flake.lock: Update

Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/42688c90a7304812f66db3596ce1aedafd16c09f' (2022-11-18) → 'github:NixOS/nixpkgs/977d4985a05cc68c9f3a208415aa2ef028b52772' (2022-11-22)
authelia: init at 4.37.2
2022-11-23 22:50:03 +01:00 · 2022-11-19 01:04:15 +01:00 · 2022-11-19 00:49:05 +01:00 · 2022-11-19 00:49:05 +01:00 · 2022-11-19 00:49:05 +01:00
9 changed files with 36 additions and 1996 deletions
--- a/default.nix
+++ b/default.nix
@ -6,12 +6,10 @@ let
 in rec {
-  janus-gateway = callPackage ./pkgs/janus-gateway { };
+  authelia = callPackage ./pkgs/authelia { };
  nextcloud-spreed-signaling = callPackage ./pkgs/nextcloud-spreed-signaling { };
  snipe-it = callPackage ./pkgs/snipe-it { };
  ykoath-tools = callPackage ./pkgs/ykoath-tools { };
 } // optionalAttrs (pkgs.system == "x86_64-linux") rec {
--- a/flake.lock
+++ b/flake.lock
@ -2,16 +2,16 @@
  "nodes": {
    "nixpkgs": {
      "locked": {
-        "lastModified": 1653368995,
+        "lastModified": 1669154743,
-        "narHash": "sha256-v1ztHn+OcA3dAgk6u3pq0d5ol4K/iXwsiFYpNDIN0VE=",
+        "narHash": "sha256-oqWVq/eYsjvIakytYlw3NBt0lcTQyXb7xDiJMDWIIf4=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "fb0003cd0b4d850995ff439621b01a8a6433cf2d",
+        "rev": "977d4985a05cc68c9f3a208415aa2ef028b52772",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
-        "ref": "release-22.05",
+        "ref": "nixos-unstable-small",
        "repo": "nixpkgs",
        "type": "github"
      }
--- a/flake.nix
+++ b/flake.nix
@ -1,7 +1,7 @@
 {
  description = "meterriblecrew.net package flake";
-  inputs.nixpkgs.url = "github:NixOS/nixpkgs/release-22.05";
+  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small";
  outputs = inputs@{ self, nixpkgs }: let
@ -19,8 +19,6 @@
    nixosModules = {
      ryzenSMU = import ./modules/ryzenSMU;
      servicesSnipeIT = import ./modules/services/snipe-it.nix;
    };
    packages = forAllSystems (system: import ./. {
@ -31,9 +29,8 @@
      let localPkgs = import ./. { pkgs = next; };
      in {
        inherit (localPkgs)
-          janus-gateway
+          authelia
          nextcloud-spreed-signaling
          snipe-it
          ;
      } // prev.lib.optionalAttrs (prev.system == "x86_64-linux") rec {
        inherit (localPkgs)
--- a/pkgs/authelia/default.nix
+++ b/pkgs/authelia/default.nix
@ -0,0 +1,29 @@
 { lib
 , buildGoModule
 , fetchFromGitHub
 , ...
 }:
 buildGoModule rec {
  pname = "authelia";
  version = "4.37.2";
  src = fetchFromGitHub {
    owner = "authelia";
    repo = pname;
    rev = "v${version}";
    hash = "sha256-zNMZkIUEsOX+z1YnGnYC1OKUanUj4sLvRQ8zjhK98jg=";
  };
  vendorHash = "sha256-RodWMeHdlu7WeWmg415giL9Nfw2OoIIOABwgwzegULE=";
  doCheck = false;
  meta = with lib; {
    description = "The Single Sign-On Multi-Factor portal for web apps";
    homepage = "https://www.authelia.com";
    licenses = licenses.asl20;
    maintainers = with maintainers; [ aw ];
    platforms = platforms.unix;
  };
 }
--- a/pkgs/janus-gateway/default.nix
+++ b/pkgs/janus-gateway/default.nix
@ -1,59 +0,0 @@
 { lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, gengetopt
 , glib, libconfig, libnice, jansson, boringssl, zlib, srtp, libuv
 , libmicrohttpd, curl, libwebsockets, sofia_sip, libogg, libopus
 , usrsctp, ffmpeg
 }:
 let
  libwebsockets_janus = libwebsockets.overrideAttrs (_: {
    configureFlags = [
      "-DLWS_MAX_SMP=1"
      "-DLWS_WITHOUT_EXTENSIONS=0"
    ];
  });
 in
 stdenv.mkDerivation rec {
  pname = "janus-gateway";
  version = "0.11.4";
  src = fetchFromGitHub {
    owner = "meetecho";
    repo = pname;
    rev = "v${version}";
    sha256 = "sha256-K+6r7Nz+zzEDNd5Y44+V7x80DPxjaithregEg+goXk0=";
  };
  nativeBuildInputs = [ autoreconfHook pkg-config gengetopt ];
  buildInputs = [
    glib libconfig libnice jansson boringssl zlib srtp libuv libmicrohttpd
    curl libwebsockets_janus sofia_sip libogg libopus usrsctp ffmpeg
  ];
  enableParallelBuilding = true;
  configureFlags = [
    "--enable-boringssl=${boringssl}"
    "--enable-libsrtp2"
    "--enable-turn-rest-api"
    "--enable-json-logger"
    "--enable-gelf-event-handler"
    "--enable-post-processing"
  ];
  outputs = [ "out" "dev" "doc" "man" ];
  postInstall = ''
    moveToOutput share/janus "$doc"
    moveToOutput etc "$doc"
  '';
  meta = with lib; {
    description = "General purpose WebRTC server";
    homepage = "https://janus.conf.meetecho.com/";
    license = licenses.gpl3Only;
    platforms = platforms.linux;
    maintainers = with maintainers; [ fpletz ];
  };
 }
--- a/pkgs/snipe-it/composer-env.nix
+++ b/pkgs/snipe-it/composer-env.nix
@ -1,244 +0,0 @@
 # This file originates from composer2nix
 { stdenv, lib, writeTextFile, fetchurl, php, unzip, phpPackages }:
 let
  inherit (phpPackages) composer;
  filterSrc = src:
    builtins.filterSource (path: type: type != "directory" || (baseNameOf path != ".git" && baseNameOf path != ".git" && baseNameOf path != ".svn")) src;
  buildZipPackage = { name, src }:
    stdenv.mkDerivation {
      inherit name src;
      nativeBuildInputs = [ unzip ];
      buildCommand = ''
        shopt -s dotglob
        unzip $src
        baseDir=$(find . -type d -mindepth 1 -maxdepth 1)
        cd $baseDir
        mkdir -p $out
        mv * $out
      '';
    };
  buildPackage =
    { name
    , src
    , packages ? {}
    , devPackages ? {}
    , buildInputs ? []
    , symlinkDependencies ? false
    , executable ? false
    , removeComposerArtifacts ? false
    , postInstall ? ""
    , noDev ? false
    , composerExtraArgs ? ""
    , unpackPhase ? "true"
    , buildPhase ? "true"
    , ...}@args:
    let
      reconstructInstalled = writeTextFile {
        name = "reconstructinstalled.php";
        executable = true;
        text = ''
          #! ${php}/bin/php
          <?php
          if(file_exists($argv[1]))
          {
              $composerLockStr = file_get_contents($argv[1]);
              if($composerLockStr === false)
              {
                  fwrite(STDERR, "Cannot open composer.lock contents\n");
                  exit(1);
              }
              else
              {
                  $config = json_decode($composerLockStr, true);
                  if(array_key_exists("packages", $config))
                      $allPackages = $config["packages"];
                  else
                      $allPackages = array();
                  ${lib.optionalString (!noDev) ''
                    if(array_key_exists("packages-dev", $config))
                        $allPackages = array_merge($allPackages, $config["packages-dev"]);
                  ''}
                  $packagesStr = json_encode($allPackages, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
                  print($packagesStr);
              }
          }
          else
              print("[]");
          ?>
        '';
      };
      constructBin = writeTextFile {
        name = "constructbin.php";
        executable = true;
        text = ''
          #! ${php}/bin/php
          <?php
          $composerJSONStr = file_get_contents($argv[1]);
          if($composerJSONStr === false)
          {
              fwrite(STDERR, "Cannot open composer.json contents\n");
              exit(1);
          }
          else
          {
              $config = json_decode($composerJSONStr, true);
              if(array_key_exists("bin-dir", $config))
                  $binDir = $config["bin-dir"];
              else
                  $binDir = "bin";
              if(array_key_exists("bin", $config))
              {
                  if(!file_exists("vendor/".$binDir))
                      mkdir("vendor/".$binDir);
                  foreach($config["bin"] as $bin)
                      symlink("../../".$bin, "vendor/".$binDir."/".basename($bin));
              }
          }
          ?>
        '';
      };
      bundleDependencies = dependencies:
        lib.concatMapStrings (dependencyName:
          let
            dependency = dependencies.${dependencyName};
          in
          ''
            ${if dependency.targetDir == "" then ''
              vendorDir="$(dirname ${dependencyName})"
              mkdir -p "$vendorDir"
              ${if symlinkDependencies then
                ''ln -s "${dependency.src}" "$vendorDir/$(basename "${dependencyName}")"''
                else
                ''cp -av "${dependency.src}" "$vendorDir/$(basename "${dependencyName}")"''
              }
            '' else ''
              namespaceDir="${dependencyName}/$(dirname "${dependency.targetDir}")"
              mkdir -p "$namespaceDir"
              ${if symlinkDependencies then
                ''ln -s "${dependency.src}" "$namespaceDir/$(basename "${dependency.targetDir}")"''
              else
                ''cp -av "${dependency.src}" "$namespaceDir/$(basename "${dependency.targetDir}")"''
              }
            ''}
          '') (builtins.attrNames dependencies);
      extraArgs = removeAttrs args [ "packages" "devPackages" "buildInputs" ];
    in
    stdenv.mkDerivation ({
      buildInputs = [ php composer ] ++ buildInputs;
      inherit unpackPhase buildPhase;
      installPhase = ''
        ${if executable then ''
          mkdir -p $out/share/php
          cp -av $src $out/share/php/$name
          chmod -R u+w $out/share/php/$name
          cd $out/share/php/$name
        '' else ''
          cp -av $src $out
          chmod -R u+w $out
          cd $out
        ''}
        # Remove unwanted files
        rm -f *.nix
        export HOME=$TMPDIR
        # Remove the provided vendor folder if it exists
        rm -Rf vendor
        # If there is no composer.lock file, compose a dummy file.
        # Otherwise, composer attempts to download the package.json file from
        # the registry which we do not want.
        if [ ! -f composer.lock ]
        then
            cat > composer.lock <<EOF
        {
            "packages": []
        }
        EOF
        fi
        # Reconstruct the installed.json file from the lock file
        mkdir -p vendor/composer
        ${php}/bin/php ${reconstructInstalled} composer.lock > vendor/composer/installed.json
        # Copy or symlink the provided dependencies
        cd vendor
        ${bundleDependencies packages}
        ${lib.optionalString (!noDev) (bundleDependencies devPackages)}
        cd ..
        # Reconstruct autoload scripts
        # We use the optimize feature because Nix packages cannot change after they have been built
        # Using the dynamic loader for a Nix package is useless since there is nothing to dynamically reload.
        composer dump-autoload --optimize ${lib.optionalString noDev "--no-dev"} ${composerExtraArgs}
        # Run the install step as a validation to confirm that everything works out as expected
        composer install --optimize-autoloader ${lib.optionalString noDev "--no-dev"} ${composerExtraArgs}
        ${lib.optionalString executable ''
          # Reconstruct the bin/ folder if we deploy an executable project
          ${php}/bin/php ${constructBin} composer.json
          ln -s $(pwd)/vendor/bin $out/bin
        ''}
        ${lib.optionalString (!symlinkDependencies) ''
          # Patch the shebangs if possible
          if [ -d $(pwd)/vendor/bin ]
          then
              # Look for all executables in bin/
              for i in $(pwd)/vendor/bin/*
              do
                  # Look for their location
                  realFile=$(readlink -f "$i")
                  # Restore write permissions
                  chmod u+wx "$(dirname "$realFile")"
                  chmod u+w "$realFile"
                  # Patch shebang
                  sed -e "s|#!/usr/bin/php|#!${php}/bin/php|" \
                      -e "s|#!/usr/bin/env php|#!${php}/bin/php|" \
                      "$realFile" > tmp
                  mv tmp "$realFile"
                  chmod u+x "$realFile"
              done
          fi
        ''}
        if [ "$removeComposerArtifacts" = "1" ]
        then
            # Remove composer stuff
            rm -f composer.json composer.lock
        fi
        # Execute post install hook
        runHook postInstall
    '';
  } // extraArgs);
 in
 {
  inherit filterSrc;
  composer = lib.makeOverridable composer;
  buildZipPackage = lib.makeOverridable buildZipPackage;
  buildPackage = lib.makeOverridable buildPackage;
 }
--- a/pkgs/snipe-it/composition.nix
+++ b/pkgs/snipe-it/composition.nix
@ -1,14 +0,0 @@
 {pkgs ? import <nixpkgs> {
    inherit system;
  }, system ? builtins.currentSystem, noDev ? false, php ? pkgs.php, phpPackages ? pkgs.phpPackages}:
 let
  composerEnv = import ./composer-env.nix {
    inherit (pkgs) stdenv lib writeTextFile fetchurl unzip;
    inherit php phpPackages;
  };
 in
 import ./php-packages.nix {
  inherit composerEnv noDev;
  inherit (pkgs) fetchurl fetchgit fetchhg fetchsvn;
 }
--- a/pkgs/snipe-it/default.nix
+++ b/pkgs/snipe-it/default.nix
@ -1,40 +0,0 @@
 { pkgs, system, lib, fetchFromGitHub
 , php, phpPackages
 , dataDir ? "/var/lib/snipe-it"
 , cacheDir ? "/var/cache/snipe-it"
 }:
 let
  package = (import ./composition.nix {
    inherit pkgs system php phpPackages;
    noDev = true;
  }).overrideAttrs (oldAttrs: {
    installPhase = oldAttrs.installPhase + ''
      rm -R $out/storage $out/public/uploads $out/bootstrap/cache
      ln -s ${dataDir}/.env            $out/.env
      ln -s ${dataDir}/storage         $out/storage
      ln -s ${dataDir}/uploads         $out/public/uploads
      ln -s ${dataDir}/database.sqlite $out/database/database.sqlite
      ln -s ${cacheDir}/bootstrap $out/bootstrap/cache
    '';
  });
 in package.override rec {
  name = "snipe-it";
  version = "6.0.0-RC-7";
  src = fetchFromGitHub {
    owner = "snipe";
    repo = "snipe-it";
    rev = "v${version}";
    sha256 = "sha256-GMGKo2qieTX5eR9WGZN7PnsPRUp14EysX1VyCzQZuUo=";
  };
  meta = with lib; {
    description = "A free open source IT asset management system";
    homepage = "https://www.snipeitapp.com/";
    license = licenses.agpl3;
    maintainers = with maintainers; [ aw ];
    platforms = platforms.unix;
  };
 }
--- a/pkgs/snipe-it/php-packages.nix
+++ b/pkgs/snipe-it/php-packages.nix
Author	SHA1	Message	Date
Andreas Wiese	596454f85a	flake.lock: Update Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/42688c90a7304812f66db3596ce1aedafd16c09f' (2022-11-18) → 'github:NixOS/nixpkgs/977d4985a05cc68c9f3a208415aa2ef028b52772' (2022-11-22)	2022-11-23 22:50:03 +01:00
Andreas Wiese	5fe83a1393	authelia: init at 4.37.2 Now some NixOS module would be quite nice…	2022-11-19 01:04:15 +01:00
Andreas Wiese	2860717cbf	snipe-it: remove This is upstream.	2022-11-19 00:49:05 +01:00
Andreas Wiese	fe71426b9a	janus-gateway: remove This is upstream.	2022-11-19 00:49:05 +01:00
Andreas Wiese	68e2c3ea23	flake.lock: nixpkgs -> 22.11 (a.k.a. unstable-small) Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/fb0003cd0b4d850995ff439621b01a8a6433cf2d' (2022-05-24) → 'github:NixOS/nixpkgs/42688c90a7304812f66db3596ce1aedafd16c09f' (2022-11-18)	2022-11-19 00:49:05 +01:00