aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/flake.nix
diff options
context:
space:
mode:
authorManuel Thalmann <m@nuth.ch>2024-05-03 01:59:18 +0200
committerManuel Thalmann <m@nuth.ch>2024-05-03 01:59:18 +0200
commit21eb55c899b601fd0fa2a92a4c8d16d0d107ec1b (patch)
tree738de25bd2ca849a52960b6c07643d735aa3db1a /flake.nix
parentMerge pull request #431 from drduh/wip-29mar24 (diff)
downloadYubiKey-Guide-21eb55c899b601fd0fa2a92a4c8d16d0d107ec1b.tar.gz
Include the diceware web app
Diffstat (limited to '')
-rw-r--r--flake.nix61
1 files changed, 61 insertions, 0 deletions
diff --git a/flake.nix b/flake.nix
index 789b70f..e60b3e1 100644
--- a/flake.nix
+++ b/flake.nix
@@ -29,6 +29,8 @@
sed '/pinentry-program/d' ${drduhConfig}/gpg-agent.conf > $out
echo "pinentry-program ${pkgs.pinentry.curses}/bin/pinentry" >> $out
'';
+ dicewareAddress = "localhost";
+ dicewarePort = 8080;
viewYubikeyGuide = pkgs.writeShellScriptBin "view-yubikey-guide" ''
viewer="$(type -P xdg-open || true)"
if [ -z "$viewer" ]; then
@@ -49,6 +51,38 @@
name = "yubikey-guide";
paths = [viewYubikeyGuide shortcut];
};
+ dicewareScript = pkgs.writeShellScriptBin "diceware-webapp" ''
+ viewer="$(type -P xdg-open || true)"
+ if [ -z "$viewer" ]; then
+ viewer="firefox"
+ fi
+ exec $viewer "http://"${lib.escapeShellArg dicewareAddress}":${toString dicewarePort}/index.html"
+ '';
+ dicewarePage = pkgs.stdenv.mkDerivation {
+ name = "diceware-page";
+ src = pkgs.fetchFromGitHub {
+ owner = "grempe";
+ repo = "diceware";
+ rev = "9ef886a2a9699f73ae414e35755fd2edd69983c8";
+ sha256 = "44rpK8svPoKx/e/5aj0DpEfDbKuNjroKT4XUBpiOw2g=";
+ };
+ patches = [
+ # Include changes published on https://secure.research.vt.edu/diceware/
+ ./diceware-vt.patch
+ ];
+ buildPhase = ''
+ cp -a . $out
+ '';
+ };
+ dicewareWebApp = pkgs.makeDesktopItem {
+ name = "diceware";
+ icon = "${dicewarePage}/favicon.ico";
+ desktopName = "Diceware Passphrase Generator";
+ genericName = "Passphrase Generator";
+ comment = "Open the passphrase generator in a web browser";
+ categories = ["Utility"];
+ exec = "${dicewareScript}/bin/${dicewareScript.name}";
+ };
in {
isoImage = {
isoName = "yubikeyLive.iso";
@@ -87,9 +121,34 @@
};
};
};
+ # Host the `https://secure.research.vt.edu/diceware/` website offline
+ nginx = {
+ enable = true;
+ virtualHosts."diceware.local" = {
+ listen = [
+ {
+ addr = dicewareAddress;
+ port = dicewarePort;
+ }
+ ];
+ root = "${dicewarePage}";
+ };
+ };
};
programs = {
+ # Add firefox for running the diceware web app
+ firefox = {
+ enable = true;
+ preferences = {
+ # Disable data reporting confirmation dialogue
+ "datareporting.policy.dataSubmissionEnabled" = false;
+ # Disable welcome tab
+ "browser.aboutwelcome.enabled" = false;
+ };
+ # Make preferences appear as user-defined values
+ preferencesStatus = "user";
+ };
ssh.startAgent = false;
gnupg.agent = {
enable = true;
@@ -138,6 +197,7 @@
# Password generation tools
diceware
+ dicewareWebApp
pwgen
# Might be useful beyond the scope of the guide
@@ -194,6 +254,7 @@
cp -R ${self}/contrib/* ${homeDir}
ln -sf ${yubikeyGuide}/share/applications/yubikey-guide.desktop ${desktopDir}
+ ln -sf ${dicewareWebApp}/share/applications/${dicewareWebApp.name} ${desktopDir}
ln -sfT ${self} ${documentsDir}/YubiKey-Guide
'';
system.stateVersion = "23.11";