From 04ede4bfee33c921477db9a752604d8939db4e55 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Sun, 1 Mar 2026 12:39:11 -0500 Subject: [PATCH] Add a role for loading esims onto standalone sim cards. --- nix/configuration/configuration.nix | 1 + nix/configuration/hosts/odo/default.nix | 1 + nix/configuration/hosts/quark/default.nix | 1 + nix/configuration/roles/esim/default.nix | 33 +++++ .../roles/esim/package/easylpac/CONTRIB | 1 + .../esim/package/easylpac/ci-registry.json | 120 ++++++++++++++++++ .../esim/package/easylpac/eum-registry.json | 88 +++++++++++++ .../roles/esim/package/easylpac/package.nix | 68 ++++++++++ nix/configuration/roles/network/default.nix | 1 + 9 files changed, 314 insertions(+) create mode 100644 nix/configuration/roles/esim/default.nix create mode 100644 nix/configuration/roles/esim/package/easylpac/CONTRIB create mode 100644 nix/configuration/roles/esim/package/easylpac/ci-registry.json create mode 100644 nix/configuration/roles/esim/package/easylpac/eum-registry.json create mode 100644 nix/configuration/roles/esim/package/easylpac/package.nix diff --git a/nix/configuration/configuration.nix b/nix/configuration/configuration.nix index 6491df9e..2bccc34d 100644 --- a/nix/configuration/configuration.nix +++ b/nix/configuration/configuration.nix @@ -28,6 +28,7 @@ ./roles/ecc ./roles/emacs ./roles/emulate_isa + ./roles/esim ./roles/firefox ./roles/firewall ./roles/flux diff --git a/nix/configuration/hosts/odo/default.nix b/nix/configuration/hosts/odo/default.nix index d1968349..9477bf8f 100644 --- a/nix/configuration/hosts/odo/default.nix +++ b/nix/configuration/hosts/odo/default.nix @@ -93,6 +93,7 @@ me.ecc.enable = false; me.emacs_flavor = "full"; me.emulate_isa.enable = true; + me.esim.enable = true; me.firefox.enable = true; me.firewall.enable = true; me.flux.enable = true; diff --git a/nix/configuration/hosts/quark/default.nix b/nix/configuration/hosts/quark/default.nix index 16184c84..e087e34a 100644 --- a/nix/configuration/hosts/quark/default.nix +++ b/nix/configuration/hosts/quark/default.nix @@ -87,6 +87,7 @@ me.ecc.enable = true; me.emacs_flavor = "full"; me.emulate_isa.enable = true; + me.esim.enable = true; me.firefox.enable = true; me.firewall.enable = true; me.flux.enable = true; diff --git a/nix/configuration/roles/esim/default.nix b/nix/configuration/roles/esim/default.nix new file mode 100644 index 00000000..9e5e3a03 --- /dev/null +++ b/nix/configuration/roles/esim/default.nix @@ -0,0 +1,33 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + imports = [ ]; + + options.me = { + esim.enable = lib.mkOption { + type = lib.types.bool; + default = false; + example = true; + description = "Whether we want to install esim."; + }; + }; + + config = lib.mkIf (config.me.esim.enable && config.me.graphical) { + environment.systemPackages = with pkgs; [ + easylpac + zbar # To decode qrcodes via `zbarimg ` + ]; + + nixpkgs.overlays = [ + (final: prev: { + easylpac = (final.callPackage ./package/easylpac/package.nix { }); + }) + ]; + + }; +} diff --git a/nix/configuration/roles/esim/package/easylpac/CONTRIB b/nix/configuration/roles/esim/package/easylpac/CONTRIB new file mode 100644 index 00000000..942a4e03 --- /dev/null +++ b/nix/configuration/roles/esim/package/easylpac/CONTRIB @@ -0,0 +1 @@ +Package from https://github.com/nix-community/nur-combined/blob/main/repos/linyinfeng/pkgs/easylpac/default.nix diff --git a/nix/configuration/roles/esim/package/easylpac/ci-registry.json b/nix/configuration/roles/esim/package/easylpac/ci-registry.json new file mode 100644 index 00000000..c06daa3c --- /dev/null +++ b/nix/configuration/roles/esim/package/easylpac/ci-registry.json @@ -0,0 +1,120 @@ +[ + { + "key-id": "81370f", + "name": "GSM Association - RSP2 Root CI1", + "crls": ["http://gsma-crl.symauth.com/offlineca/gsma-rsp2-root-ci1.crl"] + }, + { + "key-id": "d7a7d0", + "name": "GSM Association - M2M31 Root CI2" + }, + { + "key-id": "4c2796", + "name": "OISITE GSMA CI G1", + "crls": ["http://public.wisekey.com/crl/ogsmacig1.crl"] + }, + { + "key-id": "665a14", + "name": "Symantec RSP Test Root CA", + "crls": ["http://pki-crl.symauth.com/ca_a3dc2e3fea7708a11c889386d9d3a76f/LatestCRL.crl"] + }, + { + "key-id": "f54172", + "name": "GSMA Test CI (SGP.26 v1)" + }, + { + "key-id": "c0bc70", + "name": "GSMA Test CI (SGP.26 v1, BRP P256r1)" + }, + { + "key-id": "34eecf", + "name": "Test CI (SGP.26 v3)" + }, + { + "key-id": "2209f6", + "name": "Test CI (SGP.26 v3, BRP P256r1)" + }, + { + "key-id": "148030", + "country": "CN", + "name": "Taier eSIM Root CA", + "crls": ["http://111.204.176.254:18889/download/n1.crl", "http://111.204.176.254:18889/download/n2.crl"] + }, + { + "key-id": "16b5d1", + "country": "CN", + "name": "MNO: China Unicom" + }, + { + "key-id": "7c0e54", + "country": "CN", + "name": "MNO: China Unicom" + }, + { + "key-id": "3bd3f5", + "country": "CN", + "name": "MNO: China Unicom" + }, + { + "key-id": "cdf6d1", + "country": "CN", + "name": "MNO: China Mobile" + }, + { + "key-id": "d3ef83", + "country": "CN", + "name": "MNO: China Telecom", + "crls": ["http://crl.cnca.net/esim/ccs/a.crl", "http://crl.cnca.net/esim/ccs/b.crl"] + }, + { + "key-id": "4eb94e", + "country": "CN", + "name": "MNO: China Telecom" + }, + { + "key-id": "b70ba4", + "country": "GB", + "name": "Truphone SAS-UP CA" + }, + { + "key-id": "73fca0", + "country": "CN", + "name": "Redtea Mobile CI" + }, + { + "key-id": "ea53ad", + "country": "DE", + "name": "SubMan V4.2 CI" + }, + { + "key-id": "96524c", + "country": "DE", + "name": "SubMan V4.2 CI" + }, + { + "key-id": "b60f0b", + "country": "DE", + "name": "SubMan V4.2 CI Google Pixel" + }, + { + "key-id": "cd6e60", + "country": "FR", + "name": "MC4 OT ROOT CI v1" + }, + { + "key-id": "066d48", + "country": "FR", + "name": "MC4 CI TEST v2" + }, + { + "key-id": "16704b", + "country": "US", + "name": "Entrust eSIM CA", + "crls": ["http://crl.entrust.net/entesimca.crl"] + }, + { + "key-id": "77f0bd", + "country": "FR", + "name": "Gemalto CE CI" + } +] diff --git a/nix/configuration/roles/esim/package/easylpac/eum-registry.json b/nix/configuration/roles/esim/package/easylpac/eum-registry.json new file mode 100644 index 00000000..1c77e722 --- /dev/null +++ b/nix/configuration/roles/esim/package/easylpac/eum-registry.json @@ -0,0 +1,88 @@ +[ + { + "eum": "35060000", + "country": "CN", + "manufacturer": "HED" + }, + { + "eum": "35840574", + "country": "CN", + "manufacturer": "Beijing Watchdata", + "accreditations": ["WD-BG"] + }, + { + "eum": "89033023", + "country": "FR", + "manufacturer": "Thales", + "accreditations": ["GO-CA", "GO-PA", "GO-SI", "TS-CA", "TS-ME", "TS-NA", "TS-PA", "TS-SI"] + }, + { + "eum": "89033024", + "country": "FR", + "manufacturer": "IDEMIA", + "accreditations": ["IA-FK", "IA-VE", "ID-NA", "ID-SN", "OR-SN"] + }, + { + "eum": "89034011", + "country": "ES", + "manufacturer": "Valid", + "accreditations": ["VD-MD", "VD-SU"] + }, + { + "eum": "89041030", + "country": "CH", + "manufacturer": "STM", + "accreditations": ["SM-CA", "SM-CT"] + }, + { + "eum": "89043051", + "country": "AT", + "manufacturer": "NXP", + "accreditations": ["NP-HG", "NP-KG", "NP-TN"] + }, + { + "eum": "89043052", + "country": "AT", + "manufacturer": "NXP" + }, + { + "eum": "89044045", + "country": "GB", + "manufacturer": "Kigen", + "accreditations": ["KN-DN", "KN-NA"] + }, + { + "eum": "89044047", + "country": "GB", + "manufacturer": "Truphone" + }, + { + "eum": "89049032", + "country": "DE", + "manufacturer": "G+D", + "accreditations": ["GD-BA", "GD-CI", "GD-MM", "GD-NG"] + }, + { + "eum": "89049038", + "country": "DE", + "manufacturer": "G+D" + }, + { + "eum": "89086001", + "country": "CN", + "manufacturer": "Hengbao", + "accreditations": ["HO-DG"] + }, + { + "eum": "89086029", + "country": "CN", + "manufacturer": "Wuhan Tianyu", + "accreditations": ["WN-HI"] + }, + { + "eum": "89086030", + "country": "CN", + "manufacturer": "Eastcompeace", + "accreditations": ["ED-ZI"] + } +] \ No newline at end of file diff --git a/nix/configuration/roles/esim/package/easylpac/package.nix b/nix/configuration/roles/esim/package/easylpac/package.nix new file mode 100644 index 00000000..1eadb520 --- /dev/null +++ b/nix/configuration/roles/esim/package/easylpac/package.nix @@ -0,0 +1,68 @@ +{ + callPackage, + go, + buildGoModule, + fetchFromGitHub, + pkg-config, + gtk3, + libXxf86vm, + libglvnd, + glfw, + wrapGAppsHook3, + fontconfig, + lpac, + lib, +}: + +buildGoModule rec { + pname = "easylpac"; + version = "0.7.9.2"; + src = fetchFromGitHub { + owner = "creamlike1024"; + repo = "EasyLPAC"; + rev = version; + sha256 = "sha256-8VVR8QJR6SZEvdGls3kDU9l8SdFdUVnHm2qxUzgGJuU="; + }; + proxyVendor = true; + vendorHash = "sha256-tX7abWGn1f4p+7vx2gDa5/NKg5SbWqMfHT8kbPwHK14="; + + postConfigure = '' + cp --verbose "${./eum-registry.json}" eum-registry.json + cp --verbose "${./ci-registry.json}" ci-registry.json + ''; + + env.FONTCONFIG_FILE = "${fontconfig.out}/etc/fonts/fonts.conf"; + + nativeBuildInputs = [ + pkg-config + wrapGAppsHook3 + ]; + buildInputs = [ + gtk3 + libglvnd + libXxf86vm + ] + ++ glfw.buildInputs; + + postInstall = '' + ln -s "${lpac}/bin/lpac" "$out/bin/lpac" + ''; + + passthru = { + updateScriptEnabled = true; + updateScript = + let + script = callPackage ./update.nix { }; + in + [ "${script}/bin/update-easylpac" ]; + }; + + meta = with lib; { + description = "lpac GUI Frontend"; + homepage = "https://github.com/creamlike1024/EasyLPAC"; + mainProgram = "EasyLPAC"; + license = licenses.mit; + maintainers = with maintainers; [ yinfeng ]; + broken = !(lib.versionAtLeast go.version "1.24"); + }; +} diff --git a/nix/configuration/roles/network/default.nix b/nix/configuration/roles/network/default.nix index ff453ec4..27845a47 100644 --- a/nix/configuration/roles/network/default.nix +++ b/nix/configuration/roles/network/default.nix @@ -55,6 +55,7 @@ 10.216.1.15 quark 10.217.1.1 drmario 10.217.2.1 mrmanager + 172.16.16.245 turtle ''; networking.wireless.iwd = {