From 48dd2889c7f408a7602e9bfb56afe3c0932533a7 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Tue, 31 May 2022 22:24:42 +0200 Subject: [PATCH 01/70] kibana6: remove --- pkgs/development/tools/misc/kibana/6.x.nix | 63 ---------------------- pkgs/top-level/all-packages.nix | 7 +-- 2 files changed, 1 insertion(+), 69 deletions(-) delete mode 100644 pkgs/development/tools/misc/kibana/6.x.nix diff --git a/pkgs/development/tools/misc/kibana/6.x.nix b/pkgs/development/tools/misc/kibana/6.x.nix deleted file mode 100644 index cd81975ee44..00000000000 --- a/pkgs/development/tools/misc/kibana/6.x.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ elk6Version -, enableUnfree ? true -, lib, stdenv -, makeWrapper -, fetchurl -, nodejs-10_x -, coreutils -, which -}: - -with lib; -let - nodejs = nodejs-10_x; - inherit (builtins) elemAt; - info = splitString "-" stdenv.hostPlatform.system; - arch = elemAt info 0; - plat = elemAt info 1; - shas = - if enableUnfree - then { - x86_64-linux = "1a501lavxhckb3l93sbrbqyshicwkk6p89frry4x8p037xcfpy0x"; - x86_64-darwin = "0zm45af30shhcg3mdhcma6rms1hyrx62rm5jzwnz9kxv4d30skbw"; - } - else { - x86_64-linux = "0wfdipf21apyily7mvlqgyc7m5jpr96zgrryzwa854z3xb2vw8zg"; - x86_64-darwin = "1nklfx4yz6hsxlljvnvwjy7pncv9mzngl84710xad5jlyras3sdj"; - }; - -in stdenv.mkDerivation rec { - pname = "kibana${optionalString (!enableUnfree) "-oss"}"; - version = elk6Version; - - src = fetchurl { - url = "https://artifacts.elastic.co/downloads/kibana/${pname}-${version}-${plat}-${arch}.tar.gz"; - sha256 = shas.${stdenv.hostPlatform.system} or (throw "Unknown architecture"); - }; - - patches = [ - # Kibana specifies it specifically needs nodejs 10.15.2 but nodejs in nixpkgs is at 10.15.3. - # The test succeeds with this newer version so lets just - # disable the version check. - ./disable-nodejs-version-check.patch - ]; - - nativeBuildInputs = [ makeWrapper ]; - - installPhase = '' - mkdir -p $out/libexec/kibana $out/bin - mv * $out/libexec/kibana/ - rm -r $out/libexec/kibana/node - makeWrapper $out/libexec/kibana/bin/kibana $out/bin/kibana \ - --prefix PATH : "${lib.makeBinPath [ nodejs coreutils which ]}" - sed -i 's@NODE=.*@NODE=${nodejs}/bin/node@' $out/libexec/kibana/bin/kibana - ''; - - meta = { - description = "Visualize logs and time-stamped data"; - homepage = "http://www.elasticsearch.org/overview/kibana"; - license = if enableUnfree then licenses.elastic else licenses.asl20; - maintainers = with maintainers; [ offline basvandijk ]; - platforms = with platforms; unix; - }; -} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 81b2c330de4..fd8ead6ef03 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7467,13 +7467,8 @@ with pkgs; kfctl = callPackage ../applications/networking/cluster/kfctl { }; - kibana6 = callPackage ../development/tools/misc/kibana/6.x.nix { }; - kibana6-oss = callPackage ../development/tools/misc/kibana/6.x.nix { - enableUnfree = false; - }; kibana7 = callPackage ../development/tools/misc/kibana/7.x.nix { }; - kibana = kibana6; - kibana-oss = kibana6-oss; + kibana = kibana7; kibi = callPackage ../applications/editors/kibi { }; From 0bb082468894c28356f60aa647536bc2d353af89 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Tue, 31 May 2022 22:24:31 +0200 Subject: [PATCH 02/70] nodejs-10_x: remove has been EOL for over one year --- pkgs/development/web/nodejs/v10.nix | 14 -------------- pkgs/top-level/aliases.nix | 1 + pkgs/top-level/all-packages.nix | 8 -------- 3 files changed, 1 insertion(+), 22 deletions(-) delete mode 100644 pkgs/development/web/nodejs/v10.nix diff --git a/pkgs/development/web/nodejs/v10.nix b/pkgs/development/web/nodejs/v10.nix deleted file mode 100644 index 5c107b20f4a..00000000000 --- a/pkgs/development/web/nodejs/v10.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ callPackage, openssl, icu, python2, lib, stdenv, enableNpm ? true }: - -let - buildNodejs = callPackage ./nodejs.nix { - inherit openssl icu; - python = python2; - }; -in - buildNodejs { - inherit enableNpm; - version = "10.24.1"; - sha256 = "032801kg24j04xmf09m0vxzlcz86sv21s24lv9l4cfv08k1c4byp"; - patches = lib.optional stdenv.isDarwin ./bypass-xcodebuild.diff; - } diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 6278957813c..a18af56e457 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -913,6 +913,7 @@ mapAliases ({ nmap-unfree = nmap; # Added 2021-04-06 nmap-graphical = throw "nmap graphical support has been removed due to its python2 dependency"; # Added 2022-04-26 nmap_graphical = throw "nmap graphical support has been removed due to its python2 dependency"; # Modified 2022-04-26 + nodejs-10_x = throw "nodejs-10_X has been removed. Use a newer version instead."; # Added 2022-05-31 nologin = throw "'nologin' has been renamed to/replaced by 'shadow'"; # Converted to throw 2022-02-22 nomad_1_1 = throw "nomad_1_1 has been removed because it's outdated. Use a a newer version instead"; # Added 2022-05-22 nordic-polar = throw "nordic-polar was removed on 2021-05-27, now integrated in nordic"; # Added 2021-05-27 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index fd8ead6ef03..5f38e83e707 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7848,14 +7848,6 @@ with pkgs; nodejs-slim = nodejs-slim-16_x; - - nodejs-10_x = callPackage ../development/web/nodejs/v10.nix { - icu = icu67; - }; - nodejs-slim-10_x = callPackage ../development/web/nodejs/v10.nix { - enableNpm = false; - icu = icu67; - }; nodejs-12_x = callPackage ../development/web/nodejs/v12.nix { }; nodejs-slim-12_x = callPackage ../development/web/nodejs/v12.nix { enableNpm = false; From e1f72ee81b48a1da518a5c3093905ac62fee8872 Mon Sep 17 00:00:00 2001 From: Rick van Schijndel Date: Mon, 4 Oct 2021 20:57:15 +0200 Subject: [PATCH 03/70] feedbackd: support cross-compilation Disables introspection for now. --- pkgs/applications/misc/feedbackd/default.nix | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/feedbackd/default.nix b/pkgs/applications/misc/feedbackd/default.nix index 0892f2e2d02..3692273fdf3 100644 --- a/pkgs/applications/misc/feedbackd/default.nix +++ b/pkgs/applications/misc/feedbackd/default.nix @@ -32,7 +32,8 @@ stdenv.mkDerivation rec { # only a Debian package release that is tagged in the upstream repo version = "0.0.0+git20220520"; - outputs = [ "out" "dev" "devdoc" ]; + outputs = [ "out" "dev" ] + ++ lib.optionals (stdenv.buildPlatform == stdenv.hostPlatform) [ "devdoc" ]; src = fetchFromGitLab { domain = "source.puri.sm"; @@ -61,7 +62,11 @@ stdenv.mkDerivation rec { libgudev ]; - mesonFlags = [ "-Dgtk_doc=true" "-Dman=true" ]; + mesonFlags = [ + "-Dgtk_doc=${lib.boolToString (stdenv.buildPlatform == stdenv.hostPlatform)}" + "-Dman=true" + "-Dintrospection=${if (stdenv.buildPlatform == stdenv.hostPlatform) then "enabled" else "disabled"}" + ]; checkInputs = [ dbus From 322a6cc95b97cbaeefcdf14800ab936c79ff1dc1 Mon Sep 17 00:00:00 2001 From: Rick van Schijndel Date: Fri, 3 Jun 2022 18:50:22 +0200 Subject: [PATCH 04/70] feedbackd: add comment explaining why introspection is disabled for cross --- pkgs/applications/misc/feedbackd/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/applications/misc/feedbackd/default.nix b/pkgs/applications/misc/feedbackd/default.nix index 3692273fdf3..2a4db6b10e4 100644 --- a/pkgs/applications/misc/feedbackd/default.nix +++ b/pkgs/applications/misc/feedbackd/default.nix @@ -65,6 +65,8 @@ stdenv.mkDerivation rec { mesonFlags = [ "-Dgtk_doc=${lib.boolToString (stdenv.buildPlatform == stdenv.hostPlatform)}" "-Dman=true" + # TODO(mindavi): introspection broken due to https://github.com/NixOS/nixpkgs/issues/72868 + # can be removed if cross-compiling gobject-introspection works. "-Dintrospection=${if (stdenv.buildPlatform == stdenv.hostPlatform) then "enabled" else "disabled"}" ]; From dcc2f92e8b1f0d0e8d65884fd09a3b9d3b188718 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Fri, 3 Jun 2022 22:50:35 +0200 Subject: [PATCH 05/70] xfsprogs: 5.16.0 -> 5.18.0 --- pkgs/tools/filesystems/xfsprogs/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/filesystems/xfsprogs/default.nix b/pkgs/tools/filesystems/xfsprogs/default.nix index c44157a2f02..d24e418a086 100644 --- a/pkgs/tools/filesystems/xfsprogs/default.nix +++ b/pkgs/tools/filesystems/xfsprogs/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { pname = "xfsprogs"; - version = "5.16.0"; + version = "5.18.0"; src = fetchurl { url = "mirror://kernel/linux/utils/fs/xfs/xfsprogs/${pname}-${version}.tar.xz"; - hash = "sha256-eLjImZmb1pBEHLU9fAKrZxKUlAMZxpT/fILiPo5Gu58="; + hash = "sha256-Ho2IAb3sjNTK02DOO70Sw1qX8ryPfIyVgNGQOw6Mw1s="; }; outputs = [ "bin" "dev" "out" "doc" ]; From 30b87b001b282a99afa9342e4486e56624fddb9f Mon Sep 17 00:00:00 2001 From: Francesco Gazzetta Date: Sat, 4 Jun 2022 10:50:25 +0200 Subject: [PATCH 06/70] python310Packages.docopt-ng: 0.7.2 -> 0.8.1 --- pkgs/development/python-modules/docopt-ng/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/docopt-ng/default.nix b/pkgs/development/python-modules/docopt-ng/default.nix index 7a18bfbc7cf..60d14fa8e98 100644 --- a/pkgs/development/python-modules/docopt-ng/default.nix +++ b/pkgs/development/python-modules/docopt-ng/default.nix @@ -5,11 +5,11 @@ buildPythonPackage rec { pname = "docopt-ng"; - version = "0.7.2"; + version = "0.8.1"; src = fetchPypi { inherit pname version; - sha256 = "sha256-hs7qAy8M+lnmB3brDPOKxzZTWBAihyMg9H3IdGeNckQ="; + sha256 = "sha256-6mphooj8hk7uayLW/iiqIC1Z/Ib60F8W/145zE6n9uM="; }; pythonImportsCheck = [ "docopt" ]; From cd8f876c6188097b20cba9aaf219792d198f1c75 Mon Sep 17 00:00:00 2001 From: Francesco Gazzetta Date: Sat, 4 Jun 2022 10:51:31 +0200 Subject: [PATCH 07/70] python310Packages.staticjinja: 4.1.2 -> 4.1.3 --- pkgs/development/python-modules/staticjinja/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/staticjinja/default.nix b/pkgs/development/python-modules/staticjinja/default.nix index 0c1a698aa63..e8621d8e954 100644 --- a/pkgs/development/python-modules/staticjinja/default.nix +++ b/pkgs/development/python-modules/staticjinja/default.nix @@ -17,7 +17,7 @@ buildPythonPackage rec { pname = "staticjinja"; - version = "4.1.2"; + version = "4.1.3"; format = "pyproject"; disabled = pythonOlder "3.6"; @@ -27,7 +27,7 @@ buildPythonPackage rec { owner = "staticjinja"; repo = pname; rev = version; - sha256 = "0qqyadhqsn66b7qrpfj08qc899pjwfa2byqqzh73xq1n22i4cy30"; + sha256 = "sha256-w6ge5MQXNRHCM43jKnagTlbquJJys7mprgBOS2uuwHQ="; }; nativeBuildInputs = [ From 53921eabca7696311ef7ecbe0454100d487301ce Mon Sep 17 00:00:00 2001 From: Spencer Pogorzelski <34356756+Scoder12@users.noreply.github.com> Date: Sun, 5 Jun 2022 12:24:01 -0700 Subject: [PATCH 08/70] maintainers: Add scoder12 --- maintainers/maintainer-list.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index a28165c3e29..53b666d83e4 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -11452,6 +11452,12 @@ githubId = 59476; name = "Peter Schuller"; }; + scoder12 = { + name = "Spencer Pogorzelski"; + email = "34356756+Scoder12@users.noreply.github.com"; + github = "scoder12"; + githubId = 34356756; + }; scolobb = { email = "sivanov@colimite.fr"; github = "scolobb"; From 41c46d00e9abbeb05fc68393c2d4092049f07472 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Mon, 6 Jun 2022 12:28:25 +0200 Subject: [PATCH 09/70] sptk: init at 4.0 --- pkgs/development/libraries/sptk/default.nix | 31 +++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 33 insertions(+) create mode 100644 pkgs/development/libraries/sptk/default.nix diff --git a/pkgs/development/libraries/sptk/default.nix b/pkgs/development/libraries/sptk/default.nix new file mode 100644 index 00000000000..6b62b831cb9 --- /dev/null +++ b/pkgs/development/libraries/sptk/default.nix @@ -0,0 +1,31 @@ +{ lib +, stdenv +, cmake +, fetchFromGitHub +}: + +stdenv.mkDerivation rec { + pname = "sptk"; + version = "4.0"; + + src = fetchFromGitHub { + owner = "sp-nitech"; + repo = "SPTK"; + rev = "v${version}"; + hash = "sha256-Be3Pbg+vt/P3FplZN7yBL+HVq/BmzaBcwKOBsbH7r9g="; + }; + + nativeBuildInputs = [ + cmake + ]; + + doCheck = true; + + meta = with lib; { + changelog = "https://github.com/sp-nitech/SPTK/releases/tag/v${version}"; + description = "Suite of speech signal processing tools"; + homepage = "https://github.com/sp-nitech/SPTK"; + license = licenses.asl20; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index afcab99ca6a..d902548b21e 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -29580,6 +29580,8 @@ with pkgs; sptlrx = callPackage ../applications/audio/sptlrx { }; + sptk = callPackage ../development/libraries/sptk { }; + squishyball = callPackage ../applications/audio/squishyball { ncurses = ncurses5; }; From 33ffdb365ba22010b1b40cdafcea39091ec85858 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Mon, 6 Jun 2022 22:10:08 +0200 Subject: [PATCH 10/70] libzim: 7.2.0 -> 7.2.2 --- pkgs/development/libraries/libzim/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libzim/default.nix b/pkgs/development/libraries/libzim/default.nix index 5191da60ce2..3f290d4ffa3 100644 --- a/pkgs/development/libraries/libzim/default.nix +++ b/pkgs/development/libraries/libzim/default.nix @@ -11,13 +11,13 @@ stdenv.mkDerivation rec { pname = "libzim"; - version = "7.2.0"; + version = "7.2.2"; src = fetchFromGitHub { owner = "openzim"; repo = pname; rev = version; - sha256 = "sha256-H4YUAbH4X6oJIZyhI23LemngtOtKNrHHl3KSU1ilAmo="; + sha256 = "sha256-AEhhjinnnMA4NbYL7NVHYeRZX/zfNiidbY/VeFjZuQs="; }; nativeBuildInputs = [ From 69878331fefe69ddc16a2dc756f8ad56ea65f0ed Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 7 Jun 2022 07:28:16 +0000 Subject: [PATCH 11/70] python310Packages.google-cloud-appengine-logging: 1.1.1 -> 1.1.2 --- .../python-modules/google-cloud-appengine-logging/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/google-cloud-appengine-logging/default.nix b/pkgs/development/python-modules/google-cloud-appengine-logging/default.nix index c6f17c8d8b0..ec355d51fd0 100644 --- a/pkgs/development/python-modules/google-cloud-appengine-logging/default.nix +++ b/pkgs/development/python-modules/google-cloud-appengine-logging/default.nix @@ -12,14 +12,14 @@ buildPythonPackage rec { pname = "google-cloud-appengine-logging"; - version = "1.1.1"; + version = "1.1.2"; format = "setuptools"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - hash = "sha256-NhRQ7X17/Y79DvJT4haArrb23zzwV+XoJT9YUfjLvKc="; + hash = "sha256-undhXBAPB+3akWVu3ht0ZZBwErhmOq18TnXvloeZQjc="; }; propagatedBuildInputs = [ From cc40e864ecd62ed6485c11f4d69f378ae595d766 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Tue, 7 Jun 2022 19:44:09 +0200 Subject: [PATCH 12/70] libnftnl: 1.2.1 -> 1.2.2 --- pkgs/development/libraries/libnftnl/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libnftnl/default.nix b/pkgs/development/libraries/libnftnl/default.nix index 66134eaffe0..e136fc1a558 100644 --- a/pkgs/development/libraries/libnftnl/default.nix +++ b/pkgs/development/libraries/libnftnl/default.nix @@ -1,12 +1,12 @@ { lib, stdenv, fetchurl, pkg-config, libmnl }: stdenv.mkDerivation rec { - version = "1.2.1"; + version = "1.2.2"; pname = "libnftnl"; src = fetchurl { url = "https://netfilter.org/projects/${pname}/files/${pname}-${version}.tar.bz2"; - sha256 = "0z4khm2mnys9mcl8ckwf19cw20jgrv8650nfncy3xcgs2k2aa23m"; + hash = "sha256-nvwAT50VkY1o+emOGU1V4DAWjzO7Z8PnpUW3QMntbQo="; }; nativeBuildInputs = [ pkg-config ]; From 7226082e1a0ccf5bc458e967519504eccc4c2151 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Tue, 31 May 2022 14:35:57 +0200 Subject: [PATCH 13/70] nftables: 1.0.2 -> 1.0.4 --- pkgs/os-specific/linux/nftables/default.nix | 22 +++++---------------- 1 file changed, 5 insertions(+), 17 deletions(-) diff --git a/pkgs/os-specific/linux/nftables/default.nix b/pkgs/os-specific/linux/nftables/default.nix index 051ca196305..8339eabb495 100644 --- a/pkgs/os-specific/linux/nftables/default.nix +++ b/pkgs/os-specific/linux/nftables/default.nix @@ -1,25 +1,25 @@ -{ lib, stdenv, fetchurl, pkg-config, bison, file, flex +{ lib, stdenv, fetchurl, pkg-config, bison, flex , asciidoc, libxslt, findXMLCatalogs, docbook_xml_dtd_45, docbook_xsl , libmnl, libnftnl, libpcap , gmp, jansson, libedit -, autoreconfHook, fetchpatch +, autoreconfHook , withDebugSymbols ? false , withPython ? false , python3 , withXtables ? true , iptables }: stdenv.mkDerivation rec { - version = "1.0.2"; + version = "1.0.4"; pname = "nftables"; src = fetchurl { url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.bz2"; - sha256 = "00jcjn1pl7qyqpg8pd4yhlkys7wbj4vkzgg73n27nmplzips6a0b"; + hash = "sha256-kn+x/qH2haMowQz3ketlXX4e1J0xDupcsxAd/Y1sujU="; }; nativeBuildInputs = [ autoreconfHook - pkg-config bison file flex + pkg-config bison flex asciidoc docbook_xml_dtd_45 docbook_xsl findXMLCatalogs libxslt ]; @@ -29,18 +29,6 @@ stdenv.mkDerivation rec { ] ++ lib.optional withXtables iptables ++ lib.optional withPython python3; - preConfigure = '' - substituteInPlace ./configure --replace /usr/bin/file ${file}/bin/file - ''; - - patches = [ - # fix build after 1.0.2 release, drop when updating to a newer release - (fetchpatch { - url = "https://git.netfilter.org/nftables/patch/?id=18a08fb7f0443f8bde83393bd6f69e23a04246b3"; - sha256 = "03dzhd7fhg0d20ly4rffk4ra7wlxp731892dhp8zw67jwhys9ywz"; - }) - ]; - configureFlags = [ "--with-json" "--with-cli=editline" From 1e0e76bfb6370d951f8398690b57c5d860f0970a Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Wed, 8 Jun 2022 07:21:52 +1000 Subject: [PATCH 14/70] talosctl: 1.0.5 -> 1.0.6 https://github.com/siderolabs/talos/releases/tag/v1.0.6 --- .../networking/cluster/talosctl/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/applications/networking/cluster/talosctl/default.nix b/pkgs/applications/networking/cluster/talosctl/default.nix index 8476fc810ba..da240b337bf 100644 --- a/pkgs/applications/networking/cluster/talosctl/default.nix +++ b/pkgs/applications/networking/cluster/talosctl/default.nix @@ -1,11 +1,11 @@ { lib, buildGoModule, fetchFromGitHub, installShellFiles }: let # look for GO_LDFLAGS getting set in the Makefile - version = "1.0.5"; - sha256 = "sha256-xgzIbhgV1AAUa0tooYtzUMqK4Co3PvWQ0YbZuf0JgFE="; - vendorSha256 = "sha256-Gp30qCGV+EaJ1lvfleZHRWVL6rdSj0mvpumWsqr9IT0="; - pkgsVersion = "v1.0.0-17-g7567bf4"; - extrasVersion = "v1.0.0-3-g6327c36"; + version = "1.0.6"; + sha256 = "sha256-4cUaQWqVndp06eFgqInOMMGITbTdZO5BOqXW2XEpuWU="; + vendorSha256 = "sha256-7q35d+jbIDe7fAy6nL5FWdSovBb/f64HYLHGL+zE6bI="; + pkgsVersion = "v1.0.0-25-gcf9709e"; + extrasVersion = "v1.0.0-4-g05b0920"; in buildGoModule rec { pname = "talosctl"; From f4328e7b4aa785b2c53935227625acfcbfdbdea7 Mon Sep 17 00:00:00 2001 From: Malo Bourgon Date: Tue, 7 Jun 2022 15:45:01 -0700 Subject: [PATCH 15/70] nixpkgs-review: 2.6.4 -> 2.7.0 --- .../nixpkgs-review/default.nix | 24 ++++++++++++++----- 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/pkgs/tools/package-management/nixpkgs-review/default.nix b/pkgs/tools/package-management/nixpkgs-review/default.nix index d21c9b3c568..e65d28a6af9 100644 --- a/pkgs/tools/package-management/nixpkgs-review/default.nix +++ b/pkgs/tools/package-management/nixpkgs-review/default.nix @@ -1,24 +1,36 @@ { lib , python3 , fetchFromGitHub -, nix + +, bubblewrap +, cacert , git +, nix + +, withSandboxSupport ? false }: python3.pkgs.buildPythonApplication rec { pname = "nixpkgs-review"; - version = "2.6.4"; + version = "2.7.0"; src = fetchFromGitHub { owner = "Mic92"; repo = "nixpkgs-review"; rev = version; - sha256 = "sha256-6vKMaCTilPXd8K3AuLqtYInVyyFhdun0o9cX1WRMmWo="; + sha256 = "sha256-hGOcLrVPb+bSNA72ZfKE9Mjm2dr/qnuaCkjveHXPcws="; }; - makeWrapperArgs = [ - "--prefix" "PATH" ":" "${lib.makeBinPath [ nix git ]}" - ]; + makeWrapperArgs = + let + binPath = [ nix git ] ++ lib.optional withSandboxSupport bubblewrap; + in + [ + "--prefix PATH : ${lib.makeBinPath binPath}" + "--set NIX_SSL_CERT_FILE ${cacert}/etc/ssl/certs/ca-bundle.crt" + # we don't have any runtime deps but nix-review shells might inject unwanted dependencies + "--unset PYTHONPATH" + ]; doCheck = false; From 8866bb653dfc49ea47bfff628c18c2467fbb34d0 Mon Sep 17 00:00:00 2001 From: Spencer Pogorzelski <34356756+Scoder12@users.noreply.github.com> Date: Tue, 7 Jun 2022 18:59:10 -0700 Subject: [PATCH 16/70] pwninit: init at 3.2.0 --- .../tools/misc/pwninit/default.nix | 35 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 4 +++ 2 files changed, 39 insertions(+) create mode 100644 pkgs/development/tools/misc/pwninit/default.nix diff --git a/pkgs/development/tools/misc/pwninit/default.nix b/pkgs/development/tools/misc/pwninit/default.nix new file mode 100644 index 00000000000..7d3808f554c --- /dev/null +++ b/pkgs/development/tools/misc/pwninit/default.nix @@ -0,0 +1,35 @@ +{ lib +, stdenv +, fetchFromGitHub +, rustPlatform +, openssl +, pkg-config +, xz +, Security +}: + +rustPlatform.buildRustPackage rec { + pname = "pwninit"; + version = "3.2.0"; + + src = fetchFromGitHub { + owner = "io12"; + repo = "pwninit"; + rev = version; + sha256 = "sha256-XKDYJH2SG3TkwL+FN6rXDap8la07icR0GPFiYcnOHeI="; + }; + + buildInputs = [ openssl xz ] ++ lib.optionals stdenv.isDarwin [ Security ]; + nativeBuildInputs = [ pkg-config ]; + doCheck = false; # there are no tests to run + + cargoSha256 = "sha256-2HCHiU309hbdwohUKVT3TEfGvOfxQWtEGj7FIS8OS7s="; + + meta = { + description = "Automate starting binary exploit challenges"; + homepage = "https://github.com/io12/pwninit"; + license = lib.licenses.mit; + maintainers = [ lib.maintainers.scoder12 ]; + platforms = lib.platforms.all; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a2c3b14d281..1eed2c71d1b 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -9600,6 +9600,10 @@ with pkgs; pwndbg = callPackage ../development/tools/misc/pwndbg { }; + pwninit = callPackage ../development/tools/misc/pwninit { + inherit (darwin.apple_sdk.frameworks) Security; + }; + pycflow2dot = with python3.pkgs; toPythonApplication pycflow2dot; pydf = callPackage ../applications/misc/pydf { }; From 2dcb8491343e616fe89e53d0414ee5d49e19964d Mon Sep 17 00:00:00 2001 From: Kylie McClain Date: Wed, 1 Jun 2022 03:24:37 -0400 Subject: [PATCH 17/70] stw: init at unstable-2022-02-04 --- pkgs/applications/misc/stw/default.nix | 32 ++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 34 insertions(+) create mode 100644 pkgs/applications/misc/stw/default.nix diff --git a/pkgs/applications/misc/stw/default.nix b/pkgs/applications/misc/stw/default.nix new file mode 100644 index 00000000000..e7c11fd4b9a --- /dev/null +++ b/pkgs/applications/misc/stw/default.nix @@ -0,0 +1,32 @@ +{ lib +, stdenv +, fetchFromGitHub +, libX11 +, fontconfig +, libXft +, libXrender +}: + +stdenv.mkDerivation rec { + pname = "stw"; + version = "unstable-2022-02-04"; + + src = fetchFromGitHub { + owner = "sineemore"; + repo = pname; + rev = "c034e04ac912c157f9faa35cb769ba93d92486a0"; + sha256 = "sha256-YohHF1O0lm6QWJv/wkS4RVJvWaOjcYSZNls6tt4hbqo=="; + }; + + buildInputs = [ libX11 fontconfig libXft libXrender ]; + + makeFlags = [ "CC:=$(CC)" "PREFIX=$(out)" ]; + + meta = with lib; { + description = "A simple text widget for X resembling the watch(1) command"; + license = licenses.mit; + maintainers = with maintainers; [ somasis ]; + platforms = platforms.unix; + broken = stdenv.isDarwin; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 29ef48496f4..7945164f008 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -29579,6 +29579,8 @@ with pkgs; ncurses = ncurses5; }; + stw = callPackage ../applications/misc/stw { }; + styx = callPackage ../applications/misc/styx { }; sway-launcher-desktop = callPackage ../applications/misc/sway-launcher-desktop { }; From 70db11c3d0a43770ca352bff08fd8b5657ad6498 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 8 Jun 2022 09:19:45 +0200 Subject: [PATCH 18/70] checkov: 2.0.1201 -> 2.0.1204 --- pkgs/development/tools/analysis/checkov/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/analysis/checkov/default.nix b/pkgs/development/tools/analysis/checkov/default.nix index 886cca2de9c..d0695e44f0f 100644 --- a/pkgs/development/tools/analysis/checkov/default.nix +++ b/pkgs/development/tools/analysis/checkov/default.nix @@ -32,14 +32,14 @@ with py.pkgs; buildPythonApplication rec { pname = "checkov"; - version = "2.0.1201"; + version = "2.0.1204"; format = "setuptools"; src = fetchFromGitHub { owner = "bridgecrewio"; repo = pname; rev = version; - hash = "sha256-ZQCUYnoCaVZkXr5rZ/vkEOlADMQmj6OfZ12KBerXdmQ="; + hash = "sha256-qqTqEn11DM1W48ZYoiCacsSCA4xPLxPil43xiByEy5g="; }; nativeBuildInputs = with py.pkgs; [ From 7f76c1989ced4303e8f6e248808e381d528beccd Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 8 Jun 2022 12:05:07 +0200 Subject: [PATCH 19/70] nuclei: 2.7.1 -> 2.7.2 --- pkgs/tools/security/nuclei/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/nuclei/default.nix b/pkgs/tools/security/nuclei/default.nix index 076b907d880..8487d8a2605 100644 --- a/pkgs/tools/security/nuclei/default.nix +++ b/pkgs/tools/security/nuclei/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "nuclei"; - version = "2.7.1"; + version = "2.7.2"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = pname; rev = "v${version}"; - sha256 = "sha256-ra8BxM+zpe5UKlJ28wc8yE5ta4ro4o2OHfmu9fBqFTA="; + sha256 = "sha256-knpsoDVDGxG85YiD7pc+XDV7BgCSpNRFRuN+qM3Gv/U="; }; - vendorSha256 = "sha256-4E9nHBaojkOwnSPxRn2JGFcQTF4WowTOtzE5zRjkqhk="; + vendorSha256 = "sha256-e17QpSXttso1crvBj0vrfuJliIDcXoXJzWt87ulSZXQ="; modRoot = "./v2"; subPackages = [ From ff953a72adfb4c3ca6548e358984a92986ad449d Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 8 Jun 2022 11:54:48 +0000 Subject: [PATCH 20/70] python310Packages.canonicaljson: 1.6.1 -> 1.6.2 --- pkgs/development/python-modules/canonicaljson/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/canonicaljson/default.nix b/pkgs/development/python-modules/canonicaljson/default.nix index d613bb9e897..e5ecff7837f 100644 --- a/pkgs/development/python-modules/canonicaljson/default.nix +++ b/pkgs/development/python-modules/canonicaljson/default.nix @@ -9,14 +9,14 @@ buildPythonPackage rec { pname = "canonicaljson"; - version = "1.6.1"; + version = "1.6.2"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-qTZk9phVbb1Lq5w/xPs1g0zyU12h6gC2t3WNj+K7uCQ="; + hash = "sha256-rwC+jOnFiYV98Xa7lFlPDUOw4CfwJ6jXz4l4/bgZAko="; }; propagatedBuildInputs = [ From b31db15de008f0a8f5f62c5e477c69165d8458a1 Mon Sep 17 00:00:00 2001 From: Stig Palmquist Date: Wed, 8 Jun 2022 15:57:41 +0200 Subject: [PATCH 21/70] firejail: patches for CVE-2022-31214 https://seclists.org/oss-sec/2022/q2/188 --- pkgs/os-specific/linux/firejail/default.nix | 23 +++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/pkgs/os-specific/linux/firejail/default.nix b/pkgs/os-specific/linux/firejail/default.nix index bbb3a1daab6..a8188caf18b 100644 --- a/pkgs/os-specific/linux/firejail/default.nix +++ b/pkgs/os-specific/linux/firejail/default.nix @@ -53,6 +53,29 @@ stdenv.mkDerivation rec { # Upstream fix: https://github.com/netblue30/firejail/pull/5132 # Hopefully fixed upstream in version > 0.9.68 ./fix-opengl-support.patch + + # Fix CVE-2022-31214 by patching in 4 commits from upstream + # https://seclists.org/oss-sec/2022/q2/188 + (fetchpatch { + name = "CVE-2022-31214-patch1"; # "fixing CVE-2022-31214" + url = "https://github.com/netblue30/firejail/commit/27cde3d7d1e4e16d4190932347c7151dc2a84c50.patch"; + sha256 = "sha256-XXmnYCn4TPUvU43HifZDk4tEZQvOho9/7ehU6889nN4="; + }) + (fetchpatch { + name = "CVE-2022-31214-patch2"; # "shutdown testing" + url = "https://github.com/netblue30/firejail/commit/04ff0edf74395ddcbbcec955279c74ed9a6c0f86.patch"; + sha256 = "sha256-PV73hRlvYEQihuljSCQMNO34KJ0hDVFexhirpHcTK1I="; + }) + (fetchpatch { + name = "CVE-2022-31214-patch3"; # "CVE-2022-31214: fixing the fix" + url = "https://github.com/netblue30/firejail/commit/dab835e7a0eb287822016f5ae4e87f46e1d363e7.patch"; + sha256 = "sha256-6plBIliW/nLKR7TdGeB88eQ65JHEasnaRsP3HPXAFyA="; + }) + (fetchpatch { + name = "CVE-2022-31214-patch4"; # "CVE-2022-31214: fixing the fix, one more time " + url = "https://github.com/netblue30/firejail/commit/1884ea22a90d225950d81c804f1771b42ae55f54.patch"; + sha256 = "sha256-inkpcdC5rl5w+CTAwwQVBOELlHTXb8UGlpU+8kMY95s="; + }) ]; prePatch = '' From 964abb96d19d5def08f7249300c8ba8c47ed7fc5 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 8 Jun 2022 14:57:58 +0000 Subject: [PATCH 22/70] python310Packages.fastapi-mail: 1.0.8 -> 1.0.9 --- pkgs/development/python-modules/fastapi-mail/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/fastapi-mail/default.nix b/pkgs/development/python-modules/fastapi-mail/default.nix index fabc3241266..9ce21b79492 100644 --- a/pkgs/development/python-modules/fastapi-mail/default.nix +++ b/pkgs/development/python-modules/fastapi-mail/default.nix @@ -19,7 +19,7 @@ buildPythonPackage rec { pname = "fastapi-mail"; - version = "1.0.8"; + version = "1.0.9"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -27,8 +27,8 @@ buildPythonPackage rec { src = fetchFromGitHub { owner = "sabuhish"; repo = pname; - rev = version; - hash = "sha256-PkA7qkdDUd7mrtvb6IbCzFRq6X0M3iKY+FKuNConJ5A="; + rev = "refs/tags/${version}"; + hash = "sha256-2Nb+FzmhsKvauT/yOCLHCEld8r+6niu9kV6EmjhC6S0="; }; nativeBuildInputs = [ From aa40fe91ba0c702054add4c7fd6ba387bc812383 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 8 Jun 2022 15:08:14 +0000 Subject: [PATCH 23/70] python310Packages.fido2: 0.9.3 -> 1.0.0 --- pkgs/development/python-modules/fido2/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/fido2/default.nix b/pkgs/development/python-modules/fido2/default.nix index e550fe89ec7..129d1863923 100644 --- a/pkgs/development/python-modules/fido2/default.nix +++ b/pkgs/development/python-modules/fido2/default.nix @@ -9,11 +9,11 @@ buildPythonPackage rec { pname = "fido2"; - version = "0.9.3"; + version = "1.0.0"; src = fetchPypi { inherit pname version; - sha256 = "b45e89a6109cfcb7f1bb513776aa2d6408e95c4822f83a253918b944083466ec"; + sha256 = "sha256-JQmklYtmbXR/1XVN+pNX2i2BtS7cDs/3W2jOqTkVTAI="; }; propagatedBuildInputs = [ six cryptography ]; From 1c8f27c9339db47a88b8efbf9e542ae5f179933b Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 8 Jun 2022 15:43:01 +0000 Subject: [PATCH 24/70] python310Packages.pre-commit-hooks: 4.2.0 -> 4.3.0 --- pkgs/development/python-modules/pre-commit-hooks/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pre-commit-hooks/default.nix b/pkgs/development/python-modules/pre-commit-hooks/default.nix index db598b368c5..acf82790377 100644 --- a/pkgs/development/python-modules/pre-commit-hooks/default.nix +++ b/pkgs/development/python-modules/pre-commit-hooks/default.nix @@ -11,7 +11,7 @@ buildPythonPackage rec { pname = "pre-commit-hooks"; - version = "4.2.0"; + version = "4.3.0"; format = "setuptools"; disabled = pythonOlder "3.6"; @@ -20,7 +20,7 @@ buildPythonPackage rec { owner = "pre-commit"; repo = pname; rev = "refs/tags/v${version}"; - sha256 = "sha256-jSu4LutEgpeAbCgSHgk6VXQKLZo00T3TrQVZxsNU1co="; + sha256 = "sha256-qdsSM+7ScSfxhmLAqwi1iraGHrhb5NBee/j+TKr2WUA="; }; propagatedBuildInputs = [ From e9853a32926c20acaf9194cc8325e2c6916895b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 28 May 2022 15:13:52 +0200 Subject: [PATCH 25/70] dendrite: 0.8.5 -> 0.8.7 --- pkgs/servers/dendrite/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/dendrite/default.nix b/pkgs/servers/dendrite/default.nix index 71843ee8c76..9a8a1a36984 100644 --- a/pkgs/servers/dendrite/default.nix +++ b/pkgs/servers/dendrite/default.nix @@ -3,16 +3,16 @@ buildGoModule rec { pname = "matrix-dendrite"; - version = "0.8.5"; + version = "0.8.7"; src = fetchFromGitHub { owner = "matrix-org"; repo = "dendrite"; rev = "v${version}"; - sha256 = "sha256-MPWvBUI6Mqt3f5UY6lpTBwPpihW+QSNq1M3FnIff+mM="; + sha256 = "sha256-grMMD85hiJ6Ka8KU0fIAcpflFyZrPEZSZxFsGls5NEI="; }; - vendorSha256 = "sha256-OXy2xuwTLPNvBnVB6wj/YRW/XMiekjTubRRPVX9bxdQ="; + vendorSha256 = "sha256-yTlg1K0Pf1AmF227ca73gLDx12ea5yMamnOUksKGN4U="; checkInputs = [ postgresqlTestHook From 375997ae2de5164c9d77590d48f909cae6a010e1 Mon Sep 17 00:00:00 2001 From: CrystalGamma Date: Wed, 8 Jun 2022 20:11:01 +0200 Subject: [PATCH 26/70] libqalculate: add build C/C++ compiler to depsBuildBuild Between 4.1.1 and 4.2.0, the autconf-archive scripts ax_prog_{cc,cxx}_for_build.m4 were updated to a newer version. This broke the build (even native) on at least aarch64 and powerpc64le (but curiously not x86). Adding this dependency allows the package to build again on these platforms. --- pkgs/development/libraries/libqalculate/default.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libqalculate/default.nix b/pkgs/development/libraries/libqalculate/default.nix index d83a4e0a707..da3bc925c82 100644 --- a/pkgs/development/libraries/libqalculate/default.nix +++ b/pkgs/development/libraries/libqalculate/default.nix @@ -1,5 +1,10 @@ -{ lib, stdenv, fetchFromGitHub, mpfr, libxml2, intltool, pkg-config, doxygen, - autoreconfHook, readline, libiconv, icu, curl, gnuplot, gettext }: +{ lib, stdenv, fetchFromGitHub +, mpfr, gnuplot +, readline +, libxml2, curl +, intltool, libiconv, icu, gettext +, pkg-config, doxygen, autoreconfHook, buildPackages +}: stdenv.mkDerivation rec { pname = "libqalculate"; @@ -16,6 +21,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ intltool pkg-config autoreconfHook doxygen ]; buildInputs = [ curl gettext libiconv readline ]; + depsBuildBuild = [ buildPackages.stdenv.cc ]; propagatedBuildInputs = [ libxml2 mpfr icu ]; enableParallelBuilding = true; From 59746e221b7203c8f4835f8720048580d1f2cfa4 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 8 Jun 2022 18:26:35 +0000 Subject: [PATCH 27/70] python310Packages.pyshark: 0.4.5 -> 0.4.6 --- pkgs/development/python-modules/pyshark/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/pyshark/default.nix b/pkgs/development/python-modules/pyshark/default.nix index ded9bcbbc4e..a0ba11a4a37 100644 --- a/pkgs/development/python-modules/pyshark/default.nix +++ b/pkgs/development/python-modules/pyshark/default.nix @@ -11,7 +11,7 @@ buildPythonPackage rec { pname = "pyshark"; - version = "0.4.5"; + version = "0.4.6"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -21,8 +21,8 @@ buildPythonPackage rec { repo = pname; # 0.4.5 was the last release which was tagged # https://github.com/KimiNewt/pyshark/issues/541 - rev = "8f8f13aba6ae716aa0a48175255063fe542fdc3b"; - hash = "sha256-v9CC9hgTABAiJ0qiFZ/9/zMmHzJXKq3neGtTq/ucnT4="; + rev = "refs/tags/v${version}"; + hash = "sha256-yEpUFihETKta3+Xb8eSyTZ1uSi7ao4OqWzsCgDLLhe8="; }; sourceRoot = "${src.name}/src"; From 808aad6ceec1647edc14d1a8f901b9cf7a6fda17 Mon Sep 17 00:00:00 2001 From: Ayman El Didi Date: Wed, 8 Jun 2022 12:26:37 -0600 Subject: [PATCH 28/70] discord: 0.0.17 -> 0.0.18 --- .../networking/instant-messengers/discord/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/discord/default.nix b/pkgs/applications/networking/instant-messengers/discord/default.nix index 287c23401e0..ab471ef47fb 100644 --- a/pkgs/applications/networking/instant-messengers/discord/default.nix +++ b/pkgs/applications/networking/instant-messengers/discord/default.nix @@ -2,7 +2,7 @@ let inherit (pkgs) callPackage fetchurl; versions = if stdenv.isLinux then { - stable = "0.0.17"; + stable = "0.0.18"; ptb = "0.0.29"; canary = "0.0.135"; } else { @@ -21,7 +21,7 @@ let stable = fetchurl { url = "https://dl.discordapp.net/apps/linux/${version}/discord-${version}.tar.gz"; - sha256 = "058k0cmbm4y572jqw83bayb2zzl2fw2aaz0zj1gvg6sxblp76qil"; + sha256 = "1hl01rf3l6kblx5v7rwnwms30iz8zw6dwlkjsx2f1iipljgkh5q4"; }; ptb = fetchurl { url = From 56651dbdda39919718f4d2fbe3f6b2e3bdd89207 Mon Sep 17 00:00:00 2001 From: Rick van Schijndel Date: Wed, 8 Jun 2022 20:59:36 +0200 Subject: [PATCH 29/70] feedbackd: comment that optional devdoc depends on gir Co-authored-by: Sandro --- pkgs/applications/misc/feedbackd/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/applications/misc/feedbackd/default.nix b/pkgs/applications/misc/feedbackd/default.nix index 2a4db6b10e4..ad166017315 100644 --- a/pkgs/applications/misc/feedbackd/default.nix +++ b/pkgs/applications/misc/feedbackd/default.nix @@ -33,6 +33,7 @@ stdenv.mkDerivation rec { version = "0.0.0+git20220520"; outputs = [ "out" "dev" ] + # remove if cross-compiling gobject-introspection works ++ lib.optionals (stdenv.buildPlatform == stdenv.hostPlatform) [ "devdoc" ]; src = fetchFromGitLab { From a35930dbc96d6b291afcc76dec9e7dab92cecb00 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 8 Jun 2022 21:52:33 +0200 Subject: [PATCH 30/70] python310Packages.pre-commit-hooks: update disabled --- pkgs/development/python-modules/pre-commit-hooks/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/pre-commit-hooks/default.nix b/pkgs/development/python-modules/pre-commit-hooks/default.nix index acf82790377..282dd59a05c 100644 --- a/pkgs/development/python-modules/pre-commit-hooks/default.nix +++ b/pkgs/development/python-modules/pre-commit-hooks/default.nix @@ -14,7 +14,7 @@ buildPythonPackage rec { version = "4.3.0"; format = "setuptools"; - disabled = pythonOlder "3.6"; + disabled = pythonOlder "3.7"; src = fetchFromGitHub { owner = "pre-commit"; From acbfbd0d8628e88435b81f72bd7ceb1e6b94da74 Mon Sep 17 00:00:00 2001 From: Sandro Date: Mon, 6 Jun 2022 18:22:22 +0200 Subject: [PATCH 31/70] nixos/kdeconnect: remove alias from default package --- nixos/modules/programs/kdeconnect.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/modules/programs/kdeconnect.nix b/nixos/modules/programs/kdeconnect.nix index df698e84dd7..10d6e18a3d1 100644 --- a/nixos/modules/programs/kdeconnect.nix +++ b/nixos/modules/programs/kdeconnect.nix @@ -12,8 +12,8 @@ with lib; implementation if you use Gnome. ''; package = mkOption { - default = pkgs.kdeconnect; - defaultText = literalExpression "pkgs.kdeconnect"; + default = pkgs.plasma5Packages.kdeconnect-kde; + defaultText = literalExpression "pkgs.plasma5Packages.kdeconnect-kde"; type = types.package; example = literalExpression "pkgs.gnomeExtensions.gsconnect"; description = '' From 3a5d3c73c78cb63df07fce947a2fe5e6058069a3 Mon Sep 17 00:00:00 2001 From: Vincent Laporte Date: Thu, 2 Jun 2022 09:33:44 +0200 Subject: [PATCH 32/70] =?UTF-8?q?ocamlPackages.wasm:=201.1.1=20=E2=86=92?= =?UTF-8?q?=202.0.0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pkgs/development/ocaml-modules/wasm/default.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/pkgs/development/ocaml-modules/wasm/default.nix b/pkgs/development/ocaml-modules/wasm/default.nix index 5d53d6db418..3af1bd00a19 100644 --- a/pkgs/development/ocaml-modules/wasm/default.nix +++ b/pkgs/development/ocaml-modules/wasm/default.nix @@ -1,19 +1,18 @@ { stdenv, lib, fetchFromGitHub, ocaml, findlib, ocamlbuild }: -if lib.versionOlder ocaml.version "4.03" -|| lib.versionOlder "4.13" ocaml.version +if lib.versionOlder ocaml.version "4.08" then throw "wasm is not available for OCaml ${ocaml.version}" else stdenv.mkDerivation rec { pname = "ocaml${ocaml.version}-wasm"; - version = "1.1.1"; + version = "2.0.0"; src = fetchFromGitHub { owner = "WebAssembly"; repo = "spec"; rev = "opam-${version}"; - sha256 = "1kp72yv4k176i94np0m09g10cviqp2pnpm7jmiq6ik7fmmbknk7c"; + sha256 = "sha256:09s0v79x0ymzcp2114zkm3phxavdfnkkq67qz1ndnknbkziwqf3v"; }; nativeBuildInputs = [ ocaml findlib ocamlbuild ]; From a0db9aae9f8c7141e7eb082dae4263f0e1ef3cae Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Thu, 9 Jun 2022 07:17:48 +1000 Subject: [PATCH 33/70] gh: 2.11.3 -> 2.12.0 https://github.com/cli/cli/releases/tag/v2.12.0 --- .../version-management/git-and-tools/gh/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/version-management/git-and-tools/gh/default.nix b/pkgs/applications/version-management/git-and-tools/gh/default.nix index 32907634688..295e0e4ac81 100644 --- a/pkgs/applications/version-management/git-and-tools/gh/default.nix +++ b/pkgs/applications/version-management/git-and-tools/gh/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "gh"; - version = "2.11.3"; + version = "2.12.0"; src = fetchFromGitHub { owner = "cli"; repo = "cli"; rev = "v${version}"; - sha256 = "sha256-b00bP0usTpYr5EShyckmZ+a1Mw48payU/KllSck47fI="; + sha256 = "sha256-gJwSnaOJc7W5zA/7D8tmXi3g+or5cNIlJ2J6gS51D6I="; }; - vendorSha256 = "sha256-soNQXtpQ217scP606UA05+r9WIrUAMOCDBsfLKrVD+Q="; + vendorSha256 = "sha256-du4IQNQPwM245yr0dSe1C7TU6gaFgvZhxaXi3xsKuWY="; nativeBuildInputs = [ installShellFiles ]; From 54e6551ba4e3553a0300a505db245ac19199ce17 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Wed, 8 Jun 2022 11:26:26 +1000 Subject: [PATCH 34/70] nixVersions.nix_2_9: 2.9.0 -> 2.9.1 --- pkgs/tools/package-management/nix/default.nix | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/pkgs/tools/package-management/nix/default.nix b/pkgs/tools/package-management/nix/default.nix index b91ee5c9ee6..1d2928f3ad6 100644 --- a/pkgs/tools/package-management/nix/default.nix +++ b/pkgs/tools/package-management/nix/default.nix @@ -86,16 +86,8 @@ in lib.makeExtensible (self: { }; nix_2_9 = common { - version = "2.9.0"; - sha256 = "sha256-W6aTsTpCTb+vXQEXDjnKqetOuJmEfSuK2CXvAMqwo74="; - patches = [ - # can be removed when updated to 2.9.1 - (fetchpatch { - name = "fix-segfault-in-git-fetcher"; - url = "https://github.com/NixOS/nix/commit/bc4759345538c89e1f045aaabcc0cafe4ecca12a.patch"; - sha256 = "sha256-UrfH4M7a02yfE9X3tA1Pwhw4RacBW+rShYkl7ybG64I="; - }) - ]; + version = "2.9.1"; + sha256 = "sha256-qNL3lQPBsnStkru3j1ajN/H+knXI+X3dku8/dBfSw3g="; }; stable = self.nix_2_9; From 0e51dce7781574bbe5c99f649ae8bf157c268d76 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 7 Jun 2022 15:32:59 +0200 Subject: [PATCH 35/70] nix-fallback-paths.nix: Update to 2.9.1 --- nixos/modules/installer/tools/nix-fallback-paths.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nixos/modules/installer/tools/nix-fallback-paths.nix b/nixos/modules/installer/tools/nix-fallback-paths.nix index 8fc8cc4baad..bd09724ebfa 100644 --- a/nixos/modules/installer/tools/nix-fallback-paths.nix +++ b/nixos/modules/installer/tools/nix-fallback-paths.nix @@ -1,7 +1,7 @@ { - x86_64-linux = "/nix/store/6mjgljq8sm9bsz6k22as5ar3jw78644m-nix-2.8.1"; - i686-linux = "/nix/store/c4yjv4l8wncdla6ycicvsjrdf40xjkpp-nix-2.8.1"; - aarch64-linux = "/nix/store/qkgvks80mdibq7m86hqasgr5lpixbnmh-nix-2.8.1"; - x86_64-darwin = "/nix/store/riz4mzb1xhp36088ffnp40lz52bpxz01-nix-2.8.1"; - aarch64-darwin = "/nix/store/dirm8hsnmvvzjs21hrx8i84w8k453jzp-nix-2.8.1"; + x86_64-linux = "/nix/store/6g4fla3vkcxihph282a0v3cd10709y7c-nix-2.9.1"; + i686-linux = "/nix/store/j143221z44469zx21f5m9a47x7y1jpr5-nix-2.9.1"; + aarch64-linux = "/nix/store/c4z3vy1sgm49la8bvmdrrpssgk4iw2nk-nix-2.9.1"; + x86_64-darwin = "/nix/store/cqdwb7khf6zg94bz7lnvfjqx6z775qaw-nix-2.9.1"; + aarch64-darwin = "/nix/store/1brkxcs287n1px2i4fq39l7h51hjv0f8-nix-2.9.1"; } From a0021846c278a8dbf54d5855dcaa7e4d75e6c5f7 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 11 May 2022 22:07:34 +0200 Subject: [PATCH 36/70] sourcehut: fix gqlgen with -trimpath --- .../sourcehut/fix-gqlgen-trimpath.nix | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix diff --git a/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix new file mode 100644 index 00000000000..1f94913292e --- /dev/null +++ b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix @@ -0,0 +1,32 @@ +{ unzip }: +{ + overrideModAttrs = (_: { + # No need to workaround -trimpath: it's not used in go-modules, + # but do download `go generate`'s dependencies nonetheless. + preBuild = '' + set -x + go generate ./loaders + go generate ./graph + set +x + ''; + }); + + # Workaround: + # go: git.sr.ht/~emersion/go-emailthreads@v0.0.0-20220412093310-4fd792e343ba: module lookup disabled by GOPROXY=off + # tidy failed: go mod tidy failed: exit status 1 + # graph/generate.go:10: running "go": exit status 1 + proxyVendor = true; + + # Workaround -trimpath in the package derivation: + # https://github.com/99designs/gqlgen/issues/1537 + # This is to give `go generate ./graph` access to gqlgen's *.gotpl files + # If it fails, the gqlgenVersion may have to be updated. + preBuild = let gqlgenVersion = "0.17.2"; in '' + set -x + ${unzip}/bin/unzip ''${GOPROXY#"file://"}/github.com/99designs/gqlgen/@v/v${gqlgenVersion}.zip + go generate ./loaders + go generate ./graph + rm -rf github.com + set +x + ''; +} From a5d72ec6de6ee071ab9770f0816d617cdb308086 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 5 May 2022 23:57:33 +0200 Subject: [PATCH 37/70] sourcehut.srht: 0.68.14 -> 0.68.24 --- .../version-management/sourcehut/core.nix | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/core.nix b/pkgs/applications/version-management/sourcehut/core.nix index 805da8c3282..610d5e2647c 100644 --- a/pkgs/applications/version-management/sourcehut/core.nix +++ b/pkgs/applications/version-management/sourcehut/core.nix @@ -1,5 +1,5 @@ { lib -, fetchgit +, fetchFromSourcehut , fetchNodeModules , buildPythonPackage , pgpy @@ -29,12 +29,13 @@ buildPythonPackage rec { pname = "srht"; - version = "0.68.14"; + version = "0.68.24"; - src = fetchgit { - url = "https://git.sr.ht/~sircmpwn/core.sr.ht"; + src = fetchFromSourcehut { + owner = "~sircmpwn"; + repo = "core.sr.ht"; rev = version; - sha256 = "sha256-BY3W2rwrg0mhH3CltgUqg6Xv8Ve5VZNY/lI1cfbAjYM="; + sha256 = "sha256-ipukga6vfBgDIXOQCejCkU/iTmBt5egIjB+NlJyL2yo="; fetchSubmodules = true; }; From dad23bcdd07268194154b52c481610c7e8342ada Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 5 May 2022 23:58:22 +0200 Subject: [PATCH 38/70] sourcehut.scmsrht: 0.22.19 -> 0.22.22 --- pkgs/applications/version-management/sourcehut/scm.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/scm.nix b/pkgs/applications/version-management/sourcehut/scm.nix index 10da3018843..49eea05a7a7 100644 --- a/pkgs/applications/version-management/sourcehut/scm.nix +++ b/pkgs/applications/version-management/sourcehut/scm.nix @@ -9,13 +9,13 @@ buildPythonPackage rec { pname = "scmsrht"; - version = "0.22.19"; # Untagged version + version = "0.22.22"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "scm.sr.ht"; rev = version; - sha256 = "sha256-/QryPjWJ2S0Ov9DTdrwbM81HYucHiYcLh0oKacflywI="; + sha256 = "sha256-iSzzyI8HZOpOb4dyt520MV/wds14fNag2+UOF09KS7w="; }; nativeBuildInputs = srht.nativeBuildInputs; From 43f856ab2c411ddd2aca58b84a157f807672c8ab Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 6 May 2022 00:01:39 +0200 Subject: [PATCH 39/70] sourcehut.buildsrht: 0.75.2 -> 0.79.1 --- .../services/misc/sourcehut/default.nix | 13 +++++++--- .../version-management/sourcehut/builds.nix | 25 ++++++++++++++----- 2 files changed, 28 insertions(+), 10 deletions(-) diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index 5a6d011a729..746ddbf8f44 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -905,6 +905,11 @@ in inherit configIniOfService; srvsrht = "buildsrht"; port = 5002; + extraServices.buildsrht-api = { + serviceConfig.Restart = "always"; + serviceConfig.RestartSec = "2s"; + serviceConfig.ExecStart = "${pkgs.sourcehut.buildsrht}/bin/buildsrht-api -b ${cfg.listenAddress}:${toString (cfg.builds.port + 100)}"; + }; # TODO: a celery worker on the master and worker are apparently needed extraServices.buildsrht-worker = let qemuPackage = pkgs.qemu_kvm; @@ -928,13 +933,13 @@ in fi ''; serviceConfig = { - ExecStart = "${pkgs.sourcehut.buildsrht}/bin/builds.sr.ht-worker"; + ExecStart = "${pkgs.sourcehut.buildsrht}/bin/buildsrht-worker"; BindPaths = [ cfg.settings."builds.sr.ht::worker".buildlogs ]; LogsDirectory = [ "sourcehut/${serviceName}" ]; RuntimeDirectory = [ "sourcehut/${serviceName}/subdir" ]; StateDirectory = [ "sourcehut/${serviceName}" ]; TimeoutStartSec = "1800s"; - # builds.sr.ht-worker looks up ../config.ini + # buildsrht-worker looks up ../config.ini WorkingDirectory = "-"+"/run/sourcehut/${serviceName}/subdir"; }; }; @@ -952,12 +957,12 @@ in ) cfg.builds.images ); image_dir_pre = pkgs.symlinkJoin { - name = "builds.sr.ht-worker-images-pre"; + name = "buildsrht-worker-images-pre"; paths = image_dirs; # FIXME: not working, apparently because ubuntu/latest is a broken link # ++ [ "${pkgs.sourcehut.buildsrht}/lib/images" ]; }; - image_dir = pkgs.runCommand "builds.sr.ht-worker-images" { } '' + image_dir = pkgs.runCommand "buildsrht-worker-images" { } '' mkdir -p $out/images cp -Lr ${image_dir_pre}/* $out/images ''; diff --git a/pkgs/applications/version-management/sourcehut/builds.nix b/pkgs/applications/version-management/sourcehut/builds.nix index 350afd07fe1..e2cc01eb9c7 100644 --- a/pkgs/applications/version-management/sourcehut/builds.nix +++ b/pkgs/applications/version-management/sourcehut/builds.nix @@ -1,7 +1,7 @@ { lib , fetchFromSourcehut -, buildPythonPackage , buildGoModule +, buildPythonPackage , srht , redis , celery @@ -9,21 +9,29 @@ , markdown , ansi2html , python +, unzip }: let - version = "0.75.2"; + version = "0.79.1"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "builds.sr.ht"; rev = version; - sha256 = "sha256-SwyxMzmp9baRQ0vceuEn/OpfIv7z7jwq/l67hdOHXjM="; + sha256 = "sha256-8fZ6KdD+9+n0uO3jm0AUyG08oCUNFq1K55ZOwLbkpHk="; }; - buildWorker = src: buildGoModule { + buildsrht-api = buildGoModule ({ inherit src version; - pname = "builds-sr-ht-worker"; + pname = "buildsrht-api"; + modRoot = "api"; + vendorSha256 = "sha256-roTwqtg4Y846PNtLdRN/LV3Jd0LVElqjFy3DJcrwoaI="; + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); + buildsrht-worker = buildGoModule { + inherit src version; + sourceRoot = "source/worker"; + pname = "buildsrht-worker"; vendorSha256 = "sha256-Pf1M9a43eK4jr6QMi6kRHA8DodXQU0pqq9ua5VC3ER0="; }; in @@ -35,6 +43,10 @@ buildPythonPackage rec { # Revert change breaking Unix socket support for Redis patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch ]; + postPatch = '' + substituteInPlace Makefile \ + --replace "all: api worker" "" + ''; nativeBuildInputs = srht.nativeBuildInputs; @@ -58,7 +70,8 @@ buildPythonPackage rec { cp -r images $out/lib cp contrib/submit_image_build $out/bin/builds.sr.ht - cp ${buildWorker "${src}/worker"}/bin/worker $out/bin/builds.sr.ht-worker + ln -s ${buildsrht-api}/bin/api $out/bin/buildsrht-api + ln -s ${buildsrht-worker}/bin/worker $out/bin/buildsrht-worker ''; pythonImportsCheck = [ "buildsrht" ]; From b57ed0fa1de7c6a138e310c009f969dcda347f7c Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 6 May 2022 00:03:52 +0200 Subject: [PATCH 40/70] sourcehut.gitsrht: 0.77.3 -> 0.78.18 --- .../services/misc/sourcehut/default.nix | 5 ++ .../version-management/sourcehut/git.nix | 54 +++++++++++-------- ...-Revert-Add-webhook-queue-monitoring.patch | 29 +++------- 3 files changed, 44 insertions(+), 44 deletions(-) diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index 746ddbf8f44..310b45f0f4d 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -1086,6 +1086,11 @@ in }; }) ]; + extraServices.gitsrht-api = { + serviceConfig.Restart = "always"; + serviceConfig.RestartSec = "2s"; + serviceConfig.ExecStart = "${pkgs.sourcehut.gitsrht}/bin/gitsrht-api -b ${cfg.listenAddress}:${toString (cfg.git.port + 100)}"; + }; extraServices.gitsrht-fcgiwrap = mkIf cfg.nginx.enable { serviceConfig = { # Socket is passed by gitsrht-fcgiwrap.socket diff --git a/pkgs/applications/version-management/sourcehut/git.nix b/pkgs/applications/version-management/sourcehut/git.nix index 318bee4cf51..e56022604fa 100644 --- a/pkgs/applications/version-management/sourcehut/git.nix +++ b/pkgs/applications/version-management/sourcehut/git.nix @@ -1,47 +1,57 @@ { lib , fetchFromSourcehut -, buildPythonPackage , buildGoModule +, buildPythonPackage , python , srht , pygit2 , scmsrht +, unzip }: let - version = "0.77.3"; + version = "0.78.18"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "git.sr.ht"; rev = version; - sha256 = "sha256-eJvXCcmdiUzTK0EqNJkLEZsAfr6toD/378HObnMbOWM="; + sha256 = "sha256-pGWphdFKaOIBIKWMxfNAFqXZQx/qHcrwb5Ylj9uag7s="; }; - buildShell = src: buildGoModule { + gitApi = buildGoModule ({ inherit src version; - pname = "gitsrht-shell"; - vendorSha256 = "sha256-aqUFICp0C2reqb2p6JCPAUIRsxzSv0t9BHoNWrTYfqk="; - }; + pname = "gitsrht-api"; + modRoot = "api"; + vendorSha256 = "sha256-0YI20liP0X1McfiSUy29zJk2UqqAPBIfIfPLoJOE1uI="; + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); - buildDispatcher = src: buildGoModule { + gitDispatch = buildGoModule { inherit src version; - pname = "gitsrht-dispatcher"; + pname = "gitsrht-dispatch"; + modRoot = "gitsrht-dispatch"; vendorSha256 = "sha256-qWXPHo86s6iuRBhRMtmD5jxnAWKdrWHtA/iSUkdw89M="; }; - buildKeys = src: buildGoModule { + gitKeys = buildGoModule { inherit src version; pname = "gitsrht-keys"; + modRoot = "gitsrht-keys"; vendorSha256 = "sha256-9pojS69HCKVHUceyOpGtv9ewcxFD4WsOVsEzkmWJkF4="; }; - buildUpdateHook = src: buildGoModule { + gitShell = buildGoModule { inherit src version; - pname = "gitsrht-update-hook"; - vendorSha256 = "sha256-sBlG7EFqdDm7CkAHVX50Mf4N3sl1rPNmWExG/bfbfGA="; + pname = "gitsrht-shell"; + modRoot = "gitsrht-shell"; + vendorSha256 = "sha256-WqfvSPuVsOHA//86u33atMfeA11+DJhjLmWy8Ivq0NI="; }; - updateHook = buildUpdateHook "${src}/gitsrht-update-hook"; + gitUpdateHook = buildGoModule { + inherit src version; + pname = "gitsrht-update-hook"; + modRoot = "gitsrht-update-hook"; + vendorSha256 = "sha256-Bc3yPabS2S+qiroHFKrtkII/CfzBDYQ6xWxKHAME+Tc="; + }; in buildPythonPackage rec { @@ -52,6 +62,10 @@ buildPythonPackage rec { # Revert change breaking Unix socket support for Redis patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch ]; + postPatch = '' + substituteInPlace Makefile \ + --replace "all: api gitsrht-dispatch gitsrht-keys gitsrht-shell gitsrht-update-hook" "" + ''; nativeBuildInputs = srht.nativeBuildInputs; @@ -68,14 +82,12 @@ buildPythonPackage rec { postInstall = '' mkdir -p $out/bin - cp ${buildShell "${src}/gitsrht-shell"}/bin/gitsrht-shell $out/bin/gitsrht-shell - cp ${buildDispatcher "${src}/gitsrht-dispatch"}/bin/gitsrht-dispatch $out/bin/gitsrht-dispatch - cp ${buildKeys "${src}/gitsrht-keys"}/bin/gitsrht-keys $out/bin/gitsrht-keys - cp ${updateHook}/bin/gitsrht-update-hook $out/bin/gitsrht-update-hook + ln -s ${gitApi}/bin/api $out/bin/gitsrht-api + ln -s ${gitDispatch}/bin/gitsrht-dispatch $out/bin/gitsrht-dispatch + ln -s ${gitKeys}/bin/gitsrht-keys $out/bin/gitsrht-keys + ln -s ${gitShell}/bin/gitsrht-shell $out/bin/gitsrht-shell + ln -s ${gitUpdateHook}/bin/gitsrht-update-hook $out/bin/gitsrht-update-hook ''; - passthru = { - inherit updateHook; - }; pythonImportsCheck = [ "gitsrht" ]; diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch index 4c526dd23e1..f9235102b95 100644 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch +++ b/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch @@ -1,22 +1,8 @@ -From 5ccb5386304c26f25b0a9eb10ce9edb6da32f91a Mon Sep 17 00:00:00 2001 -From: Julien Moutinho -Date: Sat, 12 Feb 2022 00:11:59 +0100 -Subject: [PATCH git.sr.ht] Revert "Add webhook queue monitoring" - -This reverts commit 7ea630b776947ab82438d0ffa263b0f9d33ebff3. - -Which has broken Unix socket support for Redis. -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E ---- - gitsrht/app.py | 3 --- - gitsrht/webhooks.py | 5 +---- - 2 files changed, 1 insertion(+), 7 deletions(-) - diff --git a/gitsrht/app.py b/gitsrht/app.py -index e9ccb56..4928851 100644 +index eaae395..731bb03 100644 --- a/gitsrht/app.py +++ b/gitsrht/app.py -@@ -48,9 +48,6 @@ class GitApp(ScmSrhtFlask): +@@ -55,9 +55,6 @@ class GitApp(SrhtFlask): self.add_template_filter(url_quote) self.add_template_filter(commit_links) @@ -27,15 +13,15 @@ index e9ccb56..4928851 100644 def inject(): notice = session.get("notice") diff --git a/gitsrht/webhooks.py b/gitsrht/webhooks.py -index 8a203fe..6240d50 100644 +index 36486d0..0109428 100644 --- a/gitsrht/webhooks.py +++ b/gitsrht/webhooks.py -@@ -7,13 +7,10 @@ if not hasattr(db, "session"): +@@ -7,12 +7,10 @@ if not hasattr(db, "session"): db.init() from srht.webhook import Event from srht.webhook.celery import CeleryWebhook, make_worker -from srht.metrics import RedisQueueCollector - from scmsrht.webhooks import UserWebhook ++from scmsrht.webhooks import UserWebhook import sqlalchemy as sa -webhook_broker = cfg("git.sr.ht", "webhooks") @@ -43,8 +29,5 @@ index 8a203fe..6240d50 100644 -webhook_metrics_collector = RedisQueueCollector(webhook_broker, "srht_webhooks", "Webhook queue length") +worker = make_worker(broker=cfg("git.sr.ht", "webhooks")) - class RepoWebhook(CeleryWebhook): + class UserWebhook(CeleryWebhook): events = [ --- -2.34.1 - From 658d8f1240b30b629f1d6d73961953d0acc26f43 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 6 May 2022 00:04:22 +0200 Subject: [PATCH 41/70] sourcehut.hgsrht: 0.29.4 -> 0.31.2 --- .../services/misc/sourcehut/default.nix | 5 ++++ .../version-management/sourcehut/hg.nix | 29 +++++++++++++++++-- 2 files changed, 32 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index 310b45f0f4d..45b8943ed8e 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -1134,6 +1134,11 @@ in timerConfig.OnCalendar = ["daily"]; timerConfig.AccuracySec = "1h"; }; + extraServices.hgsrht-api = { + serviceConfig.Restart = "always"; + serviceConfig.RestartSec = "2s"; + serviceConfig.ExecStart = "${pkgs.sourcehut.hgsrht}/bin/hgsrht-api -b ${cfg.listenAddress}:${toString (cfg.hg.port + 100)}"; + }; extraConfig = mkMerge [ { users.users.${cfg.hg.user}.shell = pkgs.bash; diff --git a/pkgs/applications/version-management/sourcehut/hg.nix b/pkgs/applications/version-management/sourcehut/hg.nix index f3e778b2f31..2aa4cc2c505 100644 --- a/pkgs/applications/version-management/sourcehut/hg.nix +++ b/pkgs/applications/version-management/sourcehut/hg.nix @@ -1,21 +1,41 @@ { lib , fetchhg +, buildGoModule , buildPythonPackage , srht , hglib , scmsrht , unidiff , python +, unzip }: buildPythonPackage rec { pname = "hgsrht"; - version = "0.29.4"; + version = "0.31.2"; src = fetchhg { url = "https://hg.sr.ht/~sircmpwn/hg.sr.ht"; rev = version; - sha256 = "Jn9M/R5tJK/GeJDWGo3LWCK2nwsfI9zh+/yo2M+X6Sk="; + sha256 = "F0dBykSSrlis+mumULLxvKNxD75DWR9+IDTYbmhkMDI="; + }; + postPatch = '' + substituteInPlace Makefile \ + --replace "all: api hgsrht-keys" "" + ''; + + hgsrht-api = buildGoModule ({ + inherit src version; + pname = "hgsrht-api"; + modRoot = "api"; + vendorSha256 = "sha256-W7A22qSIgJgcfS7xYNrmbYKaZBXbDtPilM9I6DxmTeU="; + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); + + hgsrht-keys = buildGoModule { + inherit src version; + pname = "hgsrht-keys"; + modRoot = "hgsrht-keys"; + vendorSha256 = "sha256-7ti8xCjSrxsslF7/1X/GY4FDl+69hPL4UwCDfjxmJLU="; }; nativeBuildInputs = srht.nativeBuildInputs; @@ -32,6 +52,11 @@ buildPythonPackage rec { export SRHT_PATH=${srht}/${python.sitePackages}/srht ''; + postInstall = '' + ln -s ${hgsrht-api}/bin/api $out/bin/hgsrht-api + ln -s ${hgsrht-keys}/bin/hgsrht-keys $out/bin/hgsrht-keys + ''; + pythonImportsCheck = [ "hgsrht" ]; meta = with lib; { From 0f1e37bc5ba35519a272a846bc32fdd34a447c6b Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 6 May 2022 00:04:44 +0200 Subject: [PATCH 42/70] sourcehut.hubsrht: 0.14.4 -> 0.14.14 --- pkgs/applications/version-management/sourcehut/hub.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/hub.nix b/pkgs/applications/version-management/sourcehut/hub.nix index 511ec359fc4..75d9efe5bd9 100644 --- a/pkgs/applications/version-management/sourcehut/hub.nix +++ b/pkgs/applications/version-management/sourcehut/hub.nix @@ -6,13 +6,13 @@ buildPythonPackage rec { pname = "hubsrht"; - version = "0.14.4"; + version = "0.14.14"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "hub.sr.ht"; rev = version; - sha256 = "sha256-7HF+jykWGqzPWA0YtJZQZU7pnID1yexcqLkEf2HpnSs="; + sha256 = "sha256-4n6oQ+AAvdJY/5KflxAp62chjyrlSUkmt319DKZk33w="; }; nativeBuildInputs = srht.nativeBuildInputs; From 59d8439966cf6ca5f2967e56a52fb98ae85d4e60 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 6 May 2022 00:05:06 +0200 Subject: [PATCH 43/70] sourcehut.listssrht: 0.51.7 -> 0.51.9 --- .../services/misc/sourcehut/default.nix | 5 +++++ .../version-management/sourcehut/lists.nix | 21 +++++++++++++++++-- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index 45b8943ed8e..6a9b3c8de83 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -1199,6 +1199,11 @@ in inherit configIniOfService; port = 5006; webhooks = true; + extraServices.listssrht-api = { + serviceConfig.Restart = "always"; + serviceConfig.RestartSec = "2s"; + serviceConfig.ExecStart = "${pkgs.sourcehut.listssrht}/bin/listssrht-api -b ${cfg.listenAddress}:${toString (cfg.lists.port + 100)}"; + }; # Receive the mail from Postfix and enqueue them into Redis and PostgreSQL extraServices.listssrht-lmtp = { wants = [ "postfix.service" ]; diff --git a/pkgs/applications/version-management/sourcehut/lists.nix b/pkgs/applications/version-management/sourcehut/lists.nix index 3ba6375a913..d2645531121 100644 --- a/pkgs/applications/version-management/sourcehut/lists.nix +++ b/pkgs/applications/version-management/sourcehut/lists.nix @@ -1,5 +1,6 @@ { lib , fetchFromSourcehut +, buildGoModule , buildPythonPackage , srht , asyncpg @@ -8,23 +9,35 @@ , emailthreads , redis , python +, unzip }: buildPythonPackage rec { pname = "listssrht"; - version = "0.51.7"; + version = "0.51.9"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "lists.sr.ht"; rev = version; - sha256 = "sha256-oNY5A98oVoL2JKO0fU/8YVl8u7ywmHb/RHD8A6z9yIM="; + sha256 = "sha256-6iyt0XXAHvyp4bA+VW9uA9YP9wq2Rf/WYVZxylSRf7k="; }; + listssrht-api = buildGoModule ({ + inherit src version; + pname = "listssrht-api"; + modRoot = "api"; + vendorSha256 = "sha256-xnmMkRSokbhWD+kz0XQ9AinYdm6/50FRBISURPvlzD0="; + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); + patches = [ # Revert change breaking Unix socket support for Redis patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch ]; + postPatch = '' + substituteInPlace Makefile \ + --replace "all: api" "" + ''; nativeBuildInputs = srht.nativeBuildInputs; @@ -42,6 +55,10 @@ buildPythonPackage rec { export SRHT_PATH=${srht}/${python.sitePackages}/srht ''; + postInstall = '' + ln -s ${listssrht-api}/bin/api $out/bin/listssrht-api + ''; + pythonImportsCheck = [ "listssrht" ]; meta = with lib; { From a3297babdcfa2ef512bf50e6997d9ff025c4dbfd Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 6 May 2022 00:05:41 +0200 Subject: [PATCH 44/70] sourcehut.mansrht: 0.15.23 -> 0.15.25 --- pkgs/applications/version-management/sourcehut/man.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/man.nix b/pkgs/applications/version-management/sourcehut/man.nix index 8d43f297a4f..ccee76defde 100644 --- a/pkgs/applications/version-management/sourcehut/man.nix +++ b/pkgs/applications/version-management/sourcehut/man.nix @@ -8,13 +8,13 @@ buildPythonPackage rec { pname = "mansrht"; - version = "0.15.23"; + version = "0.15.25"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "man.sr.ht"; rev = version; - sha256 = "sha256-xrBptXdwMee+YkPup/BYL/iXBhCzSUQ5htSHIw/1Ncc="; + sha256 = "sha256-Mq3IHsqSkFHVdmy3g0E+9oLnKORthgv3lqvWyrKMIuU="; }; nativeBuildInputs = srht.nativeBuildInputs; From bcb91bbeb744fc88047b38ebbd255d5a09478f76 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 6 May 2022 00:07:02 +0200 Subject: [PATCH 45/70] sourcehut.metasrht: 0.57.5 -> 0.58.8 --- .../services/misc/sourcehut/default.nix | 8 ++++---- .../version-management/sourcehut/meta.nix | 18 ++++++++++++------ 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index 6a9b3c8de83..9f4aec4fd47 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -1252,6 +1252,10 @@ in inherit configIniOfService; port = 5000; webhooks = true; + extraTimers.metasrht-daily.timerConfig = { + OnCalendar = ["daily"]; + AccuracySec = "1h"; + }; extraServices.metasrht-api = { serviceConfig.Restart = "always"; serviceConfig.RestartSec = "2s"; @@ -1268,10 +1272,6 @@ in ) cfg.settings)); serviceConfig.ExecStart = "${pkgs.sourcehut.metasrht}/bin/metasrht-api -b ${cfg.listenAddress}:${toString (cfg.meta.port + 100)}"; }; - extraTimers.metasrht-daily.timerConfig = { - OnCalendar = ["daily"]; - AccuracySec = "1h"; - }; extraConfig = mkMerge [ { assertions = [ diff --git a/pkgs/applications/version-management/sourcehut/meta.nix b/pkgs/applications/version-management/sourcehut/meta.nix index ab19cc88d25..79293736e4a 100644 --- a/pkgs/applications/version-management/sourcehut/meta.nix +++ b/pkgs/applications/version-management/sourcehut/meta.nix @@ -16,22 +16,24 @@ , weasyprint , prometheus-client , python +, unzip }: let - version = "0.57.5"; + version = "0.58.8"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "meta.sr.ht"; rev = version; - sha256 = "sha256-qsCwZaCiqvY445U053OCWD98jlIUi9NB2jWVP2oW3Vk="; + sha256 = "sha256-lnEt5UoQBd5qlkD+nE6KL5DP4jf1FrAjgA06/mgRxTs="; }; - buildApi = src: buildGoModule { + metasrht-api = buildGoModule ({ inherit src version; pname = "metasrht-api"; - vendorSha256 = "sha256-8Ubrr9qRlgW2wsLHrPHwulSWLz+gp4VPcTvOZpg8TYM="; - }; + modRoot = "api"; + vendorSha256 = "sha256-3s9PYUy4qS06zyTIRDvnAmhfrjVLBa/03Nu3tMcIReI="; + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); in buildPythonPackage rec { @@ -42,6 +44,10 @@ buildPythonPackage rec { # Revert change breaking Unix socket support for Redis patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch ]; + postPatch = '' + substituteInPlace Makefile \ + --replace "all: api" "" + ''; nativeBuildInputs = srht.nativeBuildInputs; @@ -68,7 +74,7 @@ buildPythonPackage rec { postInstall = '' mkdir -p $out/bin - cp ${buildApi "${src}/api/"}/bin/api $out/bin/metasrht-api + ln -s ${metasrht-api}/bin/api $out/bin/metasrht-api ''; pythonImportsCheck = [ "metasrht" ]; From 47680ca9e36a7d29b4be629b658fdde1a6eabac8 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 6 May 2022 00:08:13 +0200 Subject: [PATCH 46/70] sourcehut.pagessrht: 0.6.2 -> 0.7.3 --- .../version-management/sourcehut/pages.nix | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/pages.nix b/pkgs/applications/version-management/sourcehut/pages.nix index b6a18b5bda7..faa6dbb4d49 100644 --- a/pkgs/applications/version-management/sourcehut/pages.nix +++ b/pkgs/applications/version-management/sourcehut/pages.nix @@ -1,20 +1,21 @@ { lib , fetchFromSourcehut , buildGoModule +, unzip }: -buildGoModule rec { +buildGoModule (rec { pname = "pagessrht"; - version = "0.6.2"; + version = "0.7.3"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "pages.sr.ht"; rev = version; - sha256 = "sha256-ob0+t9V2o8lhVC6fXbi1rNm0Mnbs+GoyAmhBqVZ13PA="; + sha256 = "sha256-fHhf4VQ82/k4g8pzyuN9Pr2f8mxT8zw+2Nq0nw1Msks="; }; - vendorSha256 = "sha256-b0sHSH0jkKoIVq045N96wszuLJDegkkj0v50nuDFleU="; + vendorSha256 = "sha256-/+XVl6PZUMOZIiuO6vEu0dacefz2hDSObaP8JsItSTw="; postInstall = '' mkdir -p $out/share/sql/ @@ -27,4 +28,6 @@ buildGoModule rec { license = licenses.agpl3Only; maintainers = with maintainers; [ eadwu ]; }; -} + # There is no ./loaders but this does not cause troubles + # to go generate +} // import ./fix-gqlgen-trimpath.nix {inherit unzip;}) From 1722530759bedeb82f7470cbfb09328fd22783f3 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 6 May 2022 00:08:48 +0200 Subject: [PATCH 47/70] sourcehut.pastesrht: 0.13.6 -> 0.13.7 --- pkgs/applications/version-management/sourcehut/paste.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/paste.nix b/pkgs/applications/version-management/sourcehut/paste.nix index c411f8e8c95..fbbc5fcd6a9 100644 --- a/pkgs/applications/version-management/sourcehut/paste.nix +++ b/pkgs/applications/version-management/sourcehut/paste.nix @@ -8,13 +8,13 @@ buildPythonPackage rec { pname = "pastesrht"; - version = "0.13.6"; + version = "0.13.7"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "paste.sr.ht"; rev = version; - sha256 = "sha256-Khcqk86iD9nxiKXN3+8mSLNoDau2qXNFOrLdkVu+rH8="; + sha256 = "sha256-EzcS6Zbh+wJinC/GKJOSWUPORODpKEA3tLpLGqoVGBU="; }; nativeBuildInputs = srht.nativeBuildInputs; From 876f3a8bf0eebc5c6cb50c5fecf420f6cb3f2836 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 6 May 2022 00:09:09 +0200 Subject: [PATCH 48/70] sourcehut.todosrht: 0.67.2 -> 0.71.0 --- .../services/misc/sourcehut/default.nix | 5 +++++ .../version-management/sourcehut/todo.nix | 22 +++++++++++++++++-- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index 9f4aec4fd47..70f6ea7ce97 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -1368,6 +1368,11 @@ in inherit configIniOfService; port = 5003; webhooks = true; + extraServices.todosrht-api = { + serviceConfig.Restart = "always"; + serviceConfig.RestartSec = "2s"; + serviceConfig.ExecStart = "${pkgs.sourcehut.todosrht}/bin/todosrht-api -b ${cfg.listenAddress}:${toString (cfg.todo.port + 100)}"; + }; extraServices.todosrht-lmtp = { wants = [ "postfix.service" ]; unitConfig.JoinsNamespaceOf = optional cfg.postfix.enable "postfix.service"; diff --git a/pkgs/applications/version-management/sourcehut/todo.nix b/pkgs/applications/version-management/sourcehut/todo.nix index 1446e68fa69..4611c63dd0b 100644 --- a/pkgs/applications/version-management/sourcehut/todo.nix +++ b/pkgs/applications/version-management/sourcehut/todo.nix @@ -1,5 +1,6 @@ { lib , fetchFromSourcehut +, buildGoModule , buildPythonPackage , srht , redis @@ -8,23 +9,36 @@ , pytest , factory_boy , python +, unzip }: buildPythonPackage rec { pname = "todosrht"; - version = "0.67.2"; + version = "0.71.0"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "todo.sr.ht"; rev = version; - sha256 = "sha256-/QHsMlhzyah85ubZyx8j4GDUoITuWcLDJKosbZGeOZU="; + sha256 = "sha256-IIZKN006UIrdcxF+LYkUtc97QoCnWqzX8036vMctWHY="; }; patches = [ # Revert change breaking Unix socket support for Redis patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch ]; + postPatch = '' + substituteInPlace Makefile \ + --replace "all: api" "" + ''; + + + todosrht-api = buildGoModule ({ + inherit src version; + pname = "todosrht-api"; + modRoot = "api"; + vendorSha256 = "sha256-ttGT7lUh8O+9KvbaEGWUsthefXQ2ATeli0tnlXCjZFk="; + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); nativeBuildInputs = srht.nativeBuildInputs; @@ -40,6 +54,10 @@ buildPythonPackage rec { export SRHT_PATH=${srht}/${python.sitePackages}/srht ''; + postInstall = '' + ln -s ${todosrht-api}/bin/api $out/bin/todosrht-api + ''; + # pytest tests fail checkInputs = [ pytest From 43b5dcd60cf471f3c3d83eff49c453316a2430a8 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 6 May 2022 21:55:26 +0200 Subject: [PATCH 49/70] nixos/sourcehut: remove forgotten unused files --- .../services/misc/sourcehut/builds.nix | 236 ------------------ .../services/misc/sourcehut/dispatch.nix | 127 ---------- nixos/modules/services/misc/sourcehut/git.nix | 217 ---------------- nixos/modules/services/misc/sourcehut/hg.nix | 175 ------------- nixos/modules/services/misc/sourcehut/hub.nix | 120 --------- .../modules/services/misc/sourcehut/lists.nix | 187 -------------- nixos/modules/services/misc/sourcehut/man.nix | 124 --------- .../modules/services/misc/sourcehut/meta.nix | 213 ---------------- .../modules/services/misc/sourcehut/paste.nix | 135 ---------- .../modules/services/misc/sourcehut/todo.nix | 163 ------------ 10 files changed, 1697 deletions(-) delete mode 100644 nixos/modules/services/misc/sourcehut/builds.nix delete mode 100644 nixos/modules/services/misc/sourcehut/dispatch.nix delete mode 100644 nixos/modules/services/misc/sourcehut/git.nix delete mode 100644 nixos/modules/services/misc/sourcehut/hg.nix delete mode 100644 nixos/modules/services/misc/sourcehut/hub.nix delete mode 100644 nixos/modules/services/misc/sourcehut/lists.nix delete mode 100644 nixos/modules/services/misc/sourcehut/man.nix delete mode 100644 nixos/modules/services/misc/sourcehut/meta.nix delete mode 100644 nixos/modules/services/misc/sourcehut/paste.nix delete mode 100644 nixos/modules/services/misc/sourcehut/todo.nix diff --git a/nixos/modules/services/misc/sourcehut/builds.nix b/nixos/modules/services/misc/sourcehut/builds.nix deleted file mode 100644 index 685a132d350..00000000000 --- a/nixos/modules/services/misc/sourcehut/builds.nix +++ /dev/null @@ -1,236 +0,0 @@ -{ config, lib, options, pkgs, ... }: - -with lib; -let - cfg = config.services.sourcehut; - opt = options.services.sourcehut; - scfg = cfg.builds; - rcfg = config.services.redis; - iniKey = "builds.sr.ht"; - - drv = pkgs.sourcehut.buildsrht; -in -{ - options.services.sourcehut.builds = { - user = mkOption { - type = types.str; - default = "buildsrht"; - description = '' - User for builds.sr.ht. - ''; - }; - - port = mkOption { - type = types.port; - default = 5002; - description = '' - Port on which the "builds" module should listen. - ''; - }; - - database = mkOption { - type = types.str; - default = "builds.sr.ht"; - description = '' - PostgreSQL database name for builds.sr.ht. - ''; - }; - - statePath = mkOption { - type = types.path; - default = "${cfg.statePath}/buildsrht"; - defaultText = literalExpression ''"''${config.${opt.statePath}}/buildsrht"''; - description = '' - State path for builds.sr.ht. - ''; - }; - - enableWorker = mkOption { - type = types.bool; - default = false; - description = '' - Run workers for builds.sr.ht. - ''; - }; - - images = mkOption { - type = types.attrsOf (types.attrsOf (types.attrsOf types.package)); - default = { }; - example = lib.literalExpression ''(let - # Pinning unstable to allow usage with flakes and limit rebuilds. - pkgs_unstable = builtins.fetchGit { - url = "https://github.com/NixOS/nixpkgs"; - rev = "ff96a0fa5635770390b184ae74debea75c3fd534"; - ref = "nixos-unstable"; - }; - image_from_nixpkgs = pkgs_unstable: (import ("''${pkgs.sourcehut.buildsrht}/lib/images/nixos/image.nix") { - pkgs = (import pkgs_unstable {}); - }); - in - { - nixos.unstable.x86_64 = image_from_nixpkgs pkgs_unstable; - } - )''; - description = '' - Images for builds.sr.ht. Each package should be distro.release.arch and point to a /nix/store/package/root.img.qcow2. - ''; - }; - - }; - - config = with scfg; let - image_dirs = lib.lists.flatten ( - lib.attrsets.mapAttrsToList - (distro: revs: - lib.attrsets.mapAttrsToList - (rev: archs: - lib.attrsets.mapAttrsToList - (arch: image: - pkgs.runCommand "buildsrht-images" { } '' - mkdir -p $out/${distro}/${rev}/${arch} - ln -s ${image}/*.qcow2 $out/${distro}/${rev}/${arch}/root.img.qcow2 - '') - archs) - revs) - scfg.images); - image_dir_pre = pkgs.symlinkJoin { - name = "builds.sr.ht-worker-images-pre"; - paths = image_dirs ++ [ - "${pkgs.sourcehut.buildsrht}/lib/images" - ]; - }; - image_dir = pkgs.runCommand "builds.sr.ht-worker-images" { } '' - mkdir -p $out/images - cp -Lr ${image_dir_pre}/* $out/images - ''; - in - lib.mkIf (cfg.enable && elem "builds" cfg.services) { - users = { - users = { - "${user}" = { - isSystemUser = true; - group = user; - extraGroups = lib.optionals cfg.builds.enableWorker [ "docker" ]; - description = "builds.sr.ht user"; - }; - }; - - groups = { - "${user}" = { }; - }; - }; - - services.postgresql = { - authentication = '' - local ${database} ${user} trust - ''; - ensureDatabases = [ database ]; - ensureUsers = [ - { - name = user; - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; }; - } - ]; - }; - - systemd = { - tmpfiles.rules = [ - "d ${statePath} 0755 ${user} ${user} -" - ] ++ (lib.optionals cfg.builds.enableWorker - [ "d ${statePath}/logs 0775 ${user} ${user} - -" ] - ); - - services = { - buildsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey - { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "builds.sr.ht website service"; - - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}"; - - # Hack to bypass this hack: https://git.sr.ht/~sircmpwn/core.sr.ht/tree/master/item/srht-update-profiles#L6 - } // { preStart = " "; }; - - buildsrht-worker = { - enable = scfg.enableWorker; - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - partOf = [ "buildsrht.service" ]; - description = "builds.sr.ht worker service"; - path = [ pkgs.openssh pkgs.docker ]; - preStart = let qemuPackage = pkgs.qemu_kvm; - in '' - if [[ "$(docker images -q qemu:latest 2> /dev/null)" == "" || "$(cat ${statePath}/docker-image-qemu 2> /dev/null || true)" != "${qemuPackage.version}" ]]; then - # Create and import qemu:latest image for docker - ${ - pkgs.dockerTools.streamLayeredImage { - name = "qemu"; - tag = "latest"; - contents = [ qemuPackage ]; - } - } | docker load - # Mark down current package version - printf "%s" "${qemuPackage.version}" > ${statePath}/docker-image-qemu - fi - ''; - serviceConfig = { - Type = "simple"; - User = user; - Group = "nginx"; - Restart = "always"; - }; - serviceConfig.ExecStart = "${pkgs.sourcehut.buildsrht}/bin/builds.sr.ht-worker"; - }; - }; - }; - - services.sourcehut.settings = { - # URL builds.sr.ht is being served at (protocol://domain) - "builds.sr.ht".origin = mkDefault "http://builds.${cfg.originBase}"; - # Address and port to bind the debug server to - "builds.sr.ht".debug-host = mkDefault "0.0.0.0"; - "builds.sr.ht".debug-port = mkDefault port; - # Configures the SQLAlchemy connection string for the database. - "builds.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql"; - # Set to "yes" to automatically run migrations on package upgrade. - "builds.sr.ht".migrate-on-upgrade = mkDefault "yes"; - # builds.sr.ht's OAuth client ID and secret for meta.sr.ht - # Register your client at meta.example.org/oauth - "builds.sr.ht".oauth-client-id = mkDefault null; - "builds.sr.ht".oauth-client-secret = mkDefault null; - # The redis connection used for the celery worker - "builds.sr.ht".redis = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/3"; - # The shell used for ssh - "builds.sr.ht".shell = mkDefault "runner-shell"; - # Register the builds.sr.ht dispatcher - "git.sr.ht::dispatch".${builtins.unsafeDiscardStringContext "${pkgs.sourcehut.buildsrht}/bin/buildsrht-keys"} = mkDefault "${user}:${user}"; - - # Location for build logs, images, and control command - } // lib.attrsets.optionalAttrs scfg.enableWorker { - # Default worker stores logs that are accessible via this address:port - "builds.sr.ht::worker".name = mkDefault "127.0.0.1:5020"; - "builds.sr.ht::worker".buildlogs = mkDefault "${scfg.statePath}/logs"; - "builds.sr.ht::worker".images = mkDefault "${image_dir}/images"; - "builds.sr.ht::worker".controlcmd = mkDefault "${image_dir}/images/control"; - "builds.sr.ht::worker".timeout = mkDefault "3m"; - }; - - services.nginx.virtualHosts."logs.${cfg.originBase}" = - if scfg.enableWorker then { - listen = with builtins; let address = split ":" cfg.settings."builds.sr.ht::worker".name; - in [{ addr = elemAt address 0; port = lib.toInt (elemAt address 2); }]; - locations."/logs".root = "${scfg.statePath}"; - } else { }; - - services.nginx.virtualHosts."builds.${cfg.originBase}" = { - forceSSL = true; - locations."/".proxyPass = "http://${cfg.address}:${toString port}"; - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}"; - locations."/static".root = "${pkgs.sourcehut.buildsrht}/${pkgs.sourcehut.python.sitePackages}/buildsrht"; - }; - }; -} diff --git a/nixos/modules/services/misc/sourcehut/dispatch.nix b/nixos/modules/services/misc/sourcehut/dispatch.nix deleted file mode 100644 index 292a51d3e1c..00000000000 --- a/nixos/modules/services/misc/sourcehut/dispatch.nix +++ /dev/null @@ -1,127 +0,0 @@ -{ config, lib, options, pkgs, ... }: - -with lib; -let - cfg = config.services.sourcehut; - opt = options.services.sourcehut; - cfgIni = cfg.settings; - scfg = cfg.dispatch; - iniKey = "dispatch.sr.ht"; - - drv = pkgs.sourcehut.dispatchsrht; -in -{ - options.services.sourcehut.dispatch = { - user = mkOption { - type = types.str; - default = "dispatchsrht"; - description = '' - User for dispatch.sr.ht. - ''; - }; - - port = mkOption { - type = types.port; - default = 5005; - description = '' - Port on which the "dispatch" module should listen. - ''; - }; - - database = mkOption { - type = types.str; - default = "dispatch.sr.ht"; - description = '' - PostgreSQL database name for dispatch.sr.ht. - ''; - }; - - statePath = mkOption { - type = types.path; - default = "${cfg.statePath}/dispatchsrht"; - defaultText = literalExpression ''"''${config.${opt.statePath}}/dispatchsrht"''; - description = '' - State path for dispatch.sr.ht. - ''; - }; - }; - - config = with scfg; lib.mkIf (cfg.enable && elem "dispatch" cfg.services) { - - users = { - users = { - "${user}" = { - isSystemUser = true; - group = user; - description = "dispatch.sr.ht user"; - }; - }; - - groups = { - "${user}" = { }; - }; - }; - - services.postgresql = { - authentication = '' - local ${database} ${user} trust - ''; - ensureDatabases = [ database ]; - ensureUsers = [ - { - name = user; - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; }; - } - ]; - }; - - systemd = { - tmpfiles.rules = [ - "d ${statePath} 0750 ${user} ${user} -" - ]; - - services.dispatchsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "dispatch.sr.ht website service"; - - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}"; - }; - }; - - services.sourcehut.settings = { - # URL dispatch.sr.ht is being served at (protocol://domain) - "dispatch.sr.ht".origin = mkDefault "http://dispatch.${cfg.originBase}"; - # Address and port to bind the debug server to - "dispatch.sr.ht".debug-host = mkDefault "0.0.0.0"; - "dispatch.sr.ht".debug-port = mkDefault port; - # Configures the SQLAlchemy connection string for the database. - "dispatch.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql"; - # Set to "yes" to automatically run migrations on package upgrade. - "dispatch.sr.ht".migrate-on-upgrade = mkDefault "yes"; - # dispatch.sr.ht's OAuth client ID and secret for meta.sr.ht - # Register your client at meta.example.org/oauth - "dispatch.sr.ht".oauth-client-id = mkDefault null; - "dispatch.sr.ht".oauth-client-secret = mkDefault null; - - # Github Integration - "dispatch.sr.ht::github".oauth-client-id = mkDefault null; - "dispatch.sr.ht::github".oauth-client-secret = mkDefault null; - - # Gitlab Integration - "dispatch.sr.ht::gitlab".enabled = mkDefault null; - "dispatch.sr.ht::gitlab".canonical-upstream = mkDefault "gitlab.com"; - "dispatch.sr.ht::gitlab".repo-cache = mkDefault "./repo-cache"; - # "dispatch.sr.ht::gitlab"."gitlab.com" = mkDefault "GitLab:application id:secret"; - }; - - services.nginx.virtualHosts."dispatch.${cfg.originBase}" = { - forceSSL = true; - locations."/".proxyPass = "http://${cfg.address}:${toString port}"; - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}"; - locations."/static".root = "${pkgs.sourcehut.dispatchsrht}/${pkgs.sourcehut.python.sitePackages}/dispatchsrht"; - }; - }; -} diff --git a/nixos/modules/services/misc/sourcehut/git.nix b/nixos/modules/services/misc/sourcehut/git.nix deleted file mode 100644 index ff110905d18..00000000000 --- a/nixos/modules/services/misc/sourcehut/git.nix +++ /dev/null @@ -1,217 +0,0 @@ -{ config, lib, options, pkgs, ... }: - -with lib; -let - cfg = config.services.sourcehut; - opt = options.services.sourcehut; - scfg = cfg.git; - iniKey = "git.sr.ht"; - - rcfg = config.services.redis; - drv = pkgs.sourcehut.gitsrht; -in -{ - options.services.sourcehut.git = { - user = mkOption { - type = types.str; - visible = false; - internal = true; - readOnly = true; - default = "git"; - description = '' - User for git.sr.ht. - ''; - }; - - port = mkOption { - type = types.port; - default = 5001; - description = '' - Port on which the "git" module should listen. - ''; - }; - - database = mkOption { - type = types.str; - default = "git.sr.ht"; - description = '' - PostgreSQL database name for git.sr.ht. - ''; - }; - - statePath = mkOption { - type = types.path; - default = "${cfg.statePath}/gitsrht"; - defaultText = literalExpression ''"''${config.${opt.statePath}}/gitsrht"''; - description = '' - State path for git.sr.ht. - ''; - }; - - package = mkOption { - type = types.package; - default = pkgs.git; - defaultText = literalExpression "pkgs.git"; - example = literalExpression "pkgs.gitFull"; - description = '' - Git package for git.sr.ht. This can help silence collisions. - ''; - }; - }; - - config = with scfg; lib.mkIf (cfg.enable && elem "git" cfg.services) { - # sshd refuses to run with `Unsafe AuthorizedKeysCommand ... bad ownership or modes for directory /nix/store` - environment.etc."ssh/gitsrht-dispatch" = { - mode = "0755"; - text = '' - #! ${pkgs.stdenv.shell} - ${cfg.python}/bin/gitsrht-dispatch "$@" - ''; - }; - - # Needs this in the $PATH when sshing into the server - environment.systemPackages = [ cfg.git.package ]; - - users = { - users = { - "${user}" = { - isSystemUser = true; - group = user; - # https://stackoverflow.com/questions/22314298/git-push-results-in-fatal-protocol-error-bad-line-length-character-this - # Probably could use gitsrht-shell if output is restricted to just parameters... - shell = pkgs.bash; - description = "git.sr.ht user"; - }; - }; - - groups = { - "${user}" = { }; - }; - }; - - services = { - cron.systemCronJobs = [ "*/20 * * * * ${cfg.python}/bin/gitsrht-periodic" ]; - fcgiwrap.enable = true; - - openssh.authorizedKeysCommand = ''/etc/ssh/gitsrht-dispatch "%u" "%h" "%t" "%k"''; - openssh.authorizedKeysCommandUser = "root"; - openssh.extraConfig = '' - PermitUserEnvironment SRHT_* - ''; - - postgresql = { - authentication = '' - local ${database} ${user} trust - ''; - ensureDatabases = [ database ]; - ensureUsers = [ - { - name = user; - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; }; - } - ]; - }; - }; - - systemd = { - tmpfiles.rules = [ - # /var/log is owned by root - "f /var/log/git-srht-shell 0644 ${user} ${user} -" - - "d ${statePath} 0750 ${user} ${user} -" - "d ${cfg.settings."${iniKey}".repos} 2755 ${user} ${user} -" - ]; - - services = { - gitsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey { - after = [ "redis.service" "postgresql.service" "network.target" ]; - requires = [ "redis.service" "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - # Needs internally to create repos at the very least - path = [ pkgs.git ]; - description = "git.sr.ht website service"; - - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}"; - }; - - gitsrht-webhooks = { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "git.sr.ht webhooks service"; - serviceConfig = { - Type = "simple"; - User = user; - Restart = "always"; - }; - - serviceConfig.ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info"; - }; - }; - }; - - services.sourcehut.settings = { - # URL git.sr.ht is being served at (protocol://domain) - "git.sr.ht".origin = mkDefault "http://git.${cfg.originBase}"; - # Address and port to bind the debug server to - "git.sr.ht".debug-host = mkDefault "0.0.0.0"; - "git.sr.ht".debug-port = mkDefault port; - # Configures the SQLAlchemy connection string for the database. - "git.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql"; - # Set to "yes" to automatically run migrations on package upgrade. - "git.sr.ht".migrate-on-upgrade = mkDefault "yes"; - # The redis connection used for the webhooks worker - "git.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/1"; - - # A post-update script which is installed in every git repo. - "git.sr.ht".post-update-script = mkDefault "${pkgs.sourcehut.gitsrht}/bin/gitsrht-update-hook"; - - # git.sr.ht's OAuth client ID and secret for meta.sr.ht - # Register your client at meta.example.org/oauth - "git.sr.ht".oauth-client-id = mkDefault null; - "git.sr.ht".oauth-client-secret = mkDefault null; - # Path to git repositories on disk - "git.sr.ht".repos = mkDefault "/var/lib/git"; - - "git.sr.ht".outgoing-domain = mkDefault "http://git.${cfg.originBase}"; - - # The authorized keys hook uses this to dispatch to various handlers - # The format is a program to exec into as the key, and the user to match as the - # value. When someone tries to log in as this user, this program is executed - # and is expected to omit an AuthorizedKeys file. - # - # Discard of the string context is in order to allow derivation-derived strings. - # This is safe if the relevant package is installed which will be the case if the setting is utilized. - "git.sr.ht::dispatch".${builtins.unsafeDiscardStringContext "${pkgs.sourcehut.gitsrht}/bin/gitsrht-keys"} = mkDefault "${user}:${user}"; - }; - - services.nginx.virtualHosts."git.${cfg.originBase}" = { - forceSSL = true; - locations."/".proxyPass = "http://${cfg.address}:${toString port}"; - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}"; - locations."/static".root = "${pkgs.sourcehut.gitsrht}/${pkgs.sourcehut.python.sitePackages}/gitsrht"; - extraConfig = '' - location = /authorize { - proxy_pass http://${cfg.address}:${toString port}; - proxy_pass_request_body off; - proxy_set_header Content-Length ""; - proxy_set_header X-Original-URI $request_uri; - } - location ~ ^/([^/]+)/([^/]+)/(HEAD|info/refs|objects/info/.*|git-upload-pack).*$ { - auth_request /authorize; - root /var/lib/git; - fastcgi_pass unix:/run/fcgiwrap.sock; - fastcgi_param SCRIPT_FILENAME ${pkgs.git}/bin/git-http-backend; - fastcgi_param PATH_INFO $uri; - fastcgi_param GIT_PROJECT_ROOT $document_root; - fastcgi_read_timeout 500s; - include ${config.services.nginx.package}/conf/fastcgi_params; - gzip off; - } - ''; - - }; - }; -} diff --git a/nixos/modules/services/misc/sourcehut/hg.nix b/nixos/modules/services/misc/sourcehut/hg.nix deleted file mode 100644 index 6ba1df8b6dd..00000000000 --- a/nixos/modules/services/misc/sourcehut/hg.nix +++ /dev/null @@ -1,175 +0,0 @@ -{ config, lib, options, pkgs, ... }: - -with lib; -let - cfg = config.services.sourcehut; - opt = options.services.sourcehut; - scfg = cfg.hg; - iniKey = "hg.sr.ht"; - - rcfg = config.services.redis; - drv = pkgs.sourcehut.hgsrht; -in -{ - options.services.sourcehut.hg = { - user = mkOption { - type = types.str; - internal = true; - readOnly = true; - default = "hg"; - description = '' - User for hg.sr.ht. - ''; - }; - - port = mkOption { - type = types.port; - default = 5010; - description = '' - Port on which the "hg" module should listen. - ''; - }; - - database = mkOption { - type = types.str; - default = "hg.sr.ht"; - description = '' - PostgreSQL database name for hg.sr.ht. - ''; - }; - - statePath = mkOption { - type = types.path; - default = "${cfg.statePath}/hgsrht"; - defaultText = literalExpression ''"''${config.${opt.statePath}}/hgsrht"''; - description = '' - State path for hg.sr.ht. - ''; - }; - - cloneBundles = mkOption { - type = types.bool; - default = false; - description = '' - Generate clonebundles (which require more disk space but dramatically speed up cloning large repositories). - ''; - }; - }; - - config = with scfg; lib.mkIf (cfg.enable && elem "hg" cfg.services) { - # In case it ever comes into being - environment.etc."ssh/hgsrht-dispatch" = { - mode = "0755"; - text = '' - #! ${pkgs.stdenv.shell} - ${cfg.python}/bin/gitsrht-dispatch $@ - ''; - }; - - environment.systemPackages = [ pkgs.mercurial ]; - - users = { - users = { - "${user}" = { - isSystemUser = true; - group = user; - # Assuming hg.sr.ht needs this too - shell = pkgs.bash; - description = "hg.sr.ht user"; - }; - }; - - groups = { - "${user}" = { }; - }; - }; - - services = { - cron.systemCronJobs = [ "*/20 * * * * ${cfg.python}/bin/hgsrht-periodic" ] - ++ optional cloneBundles "0 * * * * ${cfg.python}/bin/hgsrht-clonebundles"; - - openssh.authorizedKeysCommand = ''/etc/ssh/hgsrht-dispatch "%u" "%h" "%t" "%k"''; - openssh.authorizedKeysCommandUser = "root"; - openssh.extraConfig = '' - PermitUserEnvironment SRHT_* - ''; - - postgresql = { - authentication = '' - local ${database} ${user} trust - ''; - ensureDatabases = [ database ]; - ensureUsers = [ - { - name = user; - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; }; - } - ]; - }; - }; - - systemd = { - tmpfiles.rules = [ - # /var/log is owned by root - "f /var/log/hg-srht-shell 0644 ${user} ${user} -" - - "d ${statePath} 0750 ${user} ${user} -" - "d ${cfg.settings."${iniKey}".repos} 2755 ${user} ${user} -" - ]; - - services.hgsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey { - after = [ "redis.service" "postgresql.service" "network.target" ]; - requires = [ "redis.service" "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - path = [ pkgs.mercurial ]; - description = "hg.sr.ht website service"; - - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}"; - }; - }; - - services.sourcehut.settings = { - # URL hg.sr.ht is being served at (protocol://domain) - "hg.sr.ht".origin = mkDefault "http://hg.${cfg.originBase}"; - # Address and port to bind the debug server to - "hg.sr.ht".debug-host = mkDefault "0.0.0.0"; - "hg.sr.ht".debug-port = mkDefault port; - # Configures the SQLAlchemy connection string for the database. - "hg.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql"; - # The redis connection used for the webhooks worker - "hg.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/1"; - # A post-update script which is installed in every mercurial repo. - "hg.sr.ht".changegroup-script = mkDefault "${cfg.python}/bin/hgsrht-hook-changegroup"; - # hg.sr.ht's OAuth client ID and secret for meta.sr.ht - # Register your client at meta.example.org/oauth - "hg.sr.ht".oauth-client-id = mkDefault null; - "hg.sr.ht".oauth-client-secret = mkDefault null; - # Path to mercurial repositories on disk - "hg.sr.ht".repos = mkDefault "/var/lib/hg"; - # Path to the srht mercurial extension - # (defaults to where the hgsrht code is) - # "hg.sr.ht".srhtext = mkDefault null; - # .hg/store size (in MB) past which the nightly job generates clone bundles. - # "hg.sr.ht".clone_bundle_threshold = mkDefault 50; - # Path to hg-ssh (if not in $PATH) - # "hg.sr.ht".hg_ssh = mkDefault /path/to/hg-ssh; - - # The authorized keys hook uses this to dispatch to various handlers - # The format is a program to exec into as the key, and the user to match as the - # value. When someone tries to log in as this user, this program is executed - # and is expected to omit an AuthorizedKeys file. - # - # Uncomment the relevant lines to enable the various sr.ht dispatchers. - "hg.sr.ht::dispatch"."/run/current-system/sw/bin/hgsrht-keys" = mkDefault "${user}:${user}"; - }; - - # TODO: requires testing and addition of hg-specific requirements - services.nginx.virtualHosts."hg.${cfg.originBase}" = { - forceSSL = true; - locations."/".proxyPass = "http://${cfg.address}:${toString port}"; - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}"; - locations."/static".root = "${pkgs.sourcehut.hgsrht}/${pkgs.sourcehut.python.sitePackages}/hgsrht"; - }; - }; -} diff --git a/nixos/modules/services/misc/sourcehut/hub.nix b/nixos/modules/services/misc/sourcehut/hub.nix deleted file mode 100644 index 7d137a76505..00000000000 --- a/nixos/modules/services/misc/sourcehut/hub.nix +++ /dev/null @@ -1,120 +0,0 @@ -{ config, lib, options, pkgs, ... }: - -with lib; -let - cfg = config.services.sourcehut; - opt = options.services.sourcehut; - cfgIni = cfg.settings; - scfg = cfg.hub; - iniKey = "hub.sr.ht"; - - drv = pkgs.sourcehut.hubsrht; -in -{ - options.services.sourcehut.hub = { - user = mkOption { - type = types.str; - default = "hubsrht"; - description = '' - User for hub.sr.ht. - ''; - }; - - port = mkOption { - type = types.port; - default = 5014; - description = '' - Port on which the "hub" module should listen. - ''; - }; - - database = mkOption { - type = types.str; - default = "hub.sr.ht"; - description = '' - PostgreSQL database name for hub.sr.ht. - ''; - }; - - statePath = mkOption { - type = types.path; - default = "${cfg.statePath}/hubsrht"; - defaultText = literalExpression ''"''${config.${opt.statePath}}/hubsrht"''; - description = '' - State path for hub.sr.ht. - ''; - }; - }; - - config = with scfg; lib.mkIf (cfg.enable && elem "hub" cfg.services) { - users = { - users = { - "${user}" = { - isSystemUser = true; - group = user; - description = "hub.sr.ht user"; - }; - }; - - groups = { - "${user}" = { }; - }; - }; - - services.postgresql = { - authentication = '' - local ${database} ${user} trust - ''; - ensureDatabases = [ database ]; - ensureUsers = [ - { - name = user; - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; }; - } - ]; - }; - - systemd = { - tmpfiles.rules = [ - "d ${statePath} 0750 ${user} ${user} -" - ]; - - services.hubsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "hub.sr.ht website service"; - - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}"; - }; - }; - - services.sourcehut.settings = { - # URL hub.sr.ht is being served at (protocol://domain) - "hub.sr.ht".origin = mkDefault "http://hub.${cfg.originBase}"; - # Address and port to bind the debug server to - "hub.sr.ht".debug-host = mkDefault "0.0.0.0"; - "hub.sr.ht".debug-port = mkDefault port; - # Configures the SQLAlchemy connection string for the database. - "hub.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql"; - # Set to "yes" to automatically run migrations on package upgrade. - "hub.sr.ht".migrate-on-upgrade = mkDefault "yes"; - # hub.sr.ht's OAuth client ID and secret for meta.sr.ht - # Register your client at meta.example.org/oauth - "hub.sr.ht".oauth-client-id = mkDefault null; - "hub.sr.ht".oauth-client-secret = mkDefault null; - }; - - services.nginx.virtualHosts."${cfg.originBase}" = { - forceSSL = true; - locations."/".proxyPass = "http://${cfg.address}:${toString port}"; - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}"; - locations."/static".root = "${pkgs.sourcehut.hubsrht}/${pkgs.sourcehut.python.sitePackages}/hubsrht"; - }; - services.nginx.virtualHosts."hub.${cfg.originBase}" = { - globalRedirect = "${cfg.originBase}"; - forceSSL = true; - }; - }; -} diff --git a/nixos/modules/services/misc/sourcehut/lists.nix b/nixos/modules/services/misc/sourcehut/lists.nix deleted file mode 100644 index 76f155caa05..00000000000 --- a/nixos/modules/services/misc/sourcehut/lists.nix +++ /dev/null @@ -1,187 +0,0 @@ -# Email setup is fairly involved, useful references: -# https://drewdevault.com/2018/08/05/Local-mail-server.html - -{ config, lib, options, pkgs, ... }: - -with lib; -let - cfg = config.services.sourcehut; - opt = options.services.sourcehut; - cfgIni = cfg.settings; - scfg = cfg.lists; - iniKey = "lists.sr.ht"; - - rcfg = config.services.redis; - drv = pkgs.sourcehut.listssrht; -in -{ - options.services.sourcehut.lists = { - user = mkOption { - type = types.str; - default = "listssrht"; - description = '' - User for lists.sr.ht. - ''; - }; - - port = mkOption { - type = types.port; - default = 5006; - description = '' - Port on which the "lists" module should listen. - ''; - }; - - database = mkOption { - type = types.str; - default = "lists.sr.ht"; - description = '' - PostgreSQL database name for lists.sr.ht. - ''; - }; - - statePath = mkOption { - type = types.path; - default = "${cfg.statePath}/listssrht"; - defaultText = literalExpression ''"''${config.${opt.statePath}}/listssrht"''; - description = '' - State path for lists.sr.ht. - ''; - }; - }; - - config = with scfg; lib.mkIf (cfg.enable && elem "lists" cfg.services) { - users = { - users = { - "${user}" = { - isSystemUser = true; - group = user; - extraGroups = [ "postfix" ]; - description = "lists.sr.ht user"; - }; - }; - groups = { - "${user}" = { }; - }; - }; - - services.postgresql = { - authentication = '' - local ${database} ${user} trust - ''; - ensureDatabases = [ database ]; - ensureUsers = [ - { - name = user; - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; }; - } - ]; - }; - - systemd = { - tmpfiles.rules = [ - "d ${statePath} 0750 ${user} ${user} -" - ]; - - services = { - listssrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "lists.sr.ht website service"; - - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}"; - }; - - listssrht-process = { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "lists.sr.ht process service"; - serviceConfig = { - Type = "simple"; - User = user; - Restart = "always"; - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.process worker --loglevel=info"; - }; - }; - - listssrht-lmtp = { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "lists.sr.ht process service"; - serviceConfig = { - Type = "simple"; - User = user; - Restart = "always"; - ExecStart = "${cfg.python}/bin/listssrht-lmtp"; - }; - }; - - - listssrht-webhooks = { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "lists.sr.ht webhooks service"; - serviceConfig = { - Type = "simple"; - User = user; - Restart = "always"; - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info"; - }; - }; - }; - }; - - services.sourcehut.settings = { - # URL lists.sr.ht is being served at (protocol://domain) - "lists.sr.ht".origin = mkDefault "http://lists.${cfg.originBase}"; - # Address and port to bind the debug server to - "lists.sr.ht".debug-host = mkDefault "0.0.0.0"; - "lists.sr.ht".debug-port = mkDefault port; - # Configures the SQLAlchemy connection string for the database. - "lists.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql"; - # Set to "yes" to automatically run migrations on package upgrade. - "lists.sr.ht".migrate-on-upgrade = mkDefault "yes"; - # lists.sr.ht's OAuth client ID and secret for meta.sr.ht - # Register your client at meta.example.org/oauth - "lists.sr.ht".oauth-client-id = mkDefault null; - "lists.sr.ht".oauth-client-secret = mkDefault null; - # Outgoing email for notifications generated by users - "lists.sr.ht".notify-from = mkDefault "CHANGEME@example.org"; - # The redis connection used for the webhooks worker - "lists.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/2"; - # The redis connection used for the celery worker - "lists.sr.ht".redis = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/4"; - # Network-key - "lists.sr.ht".network-key = mkDefault null; - # Allow creation - "lists.sr.ht".allow-new-lists = mkDefault "no"; - # Posting Domain - "lists.sr.ht".posting-domain = mkDefault "lists.${cfg.originBase}"; - - # Path for the lmtp daemon's unix socket. Direct incoming mail to this socket. - # Alternatively, specify IP:PORT and an SMTP server will be run instead. - "lists.sr.ht::worker".sock = mkDefault "/tmp/lists.sr.ht-lmtp.sock"; - # The lmtp daemon will make the unix socket group-read/write for users in this - # group. - "lists.sr.ht::worker".sock-group = mkDefault "postfix"; - "lists.sr.ht::worker".reject-url = mkDefault "https://man.sr.ht/lists.sr.ht/etiquette.md"; - "lists.sr.ht::worker".reject-mimetypes = mkDefault "text/html"; - - }; - - services.nginx.virtualHosts."lists.${cfg.originBase}" = { - forceSSL = true; - locations."/".proxyPass = "http://${cfg.address}:${toString port}"; - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}"; - locations."/static".root = "${pkgs.sourcehut.listssrht}/${pkgs.sourcehut.python.sitePackages}/listssrht"; - }; - }; -} diff --git a/nixos/modules/services/misc/sourcehut/man.nix b/nixos/modules/services/misc/sourcehut/man.nix deleted file mode 100644 index 8ca271c32ee..00000000000 --- a/nixos/modules/services/misc/sourcehut/man.nix +++ /dev/null @@ -1,124 +0,0 @@ -{ config, lib, options, pkgs, ... }: - -with lib; -let - cfg = config.services.sourcehut; - opt = options.services.sourcehut; - cfgIni = cfg.settings; - scfg = cfg.man; - iniKey = "man.sr.ht"; - - drv = pkgs.sourcehut.mansrht; -in -{ - options.services.sourcehut.man = { - user = mkOption { - type = types.str; - default = "mansrht"; - description = '' - User for man.sr.ht. - ''; - }; - - port = mkOption { - type = types.port; - default = 5004; - description = '' - Port on which the "man" module should listen. - ''; - }; - - database = mkOption { - type = types.str; - default = "man.sr.ht"; - description = '' - PostgreSQL database name for man.sr.ht. - ''; - }; - - statePath = mkOption { - type = types.path; - default = "${cfg.statePath}/mansrht"; - defaultText = literalExpression ''"''${config.${opt.statePath}}/mansrht"''; - description = '' - State path for man.sr.ht. - ''; - }; - }; - - config = with scfg; lib.mkIf (cfg.enable && elem "man" cfg.services) { - assertions = - [ - { - assertion = hasAttrByPath [ "git.sr.ht" "oauth-client-id" ] cfgIni; - message = "man.sr.ht needs access to git.sr.ht."; - } - ]; - - users = { - users = { - "${user}" = { - isSystemUser = true; - group = user; - description = "man.sr.ht user"; - }; - }; - - groups = { - "${user}" = { }; - }; - }; - - services.postgresql = { - authentication = '' - local ${database} ${user} trust - ''; - ensureDatabases = [ database ]; - ensureUsers = [ - { - name = user; - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; }; - } - ]; - }; - - systemd = { - tmpfiles.rules = [ - "d ${statePath} 0750 ${user} ${user} -" - ]; - - services.mansrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "man.sr.ht website service"; - - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}"; - }; - }; - - services.sourcehut.settings = { - # URL man.sr.ht is being served at (protocol://domain) - "man.sr.ht".origin = mkDefault "http://man.${cfg.originBase}"; - # Address and port to bind the debug server to - "man.sr.ht".debug-host = mkDefault "0.0.0.0"; - "man.sr.ht".debug-port = mkDefault port; - # Configures the SQLAlchemy connection string for the database. - "man.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql"; - # Set to "yes" to automatically run migrations on package upgrade. - "man.sr.ht".migrate-on-upgrade = mkDefault "yes"; - # man.sr.ht's OAuth client ID and secret for meta.sr.ht - # Register your client at meta.example.org/oauth - "man.sr.ht".oauth-client-id = mkDefault null; - "man.sr.ht".oauth-client-secret = mkDefault null; - }; - - services.nginx.virtualHosts."man.${cfg.originBase}" = { - forceSSL = true; - locations."/".proxyPass = "http://${cfg.address}:${toString port}"; - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}"; - locations."/static".root = "${pkgs.sourcehut.mansrht}/${pkgs.sourcehut.python.sitePackages}/mansrht"; - }; - }; -} diff --git a/nixos/modules/services/misc/sourcehut/meta.nix b/nixos/modules/services/misc/sourcehut/meta.nix deleted file mode 100644 index 33e4f2332b5..00000000000 --- a/nixos/modules/services/misc/sourcehut/meta.nix +++ /dev/null @@ -1,213 +0,0 @@ -{ config, lib, options, pkgs, ... }: - -with lib; -let - cfg = config.services.sourcehut; - opt = options.services.sourcehut; - cfgIni = cfg.settings; - scfg = cfg.meta; - iniKey = "meta.sr.ht"; - - rcfg = config.services.redis; - drv = pkgs.sourcehut.metasrht; -in -{ - options.services.sourcehut.meta = { - user = mkOption { - type = types.str; - default = "metasrht"; - description = '' - User for meta.sr.ht. - ''; - }; - - port = mkOption { - type = types.port; - default = 5000; - description = '' - Port on which the "meta" module should listen. - ''; - }; - - database = mkOption { - type = types.str; - default = "meta.sr.ht"; - description = '' - PostgreSQL database name for meta.sr.ht. - ''; - }; - - statePath = mkOption { - type = types.path; - default = "${cfg.statePath}/metasrht"; - defaultText = literalExpression ''"''${config.${opt.statePath}}/metasrht"''; - description = '' - State path for meta.sr.ht. - ''; - }; - }; - - config = with scfg; lib.mkIf (cfg.enable && elem "meta" cfg.services) { - assertions = - [ - { - assertion = with cfgIni."meta.sr.ht::billing"; enabled == "yes" -> (stripe-public-key != null && stripe-secret-key != null); - message = "If meta.sr.ht::billing is enabled, the keys should be defined."; - } - ]; - - users = { - users = { - ${user} = { - isSystemUser = true; - group = user; - description = "meta.sr.ht user"; - }; - }; - - groups = { - "${user}" = { }; - }; - }; - - services.cron.systemCronJobs = [ "0 0 * * * ${cfg.python}/bin/metasrht-daily" ]; - services.postgresql = { - authentication = '' - local ${database} ${user} trust - ''; - ensureDatabases = [ database ]; - ensureUsers = [ - { - name = user; - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; }; - } - ]; - }; - - systemd = { - tmpfiles.rules = [ - "d ${statePath} 0750 ${user} ${user} -" - ]; - - services = { - metasrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "meta.sr.ht website service"; - - preStart = '' - # Configure client(s) as "preauthorized" - ${concatMapStringsSep "\n\n" - (attr: '' - if ! test -e "${statePath}/${attr}.oauth" || [ "$(cat ${statePath}/${attr}.oauth)" != "${cfgIni."${attr}".oauth-client-id}" ]; then - # Configure ${attr}'s OAuth client as "preauthorized" - psql ${database} \ - -c "UPDATE oauthclient SET preauthorized = true WHERE client_id = '${cfgIni."${attr}".oauth-client-id}'" - - printf "%s" "${cfgIni."${attr}".oauth-client-id}" > "${statePath}/${attr}.oauth" - fi - '') - (builtins.attrNames (filterAttrs - (k: v: !(hasInfix "::" k) && builtins.hasAttr "oauth-client-id" v && v.oauth-client-id != null) - cfg.settings))} - ''; - - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}"; - }; - - metasrht-api = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "meta.sr.ht api service"; - - preStart = '' - # Configure client(s) as "preauthorized" - ${concatMapStringsSep "\n\n" - (attr: '' - if ! test -e "${statePath}/${attr}.oauth" || [ "$(cat ${statePath}/${attr}.oauth)" != "${cfgIni."${attr}".oauth-client-id}" ]; then - # Configure ${attr}'s OAuth client as "preauthorized" - psql ${database} \ - -c "UPDATE oauthclient SET preauthorized = true WHERE client_id = '${cfgIni."${attr}".oauth-client-id}'" - - printf "%s" "${cfgIni."${attr}".oauth-client-id}" > "${statePath}/${attr}.oauth" - fi - '') - (builtins.attrNames (filterAttrs - (k: v: !(hasInfix "::" k) && builtins.hasAttr "oauth-client-id" v && v.oauth-client-id != null) - cfg.settings))} - ''; - - serviceConfig.ExecStart = "${pkgs.sourcehut.metasrht}/bin/metasrht-api -b :${toString (port + 100)}"; - }; - - metasrht-webhooks = { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "meta.sr.ht webhooks service"; - serviceConfig = { - Type = "simple"; - User = user; - Restart = "always"; - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info"; - }; - - }; - }; - }; - - services.sourcehut.settings = { - # URL meta.sr.ht is being served at (protocol://domain) - "meta.sr.ht".origin = mkDefault "https://meta.${cfg.originBase}"; - # Address and port to bind the debug server to - "meta.sr.ht".debug-host = mkDefault "0.0.0.0"; - "meta.sr.ht".debug-port = mkDefault port; - # Configures the SQLAlchemy connection string for the database. - "meta.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql"; - # Set to "yes" to automatically run migrations on package upgrade. - "meta.sr.ht".migrate-on-upgrade = mkDefault "yes"; - # If "yes", the user will be sent the stock sourcehut welcome emails after - # signup (requires cron to be configured properly). These are specific to the - # sr.ht instance so you probably want to patch these before enabling this. - "meta.sr.ht".welcome-emails = mkDefault "no"; - - # The redis connection used for the webhooks worker - "meta.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/6"; - - # If "no", public registration will not be permitted. - "meta.sr.ht::settings".registration = mkDefault "no"; - # Where to redirect new users upon registration - "meta.sr.ht::settings".onboarding-redirect = mkDefault "https://meta.${cfg.originBase}"; - # How many invites each user is issued upon registration (only applicable if - # open registration is disabled) - "meta.sr.ht::settings".user-invites = mkDefault 5; - - # Origin URL for API, 100 more than web - "meta.sr.ht".api-origin = mkDefault "http://localhost:5100"; - - # You can add aliases for the client IDs of commonly used OAuth clients here. - # - # Example: - "meta.sr.ht::aliases" = mkDefault { }; - # "meta.sr.ht::aliases"."git.sr.ht" = 12345; - - # "yes" to enable the billing system - "meta.sr.ht::billing".enabled = mkDefault "no"; - # Get your keys at https://dashboard.stripe.com/account/apikeys - "meta.sr.ht::billing".stripe-public-key = mkDefault null; - "meta.sr.ht::billing".stripe-secret-key = mkDefault null; - }; - - services.nginx.virtualHosts."meta.${cfg.originBase}" = { - forceSSL = true; - locations."/".proxyPass = "http://${cfg.address}:${toString port}"; - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}"; - locations."/static".root = "${pkgs.sourcehut.metasrht}/${pkgs.sourcehut.python.sitePackages}/metasrht"; - }; - }; -} diff --git a/nixos/modules/services/misc/sourcehut/paste.nix b/nixos/modules/services/misc/sourcehut/paste.nix deleted file mode 100644 index b481ebaf891..00000000000 --- a/nixos/modules/services/misc/sourcehut/paste.nix +++ /dev/null @@ -1,135 +0,0 @@ -{ config, lib, options, pkgs, ... }: - -with lib; -let - cfg = config.services.sourcehut; - opt = options.services.sourcehut; - cfgIni = cfg.settings; - scfg = cfg.paste; - iniKey = "paste.sr.ht"; - - rcfg = config.services.redis; - drv = pkgs.sourcehut.pastesrht; -in -{ - options.services.sourcehut.paste = { - user = mkOption { - type = types.str; - default = "pastesrht"; - description = '' - User for paste.sr.ht. - ''; - }; - - port = mkOption { - type = types.port; - default = 5011; - description = '' - Port on which the "paste" module should listen. - ''; - }; - - database = mkOption { - type = types.str; - default = "paste.sr.ht"; - description = '' - PostgreSQL database name for paste.sr.ht. - ''; - }; - - statePath = mkOption { - type = types.path; - default = "${cfg.statePath}/pastesrht"; - defaultText = literalExpression ''"''${config.${opt.statePath}}/pastesrht"''; - description = '' - State path for pastesrht.sr.ht. - ''; - }; - }; - - config = with scfg; lib.mkIf (cfg.enable && elem "paste" cfg.services) { - users = { - users = { - "${user}" = { - isSystemUser = true; - group = user; - description = "paste.sr.ht user"; - }; - }; - - groups = { - "${user}" = { }; - }; - }; - - services.postgresql = { - authentication = '' - local ${database} ${user} trust - ''; - ensureDatabases = [ database ]; - ensureUsers = [ - { - name = user; - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; }; - } - ]; - }; - - systemd = { - tmpfiles.rules = [ - "d ${statePath} 0750 ${user} ${user} -" - ]; - - services = { - pastesrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "paste.sr.ht website service"; - - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}"; - }; - - pastesrht-webhooks = { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "paste.sr.ht webhooks service"; - serviceConfig = { - Type = "simple"; - User = user; - Restart = "always"; - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info"; - }; - - }; - }; - }; - - services.sourcehut.settings = { - # URL paste.sr.ht is being served at (protocol://domain) - "paste.sr.ht".origin = mkDefault "http://paste.${cfg.originBase}"; - # Address and port to bind the debug server to - "paste.sr.ht".debug-host = mkDefault "0.0.0.0"; - "paste.sr.ht".debug-port = mkDefault port; - # Configures the SQLAlchemy connection string for the database. - "paste.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql"; - # Set to "yes" to automatically run migrations on package upgrade. - "paste.sr.ht".migrate-on-upgrade = mkDefault "yes"; - # paste.sr.ht's OAuth client ID and secret for meta.sr.ht - # Register your client at meta.example.org/oauth - "paste.sr.ht".oauth-client-id = mkDefault null; - "paste.sr.ht".oauth-client-secret = mkDefault null; - "paste.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/5"; - }; - - services.nginx.virtualHosts."paste.${cfg.originBase}" = { - forceSSL = true; - locations."/".proxyPass = "http://${cfg.address}:${toString port}"; - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}"; - locations."/static".root = "${pkgs.sourcehut.pastesrht}/${pkgs.sourcehut.python.sitePackages}/pastesrht"; - }; - }; -} diff --git a/nixos/modules/services/misc/sourcehut/todo.nix b/nixos/modules/services/misc/sourcehut/todo.nix deleted file mode 100644 index 262fa48f59d..00000000000 --- a/nixos/modules/services/misc/sourcehut/todo.nix +++ /dev/null @@ -1,163 +0,0 @@ -{ config, lib, options, pkgs, ... }: - -with lib; -let - cfg = config.services.sourcehut; - opt = options.services.sourcehut; - cfgIni = cfg.settings; - scfg = cfg.todo; - iniKey = "todo.sr.ht"; - - rcfg = config.services.redis; - drv = pkgs.sourcehut.todosrht; -in -{ - options.services.sourcehut.todo = { - user = mkOption { - type = types.str; - default = "todosrht"; - description = '' - User for todo.sr.ht. - ''; - }; - - port = mkOption { - type = types.port; - default = 5003; - description = '' - Port on which the "todo" module should listen. - ''; - }; - - database = mkOption { - type = types.str; - default = "todo.sr.ht"; - description = '' - PostgreSQL database name for todo.sr.ht. - ''; - }; - - statePath = mkOption { - type = types.path; - default = "${cfg.statePath}/todosrht"; - defaultText = literalExpression ''"''${config.${opt.statePath}}/todosrht"''; - description = '' - State path for todo.sr.ht. - ''; - }; - }; - - config = with scfg; lib.mkIf (cfg.enable && elem "todo" cfg.services) { - users = { - users = { - "${user}" = { - isSystemUser = true; - group = user; - extraGroups = [ "postfix" ]; - description = "todo.sr.ht user"; - }; - }; - groups = { - "${user}" = { }; - }; - }; - - services.postgresql = { - authentication = '' - local ${database} ${user} trust - ''; - ensureDatabases = [ database ]; - ensureUsers = [ - { - name = user; - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; }; - } - ]; - }; - - systemd = { - tmpfiles.rules = [ - "d ${statePath} 0750 ${user} ${user} -" - ]; - - services = { - todosrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "todo.sr.ht website service"; - - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}"; - }; - - todosrht-lmtp = { - after = [ "postgresql.service" "network.target" ]; - bindsTo = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "todo.sr.ht process service"; - serviceConfig = { - Type = "simple"; - User = user; - Restart = "always"; - ExecStart = "${cfg.python}/bin/todosrht-lmtp"; - }; - }; - - todosrht-webhooks = { - after = [ "postgresql.service" "network.target" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - description = "todo.sr.ht webhooks service"; - serviceConfig = { - Type = "simple"; - User = user; - Restart = "always"; - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info"; - }; - - }; - }; - }; - - services.sourcehut.settings = { - # URL todo.sr.ht is being served at (protocol://domain) - "todo.sr.ht".origin = mkDefault "http://todo.${cfg.originBase}"; - # Address and port to bind the debug server to - "todo.sr.ht".debug-host = mkDefault "0.0.0.0"; - "todo.sr.ht".debug-port = mkDefault port; - # Configures the SQLAlchemy connection string for the database. - "todo.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql"; - # Set to "yes" to automatically run migrations on package upgrade. - "todo.sr.ht".migrate-on-upgrade = mkDefault "yes"; - # todo.sr.ht's OAuth client ID and secret for meta.sr.ht - # Register your client at meta.example.org/oauth - "todo.sr.ht".oauth-client-id = mkDefault null; - "todo.sr.ht".oauth-client-secret = mkDefault null; - # Outgoing email for notifications generated by users - "todo.sr.ht".notify-from = mkDefault "CHANGEME@example.org"; - # The redis connection used for the webhooks worker - "todo.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/1"; - # Network-key - "todo.sr.ht".network-key = mkDefault null; - - # Path for the lmtp daemon's unix socket. Direct incoming mail to this socket. - # Alternatively, specify IP:PORT and an SMTP server will be run instead. - "todo.sr.ht::mail".sock = mkDefault "/tmp/todo.sr.ht-lmtp.sock"; - # The lmtp daemon will make the unix socket group-read/write for users in this - # group. - "todo.sr.ht::mail".sock-group = mkDefault "postfix"; - - "todo.sr.ht::mail".posting-domain = mkDefault "todo.${cfg.originBase}"; - }; - - services.nginx.virtualHosts."todo.${cfg.originBase}" = { - forceSSL = true; - locations."/".proxyPass = "http://${cfg.address}:${toString port}"; - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}"; - locations."/static".root = "${pkgs.sourcehut.todosrht}/${pkgs.sourcehut.python.sitePackages}/todosrht"; - }; - }; -} From d587a14bca6418deb329fee1704a7080b1a8c38a Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 12 May 2022 00:19:40 +0200 Subject: [PATCH 50/70] sourcehut.buildsrht: 0.79.1 -> 0.80.0 --- pkgs/applications/version-management/sourcehut/builds.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/builds.nix b/pkgs/applications/version-management/sourcehut/builds.nix index e2cc01eb9c7..bef1b175cd6 100644 --- a/pkgs/applications/version-management/sourcehut/builds.nix +++ b/pkgs/applications/version-management/sourcehut/builds.nix @@ -12,13 +12,13 @@ , unzip }: let - version = "0.79.1"; + version = "0.80.0"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "builds.sr.ht"; rev = version; - sha256 = "sha256-8fZ6KdD+9+n0uO3jm0AUyG08oCUNFq1K55ZOwLbkpHk="; + sha256 = "sha256-SzA9bOXiXULRD4Eq9xBbbmMUpXT8egOtooZFF4p79ms="; }; buildsrht-api = buildGoModule ({ From a43c25161c53976ae917b7345a7fc95d273ef4e3 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 12 May 2022 00:38:40 +0200 Subject: [PATCH 51/70] sourcehut.listssrht: 0.51.9 -> 0.51.10 --- pkgs/applications/version-management/sourcehut/lists.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/lists.nix b/pkgs/applications/version-management/sourcehut/lists.nix index d2645531121..213ef3a8cfd 100644 --- a/pkgs/applications/version-management/sourcehut/lists.nix +++ b/pkgs/applications/version-management/sourcehut/lists.nix @@ -14,13 +14,13 @@ buildPythonPackage rec { pname = "listssrht"; - version = "0.51.9"; + version = "0.51.10"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "lists.sr.ht"; rev = version; - sha256 = "sha256-6iyt0XXAHvyp4bA+VW9uA9YP9wq2Rf/WYVZxylSRf7k="; + sha256 = "sha256-f8KvMctDva31W5c6uAIDDZ0eUrRL5ha10ew2pLEnJtw="; }; listssrht-api = buildGoModule ({ From 2add91db99baca85edf510bcc2a4dfaad10bc23f Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 12 May 2022 00:47:13 +0200 Subject: [PATCH 52/70] sourcehut.todosrht: 0.71.0 -> 0.71.2 --- pkgs/applications/version-management/sourcehut/todo.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/todo.nix b/pkgs/applications/version-management/sourcehut/todo.nix index 4611c63dd0b..9dbe86e6f63 100644 --- a/pkgs/applications/version-management/sourcehut/todo.nix +++ b/pkgs/applications/version-management/sourcehut/todo.nix @@ -14,13 +14,13 @@ buildPythonPackage rec { pname = "todosrht"; - version = "0.71.0"; + version = "0.71.2"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "todo.sr.ht"; rev = version; - sha256 = "sha256-IIZKN006UIrdcxF+LYkUtc97QoCnWqzX8036vMctWHY="; + sha256 = "sha256-m7FY+jXpwPnK1+b1iQiDGe8JPfAFQp65BzGH6WvNwhM="; }; patches = [ From 2103e323e8a9ed46ab8e53b0c352bfbc702336a4 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 12 May 2022 01:16:10 +0200 Subject: [PATCH 53/70] sourcehut: passthru nixosTests.sourcehut --- pkgs/applications/version-management/sourcehut/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/applications/version-management/sourcehut/default.nix b/pkgs/applications/version-management/sourcehut/default.nix index 00810f208cc..aee65dee3bb 100644 --- a/pkgs/applications/version-management/sourcehut/default.nix +++ b/pkgs/applications/version-management/sourcehut/default.nix @@ -2,6 +2,7 @@ , openssl , callPackage , recurseIntoAttrs +, nixosTests }: # To expose the *srht modules, they have to be a python module so we use `buildPythonModule` @@ -44,4 +45,7 @@ with python.pkgs; recurseIntoAttrs { pagessrht = pagessrht; pastesrht = toPythonApplication pastesrht; todosrht = toPythonApplication todosrht; + passthru.tests = { + nixos-sourcehut = nixosTests.sourcehut; + }; } From cd6808ba9f937f30716e4b844358189a49105f6c Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 13 May 2022 00:53:16 +0200 Subject: [PATCH 54/70] sourcehut: fix Unix socket support for Redis --- .../services/misc/sourcehut/default.nix | 2 +- .../services/misc/sourcehut/service.nix | 2 +- nixos/tests/sourcehut.nix | 1 + .../version-management/sourcehut/builds.nix | 4 -- .../version-management/sourcehut/core.nix | 2 + .../version-management/sourcehut/git.nix | 4 -- .../version-management/sourcehut/lists.nix | 4 -- .../version-management/sourcehut/meta.nix | 4 -- ...uild-submission-and-queue-monitoring.patch | 69 ------------------- ...ocket-support-in-RedisQueueCollector.patch | 42 +++++++++++ ...-Revert-Add-webhook-queue-monitoring.patch | 33 --------- ...-Revert-Add-webhook-queue-monitoring.patch | 48 ------------- ...-Revert-Add-webhook-queue-monitoring.patch | 48 ------------- ...-Revert-Add-webhook-queue-monitoring.patch | 50 -------------- .../version-management/sourcehut/todo.nix | 5 -- 15 files changed, 47 insertions(+), 271 deletions(-) delete mode 100644 pkgs/applications/version-management/sourcehut/patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch create mode 100644 pkgs/applications/version-management/sourcehut/patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch delete mode 100644 pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch delete mode 100644 pkgs/applications/version-management/sourcehut/patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch delete mode 100644 pkgs/applications/version-management/sourcehut/patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch delete mode 100644 pkgs/applications/version-management/sourcehut/patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index 70f6ea7ce97..f5e4742d902 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -83,7 +83,7 @@ let python = pkgs.sourcehut.python.withPackages (ps: with ps; [ gunicorn eventlet - # For monitoring Celery: sudo -u listssrht celery --app listssrht.process -b redis+socket:///run/redis-sourcehut/redis.sock?virtual_host=5 flower + # For monitoring Celery: sudo -u listssrht celery --app listssrht.process -b redis+socket:///run/redis-sourcehut/redis.sock?virtual_host=1 flower flower # Sourcehut services srht diff --git a/nixos/modules/services/misc/sourcehut/service.nix b/nixos/modules/services/misc/sourcehut/service.nix index f1706ad0a6a..4ecc7a72669 100644 --- a/nixos/modules/services/misc/sourcehut/service.nix +++ b/nixos/modules/services/misc/sourcehut/service.nix @@ -148,7 +148,7 @@ in redis = { host = mkOption { type = types.str; - default = "unix:/run/redis-sourcehut-${srvsrht}/redis.sock?db=0"; + default = "unix:///run/redis-sourcehut-${srvsrht}/redis.sock?db=0"; example = "redis://shared.wireguard:6379/0"; description = '' The redis host URL. This is used for caching and temporary storage, and must diff --git a/nixos/tests/sourcehut.nix b/nixos/tests/sourcehut.nix index 34a60247e00..6998f4f0c10 100644 --- a/nixos/tests/sourcehut.nix +++ b/nixos/tests/sourcehut.nix @@ -195,6 +195,7 @@ in # Testing metasrht machine.wait_for_unit("metasrht-api.service") machine.wait_for_unit("metasrht.service") + machine.wait_for_unit("metasrht-webhooks.service") machine.wait_for_open_port(5000) machine.succeed("curl -sL http://localhost:5000 | grep meta.${domain}") machine.succeed("curl -sL http://meta.${domain} | grep meta.${domain}") diff --git a/pkgs/applications/version-management/sourcehut/builds.nix b/pkgs/applications/version-management/sourcehut/builds.nix index bef1b175cd6..99d6a05c4eb 100644 --- a/pkgs/applications/version-management/sourcehut/builds.nix +++ b/pkgs/applications/version-management/sourcehut/builds.nix @@ -39,10 +39,6 @@ buildPythonPackage rec { inherit src version; pname = "buildsrht"; - patches = [ - # Revert change breaking Unix socket support for Redis - patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch - ]; postPatch = '' substituteInPlace Makefile \ --replace "all: api worker" "" diff --git a/pkgs/applications/version-management/sourcehut/core.nix b/pkgs/applications/version-management/sourcehut/core.nix index 610d5e2647c..0648f21910f 100644 --- a/pkgs/applications/version-management/sourcehut/core.nix +++ b/pkgs/applications/version-management/sourcehut/core.nix @@ -48,6 +48,8 @@ buildPythonPackage rec { patches = [ # Disable check for npm ./disable-npm-install.patch + # Fix Unix socket support in RedisQueueCollector + patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch ]; nativeBuildInputs = [ diff --git a/pkgs/applications/version-management/sourcehut/git.nix b/pkgs/applications/version-management/sourcehut/git.nix index e56022604fa..a721da0ecd3 100644 --- a/pkgs/applications/version-management/sourcehut/git.nix +++ b/pkgs/applications/version-management/sourcehut/git.nix @@ -58,10 +58,6 @@ buildPythonPackage rec { inherit src version; pname = "gitsrht"; - patches = [ - # Revert change breaking Unix socket support for Redis - patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch - ]; postPatch = '' substituteInPlace Makefile \ --replace "all: api gitsrht-dispatch gitsrht-keys gitsrht-shell gitsrht-update-hook" "" diff --git a/pkgs/applications/version-management/sourcehut/lists.nix b/pkgs/applications/version-management/sourcehut/lists.nix index 213ef3a8cfd..b9a00ffd213 100644 --- a/pkgs/applications/version-management/sourcehut/lists.nix +++ b/pkgs/applications/version-management/sourcehut/lists.nix @@ -30,10 +30,6 @@ buildPythonPackage rec { vendorSha256 = "sha256-xnmMkRSokbhWD+kz0XQ9AinYdm6/50FRBISURPvlzD0="; } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); - patches = [ - # Revert change breaking Unix socket support for Redis - patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch - ]; postPatch = '' substituteInPlace Makefile \ --replace "all: api" "" diff --git a/pkgs/applications/version-management/sourcehut/meta.nix b/pkgs/applications/version-management/sourcehut/meta.nix index 79293736e4a..896279addd3 100644 --- a/pkgs/applications/version-management/sourcehut/meta.nix +++ b/pkgs/applications/version-management/sourcehut/meta.nix @@ -40,10 +40,6 @@ buildPythonPackage rec { pname = "metasrht"; inherit version src; - patches = [ - # Revert change breaking Unix socket support for Redis - patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch - ]; postPatch = '' substituteInPlace Makefile \ --replace "all: api" "" diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch deleted file mode 100644 index ae8e95ddc0c..00000000000 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 069b03f85847ed4a9223183b62ee53f420838911 Mon Sep 17 00:00:00 2001 -From: Julien Moutinho -Date: Thu, 16 Dec 2021 04:54:24 +0100 -Subject: [PATCH builds.sr.ht] Revert "Add build submission and queue - monitoring" - -This reverts commit 690f1aa16c77e418dc40109cd5e8fdf4a7ed947a. - -This has broken Unix socket support for Redis -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E ---- - buildsrht/app.py | 3 --- - buildsrht/runner.py | 9 +-------- - 2 files changed, 1 insertion(+), 11 deletions(-) - -diff --git a/buildsrht/app.py b/buildsrht/app.py -index e5321a2..7c9977c 100644 ---- a/buildsrht/app.py -+++ b/buildsrht/app.py -@@ -36,9 +36,6 @@ class BuildApp(SrhtFlask): - self.register_blueprint(secrets) - self.register_blueprint(gql_blueprint) - -- from buildsrht.runner import builds_queue_metrics_collector -- self.metrics_registry.register(builds_queue_metrics_collector) -- - @self.context_processor - def inject(): - return { -diff --git a/buildsrht/runner.py b/buildsrht/runner.py -index 7773452..0389c8e 100644 ---- a/buildsrht/runner.py -+++ b/buildsrht/runner.py -@@ -5,13 +5,10 @@ from srht.config import cfg - from srht.database import db - from srht.email import send_email - from srht.oauth import UserType --from srht.metrics import RedisQueueCollector --from prometheus_client import Counter - - allow_free = cfg("builds.sr.ht", "allow-free", default="no") == "yes" - --builds_broker = cfg("builds.sr.ht", "redis") --runner = Celery('builds', broker=builds_broker, config_source={ -+runner = Celery('builds', broker=cfg("builds.sr.ht", "redis"), config_source={ - "CELERY_TASK_SERIALIZER": "json", - "CELERY_ACCEPT_CONTENT": ["json"], - "CELERY_RESULT_SERIALIZER": "json", -@@ -19,9 +16,6 @@ runner = Celery('builds', broker=builds_broker, config_source={ - "CELERY_TASK_PROTOCOL": 1 - }) - --builds_queue_metrics_collector = RedisQueueCollector(builds_broker, "buildsrht_builds", "Number of builds currently in queue") --builds_submitted = Counter("buildsrht_builds_submited", "Number of builds submitted") -- - def queue_build(job, manifest): - from buildsrht.types import JobStatus - job.status = JobStatus.queued -@@ -34,7 +28,6 @@ def queue_build(job, manifest): - cfg("sr.ht", "owner-email"), - "Cryptocurrency mining attempt on builds.sr.ht") - else: -- builds_submitted.inc() - run_build.delay(job.id, manifest.to_dict()) - - def requires_payment(user): --- -2.34.0 - diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch new file mode 100644 index 00000000000..889331f3e07 --- /dev/null +++ b/pkgs/applications/version-management/sourcehut/patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch @@ -0,0 +1,42 @@ +From 76dd636151735671be74ba9d55f773e190e22827 Mon Sep 17 00:00:00 2001 +From: Julien Moutinho +Date: Fri, 13 May 2022 22:40:46 +0200 +Subject: [PATCH core.sr.ht] Fix Unix socket support in RedisQueueCollector + +The broker URL is not necessarily in the format expected by Redis.from_url + +Especially, Redis.from_url supports this format for Unix sockets: + unix:///run/redis-sourcehut-metasrht/redis.sock?db=0 +See https://redis-py.readthedocs.io/en/stable/#redis.ConnectionPool.from_url + +Whereas Celery+Kombu support Redis but also other transports +and thus expect another scheme: + redis+socket:///run/redis-sourcehut-metasrht/redis.sock?virtual_host=1 +See https://docs.celeryproject.org/en/stable/userguide/configuration.html#redis-backend-settings +and https://github.com/celery/celery/blob/e5d99801e4b56a02af4a2e183879c767228d2817/celery/backends/redis.py#L299-L352 +and https://github.com/celery/kombu/blob/master/kombu/utils/url.py +--- + srht/metrics.py | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/srht/metrics.py b/srht/metrics.py +index 68caf8e..2df5777 100644 +--- a/srht/metrics.py ++++ b/srht/metrics.py +@@ -1,11 +1,12 @@ + import time ++from celery import Celery + from prometheus_client.metrics_core import GaugeMetricFamily + from redis import Redis, ResponseError + + + class RedisQueueCollector: + def __init__(self, broker, name, documentation, queue_name="celery"): +- self.redis = Redis.from_url(broker) ++ self.redis = Celery("collector", broker=broker).connection_for_read().channel().client + self.queue_name = queue_name + self.name = name + self.documentation = documentation +-- +2.35.1 + diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch deleted file mode 100644 index f9235102b95..00000000000 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch +++ /dev/null @@ -1,33 +0,0 @@ -diff --git a/gitsrht/app.py b/gitsrht/app.py -index eaae395..731bb03 100644 ---- a/gitsrht/app.py -+++ b/gitsrht/app.py -@@ -55,9 +55,6 @@ class GitApp(SrhtFlask): - self.add_template_filter(url_quote) - self.add_template_filter(commit_links) - -- from gitsrht.webhooks import webhook_metrics_collector -- self.metrics_registry.register(webhook_metrics_collector) -- - @self.context_processor - def inject(): - notice = session.get("notice") -diff --git a/gitsrht/webhooks.py b/gitsrht/webhooks.py -index 36486d0..0109428 100644 ---- a/gitsrht/webhooks.py -+++ b/gitsrht/webhooks.py -@@ -7,12 +7,10 @@ if not hasattr(db, "session"): - db.init() - from srht.webhook import Event - from srht.webhook.celery import CeleryWebhook, make_worker --from srht.metrics import RedisQueueCollector -+from scmsrht.webhooks import UserWebhook - import sqlalchemy as sa - --webhook_broker = cfg("git.sr.ht", "webhooks") --worker = make_worker(broker=webhook_broker) --webhook_metrics_collector = RedisQueueCollector(webhook_broker, "srht_webhooks", "Webhook queue length") -+worker = make_worker(broker=cfg("git.sr.ht", "webhooks")) - - class UserWebhook(CeleryWebhook): - events = [ diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch deleted file mode 100644 index 872d285b9bb..00000000000 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 730e090f31b150d42be4b4722751f8e4610835b0 Mon Sep 17 00:00:00 2001 -From: Julien Moutinho -Date: Sat, 12 Feb 2022 00:38:12 +0100 -Subject: [PATCH lists.sr.ht] Revert "Add webhook queue monitoring" - -This reverts commit e74e344808e8d523a9786cefcbf64c9a247d7a0e. - -Which has broken Unix socket support for Redis. -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E ---- - listssrht/app.py | 3 --- - listssrht/webhooks.py | 5 +---- - 2 files changed, 1 insertion(+), 7 deletions(-) - -diff --git a/listssrht/app.py b/listssrht/app.py -index aec59f3..83a355d 100644 ---- a/listssrht/app.py -+++ b/listssrht/app.py -@@ -29,9 +29,6 @@ class ListsApp(SrhtFlask): - self.register_blueprint(user) - self.register_blueprint(gql_blueprint) - -- from listssrht.webhooks import webhook_metrics_collector -- self.metrics_registry.register(webhook_metrics_collector) -- - @self.context_processor - def inject(): - from listssrht.types import ListAccess -diff --git a/listssrht/webhooks.py b/listssrht/webhooks.py -index ae5b1cb..86421ba 100644 ---- a/listssrht/webhooks.py -+++ b/listssrht/webhooks.py -@@ -8,11 +8,8 @@ if not hasattr(db, "session"): - db.init() - from srht.webhook import Event - from srht.webhook.celery import CeleryWebhook, make_worker --from srht.metrics import RedisQueueCollector - --webhook_broker = cfg("lists.sr.ht", "webhooks") --worker = make_worker(broker=webhook_broker) --webhook_metrics_collector = RedisQueueCollector(webhook_broker, "srht_webhooks", "Webhook queue length") -+worker = make_worker(broker=cfg("lists.sr.ht", "webhooks")) - - class ListWebhook(CeleryWebhook): - events = [ --- -2.34.1 - diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch deleted file mode 100644 index 9ec37670b06..00000000000 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch +++ /dev/null @@ -1,48 +0,0 @@ -From d88bee195797c6c294320617ff14798da94cd0f3 Mon Sep 17 00:00:00 2001 -From: Julien Moutinho -Date: Thu, 16 Dec 2021 04:52:08 +0100 -Subject: [PATCH meta.sr.ht] Revert "Add webhook queue monitoring" - -This reverts commit 9931df3c23094af5179df9ef019ca732b8125dac. - -This has broken Unix socket support for Redis. -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E ---- - metasrht/app.py | 3 --- - metasrht/webhooks.py | 5 +---- - 2 files changed, 1 insertion(+), 7 deletions(-) - -diff --git a/metasrht/app.py b/metasrht/app.py -index b190875..89c59bc 100644 ---- a/metasrht/app.py -+++ b/metasrht/app.py -@@ -49,9 +49,6 @@ class MetaApp(SrhtFlask): - from metasrht.blueprints.billing import billing - self.register_blueprint(billing) - -- from metasrht.webhooks import webhook_metrics_collector -- self.metrics_registry.register(webhook_metrics_collector) -- - @self.context_processor - def inject(): - return { -diff --git a/metasrht/webhooks.py b/metasrht/webhooks.py -index 3e1149e..3f0ba01 100644 ---- a/metasrht/webhooks.py -+++ b/metasrht/webhooks.py -@@ -7,11 +7,8 @@ if not hasattr(db, "session"): - db.init() - from srht.webhook import Event - from srht.webhook.celery import CeleryWebhook, make_worker --from srht.metrics import RedisQueueCollector - --webhook_broker = cfg("meta.sr.ht", "webhooks", "redis://") --worker = make_worker(broker=webhook_broker) --webhook_metrics_collector = RedisQueueCollector(webhook_broker, "srht_webhooks", "Webhook queue length") -+worker = make_worker(broker=cfg("meta.sr.ht", "webhooks", "redis://")) - - class UserWebhook(CeleryWebhook): - events = [ --- -2.34.0 - diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch deleted file mode 100644 index 861608c1184..00000000000 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 42a27ea60d8454552d54e1f51f1b976d1067fc32 Mon Sep 17 00:00:00 2001 -From: Julien Moutinho -Date: Sat, 12 Feb 2022 00:30:29 +0100 -Subject: [PATCH todo.sr.ht] Revert "Add webhook queue monitoring" - -This reverts commit 320a5e8f7cd16ca43928c36f0320593f84d986fa. - -Which has broken Unix socket support for Redis. -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E ---- - todosrht/flask.py | 3 --- - todosrht/webhooks.py | 6 +----- - 2 files changed, 1 insertion(+), 8 deletions(-) - -diff --git a/todosrht/flask.py b/todosrht/flask.py -index 5e8ac66..9d0fd27 100644 ---- a/todosrht/flask.py -+++ b/todosrht/flask.py -@@ -43,9 +43,6 @@ class TodoApp(SrhtFlask): - self.add_template_filter(urls.tracker_url) - self.add_template_filter(urls.user_url) - -- from todosrht.webhooks import webhook_metrics_collector -- self.metrics_registry.register(webhook_metrics_collector) -- - @self.context_processor - def inject(): - return { -diff --git a/todosrht/webhooks.py b/todosrht/webhooks.py -index eb8e08a..950047f 100644 ---- a/todosrht/webhooks.py -+++ b/todosrht/webhooks.py -@@ -7,13 +7,9 @@ if not hasattr(db, "session"): - db.init() - from srht.webhook import Event - from srht.webhook.celery import CeleryWebhook, make_worker --from srht.metrics import RedisQueueCollector - import sqlalchemy as sa - -- --webhooks_broker = cfg("todo.sr.ht", "webhooks") --worker = make_worker(broker=webhooks_broker) --webhook_metrics_collector = RedisQueueCollector(webhooks_broker, "srht_webhooks", "Webhook queue length") -+worker = make_worker(broker=cfg("todo.sr.ht", "webhooks")) - - import todosrht.tracker_import - --- -2.34.1 - diff --git a/pkgs/applications/version-management/sourcehut/todo.nix b/pkgs/applications/version-management/sourcehut/todo.nix index 9dbe86e6f63..67367b71ff9 100644 --- a/pkgs/applications/version-management/sourcehut/todo.nix +++ b/pkgs/applications/version-management/sourcehut/todo.nix @@ -23,16 +23,11 @@ buildPythonPackage rec { sha256 = "sha256-m7FY+jXpwPnK1+b1iQiDGe8JPfAFQp65BzGH6WvNwhM="; }; - patches = [ - # Revert change breaking Unix socket support for Redis - patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch - ]; postPatch = '' substituteInPlace Makefile \ --replace "all: api" "" ''; - todosrht-api = buildGoModule ({ inherit src version; pname = "todosrht-api"; From a097ca163e944a44e9a65ecccfcbc59dbe895ddb Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 11:43:21 +0200 Subject: [PATCH 55/70] sourcehut.srht: 0.68.24 -> 0.69.0 --- pkgs/applications/version-management/sourcehut/core.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/core.nix b/pkgs/applications/version-management/sourcehut/core.nix index 0648f21910f..ff56c62c62e 100644 --- a/pkgs/applications/version-management/sourcehut/core.nix +++ b/pkgs/applications/version-management/sourcehut/core.nix @@ -29,13 +29,13 @@ buildPythonPackage rec { pname = "srht"; - version = "0.68.24"; + version = "0.69.0"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "core.sr.ht"; rev = version; - sha256 = "sha256-ipukga6vfBgDIXOQCejCkU/iTmBt5egIjB+NlJyL2yo="; + sha256 = "sha256-s/I0wxtPggjTkkTZnhm77PxdQjiT0Vq2MIk7JMvdupc="; fetchSubmodules = true; }; From 5da4b29a99774b3533b27c0d70ca7900d70a3c3d Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 13:35:20 +0200 Subject: [PATCH 56/70] sourcehut: fix update script --- pkgs/applications/version-management/sourcehut/hg.nix | 8 +++++--- pkgs/applications/version-management/sourcehut/update.sh | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/hg.nix b/pkgs/applications/version-management/sourcehut/hg.nix index 2aa4cc2c505..60f3f3d4aee 100644 --- a/pkgs/applications/version-management/sourcehut/hg.nix +++ b/pkgs/applications/version-management/sourcehut/hg.nix @@ -1,5 +1,5 @@ { lib -, fetchhg +, fetchFromSourcehut , buildGoModule , buildPythonPackage , srht @@ -14,10 +14,12 @@ buildPythonPackage rec { pname = "hgsrht"; version = "0.31.2"; - src = fetchhg { - url = "https://hg.sr.ht/~sircmpwn/hg.sr.ht"; + src = fetchFromSourcehut { + owner = "~sircmpwn"; + repo = "hg.sr.ht"; rev = version; sha256 = "F0dBykSSrlis+mumULLxvKNxD75DWR9+IDTYbmhkMDI="; + vc = "hg"; }; postPatch = '' substituteInPlace Makefile \ diff --git a/pkgs/applications/version-management/sourcehut/update.sh b/pkgs/applications/version-management/sourcehut/update.sh index 97509397aef..e13ce09da4c 100755 --- a/pkgs/applications/version-management/sourcehut/update.sh +++ b/pkgs/applications/version-management/sourcehut/update.sh @@ -16,7 +16,7 @@ version() { } src_url() { - nix-instantiate --eval --strict --expr " with import $root {}; let src = sourcehut.python.pkgs.$1.drvAttrs.src; in src.url or src.meta.homepage" | tr -d '"' + nix-instantiate --eval --strict --expr " with import $root {}; let src = sourcehut.python.pkgs.$1.drvAttrs.src; in src.meta.homepage" | tr -d '"' } get_latest_version() { From f34d654860a09472024e7cce3b63839eb590a8ef Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 13:40:30 +0200 Subject: [PATCH 57/70] nixos/sourcehut: increase RestartSec to better avoid degraded states --- nixos/modules/services/misc/sourcehut/default.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index f5e4742d902..3a9c2808dec 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -907,7 +907,7 @@ in port = 5002; extraServices.buildsrht-api = { serviceConfig.Restart = "always"; - serviceConfig.RestartSec = "2s"; + serviceConfig.RestartSec = "5s"; serviceConfig.ExecStart = "${pkgs.sourcehut.buildsrht}/bin/buildsrht-api -b ${cfg.listenAddress}:${toString (cfg.builds.port + 100)}"; }; # TODO: a celery worker on the master and worker are apparently needed @@ -1088,7 +1088,7 @@ in ]; extraServices.gitsrht-api = { serviceConfig.Restart = "always"; - serviceConfig.RestartSec = "2s"; + serviceConfig.RestartSec = "5s"; serviceConfig.ExecStart = "${pkgs.sourcehut.gitsrht}/bin/gitsrht-api -b ${cfg.listenAddress}:${toString (cfg.git.port + 100)}"; }; extraServices.gitsrht-fcgiwrap = mkIf cfg.nginx.enable { @@ -1136,7 +1136,7 @@ in }; extraServices.hgsrht-api = { serviceConfig.Restart = "always"; - serviceConfig.RestartSec = "2s"; + serviceConfig.RestartSec = "5s"; serviceConfig.ExecStart = "${pkgs.sourcehut.hgsrht}/bin/hgsrht-api -b ${cfg.listenAddress}:${toString (cfg.hg.port + 100)}"; }; extraConfig = mkMerge [ @@ -1201,7 +1201,7 @@ in webhooks = true; extraServices.listssrht-api = { serviceConfig.Restart = "always"; - serviceConfig.RestartSec = "2s"; + serviceConfig.RestartSec = "5s"; serviceConfig.ExecStart = "${pkgs.sourcehut.listssrht}/bin/listssrht-api -b ${cfg.listenAddress}:${toString (cfg.lists.port + 100)}"; }; # Receive the mail from Postfix and enqueue them into Redis and PostgreSQL @@ -1258,7 +1258,7 @@ in }; extraServices.metasrht-api = { serviceConfig.Restart = "always"; - serviceConfig.RestartSec = "2s"; + serviceConfig.RestartSec = "5s"; preStart = "set -x\n" + concatStringsSep "\n\n" (attrValues (mapAttrs (k: s: let srvMatch = builtins.match "^([a-z]*)\\.sr\\.ht$" k; srv = head srvMatch; @@ -1370,7 +1370,7 @@ in webhooks = true; extraServices.todosrht-api = { serviceConfig.Restart = "always"; - serviceConfig.RestartSec = "2s"; + serviceConfig.RestartSec = "5s"; serviceConfig.ExecStart = "${pkgs.sourcehut.todosrht}/bin/todosrht-api -b ${cfg.listenAddress}:${toString (cfg.todo.port + 100)}"; }; extraServices.todosrht-lmtp = { From 8f92ed46cf7262156ab08d86145529c95f73ed3a Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 13:44:52 +0200 Subject: [PATCH 58/70] sourcehut: code-style formatting --- pkgs/applications/version-management/sourcehut/builds.nix | 2 +- .../version-management/sourcehut/fix-gqlgen-trimpath.nix | 6 +----- pkgs/applications/version-management/sourcehut/git.nix | 2 +- pkgs/applications/version-management/sourcehut/hg.nix | 3 ++- pkgs/applications/version-management/sourcehut/lists.nix | 2 +- pkgs/applications/version-management/sourcehut/meta.nix | 2 +- pkgs/applications/version-management/sourcehut/pages.nix | 2 +- 7 files changed, 8 insertions(+), 11 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/builds.nix b/pkgs/applications/version-management/sourcehut/builds.nix index 99d6a05c4eb..f951af1763a 100644 --- a/pkgs/applications/version-management/sourcehut/builds.nix +++ b/pkgs/applications/version-management/sourcehut/builds.nix @@ -26,7 +26,7 @@ let pname = "buildsrht-api"; modRoot = "api"; vendorSha256 = "sha256-roTwqtg4Y846PNtLdRN/LV3Jd0LVElqjFy3DJcrwoaI="; - } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); + } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); buildsrht-worker = buildGoModule { inherit src version; diff --git a/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix index 1f94913292e..1a45c8112ba 100644 --- a/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix +++ b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix @@ -4,14 +4,12 @@ # No need to workaround -trimpath: it's not used in go-modules, # but do download `go generate`'s dependencies nonetheless. preBuild = '' - set -x go generate ./loaders go generate ./graph - set +x ''; }); - # Workaround: + # Workaround this error: # go: git.sr.ht/~emersion/go-emailthreads@v0.0.0-20220412093310-4fd792e343ba: module lookup disabled by GOPROXY=off # tidy failed: go mod tidy failed: exit status 1 # graph/generate.go:10: running "go": exit status 1 @@ -22,11 +20,9 @@ # This is to give `go generate ./graph` access to gqlgen's *.gotpl files # If it fails, the gqlgenVersion may have to be updated. preBuild = let gqlgenVersion = "0.17.2"; in '' - set -x ${unzip}/bin/unzip ''${GOPROXY#"file://"}/github.com/99designs/gqlgen/@v/v${gqlgenVersion}.zip go generate ./loaders go generate ./graph rm -rf github.com - set +x ''; } diff --git a/pkgs/applications/version-management/sourcehut/git.nix b/pkgs/applications/version-management/sourcehut/git.nix index a721da0ecd3..d25443554b2 100644 --- a/pkgs/applications/version-management/sourcehut/git.nix +++ b/pkgs/applications/version-management/sourcehut/git.nix @@ -23,7 +23,7 @@ let pname = "gitsrht-api"; modRoot = "api"; vendorSha256 = "sha256-0YI20liP0X1McfiSUy29zJk2UqqAPBIfIfPLoJOE1uI="; - } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); + } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); gitDispatch = buildGoModule { inherit src version; diff --git a/pkgs/applications/version-management/sourcehut/hg.nix b/pkgs/applications/version-management/sourcehut/hg.nix index 60f3f3d4aee..f4e61d11959 100644 --- a/pkgs/applications/version-management/sourcehut/hg.nix +++ b/pkgs/applications/version-management/sourcehut/hg.nix @@ -21,6 +21,7 @@ buildPythonPackage rec { sha256 = "F0dBykSSrlis+mumULLxvKNxD75DWR9+IDTYbmhkMDI="; vc = "hg"; }; + postPatch = '' substituteInPlace Makefile \ --replace "all: api hgsrht-keys" "" @@ -31,7 +32,7 @@ buildPythonPackage rec { pname = "hgsrht-api"; modRoot = "api"; vendorSha256 = "sha256-W7A22qSIgJgcfS7xYNrmbYKaZBXbDtPilM9I6DxmTeU="; - } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); + } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); hgsrht-keys = buildGoModule { inherit src version; diff --git a/pkgs/applications/version-management/sourcehut/lists.nix b/pkgs/applications/version-management/sourcehut/lists.nix index b9a00ffd213..4d5b514f651 100644 --- a/pkgs/applications/version-management/sourcehut/lists.nix +++ b/pkgs/applications/version-management/sourcehut/lists.nix @@ -28,7 +28,7 @@ buildPythonPackage rec { pname = "listssrht-api"; modRoot = "api"; vendorSha256 = "sha256-xnmMkRSokbhWD+kz0XQ9AinYdm6/50FRBISURPvlzD0="; - } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); + } // import ./fix-gqlgen-trimpath.nix { inherit unzip;}); postPatch = '' substituteInPlace Makefile \ diff --git a/pkgs/applications/version-management/sourcehut/meta.nix b/pkgs/applications/version-management/sourcehut/meta.nix index 896279addd3..cac01344258 100644 --- a/pkgs/applications/version-management/sourcehut/meta.nix +++ b/pkgs/applications/version-management/sourcehut/meta.nix @@ -33,7 +33,7 @@ let pname = "metasrht-api"; modRoot = "api"; vendorSha256 = "sha256-3s9PYUy4qS06zyTIRDvnAmhfrjVLBa/03Nu3tMcIReI="; - } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); + } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); in buildPythonPackage rec { diff --git a/pkgs/applications/version-management/sourcehut/pages.nix b/pkgs/applications/version-management/sourcehut/pages.nix index faa6dbb4d49..7569744e9c7 100644 --- a/pkgs/applications/version-management/sourcehut/pages.nix +++ b/pkgs/applications/version-management/sourcehut/pages.nix @@ -30,4 +30,4 @@ buildGoModule (rec { }; # There is no ./loaders but this does not cause troubles # to go generate -} // import ./fix-gqlgen-trimpath.nix {inherit unzip;}) +} // import ./fix-gqlgen-trimpath.nix { inherit unzip; }) From 4f97b2791fe0564e1e92aa80cb03c3be106366d6 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 13:59:39 +0200 Subject: [PATCH 59/70] sourcehut: improve cross-compiling support --- .../version-management/sourcehut/fix-gqlgen-trimpath.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix index 1a45c8112ba..a95c3a3f3fd 100644 --- a/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix +++ b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix @@ -15,12 +15,14 @@ # graph/generate.go:10: running "go": exit status 1 proxyVendor = true; + nativeBuildInputs = [ unzip ]; + # Workaround -trimpath in the package derivation: # https://github.com/99designs/gqlgen/issues/1537 # This is to give `go generate ./graph` access to gqlgen's *.gotpl files # If it fails, the gqlgenVersion may have to be updated. preBuild = let gqlgenVersion = "0.17.2"; in '' - ${unzip}/bin/unzip ''${GOPROXY#"file://"}/github.com/99designs/gqlgen/@v/v${gqlgenVersion}.zip + unzip ''${GOPROXY#"file://"}/github.com/99designs/gqlgen/@v/v${gqlgenVersion}.zip go generate ./loaders go generate ./graph rm -rf github.com From a623fb79c0cebd0876bdf5fd48eea972846e1965 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 14:20:31 +0200 Subject: [PATCH 60/70] sourcehut.buildsrht: 0.80.0 -> 0.81.0 --- pkgs/applications/version-management/sourcehut/builds.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/builds.nix b/pkgs/applications/version-management/sourcehut/builds.nix index f951af1763a..b8f9a0f1522 100644 --- a/pkgs/applications/version-management/sourcehut/builds.nix +++ b/pkgs/applications/version-management/sourcehut/builds.nix @@ -12,13 +12,13 @@ , unzip }: let - version = "0.80.0"; + version = "0.81.0"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "builds.sr.ht"; rev = version; - sha256 = "sha256-SzA9bOXiXULRD4Eq9xBbbmMUpXT8egOtooZFF4p79ms="; + sha256 = "sha256-oUSzanRFZ2dQTgm/VuNhqUaUAPq7ffxR7OtBKtE61DE="; }; buildsrht-api = buildGoModule ({ From 0d286b8d9671fbb8225ac7e6f548e9b2102c5460 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 14:29:48 +0200 Subject: [PATCH 61/70] sourcehut.gitsrht: 0.78.18 -> 0.78.20 --- pkgs/applications/version-management/sourcehut/git.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/git.nix b/pkgs/applications/version-management/sourcehut/git.nix index d25443554b2..1f76e5cb65f 100644 --- a/pkgs/applications/version-management/sourcehut/git.nix +++ b/pkgs/applications/version-management/sourcehut/git.nix @@ -9,20 +9,20 @@ , unzip }: let - version = "0.78.18"; + version = "0.78.20"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "git.sr.ht"; rev = version; - sha256 = "sha256-pGWphdFKaOIBIKWMxfNAFqXZQx/qHcrwb5Ylj9uag7s="; + sha256 = "sha256-rZsTtHobsgRVmMOjPa1fiKrPsNyFu/gOsmO0cTl5MqQ="; }; gitApi = buildGoModule ({ inherit src version; pname = "gitsrht-api"; modRoot = "api"; - vendorSha256 = "sha256-0YI20liP0X1McfiSUy29zJk2UqqAPBIfIfPLoJOE1uI="; + vendorSha256 = "sha256-cCs9FUBusaAou9w4TDOg8GKxhRcsPbSNcQpxvFH/+so="; } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); gitDispatch = buildGoModule { From de3b09c4d08861d9ca78756cf08b9df0a2c0c1e3 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 14:35:27 +0200 Subject: [PATCH 62/70] sourcehut.hgsrht: 0.31.2 -> 0.31.3 --- pkgs/applications/version-management/sourcehut/hg.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/hg.nix b/pkgs/applications/version-management/sourcehut/hg.nix index f4e61d11959..c1470c3fc5c 100644 --- a/pkgs/applications/version-management/sourcehut/hg.nix +++ b/pkgs/applications/version-management/sourcehut/hg.nix @@ -12,13 +12,13 @@ buildPythonPackage rec { pname = "hgsrht"; - version = "0.31.2"; + version = "0.31.3"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "hg.sr.ht"; rev = version; - sha256 = "F0dBykSSrlis+mumULLxvKNxD75DWR9+IDTYbmhkMDI="; + sha256 = "4Qe08gqsSTMQVQBchFPEUXuxM8ZAAQGJT1EOcDjkZa0="; vc = "hg"; }; @@ -31,7 +31,7 @@ buildPythonPackage rec { inherit src version; pname = "hgsrht-api"; modRoot = "api"; - vendorSha256 = "sha256-W7A22qSIgJgcfS7xYNrmbYKaZBXbDtPilM9I6DxmTeU="; + vendorSha256 = "sha256-uIP3W7UJkP68HJUF33kz5xfg/KBiaSwMozFYmQJQkys="; } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); hgsrht-keys = buildGoModule { From 8388db5a9ef8735ec6f966b60ce030889b61c51e Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 14:38:32 +0200 Subject: [PATCH 63/70] sourcehut.listssrht: 0.51.10 -> 0.51.11 --- pkgs/applications/version-management/sourcehut/lists.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/lists.nix b/pkgs/applications/version-management/sourcehut/lists.nix index 4d5b514f651..d981598a7b1 100644 --- a/pkgs/applications/version-management/sourcehut/lists.nix +++ b/pkgs/applications/version-management/sourcehut/lists.nix @@ -14,13 +14,13 @@ buildPythonPackage rec { pname = "listssrht"; - version = "0.51.10"; + version = "0.51.11"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "lists.sr.ht"; rev = version; - sha256 = "sha256-f8KvMctDva31W5c6uAIDDZ0eUrRL5ha10ew2pLEnJtw="; + sha256 = "sha256-Qb70oOazZfmHpC5r0oMYCFdvfAeKbq3mQA8+M56YYnY="; }; listssrht-api = buildGoModule ({ From fa6e3b6509cc59d2ea89c2a65d50932d9e0b594c Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 14:39:09 +0200 Subject: [PATCH 64/70] sourcehut.mansrht: 0.15.25 -> 0.15.26 --- pkgs/applications/version-management/sourcehut/man.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/man.nix b/pkgs/applications/version-management/sourcehut/man.nix index ccee76defde..530101d5735 100644 --- a/pkgs/applications/version-management/sourcehut/man.nix +++ b/pkgs/applications/version-management/sourcehut/man.nix @@ -8,13 +8,13 @@ buildPythonPackage rec { pname = "mansrht"; - version = "0.15.25"; + version = "0.15.26"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "man.sr.ht"; rev = version; - sha256 = "sha256-Mq3IHsqSkFHVdmy3g0E+9oLnKORthgv3lqvWyrKMIuU="; + sha256 = "sha256-5xZH6DrTXMdWd26OGICp7lZ/QDjACIa7zNUJHB7jzGo="; }; nativeBuildInputs = srht.nativeBuildInputs; From c32f043d67d616534c5426ae343666fbd6ebfbd7 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 14:44:08 +0200 Subject: [PATCH 65/70] sourcehut.metasrht: 0.58.8 -> 0.58.18 --- pkgs/applications/version-management/sourcehut/meta.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/meta.nix b/pkgs/applications/version-management/sourcehut/meta.nix index cac01344258..4572fc81b28 100644 --- a/pkgs/applications/version-management/sourcehut/meta.nix +++ b/pkgs/applications/version-management/sourcehut/meta.nix @@ -19,20 +19,20 @@ , unzip }: let - version = "0.58.8"; + version = "0.58.18"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "meta.sr.ht"; rev = version; - sha256 = "sha256-lnEt5UoQBd5qlkD+nE6KL5DP4jf1FrAjgA06/mgRxTs="; + sha256 = "sha256-OjbQHAzG2nZwpJUIvhKaCJWZbhZDC2R6C+SkbKUpk8o="; }; metasrht-api = buildGoModule ({ inherit src version; pname = "metasrht-api"; modRoot = "api"; - vendorSha256 = "sha256-3s9PYUy4qS06zyTIRDvnAmhfrjVLBa/03Nu3tMcIReI="; + vendorSha256 = "sha256-kiEuEYZFbwJ6SbKFtxH4SiRaZmqYriRHPoHdTX28+d0="; } // import ./fix-gqlgen-trimpath.nix { inherit unzip; }); in From 2524e0d7f37bee8efb8359080e60a961503cbfa0 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 14:48:35 +0200 Subject: [PATCH 66/70] sourcehut.pagessrht: 0.7.3 -> 0.7.4 --- .../sourcehut/fix-gqlgen-trimpath.nix | 6 ++++-- .../version-management/sourcehut/pages.nix | 13 +++++++++---- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix index a95c3a3f3fd..629d767a1ca 100644 --- a/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix +++ b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix @@ -1,4 +1,6 @@ -{ unzip }: +{ unzip +, gqlgenVersion ? "0.17.2" +}: { overrideModAttrs = (_: { # No need to workaround -trimpath: it's not used in go-modules, @@ -21,7 +23,7 @@ # https://github.com/99designs/gqlgen/issues/1537 # This is to give `go generate ./graph` access to gqlgen's *.gotpl files # If it fails, the gqlgenVersion may have to be updated. - preBuild = let gqlgenVersion = "0.17.2"; in '' + preBuild = '' unzip ''${GOPROXY#"file://"}/github.com/99designs/gqlgen/@v/v${gqlgenVersion}.zip go generate ./loaders go generate ./graph diff --git a/pkgs/applications/version-management/sourcehut/pages.nix b/pkgs/applications/version-management/sourcehut/pages.nix index 7569744e9c7..edb9379c6de 100644 --- a/pkgs/applications/version-management/sourcehut/pages.nix +++ b/pkgs/applications/version-management/sourcehut/pages.nix @@ -6,16 +6,21 @@ buildGoModule (rec { pname = "pagessrht"; - version = "0.7.3"; + version = "0.7.4"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "pages.sr.ht"; rev = version; - sha256 = "sha256-fHhf4VQ82/k4g8pzyuN9Pr2f8mxT8zw+2Nq0nw1Msks="; + sha256 = "sha256-WM9T2LS8yIqaR0PQQRgMk/tiMYcw8DZVPMqMWkj/5RY="; }; - vendorSha256 = "sha256-/+XVl6PZUMOZIiuO6vEu0dacefz2hDSObaP8JsItSTw="; + postPatch = '' + substituteInPlace Makefile \ + --replace "all: server" "" + ''; + + vendorSha256 = "sha256-VOqY/nStqGyfWOXnJSZX8UYyp2kzcibQM2NRNysHYEc="; postInstall = '' mkdir -p $out/share/sql/ @@ -30,4 +35,4 @@ buildGoModule (rec { }; # There is no ./loaders but this does not cause troubles # to go generate -} // import ./fix-gqlgen-trimpath.nix { inherit unzip; }) +} // import ./fix-gqlgen-trimpath.nix { inherit unzip; gqlgenVersion= "0.17.9"; }) From 9bd0b0fdc65953785644e1db5c473b3b36e47d46 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 14:49:06 +0200 Subject: [PATCH 67/70] sourcehut.pastesrht: 0.13.7 -> 0.13.8 --- pkgs/applications/version-management/sourcehut/paste.nix | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/paste.nix b/pkgs/applications/version-management/sourcehut/paste.nix index fbbc5fcd6a9..e31473bd343 100644 --- a/pkgs/applications/version-management/sourcehut/paste.nix +++ b/pkgs/applications/version-management/sourcehut/paste.nix @@ -8,15 +8,20 @@ buildPythonPackage rec { pname = "pastesrht"; - version = "0.13.7"; + version = "0.13.8"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "paste.sr.ht"; rev = version; - sha256 = "sha256-EzcS6Zbh+wJinC/GKJOSWUPORODpKEA3tLpLGqoVGBU="; + sha256 = "sha256-Zji9FyYUtsklYz4qyLbtduusteC7WujLCMmvZKcqYis="; }; + postPatch = '' + substituteInPlace Makefile \ + --replace "all: api" "" + ''; + nativeBuildInputs = srht.nativeBuildInputs; propagatedBuildInputs = [ From 010488c27b3b77d69d280f339b3c7f54b898fe4b Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 2 Jun 2022 14:55:20 +0200 Subject: [PATCH 68/70] sourcehut.todosrht: 0.71.2 -> 0.72.2 --- pkgs/applications/version-management/sourcehut/todo.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/version-management/sourcehut/todo.nix b/pkgs/applications/version-management/sourcehut/todo.nix index 67367b71ff9..0278fb6bd17 100644 --- a/pkgs/applications/version-management/sourcehut/todo.nix +++ b/pkgs/applications/version-management/sourcehut/todo.nix @@ -14,13 +14,13 @@ buildPythonPackage rec { pname = "todosrht"; - version = "0.71.2"; + version = "0.72.2"; src = fetchFromSourcehut { owner = "~sircmpwn"; repo = "todo.sr.ht"; rev = version; - sha256 = "sha256-m7FY+jXpwPnK1+b1iQiDGe8JPfAFQp65BzGH6WvNwhM="; + sha256 = "sha256-FLjVO8Y/9s2gFfMXwcY7Rj3WNzPEBYs1AEjiVZFWsT8="; }; postPatch = '' @@ -32,7 +32,7 @@ buildPythonPackage rec { inherit src version; pname = "todosrht-api"; modRoot = "api"; - vendorSha256 = "sha256-ttGT7lUh8O+9KvbaEGWUsthefXQ2ATeli0tnlXCjZFk="; + vendorSha256 = "sha256-LB1H4jwnvoEyaaYJ09NI/M6IkgZwRet/fkso6b9EPV0="; } // import ./fix-gqlgen-trimpath.nix {inherit unzip;}); nativeBuildInputs = srht.nativeBuildInputs; From 17c6f625037d103f491f9bc434bb195fe432e78a Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 8 Jun 2022 21:25:15 +0200 Subject: [PATCH 69/70] nixos/sourcehut: some settings became mandatory upstream --- .../services/misc/sourcehut/default.nix | 34 ++++++++++------ nixos/tests/sourcehut.nix | 39 +++++++++++++++++++ 2 files changed, 62 insertions(+), 11 deletions(-) diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index 3a9c2808dec..3ff2837900e 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -238,20 +238,32 @@ in }; smtp-user = mkOptionNullOrStr "Outgoing SMTP user."; smtp-password = mkOptionNullOrStr "Outgoing SMTP password."; - smtp-from = mkOptionNullOrStr "Outgoing SMTP FROM."; + smtp-from = mkOption { + type = types.str; + description = "Outgoing SMTP FROM."; + }; error-to = mkOptionNullOrStr "Address receiving application exceptions"; error-from = mkOptionNullOrStr "Address sending application exceptions"; - pgp-privkey = mkOptionNullOrStr '' - An absolute file path (which should be outside the Nix-store) - to an OpenPGP private key. + pgp-privkey = mkOption { + type = types.str; + description = '' + An absolute file path (which should be outside the Nix-store) + to an OpenPGP private key. - Your PGP key information (DO NOT mix up pub and priv here) - You must remove the password from your secret key, if present. - You can do this with gpg --edit-key [key-id], - then use the passwd command and do not enter a new password. - ''; - pgp-pubkey = mkOptionNullOrStr "OpenPGP public key."; - pgp-key-id = mkOptionNullOrStr "OpenPGP key identifier."; + Your PGP key information (DO NOT mix up pub and priv here) + You must remove the password from your secret key, if present. + You can do this with gpg --edit-key [key-id], + then use the passwd command and do not enter a new password. + ''; + }; + pgp-pubkey = mkOption { + type = with types; either path str; + description = "OpenPGP public key."; + }; + pgp-key-id = mkOption { + type = types.str; + description = "OpenPGP key identifier."; + }; }; options.objects = { s3-upstream = mkOption { diff --git a/nixos/tests/sourcehut.nix b/nixos/tests/sourcehut.nix index 6998f4f0c10..410660e9dcb 100644 --- a/nixos/tests/sourcehut.nix +++ b/nixos/tests/sourcehut.nix @@ -169,6 +169,45 @@ in oauth-client-id = "d07cb713d920702e"; }; settings.webhooks.private-key = pkgs.writeText "webhook-key" "Ra3IjxgFiwG9jxgp4WALQIZw/BMYt30xWiOsqD0J7EA="; + settings.mail = { + smtp-from = "root+hut@${domain}"; + # WARNING: take care to keep pgp-privkey outside the Nix store in production, + # or use LoadCredentialEncrypted= + pgp-privkey = toString (pkgs.writeText "sourcehut.pgp-privkey" '' + -----BEGIN PGP PRIVATE KEY BLOCK----- + + lFgEYqDRORYJKwYBBAHaRw8BAQdAehGoy36FUx2OesYm07be2rtLyvR5Pb/ltstd + Gk7hYQoAAP9X4oPmxxrHN8LewBpWITdBomNqlHoiP7mI0nz/BOPJHxEktDZuaXhv + cy90ZXN0cy9zb3VyY2VodXQgPHJvb3QraHV0QHNvdXJjZWh1dC5sb2NhbGRvbWFp + bj6IlwQTFgoAPxYhBPqjgjnL8RHN4JnADNicgXaYm0jJBQJioNE5AhsDBQkDwmcA + BgsJCAcDCgUVCgkICwUWAwIBAAIeBQIXgAAKCRDYnIF2mJtIySVCAP9e2nHsVHSi + 2B1YGZpVG7Xf36vxljmMkbroQy+0gBPwRwEAq+jaiQqlbGhQ7R/HMFcAxBIVsq8h + Aw1rngsUd0o3dAicXQRioNE5EgorBgEEAZdVAQUBAQdAXZV2Sd5ZNBVTBbTGavMv + D6ORrUh8z7TI/3CsxCE7+yADAQgHAAD/c1RU9xH+V/uI1fE7HIn/zL0LUPpsuce2 + cH++g4u3kBgTOYh+BBgWCgAmFiEE+qOCOcvxEc3gmcAM2JyBdpibSMkFAmKg0TkC + GwwFCQPCZwAACgkQ2JyBdpibSMlKagD/cTre6p1m8QuJ7kwmCFRSz5tBzIuYMMgN + xtT7dmS91csA/35fWsOykSiFRojQ7ccCSUTHL7ApF2EbL968tP/D2hIG + =Hjoc + -----END PGP PRIVATE KEY BLOCK----- + ''); + pgp-pubkey = pkgs.writeText "sourcehut.pgp-pubkey" '' + -----BEGIN PGP PUBLIC KEY BLOCK----- + + mDMEYqDRORYJKwYBBAHaRw8BAQdAehGoy36FUx2OesYm07be2rtLyvR5Pb/ltstd + Gk7hYQq0Nm5peG9zL3Rlc3RzL3NvdXJjZWh1dCA8cm9vdCtodXRAc291cmNlaHV0 + LmxvY2FsZG9tYWluPoiXBBMWCgA/FiEE+qOCOcvxEc3gmcAM2JyBdpibSMkFAmKg + 0TkCGwMFCQPCZwAGCwkIBwMKBRUKCQgLBRYDAgEAAh4FAheAAAoJENicgXaYm0jJ + JUIA/17acexUdKLYHVgZmlUbtd/fq/GWOYyRuuhDL7SAE/BHAQCr6NqJCqVsaFDt + H8cwVwDEEhWyryEDDWueCxR3Sjd0CLg4BGKg0TkSCisGAQQBl1UBBQEBB0BdlXZJ + 3lk0FVMFtMZq8y8Po5GtSHzPtMj/cKzEITv7IAMBCAeIfgQYFgoAJhYhBPqjgjnL + 8RHN4JnADNicgXaYm0jJBQJioNE5AhsMBQkDwmcAAAoJENicgXaYm0jJSmoA/3E6 + 3uqdZvELie5MJghUUs+bQcyLmDDIDcbU+3ZkvdXLAP9+X1rDspEohUaI0O3HAklE + xy+wKRdhGy/evLT/w9oSBg== + =pJD7 + -----END PGP PUBLIC KEY BLOCK----- + ''; + pgp-key-id = "0xFAA38239CBF111CDE099C00CD89C8176989B48C9"; + }; }; networking.firewall.allowedTCPPorts = [ 443 ]; From 9d69ea4b7f4e45029c36d84aa06ef960f0d6cbdc Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 8 Jun 2022 21:25:54 +0200 Subject: [PATCH 70/70] nixos/sourcehut: improve testing --- nixos/tests/sourcehut.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/tests/sourcehut.nix b/nixos/tests/sourcehut.nix index 410660e9dcb..d52fbddd20f 100644 --- a/nixos/tests/sourcehut.nix +++ b/nixos/tests/sourcehut.nix @@ -246,7 +246,9 @@ in #machine.wait_for_unit("buildsrht-worker.service") # Testing gitsrht + machine.wait_for_unit("gitsrht-api.service") machine.wait_for_unit("gitsrht.service") + machine.wait_for_unit("gitsrht-webhooks.service") machine.succeed("curl -sL http://git.${domain} | grep git.${domain}") ''; })