summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlejandro Soto <alejandro@34project.org>2025-07-13 01:51:00 -0600
committerAlejandro Soto <alejandro@34project.org>2025-07-13 01:51:00 -0600
commit9d01e6dd2213dccd566c6204bd81465d3da68e46 (patch)
tree6fb0df81001b9fec00de20475b47f3e38e92a781
parent863aaa665b18175909d27d853db9e65fcec06677 (diff)
pkgs/athena-bccr: fix gaudi support
Diffstat (limited to '')
-rw-r--r--home/environ/path.nix1
-rw-r--r--pkgs/athena-bccr/LaunchGaudi.java8
-rw-r--r--pkgs/athena-bccr/default.nix16
-rw-r--r--pkgs/athena-bccr/fhs-env.nix12
-rw-r--r--pkgs/athena-bccr/gaudi-env.nix63
-rw-r--r--pkgs/athena-bccr/unwrapped.nix111
6 files changed, 176 insertions, 35 deletions
diff --git a/home/environ/path.nix b/home/environ/path.nix
index a84ea8a..6603d26 100644
--- a/home/environ/path.nix
+++ b/home/environ/path.nix
@@ -14,6 +14,7 @@ in
pkgs.gcc
pkgs.gnome-screenshot
(pkgs.gajim.overrideAttrs (super: { buildInputs = super.buildInputs ++ [ pkgs.gsound ]; }))
+ (pkgs.local.athena-bccr.latest.gaudi.override { gaudiHash = "sha256-X6Dl3u4WjsuUJC5xq/9EiGY7zcO64NeU3bjVgcj82vE="; })
pkgs.gnucash
pkgs.gruvbox-dark-icons-gtk
pkgs.hack-font
diff --git a/pkgs/athena-bccr/LaunchGaudi.java b/pkgs/athena-bccr/LaunchGaudi.java
index 5457086..e4bcdbf 100644
--- a/pkgs/athena-bccr/LaunchGaudi.java
+++ b/pkgs/athena-bccr/LaunchGaudi.java
@@ -5,14 +5,8 @@
// demasiada pereza arreglarlo, así que en su lugar usamos este stub para
// launchear Gaudi.
-import InicializadorCliente.Inicializador;
-
public class LaunchGaudi {
public static void main(String[] args) {
- // new Inicializador(0);
-
- j.e log = new j.e();
- System.setProperty("log_dir", log.a());
- Tray.ConsolaControlador.Instancia().run();
+ new InicializadorCliente.Inicializador("");
}
}
diff --git a/pkgs/athena-bccr/default.nix b/pkgs/athena-bccr/default.nix
index 16e2e36..cda0b62 100644
--- a/pkgs/athena-bccr/default.nix
+++ b/pkgs/athena-bccr/default.nix
@@ -5,18 +5,26 @@ let
latest = "deb64-rev26";
releases = lib.mapAttrs (name: release: release // { name = name; }) (import ./releases.nix);
- unwrappedFor = release: lib.mapAttrs (_: pkg: callPackage pkg { }) (callPackage ./unwrapped.nix { inherit release; });
+
+ overrideUnwrapped = default: new:
+ let
+ args = default // new;
+ unwrappedPkgs = lib.filterAttrs (name: _: ! lib.elem name [ "override" "overrideDerivation" ]) (callPackage ./unwrapped.nix args);
+ in
+ lib.fix (unwrapped: lib.mapAttrs (_: pkg: callPackage pkg unwrapped) unwrappedPkgs) // {
+ override = overrideUnwrapped args;
+ };
pkgsForRelease = release:
let
libasep11 = "${unwrapped.ase-idprotect}/lib/x64-athena/libASEP11.so";
- unwrapped = unwrappedFor release;
+ unwrapped = overrideUnwrapped { inherit release; } { };
in
{
inherit libasep11;
- inherit (unwrapped) ase-idprotect;
+ inherit (unwrapped) ase-idprotect bccr-cacerts;
- shell = callPackage ./fhs-env.nix { inherit unwrapped; };
+ gaudi = callPackage ./gaudi-env.nix { inherit unwrapped; };
firmador = callPackage ./firmador.nix { inherit libasep11; };
};
in
diff --git a/pkgs/athena-bccr/fhs-env.nix b/pkgs/athena-bccr/fhs-env.nix
deleted file mode 100644
index a9bbf90..0000000
--- a/pkgs/athena-bccr/fhs-env.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ buildFHSEnv
-
-, unwrapped
-}:
-buildFHSEnv {
- name = "athena-bccr";
-
- targetPkgs = pkgs: [
- unwrapped.ase-idprotect
- unwrapped.gaudi
- ];
-}
diff --git a/pkgs/athena-bccr/gaudi-env.nix b/pkgs/athena-bccr/gaudi-env.nix
new file mode 100644
index 0000000..0b98e08
--- /dev/null
+++ b/pkgs/athena-bccr/gaudi-env.nix
@@ -0,0 +1,63 @@
+{ buildFHSEnv
+, curl
+, lib
+, writeShellScriptBin
+
+, gaudiHash ? null
+, unwrapped
+}:
+let
+ unwrappedWithGaudi = unwrapped.override { inherit gaudiHash; };
+in
+buildFHSEnv {
+ name = "gaudi";
+
+ targetPkgs = pkgs: [
+ unwrappedWithGaudi.ase-idprotect
+ unwrappedWithGaudi.gaudi
+
+ (writeShellScriptBin "launch-gaudi" ''
+ set -o errexit
+ set -o pipefail
+ set -o nounset
+
+ PATH="${lib.makeBinPath [ curl ]}:$PATH"
+
+ echo "$0: testing for incompatible releases..." >&2
+
+ jar_name=bccr-firma-fva-clienteMultiplataforma.jar
+ url="https://www.firmadigital.go.cr/Bccr.Firma.Fva.Actualizador.ClienteFirmadorJava//recursosLiberica17/actualizador/$jar_name"
+ ca_file="${unwrappedWithGaudi.bccr-cacerts}/root-ca.pem"
+ url_hash=$(curl -sS --cacert "$ca_file" "$url" | sha256sum | cut -d' ' -f1)
+ jar_path="${unwrappedWithGaudi.gaudi}/share/java/$jar_name"
+ jar_hash=$(sha256sum "$jar_path" | cut -d' ' -f1)
+
+ if [ "$url_hash" != "$jar_hash" ]; then
+ last_modified=$(curl -sS --head --cacert "$ca_file" "$url" | grep -i '^last-modified:' | head -1)
+
+ echo "$0: sha256 mismatch for $jar_path due to server-side update" >&2
+ echo "$0: expected: $url_hash" >&2
+ echo "$0: actual: $jar_hash" >&2
+ echo "$0: $last_modified" >&2
+ echo "$0: run the following to download the new client JAR, then update your derivation:" >&2
+ echo "$0: \$ ${unwrappedWithGaudi.update-gaudi}" >&2
+
+ exit 1
+ fi
+
+ cache_path_1="''${XDG_CACHE_HOME:-$HOME/.cache}/Agente-GAUDI"
+ cache_path_2="''${XDG_CACHE_HOME:-$HOME/.cache}/Firmador-BCCR"
+
+ for cache_path in "$cache_path_1" "$cache_path_2"; do
+ mkdir -p "$cache_path"
+ ln -sf -- ${unwrappedWithGaudi.gaudi}/share/java/bccr-firma-fva-clienteMultiplataforma.jar "$cache_path"
+ done
+
+ cp -f --no-preserve=mode -t "$cache_path_1" -- "${unwrappedWithGaudi.gaudi}/share/java/config.properties"
+
+ exec gaudi
+ '')
+ ];
+
+ runScript = "launch-gaudi";
+}
diff --git a/pkgs/athena-bccr/unwrapped.nix b/pkgs/athena-bccr/unwrapped.nix
index 244bebc..200e998 100644
--- a/pkgs/athena-bccr/unwrapped.nix
+++ b/pkgs/athena-bccr/unwrapped.nix
@@ -1,28 +1,40 @@
{ lib
+, requireFile
, release
+, gaudiHash ? null
+, ...
}:
let
inherit (release) srcPaths;
- moduleFromDeb = name: args@{ stdenv, dpkg, requireFile, unzip, srcPath, ... }:
+ src = requireFile {
+ url = "https://soportefirmadigital.com";
+ name = "${release.basename}.zip";
+
+ inherit (release) hash;
+ };
+
+ gaudiUpdateSrc = { update-gaudi }: requireFile {
+ url = "${update-gaudi}";
+ name = "gaudi-update-${release.name}.zip";
+
+ hash = gaudiHash;
+ };
+
+ moduleFromDeb = name: args@{ stdenv, dpkg, unzip, srcPath, ... }:
stdenv.mkDerivation ({
pname = "${name}-unwrapped";
version = release.name;
- src = requireFile {
- url = "https://soportefirmadigital.com";
- name = "${release.basename}.zip";
-
- inherit (release) hash;
- };
+ inherit src;
nativeBuildInputs = [ dpkg unzip ] ++ (args.nativeBuildInputs or [ ]);
postUnpack = ''
dpkg -x ${lib.escapeShellArg "${release.basename}/${srcPath}"} ${lib.escapeShellArg release.basename}
'';
- } // lib.removeAttrs args [ "stdenv" "dpkg" "requireFile" "unzip" "srcPath" "nativeBuildInputs" ]);
+ } // lib.removeAttrs args [ "stdenv" "dpkg" "unzip" "srcPath" "nativeBuildInputs" ]);
in
{
ase-idprotect =
@@ -31,14 +43,14 @@ in
, fontconfig
, freetype
, pcsclite
- , requireFile
, stdenv
, unzip
, xorg
, zlib
+ , ...
}:
moduleFromDeb "ase-idprotect" {
- inherit dpkg requireFile stdenv unzip;
+ inherit dpkg stdenv unzip;
srcPath = srcPaths.idprotect;
buildInputs = [
@@ -76,20 +88,25 @@ in
, dpkg
, makeWrapper
, openjdk
- , requireFile
+ , pkgs
, stdenv
, unzip
, writeShellScriptBin
+
+ , update-gaudi
+ , ...
}:
let
jdk = openjdk.override {
enableJavaFX = true;
+ openjfx_jdk = pkgs."openjfx${lib.head (lib.splitString "." openjdk.version)}".override { withWebKit = true; };
};
fakeSudo = writeShellScriptBin "sudo" "";
+ gaudiUpdate = gaudiUpdateSrc { inherit update-gaudi; };
in
moduleFromDeb "gaudi" {
- inherit dpkg requireFile stdenv unzip;
+ inherit dpkg stdenv unzip;
srcPath = srcPaths.gaudi;
nativeBuildInputs = [
@@ -98,7 +115,13 @@ in
makeWrapper
];
+ preBuild = lib.optionalString (gaudiHash != null) ''
+ unzip -o ${gaudiUpdate} -d opt/Agente-GAUDI/lib/app
+ '';
+
buildPhase = ''
+ runHook preBuild
+
install -m755 -d $out/{bin,opt/Firmador-BCCR/lib}
cp -r opt/Agente-GAUDI/lib/app $out/opt/Firmador-BCCR/lib/app
@@ -109,6 +132,8 @@ in
-cp opt/Agente-GAUDI/lib/app/bccr-firma-fva-clienteMultiplataforma.jar \
-d $out/opt/Firmador-BCCR/lib/app \
LaunchGaudi.java
+
+ runHook postBuild
'';
installPhase = ''
@@ -131,4 +156,66 @@ in
runHook postInstall
'';
};
+
+ bccr-cacerts =
+ { openssl
+ , stdenv
+ , unzip
+ , ...
+ }:
+ stdenv.mkDerivation {
+ pname = "bccr-cacerts";
+ version = release.name;
+
+ inherit src;
+
+ nativeBuildInputs = [
+ openssl
+ unzip
+ ];
+
+ installPhase = ''
+ cp -r Firma\ Digital/Certificados $out
+ openssl x509 -in $out/CA\ RAIZ\ NACIONAL\ -\ COSTA\ RICA\ v2.crt -out $out/root-ca.pem -text
+ '';
+ };
+
+ update-gaudi =
+ { wget
+ , writeShellScript
+ , zip
+
+ , bccr-cacerts
+ , ...
+ }:
+ writeShellScript "update-gaudi" ''
+ set -o errexit
+ set -o pipefail
+ set -o nounset
+
+ temp_dir="$(mktemp -d)"
+ trap 'cd / && rm -rf -- "$temp_dir"' EXIT
+ cd "$temp_dir"
+
+ PATH="${lib.makeBinPath [ wget zip ]}:$PATH"
+ ca_cert="${bccr-cacerts}/root-ca.pem"
+ base_url="https://www.firmadigital.go.cr/Bccr.Firma.Fva.Actualizador.ClienteFirmadorJava//recursosLiberica17/actualizador"
+
+ wget --ca-certificate="$ca_cert" "$base_url/bccr.cacerts"
+ wget --ca-certificate="$ca_cert" "$base_url/config.properties"
+ wget --ca-certificate="$ca_cert" "$base_url/bccr-firma-fva-clienteMultiplataforma.jar"
+ wget --ca-certificate="$ca_cert" "$base_url/ServicioActualizadorClienteBCCR.jar"
+
+ # https://gist.github.com/stokito/c588b8d6a6a0aee211393d68eea678f2
+ TZ=UTC find . -exec touch --no-dereference -a -m -t 198002010000.00 {} +
+ zip_path="$PWD/gaudi-update-${release.name}.zip"
+ TZ=UTC zip -q --move --recurse-paths --symlinks -X "$zip_path" .
+ TZ=UTC touch -a -m -t 198002010000.00 "$zip_path"
+
+ set -x
+ nix-store --add-fixed sha256 "$zip_path"
+ set +x
+
+ echo -e "\ngaudiHash: $(nix-hash --to-sri --type sha256 $(sha256sum "$zip_path" | cut -d' ' -f1))"
+ '';
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-10 16:52:39 +0000