eID slovensko.sk

Signed-off-by: Magic_RB <magic_rb@redalder.org>
2024-11-22 16:04:25 +01:00 · 2022-09-11 18:44:15 +02:00 · 2022-09-11 18:44:15 +02:00 · 12783c0938
parent edbe703a92
commit 12783c0938
2 changed files with 92 additions and 0 deletions
--- a/nixos/profiles/workstation.nix
+++ b/nixos/profiles/workstation.nix
@ -72,6 +72,9 @@ with lib; {
  virtualisation.docker.enable = true;
  virtualisation.containerd.enable = true;

+  # Enable PCSCD for smart card stuff
+  services.pcscd.enable = true;
+
  ## Fuck podman, 2021-08-31, `podman info` fails with a stack trace
  ## and all containers tested fail with `Operation not supported`...
  # virtualisation.podman = {
--- a/overlays/slovensko-eid.nix
+++ b/overlays/slovensko-eid.nix
@ -0,0 +1,89 @@
+# SPDX-FileCopyrightText: 2022 Richard Brežák <richard@brezak.sk>
+#
+# SPDX-License-Identifier: LGPL-3.0-or-later
+{
+  name = "slovensko-eid";
+  overlays = [ "bwrap-x" ];
+  overlay = {}: final: prev: {
+    slovensko-eid = let
+      dlauncher = prev.stdenv.mkDerivation {
+        pname = "slovensko-dlauncher";
+        version = "unknown";
+
+        src = prev.fetchurl {
+          url = "https://www.slovensko.sk/static/kep/apps/dlauncher2_2.x/DLauncher2.linux.x86_64.run";
+          sha256 = "sha256-h2WFm9bUGmc7qSKrO4NOhOvwPsVu85+rGYn5Rs+Kw00=";
+        };
+        nativeBuildInputs = with prev; [
+          strace
+          patchelf
+        ];
+
+        phases = [ "installPhase" ];
+
+        installPhase = ''
+          tmpdir=$(mktemp -d)
+          cp $src $tmpdir/dlauncher.run
+          patchelf --debug --set-interpreter ${prev.glibc}/lib64/ld-linux-x86-64.so.2 $tmpdir/dlauncher.run
+          ${prev.glibc}/lib64/ld-linux-x86-64.so.2 $tmpdir/dlauncher.run
+        '';
+      };
+      unwrapped = prev.stdenv.mkDerivation {
+        pname = "slovensko-eid";
+        version = "unknown";
+
+        builtInputs = with prev; [ gnutar gzip binutils xz ];
+        src = prev.fetchurl {
+          url = "https://eidas.minv.sk/download/Aplikacia_EID/linux/debian/Aplikacia_pre_eID_amd64_debian.tar.gz";
+          sha256 = "sha256-5htRj4gNlb7MQq00c/vz6NzOaMVkTtq8zGcK1AZJ4HE=";
+        };
+
+        phases = ["unpackPhase" "installPhase"];
+
+        unpackPhase = ''
+          tar xpf $src
+          mkdir deb ; cd deb
+          ar -x ../Aplikacia_pre_eID_amd64_debian.deb
+          tar xpf data.tar.xz
+        '';
+
+        installPhase = ''
+          mkdir $out
+          cp -r usr/{lib,bin} $out
+        '';
+      };
+    in
+      # dlauncher;
+      final.bwrap-x {
+        pkgs = with prev; [
+          libglvnd
+          gcc-unwrapped.lib
+          zlib
+          pcsclite.out
+          xorg.libxcb
+          xorg.libX11
+          xorg.libXcursor
+          dbus.lib
+          lzlib
+          zlib
+          libgcrypt
+        ];
+        bwrapArgsPost = ''
+          --ro-bind ${unwrapped}/lib/eac_mw_klient/ /usr/lib/eac_mw_klient/ \
+          --ro-bind ${unwrapped}/bin/EAC_MW_klient /usr/bin/EAC_MW_klient \
+          --ro-bind /run/pcscd/ /run/pcscd \
+        '';
+        script = ''
+          export ENABLE_XORG=1 ENABLE_NETWORK=1 QT_DEBUG_PLUGINS=1 QT_QPA_PLATFORM_PLUGIN_PATH=${unwrapped}/lib/eac_mw_klient/platforms/
+          export BIND_PATHS="$BIND_PATHS /etc/localtime"
+          preload_libraries+=("${unwrapped}/lib/eac_mw_klient")
+        '';
+        exec = "${prev.strace}/bin/strace";
+        args = prev.lib.singleton (prev.writeShellScript "eid-bwrap" ''
+          ${prev.ungoogled-chromium} &
+          ${prev.glibc}/lib64/ld-linux-x86-64.so.2 ${unwrapped}/bin/EAC_MW_klient
+        '');
+        name = "eslovensko-eid";
+      };
+  };
+}