Compare commits

...

5 Commits

Author SHA1 Message Date
Andreas Wiese 596454f85a flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/42688c90a7304812f66db3596ce1aedafd16c09f' (2022-11-18)
  → 'github:NixOS/nixpkgs/977d4985a05cc68c9f3a208415aa2ef028b52772' (2022-11-22)
2022-11-23 22:50:03 +01:00
Andreas Wiese 5fe83a1393 authelia: init at 4.37.2
Now some NixOS module would be quite nice…
2022-11-19 01:04:15 +01:00
Andreas Wiese 2860717cbf snipe-it: remove
This is upstream.
2022-11-19 00:49:05 +01:00
Andreas Wiese fe71426b9a janus-gateway: remove
This is upstream.
2022-11-19 00:49:05 +01:00
Andreas Wiese 68e2c3ea23 flake.lock: nixpkgs -> 22.11 (a.k.a. unstable-small)
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/fb0003cd0b4d850995ff439621b01a8a6433cf2d' (2022-05-24)
  → 'github:NixOS/nixpkgs/42688c90a7304812f66db3596ce1aedafd16c09f' (2022-11-18)
2022-11-19 00:49:05 +01:00
9 changed files with 36 additions and 1996 deletions

View File

@ -6,12 +6,10 @@ let
in rec {
janus-gateway = callPackage ./pkgs/janus-gateway { };
authelia = callPackage ./pkgs/authelia { };
nextcloud-spreed-signaling = callPackage ./pkgs/nextcloud-spreed-signaling { };
snipe-it = callPackage ./pkgs/snipe-it { };
ykoath-tools = callPackage ./pkgs/ykoath-tools { };
} // optionalAttrs (pkgs.system == "x86_64-linux") rec {

View File

@ -2,16 +2,16 @@
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1653368995,
"narHash": "sha256-v1ztHn+OcA3dAgk6u3pq0d5ol4K/iXwsiFYpNDIN0VE=",
"lastModified": 1669154743,
"narHash": "sha256-oqWVq/eYsjvIakytYlw3NBt0lcTQyXb7xDiJMDWIIf4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fb0003cd0b4d850995ff439621b01a8a6433cf2d",
"rev": "977d4985a05cc68c9f3a208415aa2ef028b52772",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-22.05",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}

View File

@ -1,7 +1,7 @@
{
description = "meterriblecrew.net package flake";
inputs.nixpkgs.url = "github:NixOS/nixpkgs/release-22.05";
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small";
outputs = inputs@{ self, nixpkgs }: let
@ -19,8 +19,6 @@
nixosModules = {
ryzenSMU = import ./modules/ryzenSMU;
servicesSnipeIT = import ./modules/services/snipe-it.nix;
};
packages = forAllSystems (system: import ./. {
@ -31,9 +29,8 @@
let localPkgs = import ./. { pkgs = next; };
in {
inherit (localPkgs)
janus-gateway
authelia
nextcloud-spreed-signaling
snipe-it
;
} // prev.lib.optionalAttrs (prev.system == "x86_64-linux") rec {
inherit (localPkgs)

29
pkgs/authelia/default.nix Normal file
View File

@ -0,0 +1,29 @@
{ lib
, buildGoModule
, fetchFromGitHub
, ...
}:
buildGoModule rec {
pname = "authelia";
version = "4.37.2";
src = fetchFromGitHub {
owner = "authelia";
repo = pname;
rev = "v${version}";
hash = "sha256-zNMZkIUEsOX+z1YnGnYC1OKUanUj4sLvRQ8zjhK98jg=";
};
vendorHash = "sha256-RodWMeHdlu7WeWmg415giL9Nfw2OoIIOABwgwzegULE=";
doCheck = false;
meta = with lib; {
description = "The Single Sign-On Multi-Factor portal for web apps";
homepage = "https://www.authelia.com";
licenses = licenses.asl20;
maintainers = with maintainers; [ aw ];
platforms = platforms.unix;
};
}

View File

@ -1,59 +0,0 @@
{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, gengetopt
, glib, libconfig, libnice, jansson, boringssl, zlib, srtp, libuv
, libmicrohttpd, curl, libwebsockets, sofia_sip, libogg, libopus
, usrsctp, ffmpeg
}:
let
libwebsockets_janus = libwebsockets.overrideAttrs (_: {
configureFlags = [
"-DLWS_MAX_SMP=1"
"-DLWS_WITHOUT_EXTENSIONS=0"
];
});
in
stdenv.mkDerivation rec {
pname = "janus-gateway";
version = "0.11.4";
src = fetchFromGitHub {
owner = "meetecho";
repo = pname;
rev = "v${version}";
sha256 = "sha256-K+6r7Nz+zzEDNd5Y44+V7x80DPxjaithregEg+goXk0=";
};
nativeBuildInputs = [ autoreconfHook pkg-config gengetopt ];
buildInputs = [
glib libconfig libnice jansson boringssl zlib srtp libuv libmicrohttpd
curl libwebsockets_janus sofia_sip libogg libopus usrsctp ffmpeg
];
enableParallelBuilding = true;
configureFlags = [
"--enable-boringssl=${boringssl}"
"--enable-libsrtp2"
"--enable-turn-rest-api"
"--enable-json-logger"
"--enable-gelf-event-handler"
"--enable-post-processing"
];
outputs = [ "out" "dev" "doc" "man" ];
postInstall = ''
moveToOutput share/janus "$doc"
moveToOutput etc "$doc"
'';
meta = with lib; {
description = "General purpose WebRTC server";
homepage = "https://janus.conf.meetecho.com/";
license = licenses.gpl3Only;
platforms = platforms.linux;
maintainers = with maintainers; [ fpletz ];
};
}

View File

@ -1,244 +0,0 @@
# This file originates from composer2nix
{ stdenv, lib, writeTextFile, fetchurl, php, unzip, phpPackages }:
let
inherit (phpPackages) composer;
filterSrc = src:
builtins.filterSource (path: type: type != "directory" || (baseNameOf path != ".git" && baseNameOf path != ".git" && baseNameOf path != ".svn")) src;
buildZipPackage = { name, src }:
stdenv.mkDerivation {
inherit name src;
nativeBuildInputs = [ unzip ];
buildCommand = ''
shopt -s dotglob
unzip $src
baseDir=$(find . -type d -mindepth 1 -maxdepth 1)
cd $baseDir
mkdir -p $out
mv * $out
'';
};
buildPackage =
{ name
, src
, packages ? {}
, devPackages ? {}
, buildInputs ? []
, symlinkDependencies ? false
, executable ? false
, removeComposerArtifacts ? false
, postInstall ? ""
, noDev ? false
, composerExtraArgs ? ""
, unpackPhase ? "true"
, buildPhase ? "true"
, ...}@args:
let
reconstructInstalled = writeTextFile {
name = "reconstructinstalled.php";
executable = true;
text = ''
#! ${php}/bin/php
<?php
if(file_exists($argv[1]))
{
$composerLockStr = file_get_contents($argv[1]);
if($composerLockStr === false)
{
fwrite(STDERR, "Cannot open composer.lock contents\n");
exit(1);
}
else
{
$config = json_decode($composerLockStr, true);
if(array_key_exists("packages", $config))
$allPackages = $config["packages"];
else
$allPackages = array();
${lib.optionalString (!noDev) ''
if(array_key_exists("packages-dev", $config))
$allPackages = array_merge($allPackages, $config["packages-dev"]);
''}
$packagesStr = json_encode($allPackages, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
print($packagesStr);
}
}
else
print("[]");
?>
'';
};
constructBin = writeTextFile {
name = "constructbin.php";
executable = true;
text = ''
#! ${php}/bin/php
<?php
$composerJSONStr = file_get_contents($argv[1]);
if($composerJSONStr === false)
{
fwrite(STDERR, "Cannot open composer.json contents\n");
exit(1);
}
else
{
$config = json_decode($composerJSONStr, true);
if(array_key_exists("bin-dir", $config))
$binDir = $config["bin-dir"];
else
$binDir = "bin";
if(array_key_exists("bin", $config))
{
if(!file_exists("vendor/".$binDir))
mkdir("vendor/".$binDir);
foreach($config["bin"] as $bin)
symlink("../../".$bin, "vendor/".$binDir."/".basename($bin));
}
}
?>
'';
};
bundleDependencies = dependencies:
lib.concatMapStrings (dependencyName:
let
dependency = dependencies.${dependencyName};
in
''
${if dependency.targetDir == "" then ''
vendorDir="$(dirname ${dependencyName})"
mkdir -p "$vendorDir"
${if symlinkDependencies then
''ln -s "${dependency.src}" "$vendorDir/$(basename "${dependencyName}")"''
else
''cp -av "${dependency.src}" "$vendorDir/$(basename "${dependencyName}")"''
}
'' else ''
namespaceDir="${dependencyName}/$(dirname "${dependency.targetDir}")"
mkdir -p "$namespaceDir"
${if symlinkDependencies then
''ln -s "${dependency.src}" "$namespaceDir/$(basename "${dependency.targetDir}")"''
else
''cp -av "${dependency.src}" "$namespaceDir/$(basename "${dependency.targetDir}")"''
}
''}
'') (builtins.attrNames dependencies);
extraArgs = removeAttrs args [ "packages" "devPackages" "buildInputs" ];
in
stdenv.mkDerivation ({
buildInputs = [ php composer ] ++ buildInputs;
inherit unpackPhase buildPhase;
installPhase = ''
${if executable then ''
mkdir -p $out/share/php
cp -av $src $out/share/php/$name
chmod -R u+w $out/share/php/$name
cd $out/share/php/$name
'' else ''
cp -av $src $out
chmod -R u+w $out
cd $out
''}
# Remove unwanted files
rm -f *.nix
export HOME=$TMPDIR
# Remove the provided vendor folder if it exists
rm -Rf vendor
# If there is no composer.lock file, compose a dummy file.
# Otherwise, composer attempts to download the package.json file from
# the registry which we do not want.
if [ ! -f composer.lock ]
then
cat > composer.lock <<EOF
{
"packages": []
}
EOF
fi
# Reconstruct the installed.json file from the lock file
mkdir -p vendor/composer
${php}/bin/php ${reconstructInstalled} composer.lock > vendor/composer/installed.json
# Copy or symlink the provided dependencies
cd vendor
${bundleDependencies packages}
${lib.optionalString (!noDev) (bundleDependencies devPackages)}
cd ..
# Reconstruct autoload scripts
# We use the optimize feature because Nix packages cannot change after they have been built
# Using the dynamic loader for a Nix package is useless since there is nothing to dynamically reload.
composer dump-autoload --optimize ${lib.optionalString noDev "--no-dev"} ${composerExtraArgs}
# Run the install step as a validation to confirm that everything works out as expected
composer install --optimize-autoloader ${lib.optionalString noDev "--no-dev"} ${composerExtraArgs}
${lib.optionalString executable ''
# Reconstruct the bin/ folder if we deploy an executable project
${php}/bin/php ${constructBin} composer.json
ln -s $(pwd)/vendor/bin $out/bin
''}
${lib.optionalString (!symlinkDependencies) ''
# Patch the shebangs if possible
if [ -d $(pwd)/vendor/bin ]
then
# Look for all executables in bin/
for i in $(pwd)/vendor/bin/*
do
# Look for their location
realFile=$(readlink -f "$i")
# Restore write permissions
chmod u+wx "$(dirname "$realFile")"
chmod u+w "$realFile"
# Patch shebang
sed -e "s|#!/usr/bin/php|#!${php}/bin/php|" \
-e "s|#!/usr/bin/env php|#!${php}/bin/php|" \
"$realFile" > tmp
mv tmp "$realFile"
chmod u+x "$realFile"
done
fi
''}
if [ "$removeComposerArtifacts" = "1" ]
then
# Remove composer stuff
rm -f composer.json composer.lock
fi
# Execute post install hook
runHook postInstall
'';
} // extraArgs);
in
{
inherit filterSrc;
composer = lib.makeOverridable composer;
buildZipPackage = lib.makeOverridable buildZipPackage;
buildPackage = lib.makeOverridable buildPackage;
}

View File

@ -1,14 +0,0 @@
{pkgs ? import <nixpkgs> {
inherit system;
}, system ? builtins.currentSystem, noDev ? false, php ? pkgs.php, phpPackages ? pkgs.phpPackages}:
let
composerEnv = import ./composer-env.nix {
inherit (pkgs) stdenv lib writeTextFile fetchurl unzip;
inherit php phpPackages;
};
in
import ./php-packages.nix {
inherit composerEnv noDev;
inherit (pkgs) fetchurl fetchgit fetchhg fetchsvn;
}

View File

@ -1,40 +0,0 @@
{ pkgs, system, lib, fetchFromGitHub
, php, phpPackages
, dataDir ? "/var/lib/snipe-it"
, cacheDir ? "/var/cache/snipe-it"
}:
let
package = (import ./composition.nix {
inherit pkgs system php phpPackages;
noDev = true;
}).overrideAttrs (oldAttrs: {
installPhase = oldAttrs.installPhase + ''
rm -R $out/storage $out/public/uploads $out/bootstrap/cache
ln -s ${dataDir}/.env $out/.env
ln -s ${dataDir}/storage $out/storage
ln -s ${dataDir}/uploads $out/public/uploads
ln -s ${dataDir}/database.sqlite $out/database/database.sqlite
ln -s ${cacheDir}/bootstrap $out/bootstrap/cache
'';
});
in package.override rec {
name = "snipe-it";
version = "6.0.0-RC-7";
src = fetchFromGitHub {
owner = "snipe";
repo = "snipe-it";
rev = "v${version}";
sha256 = "sha256-GMGKo2qieTX5eR9WGZN7PnsPRUp14EysX1VyCzQZuUo=";
};
meta = with lib; {
description = "A free open source IT asset management system";
homepage = "https://www.snipeitapp.com/";
license = licenses.agpl3;
maintainers = with maintainers; [ aw ];
platforms = platforms.unix;
};
}

File diff suppressed because it is too large Load Diff