From db990437537af575d3c36c38b1eafd85ec987c86 Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Tue, 15 Aug 2023 10:46:18 +0000
Subject: [PATCH] eg25-manager.service: remove modem_power module & point to
 the right UART

---
 modules/services/eg25-manager.nix | 47 +++++++++++++++++++++++++++++--
 1 file changed, 45 insertions(+), 2 deletions(-)

diff --git a/modules/services/eg25-manager.nix b/modules/services/eg25-manager.nix
index b7202d0d..a081a756 100644
--- a/modules/services/eg25-manager.nix
+++ b/modules/services/eg25-manager.nix
@@ -4,6 +4,12 @@
 { config, lib, pkgs, ... }:
 let
   cfg = config.sane.services.eg25-manager;
+  eg25-config-toml = pkgs.writeText "eg25-manager-config.toml" ''
+    # config here is applied *on top of* the per-device configs shipped by eg25-manager.
+    # these values take precedence, but there's no need to redefine things if we don't want them changed
+    [at]
+    uart = "/dev/ttyUSB2"
+  '';
 in
 {
   options.sane.services.eg25-manager = {
@@ -12,8 +18,45 @@ in
   config = lib.mkIf cfg.enable {
     # eg25-manager package ships udev rules *and* a systemd service.
     # for that reason, i think it needs to be on the system path for the systemd service to be enabled.
-    systemd.packages = [ pkgs.eg25-manager ];
     services.udev.packages = [ pkgs.eg25-manager ];
-    systemd.services.eg25-manager.wantedBy = [ "multi-user.target" ];
+
+    # but actually, let's define our own systemd service so that we can control config
+    systemd.services.eg25-manager = {
+      serviceConfig = {
+        Type = "simple";
+        ExecStart = "${pkgs.eg25-manager}/bin/eg25-manager --config ${eg25-config-toml}";
+        ExecStartPre = pkgs.writeShellScript "unload-modem-power" ''
+          ${pkgs.kmod}/bin/modprobe -r modem_power && echo "WARNING: kernel configured with CONFIG_MODEM_POWER=y, may be incompatible with eg25-manager" || true
+        '';
+
+        Restart = "on-failure";
+
+        # sandboxing (taken from the service file shipped by eg25-manager):
+        ProtectControlGroups = true;
+        ProtectHome = true;
+        ProtectSystem = "strict";
+        RestrictSUIDSGID = true;
+        PrivateTmp = true;
+        MemoryDenyWriteExecute = true;
+        PrivateMounts = true;
+        NoNewPrivileges = true;
+        CapabilityBoundingSet = [ "" ];
+        LockPersonality = true;
+      };
+      before = [ "ModemManager.service" ];
+      wantedBy = [ "multi-user.target" ];
+    };
+
+    # systemd.packages = [ pkgs.eg25-manager ];
+    # systemd.services.eg25-manager.wantedBy = [ "multi-user.target" ];
+    # systemd.services.prepare-eg25-manager = {
+    #   description = "unload megi's modem_power module to provide gpio access to eg25-manager";
+    #   serviceConfig.Type = "oneshot";
+    #   wantedBy = [ "eg25-manager.service" ];
+    #   before = [ "eg25-manager.service" ];
+    #   script = ''
+    #     ${pkgs.kmod}/bin/modprobe -r modem_power && echo "WARNING: kernel configured with CONFIG_MODEM_POWER=y, may be incompatible with eg25-manager" || true
+    #   '';
+    # };
   };
 }