendor}=="0dc3", ATTRS{idProduct}=="1004", MODE="660", GROUP="${cfg.group}", TAG+="uaccess" '';
''
+ lib.optionalString (vendor == "idopte") ''
# Bit4id Srl miniLector-s
ACTION=="add", SUBSYSTEM=="usb", ENV{PRODUCT}=="25dd/1101*", RUN+="${config.systemd.package}/bin/systemctl start --no-block idopte-reader.target"
ACTION=="remove", SUBSYSTEM=="usb", ENV{PRODUCT}=="25dd/1101*", RUN+="${config.systemd.package}/bin/systemctl stop --no-block idopte-reader.target"
'';
};
systemd = lib.mkIf (vendor == "idopte") {
#TODO: make this run as a non-root user
services.idopte-cache = {
description = "Idopte cache server";
after = ["smartcard.target"];
bindsTo = ["idopte-reader.target"];
wantedBy = ["idopte-reader.target"];
serviceConfig = {
Type = "forking";
PIDFile = "/run/idoCacheSrv.pid";
RuntimeDirectory = "idoss";
ExecStart = "${scmiddleware}/idocachesrv";
};
};
targets.idopte-reader = {
description = "Idopte USB reader inserted";
wants = ["smartcard.target"];
before = ["smartcard.target"];
};
}; };
users.groups.${cfg.group} = {}; users.groups.${cfg.group} = {};

13
trivionomicon/pkgs/athena-bccr/default.nix
View file

@ -1,15 +1,10 @@
{ {
callPackage, callPackage,
lib, lib,
mirror ? null,
vendor ? "idopte",
}: let }: let
releases = lib.mapAttrs resolveRelease (import ./releases.nix).${vendor}; latest = "deb64-rev26.2";
resolveRelease = name: release: releases = lib.mapAttrs (name: release: release // {name = name;}) (import ./releases.nix);
if builtins.isString release
then releases.${release}
else release // {name = name;};
overrideUnwrapped = default: new: let overrideUnwrapped = default: new: let
args = default // new; args = default // new;
@ -23,7 +18,7 @@
pkgsForRelease = release: let pkgsForRelease = release: let
inherit (unwrapped) card-driver bccr-cacerts; inherit (unwrapped) card-driver bccr-cacerts;
unwrapped = overrideUnwrapped {inherit mirror release vendor;} {}; unwrapped = overrideUnwrapped {inherit release;} {};
pkcs11-module = "${card-driver.lib}/${card-driver.pkcs11-path}"; pkcs11-module = "${card-driver.lib}/${card-driver.pkcs11-path}";
in { in {
inherit card-driver bccr-cacerts pkcs11-module; inherit card-driver bccr-cacerts pkcs11-module;
@ -33,4 +28,4 @@
firmador = callPackage ./firmador.nix {inherit pkcs11-module;}; firmador = callPackage ./firmador.nix {inherit pkcs11-module;};
}; };
in in
lib.mapAttrs (_: pkgsForRelease) releases lib.mapAttrs (_: pkgsForRelease) (releases // {latest = releases.${latest};})

13
trivionomicon/pkgs/athena-bccr/firmador.nix
View file

@ -3,15 +3,15 @@
lib, lib,
makeWrapper, makeWrapper,
maven, maven,
openjdk21, openjdk,
wrapGAppsHook3, wrapGAppsHook3,
pkcs11-module ? null, pkcs11-module ? null,
}: let }: let
jdk = openjdk21.override { jdk = openjdk.override {
enableJavaFX = true; enableJavaFX = true;
}; };
version = "2.0.0+master"; version = "1.9.8+master";
in in
maven.buildMavenPackage { maven.buildMavenPackage {
pname = "firmador"; pname = "firmador";
@ -19,16 +19,15 @@ in
src = fetchgit { src = fetchgit {
url = "https://codeberg.org/firmador/firmador"; url = "https://codeberg.org/firmador/firmador";
rev = "76a16ff5fa7c1a9c3f4a03359742fc09cb98b2c4"; rev = "676b0e3c0dc5adb0628d4d98efcfccfca3daa8a7";
hash = "sha256-xzcJXIU3NFPUdwRNUvymScpBS1eeJYdb8ffevUbAS1o="; hash = "sha256-f/EKll1csvUCRSt4G1SeDB4gVW+ZtUgJjlmM7PlafyQ=";
}; };
patches = [ patches = [
./0001-Remove-CheckUpdatePlugin-from-default-list.patch ./0001-Remove-CheckUpdatePlugin-from-default-list.patch
]; ];
mvnJdk = jdk; mvnHash = "sha256-0vwJ1f+0UXxrXRaJ1BHqfOXDU/pxrSPdYYEQ71m4jJQ=";
mvnHash = "sha256-SCTXlLqc4SxWWZlQLJc+T7jM991LLwU9MqDALcbECsw=";
nativeBuildInputs = [ nativeBuildInputs = [
makeWrapper makeWrapper

42
trivionomicon/pkgs/athena-bccr/releases.nix
View file

@ -1,33 +1,27 @@
{ {
"athena" = { "deb64-rev26" = {
latest = "deb64-rev26"; # nix hash convert --hash-algo sha256 --from base16 --to sri $(sha256sum sfd_ClientesLinux_DEB64_Rev26.zip | cut -d' ' -f1)
hash = "sha256-ZPWP9TqJQ5coJAPzUSiaXKVItBWlqFM4smCjOf+gqQM=";
filename = "sfd_ClientesLinux_DEB64_Rev26.zip";
basename = "sfd_ClientesLinux_DEB64_Rev26";
vendor = "athena";
"deb64-rev26" = { srcPaths = {
# nix hash convert --hash-algo sha256 --from base16 --to sri $(sha256sum sfd_ClientesLinux_DEB64_Rev26.zip | cut -d' ' -f1) gaudi = "Firma Digital/Agente GAUDI/agente-gaudi_20.0_amd64.deb";
hash = "sha256-ZPWP9TqJQ5coJAPzUSiaXKVItBWlqFM4smCjOf+gqQM="; idprotect = "Firma Digital/PinTool/IDProtect PINTool 7.24.02/DEB/idprotectclient_7.24.02-0_amd64.deb";
filename = "sfd_ClientesLinux_DEB64_Rev26.zip";
basename = "sfd_ClientesLinux_DEB64_Rev26";
srcPaths = {
gaudi = "Firma Digital/Agente GAUDI/agente-gaudi_20.0_amd64.deb";
idprotect = "Firma Digital/PinTool/IDProtect PINTool 7.24.02/DEB/idprotectclient_7.24.02-0_amd64.deb";
};
}; };
}; };
"idopte" = { "deb64-rev26.2" = {
latest = "deb64-rev26.2"; # nix hash convert --hash-algo sha256 --from base16 --to sri $(sha256sum sfd_ClientesLinux_DEB64_Ubuntu24_rev26_02 | cut -d' ' -f1)
hash = "sha256-DNzP0YRnuUbfKLhi7JeQCirdGx4kM7ROqHDkTuVs0mA=";
filename = "sfd_ClientesLinux_DEB64_Ubuntu24_rev26_02.zip";
basename = "sfd_ClientesLinux_DEB64_Ubuntu24_26_02";
vendor = "idopte";
"deb64-rev26.2" = { srcPaths = {
# nix hash convert --hash-algo sha256 --from base16 --to sri $(sha256sum sfd_ClientesLinux_DEB64_Ubuntu24_rev26_02 | cut -d' ' -f1) gaudi = "Firma Digital/Agente GAUDI/agente-gaudi_27.0_amd64.deb";
hash = "sha256-DNzP0YRnuUbfKLhi7JeQCirdGx4kM7ROqHDkTuVs0mA="; idopte = "Firma Digital/Idopte/Idopte_6.23.44.0_ubun24_amd64.deb";
filename = "sfd_ClientesLinux_DEB64_Ubuntu24_rev26_02.zip";
basename = "sfd_ClientesLinux_DEB64_Ubuntu24_26_02";
srcPaths = {
gaudi = "Firma Digital/Agente GAUDI/agente-gaudi_27.0_amd64.deb";
idopte = "Firma Digital/Idopte/Idopte_6.23.44.0_ubun24_amd64.deb";
};
}; };
}; };
} }

81
trivionomicon/pkgs/athena-bccr/unwrapped.nix
View file

@ -1,41 +1,26 @@
{ {
fetchurl,
lib, lib,
mirror ? null,
requireFile, requireFile,
release, release,
gaudiHash ? null, gaudiHash ? null,
vendor,
... ...
}: let }: let
inherit (release) srcPaths; inherit (release) srcPaths vendor;
url = src = requireFile {
if mirror != null url = "https://soportefirmadigital.com";
then "${mirror}/${release.filename}"
else "https://soportefirmadigital.com";
fetchSrc =
if mirror != null
then fetchurl
else requireFile;
src = fetchSrc {
name = release.filename; name = release.filename;
inherit url;
inherit (release) hash; inherit (release) hash;
}; };
gaudiUpdateSrc = { gaudiUpdateSrc = {update-gaudi}:
update-gaudi, requireFile {
runCommand, url = "${update-gaudi}";
}: name = "gaudi-update-${release.name}.zip";
runCommand "gaudi-update-${release.name}.zip" {
outputHash = gaudiHash; hash = gaudiHash;
} '' };
${update-gaudi} $out
'';
moduleFromDeb = name: args @ { moduleFromDeb = name: args @ {
stdenv, stdenv,
@ -117,7 +102,6 @@
libnotify, libnotify,
openssl, openssl,
pcsclite, pcsclite,
python3,
stdenv, stdenv,
unzip, unzip,
webkitgtk_4_1, webkitgtk_4_1,
@ -140,7 +124,6 @@
nativeBuildInputs = [ nativeBuildInputs = [
autoPatchelfHook autoPatchelfHook
python3
]; ];
outputs = ["out" "lib"]; outputs = ["out" "lib"];
@ -149,35 +132,15 @@
runHook preInstall runHook preInstall
install -m755 -d $out/bin $lib/{etc,lib/SCMiddleware} install -m755 -d $out/bin $lib/{etc,lib/SCMiddleware}
install -m755 usr/lib/SCMiddleware/SCManager $out/bin install -m755 usr/lib/SCMiddleware/{idocachesrv,SCManager} $out/bin
install -m755 usr/lib/SCMiddleware/{*.so,idocachesrv} $lib/lib/SCMiddleware install -m755 usr/lib/SCMiddleware/*.so $lib/lib/SCMiddleware
cp -r etc/id* $lib/etc cp -r etc/id* $lib/etc
ln -s ../lib/SCMiddleware $lib/etc
runHook postInstall runHook postInstall
''; '';
preFixup = '' preFixup = ''
for elf in $lib/lib/SCMiddleware/* $out/bin/*; do patchelf --set-rpath $lib/lib/SCMiddleware $lib/lib/SCMiddleware/* $out/bin/*
python3 /dev/fd/3 <$elf >$elf.patched 3<<EOF
import sys
contents = sys.stdin.buffer.read()
def bin_replace(s, a, b):
assert len(a) >= len(b)
return s.replace(a, b + b'\0' * (len(a) - len(b)))
contents = bin_replace(contents, b'/usr/lib/SCMiddleware', b'/etc/SCMiddleware')
contents = bin_replace(contents, b'/tmp/.idoss_socket', b'/run/idoss/socket')
sys.stdout.buffer.write(contents)
EOF
chmod --reference=$elf $elf.patched
mv $elf.patched $elf
patchelf --set-rpath $lib/lib/SCMiddleware $elf
done
''; '';
passthru.pkcs11-path = "lib/SCMiddleware/libidop11.so"; passthru.pkcs11-path = "lib/SCMiddleware/libidop11.so";
@ -192,7 +155,6 @@ in
pkgs, pkgs,
stdenv, stdenv,
unzip, unzip,
runCommand,
writeShellScriptBin, writeShellScriptBin,
update-gaudi, update-gaudi,
... ...
@ -203,7 +165,7 @@ in
}; };
fakeSudo = writeShellScriptBin "sudo" ""; fakeSudo = writeShellScriptBin "sudo" "";
gaudiUpdate = gaudiUpdateSrc {inherit runCommand update-gaudi;}; gaudiUpdate = gaudiUpdateSrc {inherit update-gaudi;};
in in
moduleFromDeb "gaudi" { moduleFromDeb "gaudi" {
inherit dpkg stdenv unzip; inherit dpkg stdenv unzip;
@ -305,20 +267,17 @@ in
wget --ca-certificate="$ca_cert" "$base_url/bccr-firma-fva-clienteMultiplataforma.jar" wget --ca-certificate="$ca_cert" "$base_url/bccr-firma-fva-clienteMultiplataforma.jar"
wget --ca-certificate="$ca_cert" "$base_url/ServicioActualizadorClienteBCCR.jar" wget --ca-certificate="$ca_cert" "$base_url/ServicioActualizadorClienteBCCR.jar"
if [ -n "$1" ]; then
zip_path="$1"
else
zip_path="$PWD/gaudi-update-${release.name}.zip"
fi
# https://gist.github.com/stokito/c588b8d6a6a0aee211393d68eea678f2 # https://gist.github.com/stokito/c588b8d6a6a0aee211393d68eea678f2
TZ=UTC find . -exec touch --no-dereference -a -m -t 198002010000.00 {} + TZ=UTC find . -exec touch --no-dereference -a -m -t 198002010000.00 {} +
zip_path="$PWD/gaudi-update-${release.name}.zip"
TZ=UTC zip -q --move --recurse-paths --symlinks -X "$zip_path" . TZ=UTC zip -q --move --recurse-paths --symlinks -X "$zip_path" .
TZ=UTC touch -a -m -t 198002010000.00 "$zip_path" TZ=UTC touch -a -m -t 198002010000.00 "$zip_path"
if [ -z "$1" ]; then set -x
echo -e "\ngaudiHash: $(nix-hash --to-sri --type sha256 $(sha256sum "$zip_path" | cut -d' ' -f1))" nix-store --add-fixed sha256 "$zip_path"
fi set +x
echo -e "\ngaudiHash: $(nix-hash --to-sri --type sha256 $(sha256sum "$zip_path" | cut -d' ' -f1))"
''; '';
} }
// lib.optionalAttrs (vendor == "athena") { // lib.optionalAttrs (vendor == "athena") {

4
trivionomicon/pkgs/default.nix
View file

@ -4,9 +4,7 @@ with prev.lib; let
in { in {
override = {}; override = {};
athena-bccr = callPackage ./athena-bccr {vendor = "athena";}; athena-bccr = callPackage ./athena-bccr {};
ibkr-tws = callPackage ./ibkr-tws {};
idopte-bccr = callPackage ./athena-bccr {vendor = "idopte";};
snapborg = final.python3Packages.callPackage ./snapborg {}; snapborg = final.python3Packages.callPackage ./snapborg {};
socialpredict = callPackage ./socialpredict {}; socialpredict = callPackage ./socialpredict {};
spliit = callPackage ./spliit {}; spliit = callPackage ./spliit {};

106
trivionomicon/pkgs/ibkr-tws/default.nix
View file

@ -1,106 +0,0 @@
{
lib,
makeWrapper,
openjdk,
requireFile,
stdenv,
}: let
version = "10.44.1g";
jdk = openjdk.override {
enableJavaFX = true;
};
removeJavaVersionCheck = file: ''
# Lie about the openjdk version to skip the version check
sed -i 's/\(read_db_entry || create_db_entry \$2\)/\1; ver_major=17; ver_minor=0; ver_micro=16/' ${file}
'';
in
stdenv.mkDerivation {
pname = "ibkr-tws";
inherit version;
src = requireFile {
name = "tws-${version}-standalone-linux-x64.sh";
url = "https://www.interactivebrokers.com/en/trading/download-tws.php?p=offline-latest";
# 1. Rename 'tws-latest-standalone-linux-x64.sh' to 'tws-${version}-standalone-linux-x64.sh'
# 2. nix hash convert --hash-algo sha256 --from base16 --to sri $(sha256sum tws-${version}-standalone-linux-x64.sh | cut -d' ' -f1)
hash = "sha256-UfyfTHOcPiwTof0ZMhV1haX7gyb08v7U2A12VjAny7c=";
};
nativeBuildInputs = [
makeWrapper
];
unpackPhase = ''
runHook preUnpack
cp $src bundle.sh
chmod +x bundle.sh
runHook postUnpack
'';
patchPhase = ''
runHook prePatch
${removeJavaVersionCheck "bundle.sh"}
runHook postPatch
'';
preBuild = ''
export INSTALL4J_NO_DB=true
export INSTALL4J_JAVA_HOME=${jdk}
export INSTALL4J_DISABLE_BUNDLED_JRE=true
'';
buildPhase = ''
runHook preBuild
# Where should Trader Workstation 10.44 be installed?: $out
# Run Trader Workstation 10.44? Yes [y], No [n, Enter]: n
echo -e "$out/lib/tws\nn" | ./bundle.sh
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir -p "$out/bin" "$out/share/applications"
${removeJavaVersionCheck "$out/lib/tws/tws"}
makeWrapper \
"$out/lib/tws/tws" "$out/bin/tws" \
--set INSTALL4J_NO_DB true \
--set INSTALL4J_JAVA_HOME ${jdk}
mv "$out/lib/tws/.install4j/tws.png" "$out/lib/tws"
for path in $out/lib/tws/*.desktop; do
target="$(readlink -f "$path")"
mv "$target" "$out/share/applications/$(basename "$path")"
rm -f "$path"
done
sed -i \
's@$out/lib/tws/tws\>@$out/bin/tws@; s@$out/lib/tws/.install4j/tws.png@$out/lib/tws/tws.png@' \
$out/share/applications/*.desktop
#TODO
sed -i \
's@/build/Jts@/tmp/Jts@g' \
$out/lib/tws/.install4j/{i4jparams.conf,response.varfile}
rm -f "$out/lib/tws/uninstall" $out/lib/tws/.install4j/*.log
runHook postInstall
'';
meta = {
license = lib.licenses.unfree;
mainProgram = "tws";
};
}