Skip to content

Commit

Permalink
Add ybikey passthrough
Browse files Browse the repository at this point in the history
Signed-off-by: Ivan Kuznetsov <[email protected]>
  • Loading branch information
jsvapiav committed Dec 16, 2024
1 parent 3686159 commit e5fff55
Show file tree
Hide file tree
Showing 3 changed files with 74 additions and 0 deletions.
9 changes: 9 additions & 0 deletions hardware/fmo-os-rugged-laptop-7330.nix
Original file line number Diff line number Diff line change
Expand Up @@ -397,6 +397,15 @@
vendorid = "1546";
productid = "01a9";
}
# Passthrough yubikeys
{bus = "usb"; vendorid = "1050"; productid = "0401"; }
{bus = "usb"; vendorid = "1050"; productid = "0402"; }
{bus = "usb"; vendorid = "1050"; productid = "0403"; }
{bus = "usb"; vendorid = "1050"; productid = "0404"; }
{bus = "usb"; vendorid = "1050"; productid = "0405"; }
{bus = "usb"; vendorid = "1050"; productid = "0406"; }
{bus = "usb"; vendorid = "1050"; productid = "0407"; }
{bus = "usb"; vendorid = "1050"; productid = "0116"; }
];
}; # services.fmo-dynamic-device-passthrough
fmo-dci = {
Expand Down
9 changes: 9 additions & 0 deletions hardware/fmo-os-rugged-tablet-7230.nix
Original file line number Diff line number Diff line change
Expand Up @@ -377,6 +377,15 @@
vendorid = "1546";
productid = "01a9";
}
# Passthrough yubikeys
{bus = "usb"; vendorid = "1050"; productid = "0401"; }
{bus = "usb"; vendorid = "1050"; productid = "0402"; }
{bus = "usb"; vendorid = "1050"; productid = "0403"; }
{bus = "usb"; vendorid = "1050"; productid = "0404"; }
{bus = "usb"; vendorid = "1050"; productid = "0405"; }
{bus = "usb"; vendorid = "1050"; productid = "0406"; }
{bus = "usb"; vendorid = "1050"; productid = "0407"; }
{bus = "usb"; vendorid = "1050"; productid = "0116"; }
];
}; # services.fmo-dynamic-device-passthrough
fmo-dci = {
Expand Down
56 changes: 56 additions & 0 deletions modules/fmo-dci-passthrough/default.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
# Copyright 2022-2024 TII (SSRC) and the Ghaf contributors
# SPDX-License-Identifier: Apache-2.0
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.services.fmo-dci-passthrough;
in {
options.services.fmo-dci-passthrough = {
enable = mkEnableOption "Docker Compose Infrastructure devices passthrough";

compose-path = mkOption {
type = types.str;
description = "Path to docker-compose's .yml file";
};
};

config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
docker-compose
];

dockerDevPassScript = pkgs.writeShellScriptBin "docker-dev-pass" ''
'';

udev = {
extraRules = ''
ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="1050", RUN+="/usr/local/bin/operation-yubikey.sh 'plugged' '%E{DEVNAME}' '%M' '%m' '%E{PRODUCT}'"
ACTION=="remove", SUBSYSTEM=="usb", RUN+="/usr/local/bin/operation-yubikey.sh 'unplugged' '%E{DEVNAME}' '%M' '%m' '%E{PRODUCT}'"
'';
};

systemd.services.fmo-dci-passthrough = {
script = ''
echo "Start docker-compose"
${pkgs.docker-compose}/bin/docker-compose -f $DCPATH up
'';

wantedBy = ["multi-user.target"];
# If you use podman
# after = ["podman.service" "podman.socket"];
# If you use docker
after = [
"docker.service"
"docker.socket"
"network-online.target"
];

# TODO: restart always
serviceConfig = {
Restart = lib.mkForce "always";
RestartSec = "30";
};
};
};
}

0 comments on commit e5fff55

Please sign in to comment.