From dcaba02c215b743ab17c17fe88d3315f29209679 Mon Sep 17 00:00:00 2001 From: aprilthepink Date: Fri, 3 May 2024 00:22:08 +0200 Subject: [PATCH] unfinished nix module setup --- flake.lock | 57 ++++++----- flake.nix | 16 ++- migration/Cargo.lock | 166 +++++++++++++++++-------------- migration/Cargo.toml | 2 +- module.nix | 231 +++++++++++++++++++++++++++++++++++++++++++ shell.nix | 23 ++--- 6 files changed, 380 insertions(+), 115 deletions(-) create mode 100644 module.nix diff --git a/flake.lock b/flake.lock index c594ac1..e2b49f3 100644 --- a/flake.lock +++ b/flake.lock @@ -1,15 +1,29 @@ { "nodes": { + "flake-compat": { + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "revCount": 57, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1712014858, - "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", + "lastModified": 1714641030, + "narHash": "sha256-yzcRNDoyVP7+SCNX0wmuDju1NUCt8Dz9+lyUXEI0dbI=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", + "rev": "e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e", "type": "github" }, "original": { @@ -38,11 +52,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1713596654, - "narHash": "sha256-LJbHQQ5aX1LVth2ST+Kkse/DRzgxlVhTL1rxthvyhZc=", + "lastModified": 1714562304, + "narHash": "sha256-Mr3U37Rh6tH0FbaDFu0aZDwk9mPAe7ASaqDOGgLqqLU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fd16bb6d3bcca96039b11aa52038fafeb6e4f4be", + "rev": "bcd44e224fd68ce7d269b4f44d24c2220fd821e7", "type": "github" }, "original": { @@ -52,29 +66,23 @@ }, "nixpkgs-lib": { "locked": { - "dir": "lib", - "lastModified": 1711703276, - "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089", - "type": "github" + "lastModified": 1714640452, + "narHash": "sha256-QBx10+k6JWz6u7VsohfSw8g8hjdBZEf8CFzXH1/1Z94=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz" }, "original": { - "dir": "lib", - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz" } }, "nixpkgs_2": { "locked": { - "lastModified": 1713537308, - "narHash": "sha256-XtTSSIB2DA6tOv+l0FhvfDMiyCmhoRbNB+0SeInZkbk=", + "lastModified": 1714253743, + "narHash": "sha256-mdTQw2XlariysyScCv2tTE45QSU9v/ezLcHJ22f0Nxc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5c24cf2f0a12ad855f444c30b2421d044120c66f", + "rev": "58a1abdbae3217ca6b702f03d3b35125d88a2994", "type": "github" }, "original": { @@ -86,6 +94,7 @@ }, "root": { "inputs": { + "flake-compat": "flake-compat", "flake-parts": "flake-parts", "naersk": "naersk", "nixpkgs": "nixpkgs_2", @@ -115,11 +124,11 @@ ] }, "locked": { - "lastModified": 1711963903, - "narHash": "sha256-N3QDhoaX+paWXHbEXZapqd1r95mdshxToGowtjtYkGI=", + "lastModified": 1714058656, + "narHash": "sha256-Qv4RBm4LKuO4fNOfx9wl40W2rBbv5u5m+whxRYUMiaA=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "49dc4a92b02b8e68798abd99184f228243b6e3ac", + "rev": "c6aaf729f34a36c445618580a9f95a48f5e4e03f", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 923c8ce..9956abd 100644 --- a/flake.nix +++ b/flake.nix @@ -6,6 +6,7 @@ systems.url = "github:nix-systems/default"; naersk.url = "github:nix-community/naersk"; + flake-compat.url = "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"; # Dev tools treefmt-nix.url = "github:numtide/treefmt-nix"; @@ -17,6 +18,7 @@ systems = import inputs.systems; imports = [ inputs.treefmt-nix.flakeModule + inputs.flake-parts.flakeModules.easyOverlay ]; perSystem = { config, self', pkgs, lib, system, ... }: let @@ -36,6 +38,9 @@ }; in { + overlayAttrs = { + inherit (config.packages) lysand-ap-layer ls-ap-migration; + }; # Rust package packages.default = naersk'.buildPackage { inherit (cargoToml.package) name version; @@ -46,7 +51,16 @@ pkg-config ]; }; - packages.migration = naersk'.buildPackage { + packages.lysand-ap-layer = naersk'.buildPackage { + inherit (cargoToml.package) name version; + src = ./.; + buildInputs = nonRustDeps; + nativeBuildInputs = with pkgs; [ + rust-toolchain + pkg-config + ]; + }; + packages.ls-ap-migration = naersk'.buildPackage { inherit (cargoMigToml.package) name version; src = ./migration; buildInputs = nonRustDeps; diff --git a/migration/Cargo.lock b/migration/Cargo.lock index 6e1fbd4..f852531 100644 --- a/migration/Cargo.lock +++ b/migration/Cargo.lock @@ -68,47 +68,48 @@ dependencies = [ [[package]] name = "anstream" -version = "0.6.13" +version = "0.6.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d96bd03f33fe50a863e394ee9718a706f988b9079b20c3784fb726e7678b62fb" +checksum = "418c75fa768af9c03be99d17643f93f79bbba589895012a80e3452a19ddda15b" dependencies = [ "anstyle", "anstyle-parse", "anstyle-query", "anstyle-wincon", "colorchoice", + "is_terminal_polyfill", "utf8parse", ] [[package]] name = "anstyle" -version = "1.0.6" +version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8901269c6307e8d93993578286ac0edf7f195079ffff5ebdeea6a59ffb7e36bc" +checksum = "038dfcf04a5feb68e9c60b21c9625a54c2c0616e79b72b0fd87075a056ae1d1b" [[package]] name = "anstyle-parse" -version = "0.2.3" +version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c75ac65da39e5fe5ab759307499ddad880d724eed2f6ce5b5e8a26f4f387928c" +checksum = "c03a11a9034d92058ceb6ee011ce58af4a9bf61491aa7e1e59ecd24bd40d22d4" dependencies = [ "utf8parse", ] [[package]] name = "anstyle-query" -version = "1.0.2" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e28923312444cdd728e4738b3f9c9cac739500909bb3d3c94b43551b16517648" +checksum = "a64c907d4e79225ac72e2a354c9ce84d50ebb4586dee56c82b3ee73004f537f5" dependencies = [ "windows-sys 0.52.0", ] [[package]] name = "anstyle-wincon" -version = "3.0.2" +version = "3.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1cd54b81ec8d6180e24654d0b371ad22fc3dd083b6ff8ba325b72e00c87660a7" +checksum = "61a38449feb7068f52bb06c12759005cf459ee52bb4adc1d5a7c4322d716fb19" dependencies = [ "anstyle", "windows-sys 0.52.0", @@ -143,7 +144,7 @@ checksum = "136d4d23bcc79e27423727b36823d86233aad06dfea531837b038394d11e9928" dependencies = [ "concurrent-queue", "event-listener 5.3.0", - "event-listener-strategy 0.5.1", + "event-listener-strategy 0.5.2", "futures-core", "pin-project-lite", ] @@ -156,7 +157,7 @@ checksum = "b10202063978b3351199d68f8b22c4e47e4b1b822f8d43fd862d5ea8c006b29a" dependencies = [ "async-task", "concurrent-queue", - "fastrand 2.0.2", + "fastrand 2.1.0", "futures-lite 2.3.0", "slab", ] @@ -209,8 +210,8 @@ dependencies = [ "futures-io", "futures-lite 2.3.0", "parking", - "polling 3.6.0", - "rustix 0.38.32", + "polling 3.7.0", + "rustix 0.38.34", "slab", "tracing", "windows-sys 0.52.0", @@ -287,9 +288,9 @@ dependencies = [ [[package]] name = "async-task" -version = "4.7.0" +version = "4.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbb36e985947064623dbd357f727af08ffd077f93d696782f3c56365fa2e2799" +checksum = "8b75356056920673b02621b35afd0f7dda9306d03c79a30f5c56c44cf256e3de" [[package]] name = "async-trait" @@ -376,18 +377,16 @@ dependencies = [ [[package]] name = "blocking" -version = "1.5.1" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a37913e8dc4ddcc604f0c6d3bf2887c995153af3611de9e23c352b44c1b9118" +checksum = "495f7104e962b7356f0aeb34247aca1fe7d2e783b346582db7f2904cb5717e88" dependencies = [ "async-channel 2.2.1", "async-lock 3.3.0", "async-task", - "fastrand 2.0.2", "futures-io", "futures-lite 2.3.0", "piper", - "tracing", ] [[package]] @@ -410,9 +409,9 @@ checksum = "514de17de45fdb8dc022b1a7975556c53c86f9f0aa5f534b98977b171857c2c9" [[package]] name = "cc" -version = "1.0.94" +version = "1.0.96" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17f6e324229dc011159fcc089755d1e2e216a90d43a7dea6853ca740b84f35e7" +checksum = "065a29261d53ba54260972629f9ca6bffa69bac13cd1fed61420f7fa68b9f8bd" [[package]] name = "cfg-if" @@ -476,15 +475,15 @@ checksum = "98cc8fbded0c607b7ba9dd60cd98df59af97e84d24e49c8557331cfc26d301ce" [[package]] name = "colorchoice" -version = "1.0.0" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7" +checksum = "0b6a852b24ab71dffc585bcb46eaf7959d175cb865a7152e35b348d1b2960422" [[package]] name = "concurrent-queue" -version = "2.4.0" +version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d16048cd947b08fa32c24458a22f5dc5e835264f689f4f5653210c69fd107363" +checksum = "4ca0197aee26d1ae37445ee532fefce43251d24cc7c166799f4d46817f1d3973" dependencies = [ "crossbeam-utils", ] @@ -666,9 +665,9 @@ dependencies = [ [[package]] name = "event-listener-strategy" -version = "0.5.1" +version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "332f51cb23d20b0de8458b86580878211da09bcd4503cb579c225b3d124cabb3" +checksum = "0f214dc438f977e6d4e3500aaa277f5ad94ca83fbbd9b1a15713ce2344ccc5a1" dependencies = [ "event-listener 5.3.0", "pin-project-lite", @@ -685,9 +684,9 @@ dependencies = [ [[package]] name = "fastrand" -version = "2.0.2" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "658bd65b1cf4c852a3cc96f18a8ce7b5640f6b703f905c7d74532294c2a63984" +checksum = "9fc0510504f03c51ada170672ac806f1f105a88aa97a5281117e1ddc3368e51a" [[package]] name = "finl_unicode" @@ -794,7 +793,7 @@ version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "52527eb5074e35e9339c6b4e8d12600c7128b68fb25dcb9fa9dec18f7c25f3a5" dependencies = [ - "fastrand 2.0.2", + "fastrand 2.1.0", "futures-core", "futures-io", "parking", @@ -877,9 +876,9 @@ dependencies = [ [[package]] name = "hashbrown" -version = "0.14.3" +version = "0.14.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" +checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" dependencies = [ "ahash", "allocator-api2", @@ -1022,6 +1021,12 @@ dependencies = [ "windows-sys 0.48.0", ] +[[package]] +name = "is_terminal_polyfill" +version = "1.70.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8478577c03552c21db0e2724ffb8986a5ce7af88107e6be5d2ee6e158c12800" + [[package]] name = "itertools" version = "0.12.1" @@ -1066,9 +1071,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.153" +version = "0.2.154" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c198f91728a82281a64e1f4f9eeb25d82cb32a5de251c6bd1b5154d63a8e7bd" +checksum = "ae743338b92ff9146ce83992f766a31066a91a8c84a45e0e9f21e7cf6de6d346" [[package]] name = "libm" @@ -1101,9 +1106,9 @@ checksum = "01cda141df6706de531b6c46c3a33ecca755538219bd484262fa09410c13539c" [[package]] name = "lock_api" -version = "0.4.11" +version = "0.4.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c168f8615b12bc01f9c17e2eb0cc07dcae1940121185446edc3744920e8ef45" +checksum = "07af8b9cdd281b7915f413fa73f29ebd5d55d0d3f0155584dade1ff18cea1b17" dependencies = [ "autocfg", "scopeguard", @@ -1118,6 +1123,15 @@ dependencies = [ "value-bag", ] +[[package]] +name = "ls-ap-migration" +version = "0.1.0" +dependencies = [ + "async-std", + "chrono", + "sea-orm-migration", +] + [[package]] name = "matchers" version = "0.1.0" @@ -1143,15 +1157,6 @@ version = "2.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6c8640c5d730cb13ebd907d8d04b52f55ac9a2eec55b440c8892f40d56c76c1d" -[[package]] -name = "migration" -version = "0.1.0" -dependencies = [ - "async-std", - "chrono", - "sea-orm-migration", -] - [[package]] name = "minimal-lexical" version = "0.2.1" @@ -1301,9 +1306,9 @@ checksum = "bb813b8af86854136c6922af0598d719255ecb2179515e6e7730d468f05c9cae" [[package]] name = "parking_lot" -version = "0.12.1" +version = "0.12.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" +checksum = "7e4af0ca4f6caed20e900d564c242b8e5d4903fdacf31d3daf527b66fe6f42fb" dependencies = [ "lock_api", "parking_lot_core", @@ -1311,15 +1316,15 @@ dependencies = [ [[package]] name = "parking_lot_core" -version = "0.9.9" +version = "0.9.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c42a9226546d68acdd9c0a280d17ce19bfe27a46bf68784e4066115788d008e" +checksum = "1e401f977ab385c9e4e3ab30627d6f26d00e2c73eef317493c4ec6d468726cf8" dependencies = [ "cfg-if", "libc", - "redox_syscall", + "redox_syscall 0.5.1", "smallvec", - "windows-targets 0.48.5", + "windows-targets 0.52.5", ] [[package]] @@ -1362,7 +1367,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "668d31b1c4eba19242f2088b2bf3316b82ca31082a8335764db4e083db7485d4" dependencies = [ "atomic-waker", - "fastrand 2.0.2", + "fastrand 2.1.0", "futures-io", ] @@ -1411,15 +1416,15 @@ dependencies = [ [[package]] name = "polling" -version = "3.6.0" +version = "3.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e0c976a60b2d7e99d6f229e414670a9b85d13ac305cc6d1e9c134de58c5aaaf6" +checksum = "645493cf344456ef24219d02a768cf1fb92ddf8c92161679ae3d91b91a637be3" dependencies = [ "cfg-if", "concurrent-queue", "hermit-abi", "pin-project-lite", - "rustix 0.38.32", + "rustix 0.38.34", "tracing", "windows-sys 0.52.0", ] @@ -1511,6 +1516,15 @@ dependencies = [ "bitflags 1.3.2", ] +[[package]] +name = "redox_syscall" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "469052894dcb553421e483e4209ee581a45100d31b4018de03e5a7ad86374a7e" +dependencies = [ + "bitflags 2.5.0", +] + [[package]] name = "regex" version = "1.10.4" @@ -1612,9 +1626,9 @@ dependencies = [ [[package]] name = "rustix" -version = "0.38.32" +version = "0.38.34" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "65e04861e65f21776e67888bfbea442b3642beaa0138fdb1dd7a84a52dffdb89" +checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f" dependencies = [ "bitflags 2.5.0", "errno", @@ -1625,9 +1639,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.21.10" +version = "0.21.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9d5a6813c0759e4609cd494e8e725babae6a2ca7b62a5536a13daaec6fcb7ba" +checksum = "3f56a14d1f48b391359b22f731fd4bd7e43c97f3c50eee276f3aa09c94784d3e" dependencies = [ "ring", "rustls-webpki", @@ -1821,18 +1835,18 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.198" +version = "1.0.200" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9846a40c979031340571da2545a4e5b7c4163bdae79b301d5f86d03979451fcc" +checksum = "ddc6f9cc94d67c0e21aaf7eda3a010fd3af78ebf6e096aa6e2e13c79749cce4f" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.198" +version = "1.0.200" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e88edab869b01783ba905e7d0153f9fc1a6505a96e4ad3018011eedb838566d9" +checksum = "856f046b9400cee3c8c94ed572ecdb752444c24528c035cd35882aad6f492bcb" dependencies = [ "proc-macro2", "quote", @@ -1918,9 +1932,9 @@ dependencies = [ [[package]] name = "socket2" -version = "0.5.6" +version = "0.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05ffd9c0a93b7543e062e759284fcf5f5e3b098501104bfbdde4d404db792871" +checksum = "ce305eb0b4296696835b71df73eb912e0f1ffd2556a501fcede6e0c50349191c" dependencies = [ "libc", "windows-sys 0.52.0", @@ -2227,25 +2241,25 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "85b77fafb263dd9d05cbeac119526425676db3784113aa9295c88498cbf8bff1" dependencies = [ "cfg-if", - "fastrand 2.0.2", - "rustix 0.38.32", + "fastrand 2.1.0", + "rustix 0.38.34", "windows-sys 0.52.0", ] [[package]] name = "thiserror" -version = "1.0.58" +version = "1.0.59" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03468839009160513471e86a034bb2c5c0e4baae3b43f79ffc55c4a5427b3297" +checksum = "f0126ad08bff79f29fc3ae6a55cc72352056dfff61e3ff8bb7129476d44b23aa" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.58" +version = "1.0.59" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c61f3ba182994efc43764a46c018c347bc492c79f024e705f46567b418f6d4f7" +checksum = "d1cd413b5d558b4c5bf3680e324a6fa5014e7b7c067a51e69dbdf47eb7148b66" dependencies = [ "proc-macro2", "quote", @@ -2289,7 +2303,7 @@ dependencies = [ "mio", "num_cpus", "pin-project-lite", - "socket2 0.5.6", + "socket2 0.5.7", "windows-sys 0.48.0", ] @@ -2421,9 +2435,9 @@ checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" [[package]] name = "value-bag" -version = "1.8.1" +version = "1.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "74797339c3b98616c009c7c3eb53a0ce41e85c8ec66bd3db96ed132d20cfdee8" +checksum = "5a84c137d37ab0142f0f2ddfe332651fdbf252e7b7dbb4e67b6c1f1b2e925101" [[package]] name = "vcpkg" @@ -2543,7 +2557,7 @@ version = "1.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a44ab49fad634e88f55bf8f9bb3abd2f27d7204172a112c7c9987e01c1c94ea9" dependencies = [ - "redox_syscall", + "redox_syscall 0.4.1", "wasite", ] diff --git a/migration/Cargo.toml b/migration/Cargo.toml index f66177f..edbcccf 100644 --- a/migration/Cargo.toml +++ b/migration/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "migration" +name = "ls-ap-migration" version = "0.1.0" edition = "2021" publish = false diff --git a/module.nix b/module.nix new file mode 100644 index 0000000..5189029 --- /dev/null +++ b/module.nix @@ -0,0 +1,231 @@ +{ lib, pkgs, config, ... }: +with lib; +let + # Shorter name to access final settings a + # user of module HAS ACTUALLY SET. + # cfg is a typical convention. + cfg = config.services.lysand; + + # unused when the entrypoint is flake + flake = import ../flake-compat.nix; + overlay = flake.defaultNix.overlays.default; + + hasLocalPostgresDB = + let + url = cfg.settings.database.url or ""; + localStrings = [ "localhost" "127.0.0.1" "/run/postgresql" ]; + hasLocalStrings = lib.any (lib.flip lib.hasInfix url) localStrings; + in + config.services.postgresql.enable && lib.hasPrefix "postgresql://" url && hasLocalStrings; + + # Settings necessary for running with an automatically managed local database + localDatabaseConfig = lib.mkIf cfg.database.createLocally { + assertions = [ + { + assertion = cfg.database.user == cfg.database.dbname; + message = '' + For local automatic database provisioning (services.lysand.ap.database.createLocally == true) + to work, the username used to connect to PostgreSQL must match the database name, that is + services.lysand.ap.database.user must match services.lysand.ap.database.dbname. + This is the default since NixOS 24.05. For older systems, it is normally safe to manually set + the user to "lysandap" as the new user will be created with permissions + for the existing database. `REASSIGN OWNED BY kemal TO lysandap;` may also be needed, it can be + run as `sudo -u postgres env psql --user=postgres --dbname=lysandap -c 'reassign OWNED BY kemal to lysandap;'`. + ''; + } + ]; + # Default to using the local database if we create it + services.lysand.ap.database.host = lib.mkDefault null; + + services.postgresql = { + enable = true; + ensureUsers = lib.singleton { name = cfg.settings.db.user; ensureDBOwnership = true; }; + ensureDatabases = lib.singleton cfg.settings.db.dbname; + }; + }; +in +{ + # Declare what settings a user of this "hello.nix" module CAN SET. + options.services.lysand.ap = { + enable = mkEnableOption "Whenever to enable Lysands Activitypub layer"; + package = lib.mkOption { + description = '' + The package to use. + ''; + type = types.package; + default = pkgs.lysand-ap-layer; + }; + mig-package = lib.mkOption { + description = '' + The migration package to use. + ''; + type = types.package; + default = pkgs.ls-ap-migration; + }; + user = lib.mkOption { + description = '' + The group under which lysand AP layer runs. + ''; + type = types.str; + default = "lysandap"; + }; + group = lib.mkOption { + description = '' + The user under which lysand AP layer runs. + ''; + type = types.str; + default = "lysandap"; + }; + port = lib.mkOption { + type = types.port; + default = 3000; + description = '' + The port Lysand AP layer should listen on. + + To allow access from outside, + you can use either {option}`services.lysand.ap.nginx` + or add `config.services.lysand.ap.port` to {option}`networking.firewall.allowedTCPPorts`. + ''; + }; + address = lib.mkOption { + type = types.str; + default = if cfg.nginx.enable then "127.0.0.1" else "0.0.0.0"; + defaultText = lib.literalExpression ''if config.services.lysand.ap.nginx.enable then "127.0.0.1" else "0.0.0.0"''; + description = '' + The IP address Lysand AP layer should bind to. + ''; + }; + domain = lib.mkOption { + type = types.nullOr types.str; + default = null; + description = '' + The FQDN Lysand AP layer is reachable on. + + This is used to configure nginx and for federation. + ''; + }; + nginx.enable = lib.mkOption { + type = types.bool; + default = false; + description = '' + Whether to configure nginx as a reverse proxy for Lysand AP layer. + + It serves it under the domain specified in {option}`services.lysand.ap.domain` with enabled TLS and ACME. + Further configuration can be done through {option}`services.nginx.virtualHosts.''${config.services.lysand.ap.domain}.*`, + which can also be used to disable AMCE and TLS (will break federation). + ''; + }; + serviceScale = lib.mkOption { + type = types.int; + default = 1; + description = '' + How many lysand ap instances to run. + + See https://docs.invidious.io/improve-public-instance/#2-multiple-invidious-processes for more details + on how this is intended to work. All instances beyond the first one have the options `channel_threads` + and `feed_threads` set to 0 to avoid conflicts with multiple instances refreshing subscriptions. Instances + will be configured to bind to consecutive ports starting with {option}`services.invidious.port` for the + first instance. + ''; + }; + database = { + createLocally = lib.mkOption { + type = types.bool; + default = true; + description = '' + Whether to create a local database with PostgreSQL. + ''; + }; + + host = lib.mkOption { + type = types.nullOr types.str; + default = null; + description = '' + The database host Lysand AP layer should use. + + If `null`, the local unix socket is used. Otherwise + TCP is used. + ''; + }; + + port = lib.mkOption { + type = types.port; + default = config.services.postgresql.settings.port; + defaultText = lib.literalExpression "config.services.postgresql.settings.port"; + description = '' + The port of the database Lysand AP layer should use. + + Defaults to the the default postgresql port. + ''; + }; + + passwordFile = lib.mkOption { + type = types.nullOr types.str; + apply = lib.mapNullable toString; + default = null; + description = '' + Path to file containing the database password. + ''; + }; + + user = lib.mkOption { + type = types.str; + default = "lysandap"; + description = '' + The database user Lysand AP layer should use. + ''; + }; + + dbname = lib.mkOption { + type = types.str; + default = "lysandap"; + description = '' + The database name Lysand AP layer should use. + ''; + }; + }; + }; + + # Define what other settings, services and resources should be active IF + # a user of this "hello.nix" module ENABLED this module + # by setting "services.hello.enable = true;". + config = mkIf cfg.enable (lib.mkMerge [ + localDatabaseConfig + nginxConfig + { + systemd.services.lysandap = { + wantedBy = [ "multi-user.target" ]; + wants = [ "network-online.target" ]; + after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service"; + requires = lib.optional cfg.database.createLocally "postgresql.service"; + serviceConfig = { + RestartSec = "2s"; + DynamicUser = true; + User = lib.mkIf (cfg.database.createLocally || cfg.serviceScale > 1) "lysandap"; + StateDirectory = "lysandap"; + StateDirectoryMode = "0750"; + + CapabilityBoundingSet = ""; + PrivateDevices = true; + PrivateUsers = true; + ProtectHome = true; + ProtectKernelLogs = true; + ProtectProc = "invisible"; + RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ]; + RestrictNamespaces = true; + SystemCallArchitectures = "native"; + SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ]; + + # Because of various potential issues related to alpha/beta software, it is recommended to + # enable the following options to ensure the Lysand AP instance is restarted daily. + # This option enables the automatic restarting of the Invidious instance. + # To ensure multiple instances of Invidious are not restarted at the exact same time, a + # randomized extra offset of up to 5 minutes is added. + Restart = lib.mkDefault "always"; + RuntimeMaxSec = lib.mkDefault "1h"; + RuntimeRandomizedExtraSec = lib.mkDefault "5min"; + }; + }; + } + ]); +} diff --git a/shell.nix b/shell.nix index 63102f8..942ce01 100644 --- a/shell.nix +++ b/shell.nix @@ -1,13 +1,10 @@ -{ pkgs ? import { } }: - -pkgs.mkShell { - buildInputs = with pkgs; [ - rustc - cargo - rustfmt - rust-analyzer - clippy - ]; - - RUST_BACKTRACE = 1; -} +(import + ( + let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in + fetchTarball { + url = lock.nodes.flake-compat.locked.url or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; + sha256 = lock.nodes.flake-compat.locked.narHash; + } + ) + { src = ./.; } +).shellNix