paretosecurity: 0.1.9 -> 0.2.12

Also: * enable tray icon by default when nixos module is enabled * install desktop entry * install paretosecurity:// URL handler * install app icon
2025-06-10 03:23:29 +03:00 · 2025-04-24 11:12:40 +01:00 · 2025-04-24 11:12:40 +01:00 · f07205812c
commit f07205812c
parent 280f123488
3 changed files with 36 additions and 12 deletions
--- a/nixos/modules/services/security/paretosecurity.nix
+++ b/nixos/modules/services/security/paretosecurity.nix
@ -12,7 +12,11 @@ in
  options.services.paretosecurity = {
    enable = lib.mkEnableOption "[ParetoSecurity](https://paretosecurity.com) [agent](https://github.com/ParetoSecurity/agent) and its root helper";
    package = lib.mkPackageOption pkgs "paretosecurity" { };
-    trayIcon = lib.mkEnableOption "tray icon for ParetoSecurity";
+    trayIcon = lib.mkOption {
+      type = lib.types.bool;
+      default = true;
+      description = "Set to false to disable the tray icon and run as a CLI tool only.";
+    };
  };

  config = lib.mkIf cfg.enable {
--- a/nixos/tests/paretosecurity.nix
+++ b/nixos/tests/paretosecurity.nix
@ -46,10 +46,7 @@
    {
      imports = [ ./common/user-account.nix ];

-      services.paretosecurity = {
-        enable = true;
-        trayIcon = true;
-      };
+      services.paretosecurity.enable = true;

      services.xserver.enable = true;
      services.xserver.displayManager.lightdm.enable = true;
@ -119,5 +116,16 @@
    xfce.wait_for_text("Pareto Security")
    xfce.succeed("xdotool click 1")
    xfce.wait_for_text("Run Checks")
+
+    # Test 5: paretosecurity:// URL handler is registered
+    xfce.succeed("su - alice -c 'xdg-open paretosecurity://foo'")
+
+    # Test 6: Desktop entry
+    xfce.succeed("xdotool mousemove 10 10")
+    xfce.succeed("xdotool click 1")  # hide the tray icon window
+    xfce.succeed("xdotool click 1")  # show the Applications menu
+    xfce.succeed("xdotool mousemove 10 200")
+    xfce.succeed("xdotool click 1")
+    xfce.wait_for_text("Pareto Security")
  '';
 }
--- a/pkgs/by-name/pa/paretosecurity/package.nix
+++ b/pkgs/by-name/pa/paretosecurity/package.nix
@ -17,16 +17,16 @@ buildGoModule (finalAttrs: {
    webkitgtk_4_1
  ];
  pname = "paretosecurity";
-  version = "0.1.9";
+  version = "0.2.12";

  src = fetchFromGitHub {
    owner = "ParetoSecurity";
    repo = "agent";
    rev = finalAttrs.version;
-    hash = "sha256-KJs4xC3EtGG4116UE+oIEwAMcuDWIm9gqgZY+Bv14ac=";
+    hash = "sha256-skBxDPC+C8JU1CW6g3SA2C4IawaoPzVi8pdl5BCutUY=";
  };

-  vendorHash = "sha256-3plpvwLe32AsGuVzdM2fSmTPkKwRFmhi651NEIRdOxw=";
+  vendorHash = "sha256-YnyACP/hJYxi4AWMwr0We4YUTbWwahKAIYN6RnHmzls=";
  proxyVendor = true;

  ldflags = [
@ -51,6 +51,17 @@ buildGoModule (finalAttrs: {
    install -Dm444 ${finalAttrs.src}/apt/paretosecurity-trayicon.service $out/lib/systemd/user/paretosecurity-trayicon.service
    substituteInPlace $out/lib/systemd/user/paretosecurity-trayicon.service \
        --replace-fail "/usr/bin/paretosecurity" "$out/bin/paretosecurity"
+
+    # Install .desktop files
+    install -Dm444 ${finalAttrs.src}/apt/ParetoSecurity.desktop $out/share/applications/ParetoSecurity.desktop
+    substituteInPlace $out/share/applications/ParetoSecurity.desktop \
+        --replace-fail "/usr/bin/paretosecurity" "$out/bin/paretosecurity"
+    install -Dm444 ${finalAttrs.src}/apt/ParetoSecurityLink.desktop $out/share/applications/ParetoSecurityLink.desktop
+    substituteInPlace $out/share/applications/ParetoSecurityLink.desktop \
+        --replace-fail "/usr/bin/paretosecurity" "$out/bin/paretosecurity"
+
+    # Install icon
+    install -Dm444 ${finalAttrs.src}/assets/icon.png $out/share/icons/hicolor/512x512/apps/ParetoSecurity.png
  '';

  passthru.tests = {
@ -74,10 +85,11 @@ buildGoModule (finalAttrs: {
      root helper that allows you to run the checker in userspace. Some checks
      require root permissions, and the checker asks the helper to run those.

-      Additionally, if you enable `services.paretosecurity.trayIcon`, you get a
-      little Vilfredo Pareto living in your systray showing your the current
-      status of checks. This will also enable a systemd timer to update the
-      status of checks once per hour.
+      Additionally, using the NixOS module gets you a little Vilfredo Pareto
+      living in your systray showing your the current status of checks. The
+      NixOS Module also installs a systemd timer to update the status of checks
+      once per hour. If you want to use just the CLI mode, set
+      `services.paretosecurity.trayIcon` to `false`.

      Finally, you can run `paretosecurity link` to configure the agent
      to send the status of checks to https://dash.paretosecurity.com to make