Revert "Merge pull request #164398 from NinjaTrappeur/nin/pleroma-wrappers"

This reverts commit 05417a66e7, reversing changes made to 53e4f8d237.
2 years ago · 96aaf29234
parent 0b47302cc3
commit 96aaf29234
3 changed files with 23 additions and 36 deletions
--- a/nixos/modules/services/networking/pleroma.nix
+++ b/nixos/modules/services/networking/pleroma.nix
@ -1,7 +1,6 @@
 { config, options, lib, pkgs, stdenv, ... }:
 let
  cfg = config.services.pleroma;
-  cookieFile = "/var/lib/pleroma/.cookie";
 in {
  options = {
    services.pleroma = with lib; {
@ -9,7 +8,7 @@ in {

      package = mkOption {
        type = types.package;
-        default = pkgs.pleroma.override { inherit cookieFile; };
+        default = pkgs.pleroma;
        defaultText = literalExpression "pkgs.pleroma";
        description = "Pleroma package to use.";
      };
@ -101,6 +100,7 @@ in {
      after = [ "network-online.target" "postgresql.service" ];
      wantedBy = [ "multi-user.target" ];
      restartTriggers = [ config.environment.etc."/pleroma/config.exs".source ];
+      environment.RELEASE_COOKIE = "/var/lib/pleroma/.cookie";
      serviceConfig = {
        User = cfg.user;
        Group = cfg.group;
@ -118,10 +118,10 @@ in {
        # Better be safe than sorry migration-wise.
        ExecStartPre =
          let preScript = pkgs.writers.writeBashBin "pleromaStartPre" ''
-            if [ ! -f "${cookieFile}" ] || [ ! -s "${cookieFile}" ]
+            if [ ! -f /var/lib/pleroma/.cookie ]
            then
              echo "Creating cookie file"
-              dd if=/dev/urandom bs=1 count=16 | ${pkgs.hexdump}/bin/hexdump -e '16/1 "%02x"' > "${cookieFile}"
+              dd if=/dev/urandom bs=1 count=16 | hexdump -e '16/1 "%02x"' > /var/lib/pleroma/.cookie
            fi
            ${cfg.package}/bin/pleroma_ctl migrate
          '';
--- a/nixos/tests/pleroma.nix
+++ b/nixos/tests/pleroma.nix
@ -32,7 +32,8 @@ import ./make-test-python.nix ({ pkgs, ... }:
    # system one. Overriding this pretty bad default behaviour.
    export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt

-    echo "jamy-password" | toot login_cli -i "pleroma.nixos.test" -e "jamy@nixos.test"
+    export TOOT_LOGIN_CLI_PASSWORD="jamy-password"
+    toot login_cli -i "pleroma.nixos.test" -e "jamy@nixos.test"
    echo "Login OK"

    # Send a toot then verify it's part of the public timeline
@ -167,6 +168,21 @@ import ./make-test-python.nix ({ pkgs, ... }:
    cp key.pem cert.pem $out
  '';

+  /* Toot is preventing users from feeding login_cli a password non
+     interactively. While it makes sense most of the times, it's
+     preventing us to login in this non-interactive test. This patch
+     introduce a TOOT_LOGIN_CLI_PASSWORD env variable allowing us to
+     provide a password to toot login_cli
+
+     If https://github.com/ihabunek/toot/pull/180 gets merged at some
+     point, feel free to remove this patch. */
+  custom-toot = pkgs.toot.overrideAttrs(old:{
+    patches = [ (pkgs.fetchpatch {
+      url = "https://github.com/NinjaTrappeur/toot/commit/b4a4c30f41c0cb7e336714c2c4af9bc9bfa0c9f2.patch";
+      sha256 = "sha256-0xxNwjR/fStLjjUUhwzCCfrghRVts+fc+fvVJqVcaFg=";
+    }) ];
+  });
+
  hosts = nodes: ''
    ${nodes.pleroma.config.networking.primaryIPAddress} pleroma.nixos.test
    ${nodes.client.config.networking.primaryIPAddress} client.nixos.test
@ -178,7 +194,7 @@ import ./make-test-python.nix ({ pkgs, ... }:
      security.pki.certificateFiles = [ "${tls-cert}/cert.pem" ];
      networking.extraHosts = hosts nodes;
      environment.systemPackages = with pkgs; [
-        toot
+        custom-toot
        send-toot
      ];
    };
--- a/pkgs/servers/pleroma/default.nix
+++ b/pkgs/servers/pleroma/default.nix
@ -1,8 +1,7 @@
 { lib, beamPackages
 , fetchFromGitHub, fetchFromGitLab
-, file, cmake, bash
+, file, cmake
 , nixosTests, writeText
-, cookieFile ? null
 , ...
 }:

@ -18,34 +17,6 @@ beamPackages.mixRelease rec {
    sha256 = "sha256-RcqqNNNCR4cxETUCyjChkpq+cQ1QzNOHHzdqBLtOc6g=";
  };

-  preFixup = if (cookieFile != null) then ''
-    # There's no way to use a subprocess to cat the content of the
-    # file cookie using wrapProgram: it gets escaped (by design) with
-    # a pair of backticks :(
-    # We have to come up with our own custom wrapper to do this.
-    function wrapWithCookie () {
-        local hidden
-        hidden="$(dirname "$1")/.$(basename "$1")"-wrapped
-        while [ -e "$hidden" ]; do
-            hidden="''${hidden}_"
-        done
-        mv "$1" "''${hidden}"
-
-        cat > "$1" << EOF
-    #!${bash}/bin/bash
-    export RELEASE_COOKIE="\$(cat "${cookieFile}")"
-    exec -a "\$0" "''${hidden}" "\$@"
-    EOF
-        chmod +x "$1"
-    }
-
-    for f in "$out"/bin/*; do
-        if [[ -x "$f" ]]; then
-            wrapWithCookie "$f"
-        fi
-    done
-  '' else "";
-
  mixNixDeps = import ./mix.nix {
    inherit beamPackages lib;
    overrides = (final: prev: {