fix: enable wifi, sound, and kidlisp on nix usb build

+2 -2

fedac/nixos/configuration.nix

··· 1 - { config, pkgs, lib, self ? null, gitHash ? "unknown", version ? "dev", nativeSrc, ... }: 1 + { config, pkgs, lib, self ? null, gitHash ? "unknown", version ? "dev", nativeSrc, kidlispSrc ? null, ... }: 2 2 3 3 let 4 - ac-native = pkgs.callPackage ./packages/ac-native { inherit gitHash version nativeSrc; }; 4 + ac-native = pkgs.callPackage ./packages/ac-native { inherit gitHash version nativeSrc kidlispSrc; }; 5 5 in 6 6 { 7 7 imports = [

+10 -2

fedac/nixos/flake.nix

··· 21 21 } 22 22 else 23 23 throw "AC_NIX_NATIVE_SRC is required for fedac/nixos builds; run nix with --impure and point it at fedac/native."; 24 - specialArgs = { inherit self gitHash version nativeSrc; }; 24 + # KidLisp evaluator source — bundled into jslib/kidlisp-bundle.js for QuickJS. 25 + # kidlisp.mjs imports siblings (num.mjs, …) and ../dep/@akamfoad/qr, 26 + # so we need the aesthetic.computer tree for esbuild resolution. 27 + acWebPath = nativeSrcPath + "/../../system/public/aesthetic.computer"; 28 + kidlispSrc = 29 + if nativeSrcPath != "" && builtins.pathExists (acWebPath + "/lib/kidlisp.mjs") then 30 + builtins.path { path = acWebPath; name = "ac-web-source"; } 31 + else null; 32 + specialArgs = { inherit self gitHash version nativeSrc kidlispSrc; }; 25 33 runtimeModules = [ ./configuration.nix ]; 26 34 imageModules = runtimeModules ++ [ ./modules/image.nix ]; 27 35 evalConfig = import "${nixpkgs}/nixos/lib/eval-config.nix"; ··· 41 49 # The ac-native binary as a standalone package 42 50 packages.${system} = { 43 51 ac-native = pkgs.callPackage ./packages/ac-native { 44 - inherit gitHash version nativeSrc; 52 + inherit gitHash version nativeSrc kidlispSrc; 45 53 }; 46 54 47 55 # Bootable raw disk image with BIOS + UEFI bootloader install.

+13 -14

fedac/nixos/modules/kiosk.nix

··· 1 - { config, pkgs, lib, gitHash ? "unknown", version ? "dev", nativeSrc, ... }: 1 + { config, pkgs, lib, gitHash ? "unknown", version ? "dev", nativeSrc, kidlispSrc ? null, ... }: 2 2 3 3 let 4 - ac-native = pkgs.callPackage ../packages/ac-native { inherit gitHash version nativeSrc; }; 4 + ac-native = pkgs.callPackage ../packages/ac-native { inherit gitHash version nativeSrc kidlispSrc; }; 5 5 write-breadcrumb = pkgs.writeShellScript "ac-native-write-breadcrumb" '' 6 6 set -u 7 7 ··· 111 111 wantedBy = [ "multi-user.target" ]; 112 112 113 113 path = with pkgs; [ 114 - coreutils systemd util-linux 114 + coreutils gnugrep gnused gawk findutils 115 + which psmisc # killall (psmisc), which 116 + systemd util-linux 115 117 wpa_supplicant iw dhcpcd curl 116 118 dosfstools efibootmgr parted 117 119 ac-native 118 120 ]; 119 121 120 122 environment = { 121 - XDG_RUNTIME_DIR = "/run/user/1000"; 123 + XDG_RUNTIME_DIR = "/run/user/0"; 122 124 HOME = "/tmp/ac-home"; 123 125 SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; 124 126 ALSA_PLUGIN_DIR = "${pkgs.alsa-plugins}/lib/alsa-lib"; 127 + ALSA_CONFIG_PATH = "${pkgs.alsa-lib}/share/alsa/alsa.conf"; 125 128 }; 126 129 127 130 serviceConfig = { 128 - User = "ac"; 129 - Group = "users"; 130 - SupplementaryGroups = [ "video" "audio" "input" "seat" ]; 131 + # Run as root — ac-native needs full hardware access (WiFi, ALSA, 132 + # DRM) matching the old bare-metal build where it ran as PID 1. 133 + # Security hardening can be layered on once all features work. 131 134 Type = "simple"; 132 135 Restart = "on-failure"; 133 136 RestartSec = 2; ··· 146 149 # 0 = shutdown, 2 = reboot (matching current ac-native convention) 147 150 SuccessExitStatus = "0 2"; 148 151 ExecStopPost = "+${ac-native-stop}"; 149 - 150 - # Security 151 - ProtectSystem = "strict"; 152 - ReadWritePaths = [ "/tmp" "/mnt" "/run" ]; 153 - PrivateTmp = false; # ac-native uses /tmp for scratch 154 152 }; 155 153 }; 156 154 157 155 # Ensure XDG_RUNTIME_DIR exists for the ac user 158 156 systemd.tmpfiles.rules = [ 159 157 "d /mnt 0755 root root -" 160 - "d /run/user/1000 0700 ac users -" 161 - "d /tmp/ac-home 0700 ac users -" 158 + "d /run/user/0 0700 root root -" 159 + "d /tmp/ac-home 0700 root root -" 162 160 "L+ /piece.mjs - - - - ${ac-native}/share/ac-native/piece.mjs" 163 161 "L+ /pieces - - - - ${ac-native}/share/ac-native/pieces" 162 + "L+ /jslib - - - - ${ac-native}/share/ac-native/jslib" 164 163 ]; 165 164 }

+12 -2

fedac/nixos/packages/ac-native/default.nix

··· 1 1 { lib, stdenv, fetchurl, pkg-config 2 2 , libdrm, alsa-lib, flite, openssl, curl 3 3 , wayland, wayland-protocols, wayland-scanner 4 - , ffmpeg 4 + , ffmpeg, esbuild 5 5 , nativeSrc 6 + , kidlispSrc ? null 6 7 , gitHash ? "unknown", version ? "dev" 7 8 }: 8 9 ··· 21 22 nativeBuildInputs = [ 22 23 pkg-config 23 24 wayland-scanner 25 + esbuild 24 26 ]; 25 27 26 28 buildInputs = [ ··· 72 74 installPhase = '' 73 75 runHook preInstall 74 76 75 - mkdir -p $out/bin $out/share/ac-native/pieces 77 + mkdir -p $out/bin $out/share/ac-native/pieces $out/share/ac-native/jslib 76 78 77 79 # Binary 78 80 cp build/ac-native $out/bin/ ··· 83 85 # All pieces 84 86 cp pieces/*.mjs $out/share/ac-native/pieces/ 2>/dev/null || true 85 87 cp pieces/*.lisp $out/share/ac-native/pieces/ 2>/dev/null || true 88 + 89 + # KidLisp bundle — ac-native loads /jslib/kidlisp-bundle.js at init. 90 + # kidlispSrc is the aesthetic.computer web tree; entry point is lib/kidlisp.mjs. 91 + if [ -n "${toString kidlispSrc}" ] && [ -f "${toString kidlispSrc}/lib/kidlisp.mjs" ]; then 92 + esbuild "${toString kidlispSrc}/lib/kidlisp.mjs" --bundle --format=iife \ 93 + --global-name=KidLispModule --platform=node \ 94 + --outfile=$out/share/ac-native/jslib/kidlisp-bundle.js 95 + fi 86 96 87 97 runHook postInstall 88 98 '';

Configure Feed

Configure Feed