nixos/pcscd: Improve and clean up module

So far the module only allowed for the ccid driver, but there are a lot of other PCSC driver modules out there, so let's add an option called "plugins", which boils down to a store path that links together all the paths specified. We don't need to create stuff in /var/lib/pcsc anymore, because we patched pcsclite to allow setting PCSCLITE_HP_DROPDIR. Another new option is readerConfig, which is especially useful for non-USB readers that aren't autodetected. The systemd service now is no longer Type=forking, because we're now passing the -f (foreground) option to pcscd. Tested against a YubiKey 4, SCR335 and a REINER SCT USB reader. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Cc: @wkennington
2024-12-26 21:33:03 +03:00 · 2016-06-04 13:07:09 +02:00 · 2016-06-04 13:07:09 +02:00 · 9720e16adc
commit 9720e16adc
parent bc877d8bfc
1 changed files with 35 additions and 20 deletions
--- a/nixos/modules/services/hardware/pcscd.nix
+++ b/nixos/modules/services/hardware/pcscd.nix
@ -1,29 +1,51 @@
 { config, lib, pkgs, ... }:

-let
-  cfgFile = pkgs.writeText "reader.conf" "";
-in
-
 with lib;

-{
+let
+  cfgFile = pkgs.writeText "reader.conf" config.services.pcscd.readerConfig;
+
+  pluginEnv = pkgs.buildEnv {
+    name = "pcscd-plugins";
+    paths = map (p: "${p}/pcsc/drivers") config.services.pcscd.plugins;
+  };
+
+in {

  ###### interface

  options = {

    services.pcscd = {
+      enable = mkEnableOption "PCSC-Lite daemon";

-      enable = mkOption {
-        default = false;
-        description = "Whether to enable the PCSC-Lite daemon.";
+      plugins = mkOption {
+        type = types.listOf types.package;
+        default = [ pkgs.ccid ];
+        defaultText = "[ pkgs.ccid ]";
+        example = literalExample "[ pkgs.pcsc-cyberjack ]";
+        description = "Plugin packages to be used for PCSC-Lite.";
      };

+      readerConfig = mkOption {
+        type = types.lines;
+        default = "";
+        example = ''
+          FRIENDLYNAME      "Some serial reader"
+          DEVICENAME        /dev/ttyS0
+          LIBPATH           /path/to/serial_reader.so
+          CHANNELID         1
+        '';
+        description = ''
+          Configuration for devices that aren't hotpluggable.
+
+          See <citerefentry><refentrytitle>reader.conf</refentrytitle>
+          <manvolnum>5</manvolnum></citerefentry> for valid options.
+        '';
+      };
    };
-
  };

-
  ###### implementation

  config = mkIf config.services.pcscd.enable {
@ -37,18 +59,11 @@ with lib;

    systemd.services.pcscd = {
      description = "PCSC-Lite daemon";
-      preStart = ''
-          mkdir -p /var/lib/pcsc
-          rm -Rf /var/lib/pcsc/drivers
-          ln -s ${pkgs.ccid}/pcsc/drivers /var/lib/pcsc/
-      '';
+      environment.PCSCLITE_HP_DROPDIR = pluginEnv;
      serviceConfig = {
-        Type = "forking";
-        ExecStart = "${pkgs.pcsclite}/sbin/pcscd --auto-exit -c ${cfgFile}";
-        ExecReload = "${pkgs.pcsclite}/sbin/pcscd --hotplug";
+        ExecStart = "${pkgs.pcsclite}/sbin/pcscd -f -x -c ${cfgFile}";
+        ExecReload = "${pkgs.pcsclite}/sbin/pcscd -H";
      };
    };
-
  };
-
 }