buffybox: 3.2.0-unstable-2024-10-05 -> 3.2.0-unstable-2024-11-10

modules/services/buffyboard.nix

@@ -81,49 +81,6 @@ in
       # we need only a single buffyboard instance and it can input to any tty
       wantedBy = [ "getty.target" ];
       before = [ "getty.target" ];
-
-      # TODO(2024-10-25): remove once !34 is merged <https://gitlab.postmarketos.org/postmarketOS/buffybox/-/merge_requests/34>
-      # serviceConfig.Type = "simple";
-      # serviceConfig.ExecStart = "${lib.getExe' cfg.package "buffyboard"} ${lib.escapeShellArgs cfg.extraFlags}";
-      # serviceConfig.Restart = "on-failure";
-      # serviceConfig.RestartSec = "2s";
-
-      # # hardening
-      # # serviceConfig.AmbientCapabilities = "";  #< extraneous, with CapabilityBoundingSet
-      # serviceConfig.CapabilityBoundingSet = "";
-      # serviceConfig.MemoryDenyWriteExecute = true;
-      # serviceConfig.NoNewPrivileges = true;
-      # serviceConfig.LockPersonality = true;
-      # serviceConfig.RestrictSUIDSGID = true;
-      # serviceConfig.PrivateMounts = true;
-      # serviceConfig.PrivateTmp = true;
-      # serviceConfig.PrivateUsers = true;
-      # serviceConfig.ProtectClock = true;
-      # serviceConfig.ProtectControlGroups = true;
-      # serviceConfig.ProtectHome = true;
-      # serviceConfig.ProtectKernelModules = true;
-      # serviceConfig.ProtectHostname = true;
-      # serviceConfig.ProtectKernelLogs = true;
-      # serviceConfig.ProtectKernelTunables = true;
-      # serviceConfig.RemoveIPC = true;
-      # serviceConfig.ProtectSystem = "strict";
-      # serviceConfig.RestrictAddressFamilies = "AF_NETLINK";  #< AF_NETLINK required to access udev
-      # serviceConfig.SystemCallArchitectures = "native";
-      # serviceConfig.SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];
-      # serviceConfig.DevicePolicy = "closed";
-      # serviceConfig.DeviceAllow = [
-      #   "/dev/uinput rw"
-      #   "char-fb rw"
-      #   "char-input rw"
-      #   "char-tty rw"
-      # ];
-      # # PrivateDevices=true  #< breaks everything
-      # # PrivateNetwork=true  #< breaks udev
-      # #
-      # # root user is unaffected by Proc*
-      # # ProcSubset=pid
-      # # ProtectProc=noaccess
-      # # DynamicUser=true
     };
 
     environment.etc."buffyboard.conf".source = ini.generate "buffyboard.conf" cfg.settings;

pkgs/by-name/buffybox/package.nix

@@ -1,7 +1,6 @@
 {
   fetchFromGitLab,
   fetchFromGitea,
-  fetchpatch,
   inih,
   lib,
   libdrm,
@@ -17,7 +16,7 @@
 
 stdenv.mkDerivation (finalAttrs: {
   pname = "buffybox";
-  version = "3.2.0-unstable-2024-10-05";
+  version = "3.2.0-unstable-2024-11-10";
 
   # src = fetchFromGitea {
   #   domain = "git.uninsane.org";
@@ -29,22 +28,14 @@ stdenv.mkDerivation (finalAttrs: {
   # };
 
   src = fetchFromGitLab {
-    domain = "gitlab.com";
+    domain = "gitlab.postmarketos.org";
     owner = "postmarketOS";
     repo = "buffybox";
     fetchSubmodules = true; # to use its vendored lvgl
-    rev = "c683350b9fb944e38cb484f04f98e4e3f85b41a5";
-    hash = "sha256-z7siroBDauvs8TxfO/h+5HUU5G5aOWwNUxDaZm80I5A=";
+    rev = "07e324c17564cb9aab573259a8e0824a6806a751";
+    hash = "sha256-JY9WqtRjDsQf1UVFnM6oTwyAuhlJvrhcSNJdEZ0zIus=";
   };
 
-  patches = [
-    (fetchpatch {
-      url = "https://gitlab.postmarketos.org/postmarketOS/buffybox/-/merge_requests/34.patch";
-      name = "add buffyboard systemd service";
-      hash = "sha256-FUPDdj9BkC4Mj17X5fZAmIhLHwt8k626OnY07NM14tc=";
-    })
-  ];
-
   depsBuildBuild = [
     pkg-config
   ];
@@ -65,6 +56,9 @@ stdenv.mkDerivation (finalAttrs: {
 
   strictDeps = true;
 
+  env.PKG_CONFIG_SYSTEMD_SYSTEMD_SYSTEM_UNIT_DIR = "$out/lib/systemd/system";
+  # env.PKG_CONFIG_SYSTEMD_SYSTEMDSYSTEMUNITDIR = "$out/lib/systemd/system";
+
   passthru.updateScript = unstableGitUpdater { };
 
   meta = with lib; {