Add 'trivionomicon/' from commit 'c651b8c4706cfc750303db12ae19e58164a6bebb'

git-subtree-dir: trivionomicon
git-subtree-mainline: 02d3ab9583983e823909020c34b9d5a6894fb773
git-subtree-split: c651b8c4706cfc750303db12ae19e58164a6bebb

1 files changed, 35 insertions, 0 deletions

diff --git a/trivionomicon/modules/athena-bccr/sys.nix b/trivionomicon/modules/athena-bccr/sys.nix
new file mode 100644
index 0000000..631185d
--- /dev/null
+++ b/trivionomicon/modules/athena-bccr/sys.nix
@@ -0,0 +1,35 @@
+{
+  pkgs,
+  lib,
+  cfg,
+  doctrine,
+  ...
+}: let
+  athena = pkgs.${doctrine.prefix}.athena-bccr.${cfg.release};
+in {
+  environment = {
+    etc = {
+      "Athena".source = "${athena.ase-pkcs11}/etc/Athena";
+
+      "pkcs11/modules/asep11".text = ''
+        module: ${athena.libasep11}
+      '';
+    };
+
+    systemPackages = [athena.ase-pkcs11];
+  };
+
+  #FIXME: Extremadamente peligroso si BCCR o MICITT caen, investigar política nacional de root CA
+  security.pki.certificateFiles = ["${athena.bccr-cacerts}/root-ca.pem"];
+
+  services = {
+    pcscd.enable = true;
+
+    udev.extraRules = ''
+      # Athena Smartcard Solutions, Inc. ASEDrive V3CR
+      ATTRS{idVendor}=="0dc3", ATTRS{idProduct}=="1004", MODE="660", GROUP="${cfg.group}", TAG+="uaccess"
+    '';
+  };
+
+  users.groups.${cfg.group} = {};
+}