nixos/pcscd: Improve and clean up module
So far the module only allowed for the ccid driver, but there are a lot of other PCSC driver modules out there, so let's add an option called "plugins", which boils down to a store path that links together all the paths specified. We don't need to create stuff in /var/lib/pcsc anymore, because we patched pcsclite to allow setting PCSCLITE_HP_DROPDIR. Another new option is readerConfig, which is especially useful for non-USB readers that aren't autodetected. The systemd service now is no longer Type=forking, because we're now passing the -f (foreground) option to pcscd. Tested against a YubiKey 4, SCR335 and a REINER SCT USB reader. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Cc: @wkennington
This commit is contained in:
aszlig
parent
bc877d8bfc
commit
9720e16adc
@ -1,29 +1,51 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
let
|
|
||||||
cfgFile = pkgs.writeText "reader.conf" "";
|
|
||||||
in
|
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
{
|
let
|
||||||
|
cfgFile = pkgs.writeText "reader.conf" config.services.pcscd.readerConfig;
|
||||||
|
|
||||||
|
pluginEnv = pkgs.buildEnv {
|
||||||
|
name = "pcscd-plugins";
|
||||||
|
paths = map (p: "${p}/pcsc/drivers") config.services.pcscd.plugins;
|
||||||
|
};
|
||||||
|
|
||||||
|
in {
|
||||||
|
|
||||||
###### interface
|
###### interface
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
|
|
||||||
services.pcscd = {
|
services.pcscd = {
|
||||||
|
enable = mkEnableOption "PCSC-Lite daemon";
|
||||||
|
|
||||||
enable = mkOption {
|
plugins = mkOption {
|
||||||
default = false;
|
type = types.listOf types.package;
|
||||||
description = "Whether to enable the PCSC-Lite daemon.";
|
default = [ pkgs.ccid ];
|
||||||
|
defaultText = "[ pkgs.ccid ]";
|
||||||
|
example = literalExample "[ pkgs.pcsc-cyberjack ]";
|
||||||
|
description = "Plugin packages to be used for PCSC-Lite.";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
readerConfig = mkOption {
|
||||||
|
type = types.lines;
|
||||||
|
default = "";
|
||||||
|
example = ''
|
||||||
|
FRIENDLYNAME "Some serial reader"
|
||||||
|
DEVICENAME /dev/ttyS0
|
||||||
|
LIBPATH /path/to/serial_reader.so
|
||||||
|
CHANNELID 1
|
||||||
|
'';
|
||||||
|
description = ''
|
||||||
|
Configuration for devices that aren't hotpluggable.
|
||||||
|
|
||||||
|
See <citerefentry><refentrytitle>reader.conf</refentrytitle>
|
||||||
|
<manvolnum>5</manvolnum></citerefentry> for valid options.
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
###### implementation
|
###### implementation
|
||||||
|
|
||||||
config = mkIf config.services.pcscd.enable {
|
config = mkIf config.services.pcscd.enable {
|
||||||
@ -37,18 +59,11 @@ with lib;
|
|||||||
|
|
||||||
systemd.services.pcscd = {
|
systemd.services.pcscd = {
|
||||||
description = "PCSC-Lite daemon";
|
description = "PCSC-Lite daemon";
|
||||||
preStart = ''
|
environment.PCSCLITE_HP_DROPDIR = pluginEnv;
|
||||||
mkdir -p /var/lib/pcsc
|
|
||||||
rm -Rf /var/lib/pcsc/drivers
|
|
||||||
ln -s ${pkgs.ccid}/pcsc/drivers /var/lib/pcsc/
|
|
||||||
'';
|
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "forking";
|
ExecStart = "${pkgs.pcsclite}/sbin/pcscd -f -x -c ${cfgFile}";
|
||||||
ExecStart = "${pkgs.pcsclite}/sbin/pcscd --auto-exit -c ${cfgFile}";
|
ExecReload = "${pkgs.pcsclite}/sbin/pcscd -H";
|
||||||
ExecReload = "${pkgs.pcsclite}/sbin/pcscd --hotplug";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user