Skip to content

Commit

Permalink
+
Browse files Browse the repository at this point in the history
  • Loading branch information
@oluceps
oluceps committed Oct 27, 2024
1 parent d46e0d2 commit 552aeec
Show file tree
Hide file tree
Showing 5 changed files with 136 additions and 120 deletions.
2 changes: 1 addition & 1 deletion hosts/dev.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@
monero-cli
yubikey-personalization
opensc
sbctl
];

dev = [
Expand Down Expand Up @@ -214,7 +215,6 @@
cmd = [
metasploit
# linuxKernel.packages.linux_latest_libre.cpupower
clean-home
just
typst
cosmic-term
Expand Down
51 changes: 29 additions & 22 deletions misc.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -188,28 +188,35 @@
environment.etc = {
"NIXOS".text = "";
"machine-id".text = "b08dfa6083e7567a1921a715000001fb\n";
"sbctl/sbctl.conf".text = ''
keydir: /var/lib/sbctl/keys
guid: /var/lib/sbctl/GUID
files_db: /var/lib/sbctl/files.json
bundles_db: /var/lib/sbctl/bundles.json
landlock: true
db_additions:
- microsoft
keys:
pk:
privkey: /var/lib/sbctl/keys/PK/PK.key
pubkey: /var/lib/sbctl/keys/PK/PK.pem
type: file
kek:
privkey: /var/lib/sbctl/keys/KEK/KEK.key
pubkey: /var/lib/sbctl/keys/KEK/KEK.pem
type: file
db:
privkey: /var/lib/sbctl/keys/db/db.key
pubkey: /var/lib/sbctl/keys/db/db.pem
type: file
'';
"sbctl/sbctl.conf".source =
let
sbctlVar = "/var/lib/sbctl";
in
(pkgs.formats.yaml { }).generate "sbctl.conf" {
bundles_db = "${sbctlVar}/bundles.json";
db_additions = [ "microsoft" ];
files_db = "${sbctlVar}/files.json";
guid = "${sbctlVar}/GUID";
keydir = "${sbctlVar}/keys";
keys = {
db = {
privkey = "${sbctlVar}/keys/db/db.key";
pubkey = "${sbctlVar}/keys/db/db.pem";
type = "file";
};
kek = {
privkey = "${sbctlVar}/keys/KEK/KEK.key";
pubkey = "${sbctlVar}/keys/KEK/KEK.pem";
type = "file";
};
pk = {
privkey = "${sbctlVar}/keys/PK/PK.key";
pubkey = "${sbctlVar}/keys/PK/PK.pem";
type = "file";
};
};
landlock = true;
};
};
programs = {
bash = {
Expand Down
133 changes: 39 additions & 94 deletions overlays.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
{ inputs', inputs }:
# Go: https://github.com/NixOS/nixpkgs/issues/86349#issuecomment-624489806
# Rust:
[
(
final: prev:
Expand All @@ -22,6 +24,43 @@
# })
# factorio-headless-experimental
# ;
sbctl = (
prev.callPackage "${prev.path}/pkgs/by-name/sb/sbctl/package.nix" {
buildGoModule =
args:
prev.buildGoModule (
args
// (
let
version =
let
myVersion = "0.16";
inherit (prev.lib) versionOlder;
in
(if (versionOlder myVersion prev.pkgs.sbctl.version) then throw "Newer in nixpkgs" else myVersion);
in
{
inherit version;

src = prev.fetchFromGitHub {
owner = "Foxboron";
repo = "sbctl";
rev = version;
hash = "sha256-BLSvjo6GCqpECJPJtQ6C2zEz1p03uyvxTYa+DoxZ78s=";
};
ldflags = [
"-s"
"-w"
"-X github.com/foxboron/sbctl.Version=${version}"
];
patches = [ ];
vendorHash = "sha256-srfZ+TD93szabegwtzLTjB+uo8aj8mB4ecQ9m8er00A=";
doCheck = false;
}
)
);
}
);

inherit (inputs'.browser-previews.packages) google-chrome-beta;

Expand Down Expand Up @@ -75,92 +114,6 @@
sha256 = "sha256-daLb7ebMVeL+f8WydH4DONkUA+0D6d+v+pohJb2qjOo=";
};
});
phantomsocks =
with prev;
buildGoModule rec {
pname = "phantomsocks";
version = "unstable-2023-11-30";

src = fetchFromGitHub {
owner = "macronut";
repo = pname;
rev = "b1b13c5b88cf3bac54f39c37c0ffcb0b46e31049";
hash = "sha256-ptCzd2/8dNHjAkhwA2xpZH8Ki/9DnblHI2gAIpgM+8E=";
};

vendorHash = "sha256-0MJlz7HAhRThn8O42yhvU3p5HgTG8AkPM0ksSjWYAC4=";

ldflags = [
"-s"
"-w"
];
buildInputs = [ libpcap ];
tags = [ "pcap" ];
};

dae-unstable = prev.buildGoModule rec {
pname = "dae";
version = "unstable";

src = prev.fetchFromGitHub {
owner = "daeuniverse";
repo = "dae";
rev = "16dfabc93596d4036c0c8418789a7b114bf61619";
hash = "sha256-Ya/M0/bx8O50kqdHO14mPz56FfW4xXDu7rYLjlB3OZc=";
fetchSubmodules = true;
};

vendorHash = "sha256-/r118MbfHxXHt7sKN8DOGj+SmBqSZ+ttjYywnqOIPuY=";

proxyVendor = true;

nativeBuildInputs = [ prev.clang ];

ldflags = [
"-s"
"-w"
"-X github.com/daeuniverse/dae/cmd.Version=${version}"
"-X github.com/daeuniverse/dae/common/consts.MaxMatchSetLen_=64"
];

preBuild = ''
make CFLAGS="-D__REMOVE_BPF_PRINTK -fno-stack-protector -Wno-unused-command-line-argument" \
NOSTRIP=y \
ebpf
'';

# network required
doCheck = false;

postInstall = ''
install -Dm444 install/dae.service $out/lib/systemd/system/dae.service
substituteInPlace $out/lib/systemd/system/dae.service \
--replace /usr/bin/dae $out/bin/dae
'';
meta.mainProgram = "dae";
};

record-status = prev.writeShellScriptBin "record-status" ''
pid=`pgrep wf-recorder`
status=$?
if [ $status != 0 ]
then
echo '';
else
echo '';
fi;
'';

screen-recorder-toggle = prev.writeShellScriptBin "screen-recorder-toggle" ''
pid=`${prev.procps}/bin/pgrep wl-screenrec`
status=$?
if [ $status != 0 ]
then
${prev.wl-screenrec}/bin/wl-screenrec -g "$(${prev.slurp}/bin/slurp)" -f $HOME/Videos/record/$(date +'recording_%Y-%m-%d-%H%M%S.mp4');
else
${prev.procps}/bin/pkill --signal SIGINT wl-screenrec
fi;
'';

save-clipboard-to = prev.writeShellScriptBin "save-clipboard-to" ''
wl-paste > $HOME/Pictures/Screenshots/$(date +'shot_%Y-%m-%d-%H%M%S.png')
Expand All @@ -176,14 +129,6 @@
'';
};

clean-home = final.nuenv.writeScriptBin {
name = "clean-home";
script = ''
cd /home/riro/
ls | each {|i| findmnt $i.name | if $in == "" { rm -rf $i.name}}
cd -
'';
};
systemd-run-app = prev.writeShellApplication {
name = "systemd-run-app";
text = ''
Expand Down
65 changes: 65 additions & 0 deletions pkgs/sbctl.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
{
lib,
buildGoModule,
fetchFromGitHub,
installShellFiles,
asciidoc,
nix-update-script,
}:

buildGoModule rec {
pname = "sbctl";
version = "0.16";

src = fetchFromGitHub {
owner = "Foxboron";
repo = pname;
rev = version;
hash = "sha256-BLSvjo6GCqpECJPJtQ6C2zEz1p03uyvxTYa+DoxZ78s=";
};

vendorHash = "sha256-srfZ+TD93szabegwtzLTjB+uo8aj8mB4ecQ9m8er00A=";

ldflags = [
"-s"
"-w"
"-X github.com/foxboron/sbctl.Version=${version}"
];

nativeBuildInputs = [
installShellFiles
asciidoc
];

postBuild = ''
make docs/sbctl.8
'';

postInstall = ''
installManPage docs/sbctl.8
installShellCompletion --cmd sbctl \
--bash <($out/bin/sbctl completion bash) \
--fish <($out/bin/sbctl completion fish) \
--zsh <($out/bin/sbctl completion zsh)
'';

# TODO: Test of github.com/google/go-tpm-tools/simulator/internal are broken?
doCheck = false;

passthru.updateScript = nix-update-script { };

meta = with lib; {
description = "Secure Boot key manager";
mainProgram = "sbctl";
homepage = "https://github.com/Foxboron/sbctl";
license = licenses.mit;
maintainers = with maintainers; [
raitobezarius
Scrumplex
];
# go-uefi do not support darwin at the moment:
# see upstream on https://github.com/Foxboron/go-uefi/issues/13
platforms = platforms.linux;
};
}
5 changes: 2 additions & 3 deletions userPkgs.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ with pkgs;

# wpsoffice-cn

sbctl
# sbctl
qbittorrent

protonmail-bridge
Expand Down Expand Up @@ -114,7 +114,7 @@ with pkgs;

# social
# discord
materialgram
# materialgram
element-desktop-wayland
# thunderbird
# fluffychat
Expand Down Expand Up @@ -161,7 +161,6 @@ with pkgs;
# texlive.combined.scheme-full
vlc
bluedevil
julia-bin
prismlauncher
]
++ (with pkgs; [ fluent-icon-theme ])
Expand Down

0 comments on commit 552aeec

Please sign in to comment.