From 32e98961546cd0eef193cc946ea05f83c2cb42d6 Mon Sep 17 00:00:00 2001 From: oddlama Date: Tue, 29 Oct 2024 23:56:03 +0100 Subject: [PATCH] refactor: merge initrd-ssh.nix with ssh.nix, remove ccid override (now upstream) --- README.md | 10 -- config/default.nix | 1 - config/graphical/cosmic.nix | 172 --------------------------------- config/graphical/default.nix | 6 +- config/hardware/bluetooth.nix | 2 +- config/inputrc | 105 ++++++++++++++++++++ config/inputrc.nix | 110 --------------------- config/optional/initrd-ssh.nix | 29 ------ config/ssh.nix | 76 +++++++++++---- config/system.nix | 3 + hosts/envoy/default.nix | 1 - hosts/kroma/default.nix | 1 - hosts/nom/default.nix | 1 - hosts/sentinel/default.nix | 1 - hosts/sire/default.nix | 1 - hosts/ward/default.nix | 1 - hosts/zackbiene/default.nix | 1 - pkgs/ccid.nix | 84 ---------------- pkgs/default.nix | 1 - 19 files changed, 167 insertions(+), 439 deletions(-) delete mode 100644 config/graphical/cosmic.nix create mode 100644 config/inputrc delete mode 100644 config/inputrc.nix delete mode 100644 config/optional/initrd-ssh.nix delete mode 100644 pkgs/ccid.nix diff --git a/README.md b/README.md index 037d20f..0af9b73 100644 --- a/README.md +++ b/README.md @@ -139,16 +139,6 @@ Afterwards: - Rekey the secrets for the new identity `nix run .#rekey` - Deploy again -#### Remote encrypted unlock - -If a host uses encrypted root together with the `common/initrd-ssh.nix` module, -it can be unlocked remotely by connecting via ssh on port 4 and executing `systemd-tty-ask-password-agent`. - -#### Show QR for external wireguard client - -nix run show-wireguard-qr -then select the host in the fzf menu - #### New secret ... diff --git a/config/default.nix b/config/default.nix index a8a15f6..ad87946 100644 --- a/config/default.nix +++ b/config/default.nix @@ -23,7 +23,6 @@ ./boot.nix ./home-manager.nix ./impermanence.nix - ./inputrc.nix ./installer.nix ./issue.nix ./net.nix diff --git a/config/graphical/cosmic.nix b/config/graphical/cosmic.nix deleted file mode 100644 index 6a4d46f..0000000 --- a/config/graphical/cosmic.nix +++ /dev/null @@ -1,172 +0,0 @@ -{ - lib, - pkgs, - config, - utils, - ... -}: let - excludePackages = with pkgs; [fira]; -in { - environment.pathsToLink = [ - "/share/backgrounds" - "/share/cosmic" - ]; - environment.systemPackages = - utils.removePackagesByName ( - with pkgs; - [ - adwaita-icon-theme - alsa-utils - cosmic-applets - cosmic-applibrary - cosmic-bg - (cosmic-comp.override { - # avoid PATH pollution of system action keybinds (Xwayland handled below) - useXWayland = false; - }) - cosmic-edit - cosmic-files - cosmic-greeter - cosmic-icons - cosmic-launcher - cosmic-notifications - cosmic-osd - cosmic-panel - cosmic-randr - cosmic-screenshot - cosmic-session - cosmic-settings - cosmic-settings-daemon - cosmic-term - cosmic-wallpapers - cosmic-workspaces-epoch - hicolor-icon-theme - playerctl - pop-icon-theme - pop-launcher - xdg-user-dirs - xwayland - ] - ++ lib.optionals config.services.flatpak.enable [ - cosmic-store - ] - ) - excludePackages; - - # xdg portal packages and config - xdg.portal = { - enable = true; - extraPortals = with pkgs; [ - xdg-desktop-portal-cosmic - xdg-desktop-portal-gtk - ]; - configPackages = lib.mkDefault ( - with pkgs; [ - xdg-desktop-portal-cosmic - ] - ); - }; - - # fonts - fonts.packages = - utils.removePackagesByName (with pkgs; [ - fira - ]) - excludePackages; - - # required features - # hardware.${ - # if lib.versionAtLeast lib.version "24.11" - # then "graphics" - # else "opengl" - # }.enable = - # true; - # services.libinput.enable = true; - # xdg.mime.enable = true; - # xdg.icons.enable = true; - - # optional features - # hardware.bluetooth.enable = lib.mkDefault true; - services.acpid.enable = lib.mkDefault true; - # services.pipewire = { - # enable = lib.mkDefault true; - # alsa.enable = lib.mkDefault true; - # pulse.enable = lib.mkDefault true; - # }; - services.gvfs.enable = lib.mkDefault true; - # networking.networkmanager.enable = lib.mkDefault true; - services.gnome.gnome-keyring.enable = lib.mkDefault true; - - # general graphical session features - # programs.dconf.enable = lib.mkDefault true; - # - # required dbus services - services.accounts-daemon.enable = true; - services.upower.enable = true; - services.power-profiles-daemon.enable = lib.mkDefault (!config.hardware.system76.power-daemon.enable); - security.polkit.enable = true; - security.rtkit.enable = true; - - # session packages - services.displayManager.sessionPackages = with pkgs; [cosmic-session]; - systemd.packages = with pkgs; [cosmic-session]; - # TODO: remove when upstream has XDG autostart support - systemd.user.targets.cosmic-session = { - wants = ["xdg-desktop-autostart.target"]; - before = ["xdg-desktop-autostart.target"]; - }; - - # required for screen locker - security.pam.services.cosmic-greeter = {}; - - nix.settings.substituters = [ - "https://cosmic.cachix.org/" - ]; - nix.settings.trusted-public-keys = [ - "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" - ]; - - # module diagnostics - warnings = - lib.optional - ( - lib.elem pkgs.cosmic-files excludePackages - && !(lib.elem pkgs.cosmic-session excludePackages) - ) - '' - The COSMIC session may fail to initialise with the `cosmic-files` package excluded via - `excludePackages`. - - Please do one of the following: - 1. Remove `cosmic-files` from `excludePackages`. - 2. Add `cosmic-session` (in addition to `cosmic-files`) to - `excludePackages` and ensure whatever session starter/manager you are - using is appropriately set up. - ''; - assertions = [ - { - assertion = lib.elem "libcosmic-app-hook" ( - lib.map ( - drv: lib.optionalString (lib.isDerivation drv) (lib.getName drv) - ) - pkgs.cosmic-comp.nativeBuildInputs - ); - message = '' - It looks like the provided `pkgs` to the NixOS COSMIC module is not usable for a working COSMIC - desktop environment. - - If you are erroneously passing in `pkgs` to `specialArgs` somewhere in your system configuration, - this is is often unnecessary and has unintended consequences for all NixOS modules. Please either - remove that in favor of configuring the NixOS `pkgs` instance via `nixpkgs.config` and - `nixpkgs.overlays`. - - If you must instantiate your own `pkgs`, then please include the overlay from the NixOS COSMIC flake - when instantiating `pkgs` and be aware that the `nixpkgs.config` and `nixpkgs.overlays` options will - not function for any NixOS modules. - - Note that the COSMIC packages in Nixpkgs are still largely broken as of 2024-10-16 and will not be - usable for having a fully functional COSMIC desktop environment. The overlay is therefore necessary. - ''; - } - ]; -} diff --git a/config/graphical/default.nix b/config/graphical/default.nix index 07fdb4d..4c636b2 100644 --- a/config/graphical/default.nix +++ b/config/graphical/default.nix @@ -4,7 +4,6 @@ lib, minimal, pkgs, - globals, ... }: let inherit @@ -30,7 +29,6 @@ in ./fonts.nix ./steam.nix ./xserver.nix - # ./cosmic.nix ]; config = { @@ -67,13 +65,13 @@ in waylandCompositors.sway = { prettyName = "Sway"; comment = "Sway"; - binPath = lib.getExe config.home-manager.users.${globals.myuser.name}.wayland.windowManager.sway.package; + binPath = lib.getExe pkgs.sway; }; waylandCompositors.hyprland = { prettyName = "Hyprland"; comment = "Hyprland"; - binPath = lib.getExe config.home-manager.users.${globals.myuser.name}.wayland.windowManager.hyprland.package; + binPath = lib.getExe pkgs.hyprland; }; }; diff --git a/config/hardware/bluetooth.nix b/config/hardware/bluetooth.nix index a71adbd..d376eb4 100644 --- a/config/hardware/bluetooth.nix +++ b/config/hardware/bluetooth.nix @@ -1,5 +1,5 @@ {pkgs, ...}: { - environment.systemPackages = with pkgs; [bluetuith]; + environment.systemPackages = with pkgs; [bluetui]; environment.persistence."/persist".directories = [ "/var/lib/bluetooth" ]; diff --git a/config/inputrc b/config/inputrc new file mode 100644 index 0000000..7561e23 --- /dev/null +++ b/config/inputrc @@ -0,0 +1,105 @@ +# /etc/inputrc: initialization file for readline +# +# For more information on how this file works, please see the +# INITIALIZATION FILE section of the readline(3) man page +# +# Quick dirty little note: +# To get the key sequence for binding, you can abuse bash. +# While running bash, hit CTRL+V, and then type the key sequence. +# So, typing 'ALT + left arrow' in Konsole gets you back: +# ^[[1;3D +# The readline entry to make this skip back a word will then be: +# "\e[1;3D" backward-word +# +# Customization note: +# You don't need to put all your changes in this file. You can create +# ~/.inputrc which starts off with the line: +# $include /etc/inputrc +# Then put all your own stuff after that. + +# do not bell on tab-completion +set bell-style none + +set history-size -1 + +set meta-flag on +set input-meta on +set convert-meta off +set output-meta on + +# dont output everything on first line +set horizontal-scroll-mode off + + +# append slash to completed directories & symlinked directories +set mark-directories on +set mark-symlinked-directories on + +# dont expand ~ in tab completion +set expand-tilde off + +# instead of ringing bell, show list of ambigious completions directly, also show up to 300 items before asking +set show-all-if-ambiguous on +set completion-query-items 300 + + +$if mode=emacs + +# for linux console and RH/Debian xterm +# allow the use of the Home/End keys +"\e[1~": beginning-of-line +"\e[4~": end-of-line +# map "page up" and "page down" to search history based on current cmdline +"\e[5~": history-search-backward +"\e[6~": history-search-forward +# allow the use of the Delete/Insert keys +"\e[3~": delete-char +"\e[2~": quoted-insert + +# gnome / others (escape + arrow key) +"\e[5C": forward-word +"\e[5D": backward-word +# konsole / xterm / rxvt (escape + arrow key) +"\e\e[C": forward-word +"\e\e[D": backward-word +# gnome / konsole / others (control + arrow key) +"\e[1;5C": forward-word +"\e[1;5D": backward-word +# aterm / eterm (control + arrow key) +"\eOc": forward-word +"\eOd": backward-word + +# konsole (alt + arrow key) +"\e[1;3C": forward-word +"\e[1;3D": backward-word + +# Chromebooks remap alt + backspace so provide alternative (alt + k) +"\ek": backward-kill-word + +$if term=rxvt +"\e[8~": end-of-line + +"\e[3^": kill-line +"\e[3@": backward-kill-line +$endif + +# for non RH/Debian xterm, can't hurt for RH/Debian xterm +"\eOH": beginning-of-line +"\eOF": end-of-line + +# for freebsd console +"\e[H": beginning-of-line +"\e[F": end-of-line + +# fix Home and End for German users +"\e[7~": beginning-of-line +"\e[8~": end-of-line + +# ctrl [+ shift] + del = kill line [backward] +"\e[3;5~": kill-line +"\e[3;6~": backward-kill-line +$endif + +# Up and Down should search history based on current cmdline +"\e[A": history-search-backward +"\e[B": history-search-forward diff --git a/config/inputrc.nix b/config/inputrc.nix deleted file mode 100644 index 0238da2..0000000 --- a/config/inputrc.nix +++ /dev/null @@ -1,110 +0,0 @@ -{ - environment.etc."inputrc".text = '' - # /etc/inputrc: initialization file for readline - # - # For more information on how this file works, please see the - # INITIALIZATION FILE section of the readline(3) man page - # - # Quick dirty little note: - # To get the key sequence for binding, you can abuse bash. - # While running bash, hit CTRL+V, and then type the key sequence. - # So, typing 'ALT + left arrow' in Konsole gets you back: - # ^[[1;3D - # The readline entry to make this skip back a word will then be: - # "\e[1;3D" backward-word - # - # Customization note: - # You don't need to put all your changes in this file. You can create - # ~/.inputrc which starts off with the line: - # $include /etc/inputrc - # Then put all your own stuff after that. - # - - # do not bell on tab-completion - set bell-style none - - set history-size -1 - - set meta-flag on - set input-meta on - set convert-meta off - set output-meta on - - # dont output everything on first line - set horizontal-scroll-mode off - - - # append slash to completed directories & symlinked directories - set mark-directories on - set mark-symlinked-directories on - - # dont expand ~ in tab completion - set expand-tilde off - - # instead of ringing bell, show list of ambigious completions directly, also show up to 300 items before asking - set show-all-if-ambiguous on - set completion-query-items 300 - - - $if mode=emacs - - # for linux console and RH/Debian xterm - # allow the use of the Home/End keys - "\e[1~": beginning-of-line - "\e[4~": end-of-line - # map "page up" and "page down" to search history based on current cmdline - "\e[5~": history-search-backward - "\e[6~": history-search-forward - # allow the use of the Delete/Insert keys - "\e[3~": delete-char - "\e[2~": quoted-insert - - # gnome / others (escape + arrow key) - "\e[5C": forward-word - "\e[5D": backward-word - # konsole / xterm / rxvt (escape + arrow key) - "\e\e[C": forward-word - "\e\e[D": backward-word - # gnome / konsole / others (control + arrow key) - "\e[1;5C": forward-word - "\e[1;5D": backward-word - # aterm / eterm (control + arrow key) - "\eOc": forward-word - "\eOd": backward-word - - # konsole (alt + arrow key) - "\e[1;3C": forward-word - "\e[1;3D": backward-word - - # Chromebooks remap alt + backspace so provide alternative (alt + k) - "\ek": backward-kill-word - - $if term=rxvt - "\e[8~": end-of-line - - "\e[3^": kill-line - "\e[3@": backward-kill-line - $endif - - # for non RH/Debian xterm, can't hurt for RH/Debian xterm - "\eOH": beginning-of-line - "\eOF": end-of-line - - # for freebsd console - "\e[H": beginning-of-line - "\e[F": end-of-line - - # fix Home and End for German users - "\e[7~": beginning-of-line - "\e[8~": end-of-line - - # ctrl [+ shift] + del = kill line [backward] - "\e[3;5~": kill-line - "\e[3;6~": backward-kill-line - $endif - - # Up and Down should search history based on current cmdline - "\e[A": history-search-backward - "\e[B": history-search-forward - ''; -} diff --git a/config/optional/initrd-ssh.nix b/config/optional/initrd-ssh.nix deleted file mode 100644 index 4b0b8ff..0000000 --- a/config/optional/initrd-ssh.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - config, - pkgs, - ... -}: { - age.secrets.initrd_host_ed25519_key.generator.script = "ssh-ed25519"; - - boot.initrd.network.enable = true; - boot.initrd.network.ssh = { - enable = true; - port = 4; - hostKeys = [config.age.secrets.initrd_host_ed25519_key.path]; - }; - - # Make sure that there is always a valid initrd hostkey available that can be installed into - # the initrd. When bootstrapping a system (or re-installing), agenix cannot succeed in decrypting - # whatever is given, since the correct hostkey doesn't even exist yet. We still require - # a valid hostkey to be available so that the initrd can be generated successfully. - # The correct initrd host-key will be installed with the next update after the host is booted - # for the first time, and the secrets were rekeyed for the the new host identity. - system.activationScripts.agenixEnsureInitrdHostkey = { - text = '' - [[ -e ${config.age.secrets.initrd_host_ed25519_key.path} ]] \ - || ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -N "" -f ${config.age.secrets.initrd_host_ed25519_key.path} - ''; - deps = ["agenixInstall" "users"]; - }; - system.activationScripts.agenixChown.deps = ["agenixEnsureInitrdHostkey"]; -} diff --git a/config/ssh.nix b/config/ssh.nix index 8157af1..5e1eb3f 100644 --- a/config/ssh.nix +++ b/config/ssh.nix @@ -1,21 +1,57 @@ -{lib, ...}: { - services.openssh = { - enable = true; - # In containers, this is true by default, but we don't want that - # because we rely on ssh key generation for agenix - startWhenNeeded = lib.mkForce false; - authorizedKeysFiles = lib.mkForce ["/etc/ssh/authorized_keys.d/%u"]; - sftpServerExecutable = "internal-sftp"; - settings = { - PasswordAuthentication = false; - KbdInteractiveAuthentication = false; - PermitRootLogin = "yes"; - }; - hostKeys = [ - { - path = "/etc/ssh/ssh_host_ed25519_key"; - type = "ed25519"; - } - ]; - }; +{ + config, + lib, + pkgs, + ... +}: { + config = lib.mkMerge [ + { + services.openssh = { + enable = true; + # In containers, this is true by default, but we don't want that + # because we rely on ssh key generation for agenix. So we need + # the service to start eagerly + startWhenNeeded = lib.mkForce false; + authorizedKeysFiles = lib.mkForce ["/etc/ssh/authorized_keys.d/%u"]; + sftpServerExecutable = "internal-sftp"; + settings = { + PasswordAuthentication = false; + KbdInteractiveAuthentication = false; + PermitRootLogin = "yes"; + }; + hostKeys = [ + { + path = "/etc/ssh/ssh_host_ed25519_key"; + type = "ed25519"; + } + ]; + }; + } + # Enable initrd-ssh unlock for non-virtualized hosts + (lib.mkIf (config.node.type == "host") { + age.secrets.initrd_host_ed25519_key.generator.script = "ssh-ed25519"; + + boot.initrd.network.enable = true; + boot.initrd.network.ssh = { + enable = true; + port = 4; + hostKeys = [config.age.secrets.initrd_host_ed25519_key.path]; + }; + + # Make sure that there is always a valid initrd hostkey available that can be installed into + # the initrd. When bootstrapping a system (or re-installing), agenix cannot succeed in decrypting + # whatever is given, since the correct hostkey doesn't even exist yet. We still require + # a valid hostkey to be available so that the initrd can be generated successfully. + # The correct initrd host-key will be installed with the next update after the host is booted + # for the first time, and the secrets were rekeyed for the the new host identity. + system.activationScripts.agenixEnsureInitrdHostkey = { + text = '' + [[ -e ${config.age.secrets.initrd_host_ed25519_key.path} ]] \ + || ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -N "" -f ${config.age.secrets.initrd_host_ed25519_key.path} + ''; + deps = ["agenixInstall" "users"]; + }; + system.activationScripts.agenixChown.deps = ["agenixEnsureInitrdHostkey"]; + }) + ]; } diff --git a/config/system.nix b/config/system.nix index f264f69..66f4d58 100644 --- a/config/system.nix +++ b/config/system.nix @@ -11,4 +11,7 @@ # Install the kitty terminfo package for all systems. environment.systemPackages = [pkgs.kitty.terminfo]; + + # And a reasonable inputrc please + environment.etc."inputrc".source = ./inputrc; } diff --git a/hosts/envoy/default.nix b/hosts/envoy/default.nix index f733639..0b722ba 100644 --- a/hosts/envoy/default.nix +++ b/hosts/envoy/default.nix @@ -6,7 +6,6 @@ imports = [ ../../config ../../config/hardware/hetzner-cloud.nix - ../../config/optional/initrd-ssh.nix ../../config/optional/zfs.nix ./acme.nix diff --git a/hosts/kroma/default.nix b/hosts/kroma/default.nix index 7f01834..0a7eb7d 100644 --- a/hosts/kroma/default.nix +++ b/hosts/kroma/default.nix @@ -20,7 +20,6 @@ ../../config/dev ../../config/graphical - ../../config/optional/initrd-ssh.nix ../../config/optional/laptop.nix ../../config/optional/sound.nix ../../config/optional/zfs.nix diff --git a/hosts/nom/default.nix b/hosts/nom/default.nix index 11110ca..bbdd3ce 100644 --- a/hosts/nom/default.nix +++ b/hosts/nom/default.nix @@ -17,7 +17,6 @@ ../../config/dev ../../config/graphical - ../../config/optional/initrd-ssh.nix ../../config/optional/laptop.nix ../../config/optional/sound.nix ../../config/optional/zfs.nix diff --git a/hosts/sentinel/default.nix b/hosts/sentinel/default.nix index 156a54e..135ff4f 100644 --- a/hosts/sentinel/default.nix +++ b/hosts/sentinel/default.nix @@ -6,7 +6,6 @@ imports = [ ../../config ../../config/hardware/hetzner-cloud.nix - ../../config/optional/initrd-ssh.nix ../../config/optional/zfs.nix ./acme.nix diff --git a/hosts/sire/default.nix b/hosts/sire/default.nix index c515eb6..a8e12b2 100644 --- a/hosts/sire/default.nix +++ b/hosts/sire/default.nix @@ -14,7 +14,6 @@ ../../config ../../config/hardware/intel.nix ../../config/hardware/physical.nix - ../../config/optional/initrd-ssh.nix ../../config/optional/zfs.nix ./fs.nix diff --git a/hosts/ward/default.nix b/hosts/ward/default.nix index f789925..fe71b86 100644 --- a/hosts/ward/default.nix +++ b/hosts/ward/default.nix @@ -14,7 +14,6 @@ ../../config ../../config/hardware/intel.nix ../../config/hardware/physical.nix - ../../config/optional/initrd-ssh.nix ../../config/optional/zfs.nix ./fs.nix diff --git a/hosts/zackbiene/default.nix b/hosts/zackbiene/default.nix index 3cda84c..e5668db 100644 --- a/hosts/zackbiene/default.nix +++ b/hosts/zackbiene/default.nix @@ -12,7 +12,6 @@ in { ../../config ../../config/hardware/odroid-n2plus.nix ../../config/hardware/physical.nix - ../../config/optional/initrd-ssh.nix ../../config/optional/zfs.nix #./esphome.nix diff --git a/pkgs/ccid.nix b/pkgs/ccid.nix deleted file mode 100644 index 1018d84..0000000 --- a/pkgs/ccid.nix +++ /dev/null @@ -1,84 +0,0 @@ -{ - lib, - stdenv, - fetchurl, - flex, - gitUpdater, - libusb1, - meson, - ninja, - pcsclite, - perl, - pkg-config, - zlib, -}: -stdenv.mkDerivation rec { - pname = "ccid"; - version = "1.6.1"; - - src = fetchurl { - url = "https://ccid.apdu.fr/files/${pname}-${version}.tar.xz"; - hash = "sha256-LsqPsH6P58DTna6sp7l81zxA7Ztyc4okrT3L38kY4eo="; - }; - - postPatch = '' - patchShebangs . - substituteInPlace meson.build --replace-fail \ - "pcsc_dep.get_variable('usbdropdir')" \ - "'$out/pcsc/drivers'" - ''; - - mesonFlags = [ - (lib.mesonBool "serial" true) - ]; - - # error: call to undeclared function 'InterruptRead'; - # ISO C99 and later do not support implicit function declarations - env = lib.optionalAttrs stdenv.cc.isClang { - NIX_CFLAGS_COMPILE = "-Wno-error=implicit-function-declaration"; - }; - - nativeBuildInputs = [ - flex - perl - pkg-config - meson - ninja - ]; - - buildInputs = [ - libusb1 - pcsclite - zlib - ]; - - postInstall = '' - install -Dm 0444 -t $out/lib/udev/rules.d ../src/92_pcscd_ccid.rules - substituteInPlace $out/lib/udev/rules.d/92_pcscd_ccid.rules \ - --replace-fail "/usr/sbin/pcscd" "${pcsclite}/bin/pcscd" - ''; - - # The resulting shared object ends up outside of the default paths which are - # usually getting stripped. - stripDebugList = ["pcsc"]; - - passthru.updateScript = gitUpdater { - url = "https://salsa.debian.org/rousseau/CCID.git"; - }; - - installCheckPhase = '' - [ -f $out/etc/reader.conf.d/libccidtwin ] - [ -f $out/lib/udev/rules.d/92_pcscd_ccid.rules ] - [ -f $out/pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist ] - [ -f $out/pcsc/drivers/ifd-ccid.bundle/Contents/Linux/libccid.so ] - [ -f $out/pcsc/drivers/serial/libccidtwin.so ] - ''; - - meta = with lib; { - description = "PC/SC driver for USB CCID smart card readers"; - homepage = "https://ccid.apdu.fr/"; - license = licenses.lgpl21Plus; - maintainers = [maintainers.anthonyroussel]; - platforms = platforms.unix; - }; -} diff --git a/pkgs/default.nix b/pkgs/default.nix index c99fb5b..44fc3e1 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -8,7 +8,6 @@ _inputs: [ segoe-ui-ttf = prev.callPackage ./segoe-ui-ttf.nix {}; zsh-histdb-skim = prev.callPackage ./zsh-skim-histdb.nix {}; actual-server = prev.callPackage ./actual-server.nix {}; - ccid = prev.callPackage ./ccid.nix {}; neovim-clean = prev.neovim-unwrapped.overrideAttrs (old: { nativeBuildInputs = (old.nativeBuildInputs or []) ++ [prev.makeWrapper]; postInstall =