nixos/mirakurun: add polkit rule for smart card access (#122066)

Fixes #122039
This commit is contained in:
midchildan 2021-05-13 02:57:49 +09:00 committed by GitHub
parent 92a2e684bc
commit 6567031111
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -8,6 +8,18 @@ let
username = config.users.users.mirakurun.name;
groupname = config.users.users.mirakurun.group;
settingsFmt = pkgs.formats.yaml {};
polkitRule = pkgs.writeTextDir "share/polkit-1/rules.d/10-mirakurun.rules" ''
polkit.addRule(function (action, subject) {
if (
(action.id == "org.debian.pcsc-lite.access_pcsc" ||
action.id == "org.debian.pcsc-lite.access_card") &&
subject.user == "${username}"
) {
return polkit.Result.YES;
}
});
'';
in
{
options = {
@ -48,6 +60,15 @@ in
'';
};
allowSmartCardAccess = mkOption {
type = types.bool;
default = true;
description = ''
Install polkit rules to allow Mirakurun to access smart card readers
which is commonly used along with tuner devices.
'';
};
serverSettings = mkOption {
type = settingsFmt.type;
default = {};
@ -110,7 +131,7 @@ in
};
config = mkIf cfg.enable {
environment.systemPackages = [ mirakurun ];
environment.systemPackages = [ mirakurun ] ++ optional cfg.allowSmartCardAccess polkitRule;
environment.etc = {
"mirakurun/server.yml".source = settingsFmt.generate "server.yml" cfg.serverSettings;
"mirakurun/tuners.yml" = mkIf (cfg.tunerSettings != null) {