diff --git a/nixos/modules/hardware/digitalbitbox.nix b/nixos/modules/hardware/digitalbitbox.nix new file mode 100644 index 000000000000..0888cfbef2a8 --- /dev/null +++ b/nixos/modules/hardware/digitalbitbox.nix @@ -0,0 +1,30 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.hardware.digitalbitbox; +in + +{ + options.hardware.digitalbitbox = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Enables udev rules for Digital Bitbox devices. + ''; + }; + + package = mkOption { + type = types.package; + default = pkgs.digitalbitbox; + defaultText = "pkgs.digitalbitbox"; + description = "The Digital Bitbox package to use. This can be used to install a package with udev rules that differ from the defaults."; + }; + }; + + config = mkIf cfg.enable { + services.udev.packages = [ cfg.package ]; + }; +} diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 3b92bc76b97e..13a32b968dcb 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -31,6 +31,7 @@ ./hardware/ckb.nix ./hardware/cpu/amd-microcode.nix ./hardware/cpu/intel-microcode.nix + ./hardware/digitalbitbox.nix ./hardware/sensor/iio.nix ./hardware/ksm.nix ./hardware/mcelog.nix @@ -78,6 +79,7 @@ ./programs/command-not-found/command-not-found.nix ./programs/criu.nix ./programs/dconf.nix + ./programs/digitalbitbox/default.nix ./programs/environment.nix ./programs/fish.nix ./programs/freetds.nix diff --git a/nixos/modules/programs/digitalbitbox/default.nix b/nixos/modules/programs/digitalbitbox/default.nix new file mode 100644 index 000000000000..7c727489c6c9 --- /dev/null +++ b/nixos/modules/programs/digitalbitbox/default.nix @@ -0,0 +1,39 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.programs.digitalbitbox; +in + +{ + options.programs.digitalbitbox = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Installs the Digital Bitbox application and enables the complementary hardware module. + ''; + }; + + package = mkOption { + type = types.package; + default = pkgs.digitalbitbox; + defaultText = "pkgs.digitalbitbox"; + description = "The Digital Bitbox package to use. This can be used to install a package with udev rules that differ from the defaults."; + }; + }; + + config = mkIf cfg.enable { + environment.systemPackages = [ cfg.package ]; + hardware.digitalbitbox = { + enable = true; + package = cfg.package; + }; + }; + + meta = { + doc = ./doc.xml; + maintainers = with stdenv.lib.maintainers; [ vidbina ]; + }; +} diff --git a/nixos/modules/programs/digitalbitbox/doc.xml b/nixos/modules/programs/digitalbitbox/doc.xml new file mode 100644 index 000000000000..7acbc2fc4dde --- /dev/null +++ b/nixos/modules/programs/digitalbitbox/doc.xml @@ -0,0 +1,85 @@ + + + Digital Bitbox + + + Digital Bitbox is a hardware wallet and second-factor authenticator. + + + + The digitalbitbox programs module may be + installed by setting programs.digitalbitbox + to true in a manner similar to + + + programs.digitalbitbox.enable = true; + + + and bundles the digitalbitbox package (see ), which contains the + dbb-app and dbb-cli binaries, + along with the hardware module (see ) which sets up the + necessary udev rules to access the device. + + + + Enabling the digitalbitbox module is pretty much the easiest way to + get a Digital Bitbox device working on your system. + + + + For more information, see + . + + +
+ Package + + + The binaries, dbb-app (a GUI tool) and + dbb-cli (a CLI tool), are available through the + digitalbitbox package which could be installed + as follows: + + + environment.systemPackages = [ + pkgs.digitalbitbox + ]; + + +
+ + +
+ Hardware + + + The digitalbitbox hardware package enables the udev rules for + Digital Bitbox devices and may be installed as follows: + + + hardware.digitalbitbox.enable = true; + + + + + In order to alter the udev rules, one may provide different values for + the udevRule51 and udevRule52 + attributes by means of overriding as follows: + + + programs.digitalbitbox = { + enable = true; + package = pkgs.digitalbitbox.override { + udevRule51 = "something else"; + }; + }; + + +
+ diff --git a/pkgs/applications/misc/digitalbitbox/default.nix b/pkgs/applications/misc/digitalbitbox/default.nix new file mode 100644 index 000000000000..fbd9d47633a1 --- /dev/null +++ b/pkgs/applications/misc/digitalbitbox/default.nix @@ -0,0 +1,140 @@ +{ stdenv +, autoreconfHook +, curl +, fetchFromGitHub +, git +, libevent +, libtool +, libqrencode +, libudev +, libusb +, makeWrapper +, pkgconfig +, qtbase +, qttools +, qtwebsockets +, qtmultimedia +, udevRule51 ? '' +, SUBSYSTEM=="usb", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="dbb%n", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2402" +, '' +, udevRule52 ? '' +, KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2402", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="dbbf%n" +, '' +, writeText +}: + +# Enabling the digitalbitbox program +# +# programs.digitalbitbox.enable = true; +# +# will install the digitalbitbox package and enable the corresponding hardware +# module and is by far the easiest way to get started with the Digital Bitbox on +# NixOS. + +# In case you install the package only, please be aware that you may need to +# apply some udev rules to allow the application to identify and access your +# wallet. In a nixos-configuration, one may accomplish this by enabling the +# digitalbitbox hardware module +# +# hardware.digitalbitbox.enable = true; +# +# or by adding the digitalbitbox package to system.udev.packages +# +# system.udev.packages = [ pkgs.digitalbitbox ]; + +# See https://digitalbitbox.com/start_linux for more information. +let + copyUdevRuleToOutput = name: rule: + "cp ${writeText name rule} $out/etc/udev/rules.d/${name}"; +in stdenv.mkDerivation rec { + name = "digitalbitbox-${version}"; + version = "2.2.2"; + + src = fetchFromGitHub { + owner = "digitalbitbox"; + repo = "dbb-app"; + rev = "v${version}"; + sha256 = "1r77fvqrlaryzij5dfbnigzhvg1d12g96qb2gp8dy3xph1j0k3s1"; + }; + + nativeBuildInputs = with stdenv.lib; [ + autoreconfHook + curl + git + makeWrapper + pkgconfig + qttools + ]; + + buildInputs = with stdenv.lib; [ + libevent + libtool + libudev + libusb + libqrencode + + qtbase + qtwebsockets + qtmultimedia + ]; + + LUPDATE="${qttools.dev}/bin/lupdate"; + LRELEASE="${qttools.dev}/bin/lrelease"; + MOC="${qtbase.dev}/bin/moc"; + QTDIR="${qtbase.dev}"; + RCC="${qtbase.dev}/bin/rcc"; + UIC="${qtbase.dev}/bin/uic"; + + configureFlags = [ + "--enable-libusb" + ]; + + hardeningDisable = [ + "format" + ]; + + postInstall = '' + mkdir -p "$out/lib" + cp src/libbtc/.libs/*.so* $out/lib + cp src/libbtc/src/secp256k1/.libs/*.so* $out/lib + cp src/hidapi/libusb/.libs/*.so* $out/lib + cp src/univalue/.libs/*.so* $out/lib + + # [RPATH][patchelf] Avoid forbidden reference error + rm -rf $PWD + + wrapProgram "$out/bin/dbb-cli" --prefix LD_LIBRARY_PATH : "$out/lib" + wrapProgram "$out/bin/dbb-app" --prefix LD_LIBRARY_PATH : "$out/lib" + + # Provide udev rules as documented in https://digitalbitbox.com/start_linux + mkdir -p "$out/etc/udev/rules.d" + ${copyUdevRuleToOutput "51-hid-digitalbox.rules" udevRule51} + ${copyUdevRuleToOutput "52-hid-digitalbox.rules" udevRule52} + ''; + + meta = with stdenv.lib; { + description = "A QT based application for the Digital Bitbox hardware wallet"; + longDescription = '' + Digital Bitbox provides dbb-app, a GUI tool, and dbb-cli, a CLI tool, to manage Digital Bitbox devices. + + This package will only install the dbb-app and dbb-cli, however; in order for these applications to identify and access Digital Bitbox devices, one may want to enable the digitalbitbox hardware module by adding + + hardware.digitalbitbox.enable = true; + + to the configuration which is equivalent to adding this package to the udev.packages list. + + + The easiest way to use the digitalbitbox package in NixOS is by adding + + programs.digitalbitbox.enable = true; + + to the configuration which installs the package and enables the hardware module. + ''; + homepage = "https://digitalbitbox.com/"; + license = licenses.mit; + maintainers = with maintainers; [ + vidbina + ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 24908b4863b7..46f682e89dc2 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -121,6 +121,8 @@ with pkgs; dieHook = makeSetupHook {} ../build-support/setup-hooks/die.sh; + digitalbitbox = libsForQt5.callPackage ../applications/misc/digitalbitbox { }; + # go 1.9 pin until https://github.com/moby/moby/pull/35739 dockerTools = callPackage ../build-support/docker { go = go_1_9; };