pyrox.dev
nixos/mirakurun: add polkit rule for smart card access (#122066)
Fixes #122039
authored by
midchildan
and committed by
GitHub
65670311
92a2e684
+22
-1
nixos/modules/services/video/mirakurun.nix
+22
-1
nixos/modules/services/video/mirakurun.nix
···
8
8
username = config.users.users.mirakurun.name;
9
9
groupname = config.users.users.mirakurun.group;
10
10
settingsFmt = pkgs.formats.yaml {};
11
+
12
+
polkitRule = pkgs.writeTextDir "share/polkit-1/rules.d/10-mirakurun.rules" ''
13
+
polkit.addRule(function (action, subject) {
14
+
if (
15
+
(action.id == "org.debian.pcsc-lite.access_pcsc" ||
16
+
action.id == "org.debian.pcsc-lite.access_card") &&
17
+
subject.user == "${username}"
18
+
) {
19
+
return polkit.Result.YES;
20
+
}
21
+
});
22
+
'';
11
23
in
12
24
{
13
25
options = {
···
45
57
description = ''
46
58
Path to unix socket to listen on. If <literal>null</literal>, it
47
59
won't listen on any unix sockets.
60
+
'';
61
+
};
62
+
63
+
allowSmartCardAccess = mkOption {
64
+
type = types.bool;
65
+
default = true;
66
+
description = ''
67
+
Install polkit rules to allow Mirakurun to access smart card readers
68
+
which is commonly used along with tuner devices.
48
69
'';
49
70
};
50
71
···
110
131
};
111
132
112
133
config = mkIf cfg.enable {
113
-
environment.systemPackages = [ mirakurun ];
134
+
environment.systemPackages = [ mirakurun ] ++ optional cfg.allowSmartCardAccess polkitRule;
114
135
environment.etc = {
115
136
"mirakurun/server.yml".source = settingsFmt.generate "server.yml" cfg.serverSettings;
116
137
"mirakurun/tuners.yml" = mkIf (cfg.tunerSettings != null) {