Merge pull request #293117 from SuperSandro2000/goldwarden

  ./programs/gnome-disks.nix

  ./programs/gnome-terminal.nix

  ./programs/gnupg.nix

  ./programs/goldwarden.nix

  ./programs/gpaste.nix

  ./programs/gphoto2.nix

  ./programs/haguichi.nix

{ lib, config, pkgs, ... }:

let

  cfg = config.programs.goldwarden;

in

{

  options.programs.goldwarden = {

    enable = lib.mkEnableOption "Goldwarden";

    package = lib.mkPackageOption pkgs "goldwarden" {};

    useSshAgent = lib.mkEnableOption "Goldwarden's SSH Agent" // { default = true; };

  };

  config = lib.mkIf cfg.enable {

    assertions = [{

       assertion = cfg.useSshAgent -> !config.programs.ssh.startAgent;

       message = "Only one ssh-agent can be used at a time.";

    }];

    environment = {

      etc = lib.mkIf config.programs.chromium.enable {

        "chromium/native-messaging-hosts/com.8bit.bitwarden.json".source = "${cfg.package}/etc/chromium/native-messaging-hosts/com.8bit.bitwarden.json";

        "opt/chrome/native-messaging-hosts/com.8bit.bitwarden.json".source = "${cfg.package}/etc/chrome/native-messaging-hosts/com.8bit.bitwarden.json";

      };

      extraInit = lib.mkIf cfg.useSshAgent ''

        if [ -z "$SSH_AUTH_SOCK" -a -n "$HOME" ]; then

          export SSH_AUTH_SOCK="$HOME/.goldwarden-ssh-agent.sock"

        fi

      '';

      systemPackages = [

        # for cli and polkit action

        cfg.package

        # binary exec's into pinentry which should match the DE

        config.programs.gnupg.agent.pinentryPackage

      ];

    };

    programs.firefox.nativeMessagingHosts.packages = [ cfg.package ];

    # see https://github.com/quexten/goldwarden/blob/main/cmd/goldwarden.service

    systemd.user.services.goldwarden = {

      description = "Goldwarden daemon";

      wantedBy = [ "graphical-session.target" ];

      after = [ "graphical-session.target" ];

      serviceConfig.ExecStart = "${lib.getExe cfg.package} daemonize";

      path = [ config.programs.gnupg.agent.pinentryPackage ];

      unitConfig.ConditionUser = "!@system";

    };

  };

}

{ lib

, buildGoModule

, fetchFromGitHub

, makeBinaryWrapper

, fetchpatch

, gobject-introspection

, gtk4

, libadwaita

, libfido2

, dbus

, pinentry-gnome3

, nix-update-script

, libnotify

, python3

, wrapGAppsHook

}:

buildGoModule rec {

  pname = "goldwarden";

  version = "0.2.13";

  version = "0.2.13-unstable-2024-03-14";

  src = fetchFromGitHub {

    owner = "quexten";

    repo = "goldwarden";

    rev = "v${version}";

    hash = "sha256-4KxPtsIEW46p+cFx6yeSdNlsffy9U31k+ZSkE6V0AFc=";

    rev = "d6e1cd263365611e520a2ef6c7847c9da19362f1";

    hash = "sha256-IItKOmE0xHKO2u5jp7R20/T2eSvQ3QCxlzp6R4oiqf8=";

  };

  patches = [

    (fetchpatch {

      url = "https://github.com/quexten/goldwarden/pull/140/commits/c134a0e61d51079c44865f68ab65cfb3aea6f8f2.patch";

      hash = "sha256-nClC/FYq3muXMeYXln+VVGUhanqElEgJRosWeSTNlmM=";

    })

    (fetchpatch {

      url = "https://github.com/quexten/goldwarden/pull/140/commits/86d4f907fba241fd66d0fb3c109c0281a9766bb4.patch";

      hash = "sha256-A8PBzfyd2blFIjCeO4xOVJMQjnEPwtK4wTcRcfsjyDk=";

    })

  ];

  postPatch = ''

    substituteInPlace browserbiometrics/chrome-com.8bit.bitwarden.json browserbiometrics/mozilla-com.8bit.bitwarden.json \

      --replace-fail "@PATH@" "$out/bin/goldwarden"

    substituteInPlace gui/com.quexten.Goldwarden.desktop \

      --replace-fail "Exec=goldwarden_ui_main.py" "Exec=$out/bin/goldwarden-gui"

    substituteInPlace gui/src/gui/browserbiometrics.py \

      --replace-fail "flatpak run --filesystem=home --command=goldwarden com.quexten.Goldwarden" "goldwarden"

    substituteInPlace gui/src/gui/ssh.py \

      --replace-fail "flatpak run --command=goldwarden com.quexten.Goldwarden" "goldwarden" \

      --replace-fail 'SSH_AUTH_SOCK=/home/$USER/.var/app/com.quexten.Goldwarden/data/ssh-auth-sock' 'SSH_AUTH_SOCK=/home/$USER/.goldwarden-ssh-agent.sock'

    substituteInPlace gui/src/{linux/main.py,linux/monitors/dbus_monitor.py,gui/settings.py} \

      --replace-fail "python3" "${(python3.buildEnv.override { extraLibs = pythonPath; }).interpreter}"

  '';

  vendorHash = "sha256-IH0p7t1qInA9rNYv6ekxDN/BT5Kguhh4cZfmL+iqwVU=";

  ldflags = [ "-s" "-w" ];

  nativeBuildInputs = [makeBinaryWrapper];

  nativeBuildInputs = [

    gobject-introspection

    python3.pkgs.wrapPython

    wrapGAppsHook

  ];

  buildInputs = [libfido2];

  buildInputs = [

    gtk4

    libadwaita

    libfido2

    libnotify

  ];

  pythonPath = with python3.pkgs; [

    dbus-python

    pygobject3

    tendo

  ];

  postInstall = ''

    wrapProgram $out/bin/goldwarden \

      --suffix PATH : ${lib.makeBinPath [dbus pinentry-gnome3]}

    chmod +x gui/goldwarden_ui_main.py

    ln -s $out/share/goldwarden/goldwarden_ui_main.py $out/bin/goldwarden-gui

    mkdir -p $out/share/goldwarden

    cp -r gui/* $out/share/goldwarden/

    rm $out/share/goldwarden/{com.quexten.Goldwarden.desktop,com.quexten.Goldwarden.metainfo.xml,goldwarden.svg,python3-requirements.json,requirements.txt}

    install -D gui/com.quexten.Goldwarden.desktop -t $out/share/applications

    install -D gui/goldwarden.svg -t $out/share/icons/hicolor/scalable/apps

    install -Dm644 gui/com.quexten.Goldwarden.metainfo.xml -t $out/share/metainfo

    install -Dm644 resources/com.quexten.goldwarden.policy -t $out/share/polkit-1/actions

    install -Dm644 $src/resources/com.quexten.goldwarden.policy -t $out/share/polkit-1/actions

    install -D browserbiometrics/chrome-com.8bit.bitwarden.json $out/etc/chrome/native-messaging-hosts/com.8bit.bitwarden.json

    install -D browserbiometrics/chrome-com.8bit.bitwarden.json $out/etc/chromium/native-messaging-hosts/com.8bit.bitwarden.json

    install -D browserbiometrics/chrome-com.8bit.bitwarden.json $out/etc/edge/native-messaging-hosts/com.8bit.bitwarden.json

    install -D browserbiometrics/mozilla-com.8bit.bitwarden.json $out/lib/mozilla/native-messaging-hosts/com.8bit.bitwarden.json

  '';

  passthru.updateScript = nix-update-script {};

  dontWrapGApps = true;

  postFixup = ''

    makeWrapperArgs+=("''${gappsWrapperArgs[@]}")

    wrapPythonProgramsIn $out/share/goldwarden "$out/share/goldwarden $pythonPath"

  '';

  meta = with lib; {

    description = "A feature-packed Bitwarden compatible desktop integration";

    description = "Feature-packed Bitwarden compatible desktop integration";

    homepage = "https://github.com/quexten/goldwarden";

    license = licenses.mit;

    maintainers = with maintainers; [ arthsmn ];

{ lib

, buildPythonPackage

, fetchFromGitHub

, pytestCheckHook

, setuptools

, setuptools-scm

}:

buildPythonPackage rec {

  pname = "tendo";

  version = "0.4.0";

  pyproject = true;

  src = fetchFromGitHub {

    owner = "pycontribs";

    repo = "tendo";

    rev = "refs/tags/v${version}";

    hash = "sha256-ZOozMGxAKcEtmUEzHCFSojKc+9Ha+T2MOTmMvdMqNuQ=";

  };

  postPatch = ''

    # marken broken and not required

    sed -i '/setuptools_scm_git_archive/d' pyproject.toml

    # unused

    substituteInPlace setup.cfg \

      --replace-fail "six" ""

  '';

  nativeBuildInputs = [

    setuptools

    setuptools-scm

  ];

  nativeCheckInputs = [

    pytestCheckHook

  ];

  pythonImportsCheck = [

    "tendo"

  ];

  meta = with lib; {

    description = "Adds basic functionality that is not provided by Python";

    homepage = "https://github.com/pycontribs/tendo";

    changelog = "https://github.com/pycontribs/tendo/releases/tag/v${version}";

    license = licenses.psfl;

    maintainers = with maintainers; [ SuperSandro2000 ];

  };

}

  tencentcloud-sdk-python = callPackage ../development/python-modules/tencentcloud-sdk-python { };

  tendo = callPackage ../development/python-modules/tendo { };

  tensorboard-data-server = callPackage ../development/python-modules/tensorboard-data-server { };

  tensorboard-plugin-profile = callPackage ../development/python-modules/tensorboard-plugin-profile { };