1 diff --git a/nixos/modules/services/misc/sourcehut/builds.nix b/nixos/modules/services/misc/sourcehut/builds.nix
2 deleted file mode 100644
3 index 685a132d350..00000000000
4 --- a/nixos/modules/services/misc/sourcehut/builds.nix
7 -{ config, lib, options, pkgs, ... }:
11 - cfg = config.services.sourcehut;
12 - opt = options.services.sourcehut;
14 - rcfg = config.services.redis;
15 - iniKey = "builds.sr.ht";
17 - drv = pkgs.sourcehut.buildsrht;
20 - options.services.sourcehut.builds = {
23 - default = "buildsrht";
25 - User for builds.sr.ht.
33 - Port on which the "builds" module should listen.
37 - database = mkOption {
39 - default = "builds.sr.ht";
41 - PostgreSQL database name for builds.sr.ht.
45 - statePath = mkOption {
47 - default = "${cfg.statePath}/buildsrht";
48 - defaultText = literalExpression ''"''${config.${opt.statePath}}/buildsrht"'';
50 - State path for builds.sr.ht.
54 - enableWorker = mkOption {
58 - Run workers for builds.sr.ht.
63 - type = types.attrsOf (types.attrsOf (types.attrsOf types.package));
65 - example = lib.literalExpression ''(let
66 - # Pinning unstable to allow usage with flakes and limit rebuilds.
67 - pkgs_unstable = builtins.fetchGit {
68 - url = "https://github.com/NixOS/nixpkgs";
69 - rev = "ff96a0fa5635770390b184ae74debea75c3fd534";
70 - ref = "nixos-unstable";
72 - image_from_nixpkgs = pkgs_unstable: (import ("''${pkgs.sourcehut.buildsrht}/lib/images/nixos/image.nix") {
73 - pkgs = (import pkgs_unstable {});
77 - nixos.unstable.x86_64 = image_from_nixpkgs pkgs_unstable;
81 - Images for builds.sr.ht. Each package should be distro.release.arch and point to a /nix/store/package/root.img.qcow2.
87 - config = with scfg; let
88 - image_dirs = lib.lists.flatten (
89 - lib.attrsets.mapAttrsToList
91 - lib.attrsets.mapAttrsToList
93 - lib.attrsets.mapAttrsToList
95 - pkgs.runCommand "buildsrht-images" { } ''
96 - mkdir -p $out/${distro}/${rev}/${arch}
97 - ln -s ${image}/*.qcow2 $out/${distro}/${rev}/${arch}/root.img.qcow2
102 - image_dir_pre = pkgs.symlinkJoin {
103 - name = "builds.sr.ht-worker-images-pre";
104 - paths = image_dirs ++ [
105 - "${pkgs.sourcehut.buildsrht}/lib/images"
108 - image_dir = pkgs.runCommand "builds.sr.ht-worker-images" { } ''
109 - mkdir -p $out/images
110 - cp -Lr ${image_dir_pre}/* $out/images
113 - lib.mkIf (cfg.enable && elem "builds" cfg.services) {
117 - isSystemUser = true;
119 - extraGroups = lib.optionals cfg.builds.enableWorker [ "docker" ];
120 - description = "builds.sr.ht user";
129 - services.postgresql = {
130 - authentication = ''
131 - local ${database} ${user} trust
133 - ensureDatabases = [ database ];
137 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
144 - "d ${statePath} 0755 ${user} ${user} -"
145 - ] ++ (lib.optionals cfg.builds.enableWorker
146 - [ "d ${statePath}/logs 0775 ${user} ${user} - -" ]
150 - buildsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey
152 - after = [ "postgresql.service" "network.target" ];
153 - requires = [ "postgresql.service" ];
154 - wantedBy = [ "multi-user.target" ];
156 - description = "builds.sr.ht website service";
158 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
160 - # Hack to bypass this hack: https://git.sr.ht/~sircmpwn/core.sr.ht/tree/master/item/srht-update-profiles#L6
161 - } // { preStart = " "; };
163 - buildsrht-worker = {
164 - enable = scfg.enableWorker;
165 - after = [ "postgresql.service" "network.target" ];
166 - requires = [ "postgresql.service" ];
167 - wantedBy = [ "multi-user.target" ];
168 - partOf = [ "buildsrht.service" ];
169 - description = "builds.sr.ht worker service";
170 - path = [ pkgs.openssh pkgs.docker ];
171 - preStart = let qemuPackage = pkgs.qemu_kvm;
173 - if [[ "$(docker images -q qemu:latest 2> /dev/null)" == "" || "$(cat ${statePath}/docker-image-qemu 2> /dev/null || true)" != "${qemuPackage.version}" ]]; then
174 - # Create and import qemu:latest image for docker
176 - pkgs.dockerTools.streamLayeredImage {
179 - contents = [ qemuPackage ];
182 - # Mark down current package version
183 - printf "%s" "${qemuPackage.version}" > ${statePath}/docker-image-qemu
190 - Restart = "always";
192 - serviceConfig.ExecStart = "${pkgs.sourcehut.buildsrht}/bin/builds.sr.ht-worker";
197 - services.sourcehut.settings = {
198 - # URL builds.sr.ht is being served at (protocol://domain)
199 - "builds.sr.ht".origin = mkDefault "http://builds.${cfg.originBase}";
200 - # Address and port to bind the debug server to
201 - "builds.sr.ht".debug-host = mkDefault "0.0.0.0";
202 - "builds.sr.ht".debug-port = mkDefault port;
203 - # Configures the SQLAlchemy connection string for the database.
204 - "builds.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
205 - # Set to "yes" to automatically run migrations on package upgrade.
206 - "builds.sr.ht".migrate-on-upgrade = mkDefault "yes";
207 - # builds.sr.ht's OAuth client ID and secret for meta.sr.ht
208 - # Register your client at meta.example.org/oauth
209 - "builds.sr.ht".oauth-client-id = mkDefault null;
210 - "builds.sr.ht".oauth-client-secret = mkDefault null;
211 - # The redis connection used for the celery worker
212 - "builds.sr.ht".redis = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/3";
213 - # The shell used for ssh
214 - "builds.sr.ht".shell = mkDefault "runner-shell";
215 - # Register the builds.sr.ht dispatcher
216 - "git.sr.ht::dispatch".${builtins.unsafeDiscardStringContext "${pkgs.sourcehut.buildsrht}/bin/buildsrht-keys"} = mkDefault "${user}:${user}";
218 - # Location for build logs, images, and control command
219 - } // lib.attrsets.optionalAttrs scfg.enableWorker {
220 - # Default worker stores logs that are accessible via this address:port
221 - "builds.sr.ht::worker".name = mkDefault "127.0.0.1:5020";
222 - "builds.sr.ht::worker".buildlogs = mkDefault "${scfg.statePath}/logs";
223 - "builds.sr.ht::worker".images = mkDefault "${image_dir}/images";
224 - "builds.sr.ht::worker".controlcmd = mkDefault "${image_dir}/images/control";
225 - "builds.sr.ht::worker".timeout = mkDefault "3m";
228 - services.nginx.virtualHosts."logs.${cfg.originBase}" =
229 - if scfg.enableWorker then {
230 - listen = with builtins; let address = split ":" cfg.settings."builds.sr.ht::worker".name;
231 - in [{ addr = elemAt address 0; port = lib.toInt (elemAt address 2); }];
232 - locations."/logs".root = "${scfg.statePath}";
235 - services.nginx.virtualHosts."builds.${cfg.originBase}" = {
237 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
238 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
239 - locations."/static".root = "${pkgs.sourcehut.buildsrht}/${pkgs.sourcehut.python.sitePackages}/buildsrht";
243 diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix
244 index 5a6d011a729..f5e4742d902 100644
245 --- a/nixos/modules/services/misc/sourcehut/default.nix
246 +++ b/nixos/modules/services/misc/sourcehut/default.nix
247 @@ -83,7 +83,7 @@ let
248 python = pkgs.sourcehut.python.withPackages (ps: with ps; [
251 - # For monitoring Celery: sudo -u listssrht celery --app listssrht.process -b redis+socket:///run/redis-sourcehut/redis.sock?virtual_host=5 flower
252 + # For monitoring Celery: sudo -u listssrht celery --app listssrht.process -b redis+socket:///run/redis-sourcehut/redis.sock?virtual_host=1 flower
256 @@ -905,6 +905,11 @@ in
257 inherit configIniOfService;
258 srvsrht = "buildsrht";
260 + extraServices.buildsrht-api = {
261 + serviceConfig.Restart = "always";
262 + serviceConfig.RestartSec = "2s";
263 + serviceConfig.ExecStart = "${pkgs.sourcehut.buildsrht}/bin/buildsrht-api -b ${cfg.listenAddress}:${toString (cfg.builds.port + 100)}";
265 # TODO: a celery worker on the master and worker are apparently needed
266 extraServices.buildsrht-worker = let
267 qemuPackage = pkgs.qemu_kvm;
268 @@ -928,13 +933,13 @@ in
272 - ExecStart = "${pkgs.sourcehut.buildsrht}/bin/builds.sr.ht-worker";
273 + ExecStart = "${pkgs.sourcehut.buildsrht}/bin/buildsrht-worker";
274 BindPaths = [ cfg.settings."builds.sr.ht::worker".buildlogs ];
275 LogsDirectory = [ "sourcehut/${serviceName}" ];
276 RuntimeDirectory = [ "sourcehut/${serviceName}/subdir" ];
277 StateDirectory = [ "sourcehut/${serviceName}" ];
278 TimeoutStartSec = "1800s";
279 - # builds.sr.ht-worker looks up ../config.ini
280 + # buildsrht-worker looks up ../config.ini
281 WorkingDirectory = "-"+"/run/sourcehut/${serviceName}/subdir";
284 @@ -952,12 +957,12 @@ in
287 image_dir_pre = pkgs.symlinkJoin {
288 - name = "builds.sr.ht-worker-images-pre";
289 + name = "buildsrht-worker-images-pre";
291 # FIXME: not working, apparently because ubuntu/latest is a broken link
292 # ++ [ "${pkgs.sourcehut.buildsrht}/lib/images" ];
294 - image_dir = pkgs.runCommand "builds.sr.ht-worker-images" { } ''
295 + image_dir = pkgs.runCommand "buildsrht-worker-images" { } ''
297 cp -Lr ${image_dir_pre}/* $out/images
299 @@ -1081,6 +1086,11 @@ in
303 + extraServices.gitsrht-api = {
304 + serviceConfig.Restart = "always";
305 + serviceConfig.RestartSec = "2s";
306 + serviceConfig.ExecStart = "${pkgs.sourcehut.gitsrht}/bin/gitsrht-api -b ${cfg.listenAddress}:${toString (cfg.git.port + 100)}";
308 extraServices.gitsrht-fcgiwrap = mkIf cfg.nginx.enable {
310 # Socket is passed by gitsrht-fcgiwrap.socket
311 @@ -1124,6 +1134,11 @@ in
312 timerConfig.OnCalendar = ["daily"];
313 timerConfig.AccuracySec = "1h";
315 + extraServices.hgsrht-api = {
316 + serviceConfig.Restart = "always";
317 + serviceConfig.RestartSec = "2s";
318 + serviceConfig.ExecStart = "${pkgs.sourcehut.hgsrht}/bin/hgsrht-api -b ${cfg.listenAddress}:${toString (cfg.hg.port + 100)}";
320 extraConfig = mkMerge [
322 users.users.${cfg.hg.user}.shell = pkgs.bash;
323 @@ -1184,6 +1199,11 @@ in
324 inherit configIniOfService;
327 + extraServices.listssrht-api = {
328 + serviceConfig.Restart = "always";
329 + serviceConfig.RestartSec = "2s";
330 + serviceConfig.ExecStart = "${pkgs.sourcehut.listssrht}/bin/listssrht-api -b ${cfg.listenAddress}:${toString (cfg.lists.port + 100)}";
332 # Receive the mail from Postfix and enqueue them into Redis and PostgreSQL
333 extraServices.listssrht-lmtp = {
334 wants = [ "postfix.service" ];
335 @@ -1232,6 +1252,10 @@ in
336 inherit configIniOfService;
339 + extraTimers.metasrht-daily.timerConfig = {
340 + OnCalendar = ["daily"];
341 + AccuracySec = "1h";
343 extraServices.metasrht-api = {
344 serviceConfig.Restart = "always";
345 serviceConfig.RestartSec = "2s";
346 @@ -1248,10 +1272,6 @@ in
348 serviceConfig.ExecStart = "${pkgs.sourcehut.metasrht}/bin/metasrht-api -b ${cfg.listenAddress}:${toString (cfg.meta.port + 100)}";
350 - extraTimers.metasrht-daily.timerConfig = {
351 - OnCalendar = ["daily"];
352 - AccuracySec = "1h";
354 extraConfig = mkMerge [
357 @@ -1348,6 +1368,11 @@ in
358 inherit configIniOfService;
361 + extraServices.todosrht-api = {
362 + serviceConfig.Restart = "always";
363 + serviceConfig.RestartSec = "2s";
364 + serviceConfig.ExecStart = "${pkgs.sourcehut.todosrht}/bin/todosrht-api -b ${cfg.listenAddress}:${toString (cfg.todo.port + 100)}";
366 extraServices.todosrht-lmtp = {
367 wants = [ "postfix.service" ];
368 unitConfig.JoinsNamespaceOf = optional cfg.postfix.enable "postfix.service";
369 diff --git a/nixos/modules/services/misc/sourcehut/dispatch.nix b/nixos/modules/services/misc/sourcehut/dispatch.nix
370 deleted file mode 100644
371 index 292a51d3e1c..00000000000
372 --- a/nixos/modules/services/misc/sourcehut/dispatch.nix
375 -{ config, lib, options, pkgs, ... }:
379 - cfg = config.services.sourcehut;
380 - opt = options.services.sourcehut;
381 - cfgIni = cfg.settings;
382 - scfg = cfg.dispatch;
383 - iniKey = "dispatch.sr.ht";
385 - drv = pkgs.sourcehut.dispatchsrht;
388 - options.services.sourcehut.dispatch = {
391 - default = "dispatchsrht";
393 - User for dispatch.sr.ht.
401 - Port on which the "dispatch" module should listen.
405 - database = mkOption {
407 - default = "dispatch.sr.ht";
409 - PostgreSQL database name for dispatch.sr.ht.
413 - statePath = mkOption {
415 - default = "${cfg.statePath}/dispatchsrht";
416 - defaultText = literalExpression ''"''${config.${opt.statePath}}/dispatchsrht"'';
418 - State path for dispatch.sr.ht.
423 - config = with scfg; lib.mkIf (cfg.enable && elem "dispatch" cfg.services) {
428 - isSystemUser = true;
430 - description = "dispatch.sr.ht user";
439 - services.postgresql = {
440 - authentication = ''
441 - local ${database} ${user} trust
443 - ensureDatabases = [ database ];
447 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
454 - "d ${statePath} 0750 ${user} ${user} -"
457 - services.dispatchsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
458 - after = [ "postgresql.service" "network.target" ];
459 - requires = [ "postgresql.service" ];
460 - wantedBy = [ "multi-user.target" ];
462 - description = "dispatch.sr.ht website service";
464 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
468 - services.sourcehut.settings = {
469 - # URL dispatch.sr.ht is being served at (protocol://domain)
470 - "dispatch.sr.ht".origin = mkDefault "http://dispatch.${cfg.originBase}";
471 - # Address and port to bind the debug server to
472 - "dispatch.sr.ht".debug-host = mkDefault "0.0.0.0";
473 - "dispatch.sr.ht".debug-port = mkDefault port;
474 - # Configures the SQLAlchemy connection string for the database.
475 - "dispatch.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
476 - # Set to "yes" to automatically run migrations on package upgrade.
477 - "dispatch.sr.ht".migrate-on-upgrade = mkDefault "yes";
478 - # dispatch.sr.ht's OAuth client ID and secret for meta.sr.ht
479 - # Register your client at meta.example.org/oauth
480 - "dispatch.sr.ht".oauth-client-id = mkDefault null;
481 - "dispatch.sr.ht".oauth-client-secret = mkDefault null;
483 - # Github Integration
484 - "dispatch.sr.ht::github".oauth-client-id = mkDefault null;
485 - "dispatch.sr.ht::github".oauth-client-secret = mkDefault null;
487 - # Gitlab Integration
488 - "dispatch.sr.ht::gitlab".enabled = mkDefault null;
489 - "dispatch.sr.ht::gitlab".canonical-upstream = mkDefault "gitlab.com";
490 - "dispatch.sr.ht::gitlab".repo-cache = mkDefault "./repo-cache";
491 - # "dispatch.sr.ht::gitlab"."gitlab.com" = mkDefault "GitLab:application id:secret";
494 - services.nginx.virtualHosts."dispatch.${cfg.originBase}" = {
496 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
497 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
498 - locations."/static".root = "${pkgs.sourcehut.dispatchsrht}/${pkgs.sourcehut.python.sitePackages}/dispatchsrht";
502 diff --git a/nixos/modules/services/misc/sourcehut/git.nix b/nixos/modules/services/misc/sourcehut/git.nix
503 deleted file mode 100644
504 index ff110905d18..00000000000
505 --- a/nixos/modules/services/misc/sourcehut/git.nix
508 -{ config, lib, options, pkgs, ... }:
512 - cfg = config.services.sourcehut;
513 - opt = options.services.sourcehut;
515 - iniKey = "git.sr.ht";
517 - rcfg = config.services.redis;
518 - drv = pkgs.sourcehut.gitsrht;
521 - options.services.sourcehut.git = {
529 - User for git.sr.ht.
537 - Port on which the "git" module should listen.
541 - database = mkOption {
543 - default = "git.sr.ht";
545 - PostgreSQL database name for git.sr.ht.
549 - statePath = mkOption {
551 - default = "${cfg.statePath}/gitsrht";
552 - defaultText = literalExpression ''"''${config.${opt.statePath}}/gitsrht"'';
554 - State path for git.sr.ht.
558 - package = mkOption {
559 - type = types.package;
560 - default = pkgs.git;
561 - defaultText = literalExpression "pkgs.git";
562 - example = literalExpression "pkgs.gitFull";
564 - Git package for git.sr.ht. This can help silence collisions.
569 - config = with scfg; lib.mkIf (cfg.enable && elem "git" cfg.services) {
570 - # sshd refuses to run with `Unsafe AuthorizedKeysCommand ... bad ownership or modes for directory /nix/store`
571 - environment.etc."ssh/gitsrht-dispatch" = {
574 - #! ${pkgs.stdenv.shell}
575 - ${cfg.python}/bin/gitsrht-dispatch "$@"
579 - # Needs this in the $PATH when sshing into the server
580 - environment.systemPackages = [ cfg.git.package ];
585 - isSystemUser = true;
587 - # https://stackoverflow.com/questions/22314298/git-push-results-in-fatal-protocol-error-bad-line-length-character-this
588 - # Probably could use gitsrht-shell if output is restricted to just parameters...
590 - description = "git.sr.ht user";
600 - cron.systemCronJobs = [ "*/20 * * * * ${cfg.python}/bin/gitsrht-periodic" ];
601 - fcgiwrap.enable = true;
603 - openssh.authorizedKeysCommand = ''/etc/ssh/gitsrht-dispatch "%u" "%h" "%t" "%k"'';
604 - openssh.authorizedKeysCommandUser = "root";
605 - openssh.extraConfig = ''
606 - PermitUserEnvironment SRHT_*
610 - authentication = ''
611 - local ${database} ${user} trust
613 - ensureDatabases = [ database ];
617 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
625 - # /var/log is owned by root
626 - "f /var/log/git-srht-shell 0644 ${user} ${user} -"
628 - "d ${statePath} 0750 ${user} ${user} -"
629 - "d ${cfg.settings."${iniKey}".repos} 2755 ${user} ${user} -"
633 - gitsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
634 - after = [ "redis.service" "postgresql.service" "network.target" ];
635 - requires = [ "redis.service" "postgresql.service" ];
636 - wantedBy = [ "multi-user.target" ];
638 - # Needs internally to create repos at the very least
639 - path = [ pkgs.git ];
640 - description = "git.sr.ht website service";
642 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
645 - gitsrht-webhooks = {
646 - after = [ "postgresql.service" "network.target" ];
647 - requires = [ "postgresql.service" ];
648 - wantedBy = [ "multi-user.target" ];
650 - description = "git.sr.ht webhooks service";
654 - Restart = "always";
657 - serviceConfig.ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info";
662 - services.sourcehut.settings = {
663 - # URL git.sr.ht is being served at (protocol://domain)
664 - "git.sr.ht".origin = mkDefault "http://git.${cfg.originBase}";
665 - # Address and port to bind the debug server to
666 - "git.sr.ht".debug-host = mkDefault "0.0.0.0";
667 - "git.sr.ht".debug-port = mkDefault port;
668 - # Configures the SQLAlchemy connection string for the database.
669 - "git.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
670 - # Set to "yes" to automatically run migrations on package upgrade.
671 - "git.sr.ht".migrate-on-upgrade = mkDefault "yes";
672 - # The redis connection used for the webhooks worker
673 - "git.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/1";
675 - # A post-update script which is installed in every git repo.
676 - "git.sr.ht".post-update-script = mkDefault "${pkgs.sourcehut.gitsrht}/bin/gitsrht-update-hook";
678 - # git.sr.ht's OAuth client ID and secret for meta.sr.ht
679 - # Register your client at meta.example.org/oauth
680 - "git.sr.ht".oauth-client-id = mkDefault null;
681 - "git.sr.ht".oauth-client-secret = mkDefault null;
682 - # Path to git repositories on disk
683 - "git.sr.ht".repos = mkDefault "/var/lib/git";
685 - "git.sr.ht".outgoing-domain = mkDefault "http://git.${cfg.originBase}";
687 - # The authorized keys hook uses this to dispatch to various handlers
688 - # The format is a program to exec into as the key, and the user to match as the
689 - # value. When someone tries to log in as this user, this program is executed
690 - # and is expected to omit an AuthorizedKeys file.
692 - # Discard of the string context is in order to allow derivation-derived strings.
693 - # This is safe if the relevant package is installed which will be the case if the setting is utilized.
694 - "git.sr.ht::dispatch".${builtins.unsafeDiscardStringContext "${pkgs.sourcehut.gitsrht}/bin/gitsrht-keys"} = mkDefault "${user}:${user}";
697 - services.nginx.virtualHosts."git.${cfg.originBase}" = {
699 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
700 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
701 - locations."/static".root = "${pkgs.sourcehut.gitsrht}/${pkgs.sourcehut.python.sitePackages}/gitsrht";
703 - location = /authorize {
704 - proxy_pass http://${cfg.address}:${toString port};
705 - proxy_pass_request_body off;
706 - proxy_set_header Content-Length "";
707 - proxy_set_header X-Original-URI $request_uri;
709 - location ~ ^/([^/]+)/([^/]+)/(HEAD|info/refs|objects/info/.*|git-upload-pack).*$ {
710 - auth_request /authorize;
712 - fastcgi_pass unix:/run/fcgiwrap.sock;
713 - fastcgi_param SCRIPT_FILENAME ${pkgs.git}/bin/git-http-backend;
714 - fastcgi_param PATH_INFO $uri;
715 - fastcgi_param GIT_PROJECT_ROOT $document_root;
716 - fastcgi_read_timeout 500s;
717 - include ${config.services.nginx.package}/conf/fastcgi_params;
725 diff --git a/nixos/modules/services/misc/sourcehut/hg.nix b/nixos/modules/services/misc/sourcehut/hg.nix
726 deleted file mode 100644
727 index 6ba1df8b6dd..00000000000
728 --- a/nixos/modules/services/misc/sourcehut/hg.nix
731 -{ config, lib, options, pkgs, ... }:
735 - cfg = config.services.sourcehut;
736 - opt = options.services.sourcehut;
738 - iniKey = "hg.sr.ht";
740 - rcfg = config.services.redis;
741 - drv = pkgs.sourcehut.hgsrht;
744 - options.services.sourcehut.hg = {
759 - Port on which the "hg" module should listen.
763 - database = mkOption {
765 - default = "hg.sr.ht";
767 - PostgreSQL database name for hg.sr.ht.
771 - statePath = mkOption {
773 - default = "${cfg.statePath}/hgsrht";
774 - defaultText = literalExpression ''"''${config.${opt.statePath}}/hgsrht"'';
776 - State path for hg.sr.ht.
780 - cloneBundles = mkOption {
784 - Generate clonebundles (which require more disk space but dramatically speed up cloning large repositories).
789 - config = with scfg; lib.mkIf (cfg.enable && elem "hg" cfg.services) {
790 - # In case it ever comes into being
791 - environment.etc."ssh/hgsrht-dispatch" = {
794 - #! ${pkgs.stdenv.shell}
795 - ${cfg.python}/bin/gitsrht-dispatch $@
799 - environment.systemPackages = [ pkgs.mercurial ];
804 - isSystemUser = true;
806 - # Assuming hg.sr.ht needs this too
808 - description = "hg.sr.ht user";
818 - cron.systemCronJobs = [ "*/20 * * * * ${cfg.python}/bin/hgsrht-periodic" ]
819 - ++ optional cloneBundles "0 * * * * ${cfg.python}/bin/hgsrht-clonebundles";
821 - openssh.authorizedKeysCommand = ''/etc/ssh/hgsrht-dispatch "%u" "%h" "%t" "%k"'';
822 - openssh.authorizedKeysCommandUser = "root";
823 - openssh.extraConfig = ''
824 - PermitUserEnvironment SRHT_*
828 - authentication = ''
829 - local ${database} ${user} trust
831 - ensureDatabases = [ database ];
835 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
843 - # /var/log is owned by root
844 - "f /var/log/hg-srht-shell 0644 ${user} ${user} -"
846 - "d ${statePath} 0750 ${user} ${user} -"
847 - "d ${cfg.settings."${iniKey}".repos} 2755 ${user} ${user} -"
850 - services.hgsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
851 - after = [ "redis.service" "postgresql.service" "network.target" ];
852 - requires = [ "redis.service" "postgresql.service" ];
853 - wantedBy = [ "multi-user.target" ];
855 - path = [ pkgs.mercurial ];
856 - description = "hg.sr.ht website service";
858 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
862 - services.sourcehut.settings = {
863 - # URL hg.sr.ht is being served at (protocol://domain)
864 - "hg.sr.ht".origin = mkDefault "http://hg.${cfg.originBase}";
865 - # Address and port to bind the debug server to
866 - "hg.sr.ht".debug-host = mkDefault "0.0.0.0";
867 - "hg.sr.ht".debug-port = mkDefault port;
868 - # Configures the SQLAlchemy connection string for the database.
869 - "hg.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
870 - # The redis connection used for the webhooks worker
871 - "hg.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/1";
872 - # A post-update script which is installed in every mercurial repo.
873 - "hg.sr.ht".changegroup-script = mkDefault "${cfg.python}/bin/hgsrht-hook-changegroup";
874 - # hg.sr.ht's OAuth client ID and secret for meta.sr.ht
875 - # Register your client at meta.example.org/oauth
876 - "hg.sr.ht".oauth-client-id = mkDefault null;
877 - "hg.sr.ht".oauth-client-secret = mkDefault null;
878 - # Path to mercurial repositories on disk
879 - "hg.sr.ht".repos = mkDefault "/var/lib/hg";
880 - # Path to the srht mercurial extension
881 - # (defaults to where the hgsrht code is)
882 - # "hg.sr.ht".srhtext = mkDefault null;
883 - # .hg/store size (in MB) past which the nightly job generates clone bundles.
884 - # "hg.sr.ht".clone_bundle_threshold = mkDefault 50;
885 - # Path to hg-ssh (if not in $PATH)
886 - # "hg.sr.ht".hg_ssh = mkDefault /path/to/hg-ssh;
888 - # The authorized keys hook uses this to dispatch to various handlers
889 - # The format is a program to exec into as the key, and the user to match as the
890 - # value. When someone tries to log in as this user, this program is executed
891 - # and is expected to omit an AuthorizedKeys file.
893 - # Uncomment the relevant lines to enable the various sr.ht dispatchers.
894 - "hg.sr.ht::dispatch"."/run/current-system/sw/bin/hgsrht-keys" = mkDefault "${user}:${user}";
897 - # TODO: requires testing and addition of hg-specific requirements
898 - services.nginx.virtualHosts."hg.${cfg.originBase}" = {
900 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
901 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
902 - locations."/static".root = "${pkgs.sourcehut.hgsrht}/${pkgs.sourcehut.python.sitePackages}/hgsrht";
906 diff --git a/nixos/modules/services/misc/sourcehut/hub.nix b/nixos/modules/services/misc/sourcehut/hub.nix
907 deleted file mode 100644
908 index 7d137a76505..00000000000
909 --- a/nixos/modules/services/misc/sourcehut/hub.nix
912 -{ config, lib, options, pkgs, ... }:
916 - cfg = config.services.sourcehut;
917 - opt = options.services.sourcehut;
918 - cfgIni = cfg.settings;
920 - iniKey = "hub.sr.ht";
922 - drv = pkgs.sourcehut.hubsrht;
925 - options.services.sourcehut.hub = {
928 - default = "hubsrht";
930 - User for hub.sr.ht.
938 - Port on which the "hub" module should listen.
942 - database = mkOption {
944 - default = "hub.sr.ht";
946 - PostgreSQL database name for hub.sr.ht.
950 - statePath = mkOption {
952 - default = "${cfg.statePath}/hubsrht";
953 - defaultText = literalExpression ''"''${config.${opt.statePath}}/hubsrht"'';
955 - State path for hub.sr.ht.
960 - config = with scfg; lib.mkIf (cfg.enable && elem "hub" cfg.services) {
964 - isSystemUser = true;
966 - description = "hub.sr.ht user";
975 - services.postgresql = {
976 - authentication = ''
977 - local ${database} ${user} trust
979 - ensureDatabases = [ database ];
983 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
990 - "d ${statePath} 0750 ${user} ${user} -"
993 - services.hubsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
994 - after = [ "postgresql.service" "network.target" ];
995 - requires = [ "postgresql.service" ];
996 - wantedBy = [ "multi-user.target" ];
998 - description = "hub.sr.ht website service";
1000 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1004 - services.sourcehut.settings = {
1005 - # URL hub.sr.ht is being served at (protocol://domain)
1006 - "hub.sr.ht".origin = mkDefault "http://hub.${cfg.originBase}";
1007 - # Address and port to bind the debug server to
1008 - "hub.sr.ht".debug-host = mkDefault "0.0.0.0";
1009 - "hub.sr.ht".debug-port = mkDefault port;
1010 - # Configures the SQLAlchemy connection string for the database.
1011 - "hub.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1012 - # Set to "yes" to automatically run migrations on package upgrade.
1013 - "hub.sr.ht".migrate-on-upgrade = mkDefault "yes";
1014 - # hub.sr.ht's OAuth client ID and secret for meta.sr.ht
1015 - # Register your client at meta.example.org/oauth
1016 - "hub.sr.ht".oauth-client-id = mkDefault null;
1017 - "hub.sr.ht".oauth-client-secret = mkDefault null;
1020 - services.nginx.virtualHosts."${cfg.originBase}" = {
1022 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1023 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1024 - locations."/static".root = "${pkgs.sourcehut.hubsrht}/${pkgs.sourcehut.python.sitePackages}/hubsrht";
1026 - services.nginx.virtualHosts."hub.${cfg.originBase}" = {
1027 - globalRedirect = "${cfg.originBase}";
1032 diff --git a/nixos/modules/services/misc/sourcehut/lists.nix b/nixos/modules/services/misc/sourcehut/lists.nix
1033 deleted file mode 100644
1034 index 76f155caa05..00000000000
1035 --- a/nixos/modules/services/misc/sourcehut/lists.nix
1038 -# Email setup is fairly involved, useful references:
1039 -# https://drewdevault.com/2018/08/05/Local-mail-server.html
1041 -{ config, lib, options, pkgs, ... }:
1045 - cfg = config.services.sourcehut;
1046 - opt = options.services.sourcehut;
1047 - cfgIni = cfg.settings;
1049 - iniKey = "lists.sr.ht";
1051 - rcfg = config.services.redis;
1052 - drv = pkgs.sourcehut.listssrht;
1055 - options.services.sourcehut.lists = {
1058 - default = "listssrht";
1060 - User for lists.sr.ht.
1065 - type = types.port;
1068 - Port on which the "lists" module should listen.
1072 - database = mkOption {
1074 - default = "lists.sr.ht";
1076 - PostgreSQL database name for lists.sr.ht.
1080 - statePath = mkOption {
1081 - type = types.path;
1082 - default = "${cfg.statePath}/listssrht";
1083 - defaultText = literalExpression ''"''${config.${opt.statePath}}/listssrht"'';
1085 - State path for lists.sr.ht.
1090 - config = with scfg; lib.mkIf (cfg.enable && elem "lists" cfg.services) {
1094 - isSystemUser = true;
1096 - extraGroups = [ "postfix" ];
1097 - description = "lists.sr.ht user";
1105 - services.postgresql = {
1106 - authentication = ''
1107 - local ${database} ${user} trust
1109 - ensureDatabases = [ database ];
1113 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
1119 - tmpfiles.rules = [
1120 - "d ${statePath} 0750 ${user} ${user} -"
1124 - listssrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1125 - after = [ "postgresql.service" "network.target" ];
1126 - requires = [ "postgresql.service" ];
1127 - wantedBy = [ "multi-user.target" ];
1129 - description = "lists.sr.ht website service";
1131 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1134 - listssrht-process = {
1135 - after = [ "postgresql.service" "network.target" ];
1136 - requires = [ "postgresql.service" ];
1137 - wantedBy = [ "multi-user.target" ];
1139 - description = "lists.sr.ht process service";
1143 - Restart = "always";
1144 - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.process worker --loglevel=info";
1148 - listssrht-lmtp = {
1149 - after = [ "postgresql.service" "network.target" ];
1150 - requires = [ "postgresql.service" ];
1151 - wantedBy = [ "multi-user.target" ];
1153 - description = "lists.sr.ht process service";
1157 - Restart = "always";
1158 - ExecStart = "${cfg.python}/bin/listssrht-lmtp";
1163 - listssrht-webhooks = {
1164 - after = [ "postgresql.service" "network.target" ];
1165 - requires = [ "postgresql.service" ];
1166 - wantedBy = [ "multi-user.target" ];
1168 - description = "lists.sr.ht webhooks service";
1172 - Restart = "always";
1173 - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info";
1179 - services.sourcehut.settings = {
1180 - # URL lists.sr.ht is being served at (protocol://domain)
1181 - "lists.sr.ht".origin = mkDefault "http://lists.${cfg.originBase}";
1182 - # Address and port to bind the debug server to
1183 - "lists.sr.ht".debug-host = mkDefault "0.0.0.0";
1184 - "lists.sr.ht".debug-port = mkDefault port;
1185 - # Configures the SQLAlchemy connection string for the database.
1186 - "lists.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1187 - # Set to "yes" to automatically run migrations on package upgrade.
1188 - "lists.sr.ht".migrate-on-upgrade = mkDefault "yes";
1189 - # lists.sr.ht's OAuth client ID and secret for meta.sr.ht
1190 - # Register your client at meta.example.org/oauth
1191 - "lists.sr.ht".oauth-client-id = mkDefault null;
1192 - "lists.sr.ht".oauth-client-secret = mkDefault null;
1193 - # Outgoing email for notifications generated by users
1194 - "lists.sr.ht".notify-from = mkDefault "CHANGEME@example.org";
1195 - # The redis connection used for the webhooks worker
1196 - "lists.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/2";
1197 - # The redis connection used for the celery worker
1198 - "lists.sr.ht".redis = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/4";
1200 - "lists.sr.ht".network-key = mkDefault null;
1202 - "lists.sr.ht".allow-new-lists = mkDefault "no";
1204 - "lists.sr.ht".posting-domain = mkDefault "lists.${cfg.originBase}";
1206 - # Path for the lmtp daemon's unix socket. Direct incoming mail to this socket.
1207 - # Alternatively, specify IP:PORT and an SMTP server will be run instead.
1208 - "lists.sr.ht::worker".sock = mkDefault "/tmp/lists.sr.ht-lmtp.sock";
1209 - # The lmtp daemon will make the unix socket group-read/write for users in this
1211 - "lists.sr.ht::worker".sock-group = mkDefault "postfix";
1212 - "lists.sr.ht::worker".reject-url = mkDefault "https://man.sr.ht/lists.sr.ht/etiquette.md";
1213 - "lists.sr.ht::worker".reject-mimetypes = mkDefault "text/html";
1217 - services.nginx.virtualHosts."lists.${cfg.originBase}" = {
1219 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1220 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1221 - locations."/static".root = "${pkgs.sourcehut.listssrht}/${pkgs.sourcehut.python.sitePackages}/listssrht";
1225 diff --git a/nixos/modules/services/misc/sourcehut/man.nix b/nixos/modules/services/misc/sourcehut/man.nix
1226 deleted file mode 100644
1227 index 8ca271c32ee..00000000000
1228 --- a/nixos/modules/services/misc/sourcehut/man.nix
1231 -{ config, lib, options, pkgs, ... }:
1235 - cfg = config.services.sourcehut;
1236 - opt = options.services.sourcehut;
1237 - cfgIni = cfg.settings;
1239 - iniKey = "man.sr.ht";
1241 - drv = pkgs.sourcehut.mansrht;
1244 - options.services.sourcehut.man = {
1247 - default = "mansrht";
1249 - User for man.sr.ht.
1254 - type = types.port;
1257 - Port on which the "man" module should listen.
1261 - database = mkOption {
1263 - default = "man.sr.ht";
1265 - PostgreSQL database name for man.sr.ht.
1269 - statePath = mkOption {
1270 - type = types.path;
1271 - default = "${cfg.statePath}/mansrht";
1272 - defaultText = literalExpression ''"''${config.${opt.statePath}}/mansrht"'';
1274 - State path for man.sr.ht.
1279 - config = with scfg; lib.mkIf (cfg.enable && elem "man" cfg.services) {
1283 - assertion = hasAttrByPath [ "git.sr.ht" "oauth-client-id" ] cfgIni;
1284 - message = "man.sr.ht needs access to git.sr.ht.";
1291 - isSystemUser = true;
1293 - description = "man.sr.ht user";
1302 - services.postgresql = {
1303 - authentication = ''
1304 - local ${database} ${user} trust
1306 - ensureDatabases = [ database ];
1310 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
1316 - tmpfiles.rules = [
1317 - "d ${statePath} 0750 ${user} ${user} -"
1320 - services.mansrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1321 - after = [ "postgresql.service" "network.target" ];
1322 - requires = [ "postgresql.service" ];
1323 - wantedBy = [ "multi-user.target" ];
1325 - description = "man.sr.ht website service";
1327 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1331 - services.sourcehut.settings = {
1332 - # URL man.sr.ht is being served at (protocol://domain)
1333 - "man.sr.ht".origin = mkDefault "http://man.${cfg.originBase}";
1334 - # Address and port to bind the debug server to
1335 - "man.sr.ht".debug-host = mkDefault "0.0.0.0";
1336 - "man.sr.ht".debug-port = mkDefault port;
1337 - # Configures the SQLAlchemy connection string for the database.
1338 - "man.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1339 - # Set to "yes" to automatically run migrations on package upgrade.
1340 - "man.sr.ht".migrate-on-upgrade = mkDefault "yes";
1341 - # man.sr.ht's OAuth client ID and secret for meta.sr.ht
1342 - # Register your client at meta.example.org/oauth
1343 - "man.sr.ht".oauth-client-id = mkDefault null;
1344 - "man.sr.ht".oauth-client-secret = mkDefault null;
1347 - services.nginx.virtualHosts."man.${cfg.originBase}" = {
1349 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1350 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1351 - locations."/static".root = "${pkgs.sourcehut.mansrht}/${pkgs.sourcehut.python.sitePackages}/mansrht";
1355 diff --git a/nixos/modules/services/misc/sourcehut/meta.nix b/nixos/modules/services/misc/sourcehut/meta.nix
1356 deleted file mode 100644
1357 index 33e4f2332b5..00000000000
1358 --- a/nixos/modules/services/misc/sourcehut/meta.nix
1361 -{ config, lib, options, pkgs, ... }:
1365 - cfg = config.services.sourcehut;
1366 - opt = options.services.sourcehut;
1367 - cfgIni = cfg.settings;
1369 - iniKey = "meta.sr.ht";
1371 - rcfg = config.services.redis;
1372 - drv = pkgs.sourcehut.metasrht;
1375 - options.services.sourcehut.meta = {
1378 - default = "metasrht";
1380 - User for meta.sr.ht.
1385 - type = types.port;
1388 - Port on which the "meta" module should listen.
1392 - database = mkOption {
1394 - default = "meta.sr.ht";
1396 - PostgreSQL database name for meta.sr.ht.
1400 - statePath = mkOption {
1401 - type = types.path;
1402 - default = "${cfg.statePath}/metasrht";
1403 - defaultText = literalExpression ''"''${config.${opt.statePath}}/metasrht"'';
1405 - State path for meta.sr.ht.
1410 - config = with scfg; lib.mkIf (cfg.enable && elem "meta" cfg.services) {
1414 - assertion = with cfgIni."meta.sr.ht::billing"; enabled == "yes" -> (stripe-public-key != null && stripe-secret-key != null);
1415 - message = "If meta.sr.ht::billing is enabled, the keys should be defined.";
1422 - isSystemUser = true;
1424 - description = "meta.sr.ht user";
1433 - services.cron.systemCronJobs = [ "0 0 * * * ${cfg.python}/bin/metasrht-daily" ];
1434 - services.postgresql = {
1435 - authentication = ''
1436 - local ${database} ${user} trust
1438 - ensureDatabases = [ database ];
1442 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
1448 - tmpfiles.rules = [
1449 - "d ${statePath} 0750 ${user} ${user} -"
1453 - metasrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1454 - after = [ "postgresql.service" "network.target" ];
1455 - requires = [ "postgresql.service" ];
1456 - wantedBy = [ "multi-user.target" ];
1458 - description = "meta.sr.ht website service";
1461 - # Configure client(s) as "preauthorized"
1462 - ${concatMapStringsSep "\n\n"
1464 - if ! test -e "${statePath}/${attr}.oauth" || [ "$(cat ${statePath}/${attr}.oauth)" != "${cfgIni."${attr}".oauth-client-id}" ]; then
1465 - # Configure ${attr}'s OAuth client as "preauthorized"
1466 - psql ${database} \
1467 - -c "UPDATE oauthclient SET preauthorized = true WHERE client_id = '${cfgIni."${attr}".oauth-client-id}'"
1469 - printf "%s" "${cfgIni."${attr}".oauth-client-id}" > "${statePath}/${attr}.oauth"
1472 - (builtins.attrNames (filterAttrs
1473 - (k: v: !(hasInfix "::" k) && builtins.hasAttr "oauth-client-id" v && v.oauth-client-id != null)
1477 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1480 - metasrht-api = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1481 - after = [ "postgresql.service" "network.target" ];
1482 - requires = [ "postgresql.service" ];
1483 - wantedBy = [ "multi-user.target" ];
1485 - description = "meta.sr.ht api service";
1488 - # Configure client(s) as "preauthorized"
1489 - ${concatMapStringsSep "\n\n"
1491 - if ! test -e "${statePath}/${attr}.oauth" || [ "$(cat ${statePath}/${attr}.oauth)" != "${cfgIni."${attr}".oauth-client-id}" ]; then
1492 - # Configure ${attr}'s OAuth client as "preauthorized"
1493 - psql ${database} \
1494 - -c "UPDATE oauthclient SET preauthorized = true WHERE client_id = '${cfgIni."${attr}".oauth-client-id}'"
1496 - printf "%s" "${cfgIni."${attr}".oauth-client-id}" > "${statePath}/${attr}.oauth"
1499 - (builtins.attrNames (filterAttrs
1500 - (k: v: !(hasInfix "::" k) && builtins.hasAttr "oauth-client-id" v && v.oauth-client-id != null)
1504 - serviceConfig.ExecStart = "${pkgs.sourcehut.metasrht}/bin/metasrht-api -b :${toString (port + 100)}";
1507 - metasrht-webhooks = {
1508 - after = [ "postgresql.service" "network.target" ];
1509 - requires = [ "postgresql.service" ];
1510 - wantedBy = [ "multi-user.target" ];
1512 - description = "meta.sr.ht webhooks service";
1516 - Restart = "always";
1517 - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info";
1524 - services.sourcehut.settings = {
1525 - # URL meta.sr.ht is being served at (protocol://domain)
1526 - "meta.sr.ht".origin = mkDefault "https://meta.${cfg.originBase}";
1527 - # Address and port to bind the debug server to
1528 - "meta.sr.ht".debug-host = mkDefault "0.0.0.0";
1529 - "meta.sr.ht".debug-port = mkDefault port;
1530 - # Configures the SQLAlchemy connection string for the database.
1531 - "meta.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1532 - # Set to "yes" to automatically run migrations on package upgrade.
1533 - "meta.sr.ht".migrate-on-upgrade = mkDefault "yes";
1534 - # If "yes", the user will be sent the stock sourcehut welcome emails after
1535 - # signup (requires cron to be configured properly). These are specific to the
1536 - # sr.ht instance so you probably want to patch these before enabling this.
1537 - "meta.sr.ht".welcome-emails = mkDefault "no";
1539 - # The redis connection used for the webhooks worker
1540 - "meta.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/6";
1542 - # If "no", public registration will not be permitted.
1543 - "meta.sr.ht::settings".registration = mkDefault "no";
1544 - # Where to redirect new users upon registration
1545 - "meta.sr.ht::settings".onboarding-redirect = mkDefault "https://meta.${cfg.originBase}";
1546 - # How many invites each user is issued upon registration (only applicable if
1547 - # open registration is disabled)
1548 - "meta.sr.ht::settings".user-invites = mkDefault 5;
1550 - # Origin URL for API, 100 more than web
1551 - "meta.sr.ht".api-origin = mkDefault "http://localhost:5100";
1553 - # You can add aliases for the client IDs of commonly used OAuth clients here.
1556 - "meta.sr.ht::aliases" = mkDefault { };
1557 - # "meta.sr.ht::aliases"."git.sr.ht" = 12345;
1559 - # "yes" to enable the billing system
1560 - "meta.sr.ht::billing".enabled = mkDefault "no";
1561 - # Get your keys at https://dashboard.stripe.com/account/apikeys
1562 - "meta.sr.ht::billing".stripe-public-key = mkDefault null;
1563 - "meta.sr.ht::billing".stripe-secret-key = mkDefault null;
1566 - services.nginx.virtualHosts."meta.${cfg.originBase}" = {
1568 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1569 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1570 - locations."/static".root = "${pkgs.sourcehut.metasrht}/${pkgs.sourcehut.python.sitePackages}/metasrht";
1574 diff --git a/nixos/modules/services/misc/sourcehut/paste.nix b/nixos/modules/services/misc/sourcehut/paste.nix
1575 deleted file mode 100644
1576 index b481ebaf891..00000000000
1577 --- a/nixos/modules/services/misc/sourcehut/paste.nix
1580 -{ config, lib, options, pkgs, ... }:
1584 - cfg = config.services.sourcehut;
1585 - opt = options.services.sourcehut;
1586 - cfgIni = cfg.settings;
1588 - iniKey = "paste.sr.ht";
1590 - rcfg = config.services.redis;
1591 - drv = pkgs.sourcehut.pastesrht;
1594 - options.services.sourcehut.paste = {
1597 - default = "pastesrht";
1599 - User for paste.sr.ht.
1604 - type = types.port;
1607 - Port on which the "paste" module should listen.
1611 - database = mkOption {
1613 - default = "paste.sr.ht";
1615 - PostgreSQL database name for paste.sr.ht.
1619 - statePath = mkOption {
1620 - type = types.path;
1621 - default = "${cfg.statePath}/pastesrht";
1622 - defaultText = literalExpression ''"''${config.${opt.statePath}}/pastesrht"'';
1624 - State path for pastesrht.sr.ht.
1629 - config = with scfg; lib.mkIf (cfg.enable && elem "paste" cfg.services) {
1633 - isSystemUser = true;
1635 - description = "paste.sr.ht user";
1644 - services.postgresql = {
1645 - authentication = ''
1646 - local ${database} ${user} trust
1648 - ensureDatabases = [ database ];
1652 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
1658 - tmpfiles.rules = [
1659 - "d ${statePath} 0750 ${user} ${user} -"
1663 - pastesrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1664 - after = [ "postgresql.service" "network.target" ];
1665 - requires = [ "postgresql.service" ];
1666 - wantedBy = [ "multi-user.target" ];
1668 - description = "paste.sr.ht website service";
1670 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1673 - pastesrht-webhooks = {
1674 - after = [ "postgresql.service" "network.target" ];
1675 - requires = [ "postgresql.service" ];
1676 - wantedBy = [ "multi-user.target" ];
1678 - description = "paste.sr.ht webhooks service";
1682 - Restart = "always";
1683 - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info";
1690 - services.sourcehut.settings = {
1691 - # URL paste.sr.ht is being served at (protocol://domain)
1692 - "paste.sr.ht".origin = mkDefault "http://paste.${cfg.originBase}";
1693 - # Address and port to bind the debug server to
1694 - "paste.sr.ht".debug-host = mkDefault "0.0.0.0";
1695 - "paste.sr.ht".debug-port = mkDefault port;
1696 - # Configures the SQLAlchemy connection string for the database.
1697 - "paste.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1698 - # Set to "yes" to automatically run migrations on package upgrade.
1699 - "paste.sr.ht".migrate-on-upgrade = mkDefault "yes";
1700 - # paste.sr.ht's OAuth client ID and secret for meta.sr.ht
1701 - # Register your client at meta.example.org/oauth
1702 - "paste.sr.ht".oauth-client-id = mkDefault null;
1703 - "paste.sr.ht".oauth-client-secret = mkDefault null;
1704 - "paste.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/5";
1707 - services.nginx.virtualHosts."paste.${cfg.originBase}" = {
1709 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1710 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1711 - locations."/static".root = "${pkgs.sourcehut.pastesrht}/${pkgs.sourcehut.python.sitePackages}/pastesrht";
1715 diff --git a/nixos/modules/services/misc/sourcehut/service.nix b/nixos/modules/services/misc/sourcehut/service.nix
1716 index f1706ad0a6a..4ecc7a72669 100644
1717 --- a/nixos/modules/services/misc/sourcehut/service.nix
1718 +++ b/nixos/modules/services/misc/sourcehut/service.nix
1719 @@ -148,7 +148,7 @@ in
1723 - default = "unix:/run/redis-sourcehut-${srvsrht}/redis.sock?db=0";
1724 + default = "unix:///run/redis-sourcehut-${srvsrht}/redis.sock?db=0";
1725 example = "redis://shared.wireguard:6379/0";
1727 The redis host URL. This is used for caching and temporary storage, and must
1728 diff --git a/nixos/modules/services/misc/sourcehut/todo.nix b/nixos/modules/services/misc/sourcehut/todo.nix
1729 deleted file mode 100644
1730 index 262fa48f59d..00000000000
1731 --- a/nixos/modules/services/misc/sourcehut/todo.nix
1734 -{ config, lib, options, pkgs, ... }:
1738 - cfg = config.services.sourcehut;
1739 - opt = options.services.sourcehut;
1740 - cfgIni = cfg.settings;
1742 - iniKey = "todo.sr.ht";
1744 - rcfg = config.services.redis;
1745 - drv = pkgs.sourcehut.todosrht;
1748 - options.services.sourcehut.todo = {
1751 - default = "todosrht";
1753 - User for todo.sr.ht.
1758 - type = types.port;
1761 - Port on which the "todo" module should listen.
1765 - database = mkOption {
1767 - default = "todo.sr.ht";
1769 - PostgreSQL database name for todo.sr.ht.
1773 - statePath = mkOption {
1774 - type = types.path;
1775 - default = "${cfg.statePath}/todosrht";
1776 - defaultText = literalExpression ''"''${config.${opt.statePath}}/todosrht"'';
1778 - State path for todo.sr.ht.
1783 - config = with scfg; lib.mkIf (cfg.enable && elem "todo" cfg.services) {
1787 - isSystemUser = true;
1789 - extraGroups = [ "postfix" ];
1790 - description = "todo.sr.ht user";
1798 - services.postgresql = {
1799 - authentication = ''
1800 - local ${database} ${user} trust
1802 - ensureDatabases = [ database ];
1806 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
1812 - tmpfiles.rules = [
1813 - "d ${statePath} 0750 ${user} ${user} -"
1817 - todosrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1818 - after = [ "postgresql.service" "network.target" ];
1819 - requires = [ "postgresql.service" ];
1820 - wantedBy = [ "multi-user.target" ];
1822 - description = "todo.sr.ht website service";
1824 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1828 - after = [ "postgresql.service" "network.target" ];
1829 - bindsTo = [ "postgresql.service" ];
1830 - wantedBy = [ "multi-user.target" ];
1832 - description = "todo.sr.ht process service";
1836 - Restart = "always";
1837 - ExecStart = "${cfg.python}/bin/todosrht-lmtp";
1841 - todosrht-webhooks = {
1842 - after = [ "postgresql.service" "network.target" ];
1843 - requires = [ "postgresql.service" ];
1844 - wantedBy = [ "multi-user.target" ];
1846 - description = "todo.sr.ht webhooks service";
1850 - Restart = "always";
1851 - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info";
1858 - services.sourcehut.settings = {
1859 - # URL todo.sr.ht is being served at (protocol://domain)
1860 - "todo.sr.ht".origin = mkDefault "http://todo.${cfg.originBase}";
1861 - # Address and port to bind the debug server to
1862 - "todo.sr.ht".debug-host = mkDefault "0.0.0.0";
1863 - "todo.sr.ht".debug-port = mkDefault port;
1864 - # Configures the SQLAlchemy connection string for the database.
1865 - "todo.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1866 - # Set to "yes" to automatically run migrations on package upgrade.
1867 - "todo.sr.ht".migrate-on-upgrade = mkDefault "yes";
1868 - # todo.sr.ht's OAuth client ID and secret for meta.sr.ht
1869 - # Register your client at meta.example.org/oauth
1870 - "todo.sr.ht".oauth-client-id = mkDefault null;
1871 - "todo.sr.ht".oauth-client-secret = mkDefault null;
1872 - # Outgoing email for notifications generated by users
1873 - "todo.sr.ht".notify-from = mkDefault "CHANGEME@example.org";
1874 - # The redis connection used for the webhooks worker
1875 - "todo.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/1";
1877 - "todo.sr.ht".network-key = mkDefault null;
1879 - # Path for the lmtp daemon's unix socket. Direct incoming mail to this socket.
1880 - # Alternatively, specify IP:PORT and an SMTP server will be run instead.
1881 - "todo.sr.ht::mail".sock = mkDefault "/tmp/todo.sr.ht-lmtp.sock";
1882 - # The lmtp daemon will make the unix socket group-read/write for users in this
1884 - "todo.sr.ht::mail".sock-group = mkDefault "postfix";
1886 - "todo.sr.ht::mail".posting-domain = mkDefault "todo.${cfg.originBase}";
1889 - services.nginx.virtualHosts."todo.${cfg.originBase}" = {
1891 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1892 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1893 - locations."/static".root = "${pkgs.sourcehut.todosrht}/${pkgs.sourcehut.python.sitePackages}/todosrht";
1897 diff --git a/nixos/tests/sourcehut.nix b/nixos/tests/sourcehut.nix
1898 index 34a60247e00..6998f4f0c10 100644
1899 --- a/nixos/tests/sourcehut.nix
1900 +++ b/nixos/tests/sourcehut.nix
1901 @@ -195,6 +195,7 @@ in
1903 machine.wait_for_unit("metasrht-api.service")
1904 machine.wait_for_unit("metasrht.service")
1905 + machine.wait_for_unit("metasrht-webhooks.service")
1906 machine.wait_for_open_port(5000)
1907 machine.succeed("curl -sL http://localhost:5000 | grep meta.${domain}")
1908 machine.succeed("curl -sL http://meta.${domain} | grep meta.${domain}")
1909 diff --git a/pkgs/applications/version-management/sourcehut/builds.nix b/pkgs/applications/version-management/sourcehut/builds.nix
1910 index 350afd07fe1..99d6a05c4eb 100644
1911 --- a/pkgs/applications/version-management/sourcehut/builds.nix
1912 +++ b/pkgs/applications/version-management/sourcehut/builds.nix
1915 , fetchFromSourcehut
1916 -, buildPythonPackage
1918 +, buildPythonPackage
1929 - version = "0.75.2";
1930 + version = "0.80.0";
1932 src = fetchFromSourcehut {
1933 owner = "~sircmpwn";
1934 repo = "builds.sr.ht";
1936 - sha256 = "sha256-SwyxMzmp9baRQ0vceuEn/OpfIv7z7jwq/l67hdOHXjM=";
1937 + sha256 = "sha256-SzA9bOXiXULRD4Eq9xBbbmMUpXT8egOtooZFF4p79ms=";
1940 - buildWorker = src: buildGoModule {
1941 + buildsrht-api = buildGoModule ({
1942 inherit src version;
1943 - pname = "builds-sr-ht-worker";
1944 + pname = "buildsrht-api";
1946 + vendorSha256 = "sha256-roTwqtg4Y846PNtLdRN/LV3Jd0LVElqjFy3DJcrwoaI=";
1947 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
1949 + buildsrht-worker = buildGoModule {
1950 + inherit src version;
1951 + sourceRoot = "source/worker";
1952 + pname = "buildsrht-worker";
1953 vendorSha256 = "sha256-Pf1M9a43eK4jr6QMi6kRHA8DodXQU0pqq9ua5VC3ER0=";
1956 @@ -31,10 +39,10 @@ buildPythonPackage rec {
1957 inherit src version;
1958 pname = "buildsrht";
1961 - # Revert change breaking Unix socket support for Redis
1962 - patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch
1965 + substituteInPlace Makefile \
1966 + --replace "all: api worker" ""
1969 nativeBuildInputs = srht.nativeBuildInputs;
1971 @@ -58,7 +66,8 @@ buildPythonPackage rec {
1973 cp -r images $out/lib
1974 cp contrib/submit_image_build $out/bin/builds.sr.ht
1975 - cp ${buildWorker "${src}/worker"}/bin/worker $out/bin/builds.sr.ht-worker
1976 + ln -s ${buildsrht-api}/bin/api $out/bin/buildsrht-api
1977 + ln -s ${buildsrht-worker}/bin/worker $out/bin/buildsrht-worker
1980 pythonImportsCheck = [ "buildsrht" ];
1981 diff --git a/pkgs/applications/version-management/sourcehut/core.nix b/pkgs/applications/version-management/sourcehut/core.nix
1982 index 805da8c3282..0648f21910f 100644
1983 --- a/pkgs/applications/version-management/sourcehut/core.nix
1984 +++ b/pkgs/applications/version-management/sourcehut/core.nix
1988 +, fetchFromSourcehut
1990 , buildPythonPackage
1994 buildPythonPackage rec {
1996 - version = "0.68.14";
1997 + version = "0.68.24";
2000 - url = "https://git.sr.ht/~sircmpwn/core.sr.ht";
2001 + src = fetchFromSourcehut {
2002 + owner = "~sircmpwn";
2003 + repo = "core.sr.ht";
2005 - sha256 = "sha256-BY3W2rwrg0mhH3CltgUqg6Xv8Ve5VZNY/lI1cfbAjYM=";
2006 + sha256 = "sha256-ipukga6vfBgDIXOQCejCkU/iTmBt5egIjB+NlJyL2yo=";
2007 fetchSubmodules = true;
2010 @@ -47,6 +48,8 @@ buildPythonPackage rec {
2012 # Disable check for npm
2013 ./disable-npm-install.patch
2014 + # Fix Unix socket support in RedisQueueCollector
2015 + patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch
2018 nativeBuildInputs = [
2019 diff --git a/pkgs/applications/version-management/sourcehut/default.nix b/pkgs/applications/version-management/sourcehut/default.nix
2020 index 00810f208cc..aee65dee3bb 100644
2021 --- a/pkgs/applications/version-management/sourcehut/default.nix
2022 +++ b/pkgs/applications/version-management/sourcehut/default.nix
2030 # To expose the *srht modules, they have to be a python module so we use `buildPythonModule`
2031 @@ -44,4 +45,7 @@ with python.pkgs; recurseIntoAttrs {
2032 pagessrht = pagessrht;
2033 pastesrht = toPythonApplication pastesrht;
2034 todosrht = toPythonApplication todosrht;
2035 + passthru.tests = {
2036 + nixos-sourcehut = nixosTests.sourcehut;
2039 diff --git a/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix
2040 new file mode 100644
2041 index 00000000000..1f94913292e
2043 +++ b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix
2047 + overrideModAttrs = (_: {
2048 + # No need to workaround -trimpath: it's not used in go-modules,
2049 + # but do download `go generate`'s dependencies nonetheless.
2052 + go generate ./loaders
2053 + go generate ./graph
2059 + # go: git.sr.ht/~emersion/go-emailthreads@v0.0.0-20220412093310-4fd792e343ba: module lookup disabled by GOPROXY=off
2060 + # tidy failed: go mod tidy failed: exit status 1
2061 + # graph/generate.go:10: running "go": exit status 1
2062 + proxyVendor = true;
2064 + # Workaround -trimpath in the package derivation:
2065 + # https://github.com/99designs/gqlgen/issues/1537
2066 + # This is to give `go generate ./graph` access to gqlgen's *.gotpl files
2067 + # If it fails, the gqlgenVersion may have to be updated.
2068 + preBuild = let gqlgenVersion = "0.17.2"; in ''
2070 + ${unzip}/bin/unzip ''${GOPROXY#"file://"}/github.com/99designs/gqlgen/@v/v${gqlgenVersion}.zip
2071 + go generate ./loaders
2072 + go generate ./graph
2077 diff --git a/pkgs/applications/version-management/sourcehut/git.nix b/pkgs/applications/version-management/sourcehut/git.nix
2078 index 318bee4cf51..a721da0ecd3 100644
2079 --- a/pkgs/applications/version-management/sourcehut/git.nix
2080 +++ b/pkgs/applications/version-management/sourcehut/git.nix
2083 , fetchFromSourcehut
2084 -, buildPythonPackage
2086 +, buildPythonPackage
2094 - version = "0.77.3";
2095 + version = "0.78.18";
2097 src = fetchFromSourcehut {
2098 owner = "~sircmpwn";
2101 - sha256 = "sha256-eJvXCcmdiUzTK0EqNJkLEZsAfr6toD/378HObnMbOWM=";
2102 + sha256 = "sha256-pGWphdFKaOIBIKWMxfNAFqXZQx/qHcrwb5Ylj9uag7s=";
2105 - buildShell = src: buildGoModule {
2106 + gitApi = buildGoModule ({
2107 inherit src version;
2108 - pname = "gitsrht-shell";
2109 - vendorSha256 = "sha256-aqUFICp0C2reqb2p6JCPAUIRsxzSv0t9BHoNWrTYfqk=";
2111 + pname = "gitsrht-api";
2113 + vendorSha256 = "sha256-0YI20liP0X1McfiSUy29zJk2UqqAPBIfIfPLoJOE1uI=";
2114 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
2116 - buildDispatcher = src: buildGoModule {
2117 + gitDispatch = buildGoModule {
2118 inherit src version;
2119 - pname = "gitsrht-dispatcher";
2120 + pname = "gitsrht-dispatch";
2121 + modRoot = "gitsrht-dispatch";
2122 vendorSha256 = "sha256-qWXPHo86s6iuRBhRMtmD5jxnAWKdrWHtA/iSUkdw89M=";
2125 - buildKeys = src: buildGoModule {
2126 + gitKeys = buildGoModule {
2127 inherit src version;
2128 pname = "gitsrht-keys";
2129 + modRoot = "gitsrht-keys";
2130 vendorSha256 = "sha256-9pojS69HCKVHUceyOpGtv9ewcxFD4WsOVsEzkmWJkF4=";
2133 - buildUpdateHook = src: buildGoModule {
2134 + gitShell = buildGoModule {
2135 inherit src version;
2136 - pname = "gitsrht-update-hook";
2137 - vendorSha256 = "sha256-sBlG7EFqdDm7CkAHVX50Mf4N3sl1rPNmWExG/bfbfGA=";
2138 + pname = "gitsrht-shell";
2139 + modRoot = "gitsrht-shell";
2140 + vendorSha256 = "sha256-WqfvSPuVsOHA//86u33atMfeA11+DJhjLmWy8Ivq0NI=";
2143 - updateHook = buildUpdateHook "${src}/gitsrht-update-hook";
2144 + gitUpdateHook = buildGoModule {
2145 + inherit src version;
2146 + pname = "gitsrht-update-hook";
2147 + modRoot = "gitsrht-update-hook";
2148 + vendorSha256 = "sha256-Bc3yPabS2S+qiroHFKrtkII/CfzBDYQ6xWxKHAME+Tc=";
2152 buildPythonPackage rec {
2153 inherit src version;
2157 - # Revert change breaking Unix socket support for Redis
2158 - patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch
2161 + substituteInPlace Makefile \
2162 + --replace "all: api gitsrht-dispatch gitsrht-keys gitsrht-shell gitsrht-update-hook" ""
2165 nativeBuildInputs = srht.nativeBuildInputs;
2167 @@ -68,14 +78,12 @@ buildPythonPackage rec {
2171 - cp ${buildShell "${src}/gitsrht-shell"}/bin/gitsrht-shell $out/bin/gitsrht-shell
2172 - cp ${buildDispatcher "${src}/gitsrht-dispatch"}/bin/gitsrht-dispatch $out/bin/gitsrht-dispatch
2173 - cp ${buildKeys "${src}/gitsrht-keys"}/bin/gitsrht-keys $out/bin/gitsrht-keys
2174 - cp ${updateHook}/bin/gitsrht-update-hook $out/bin/gitsrht-update-hook
2175 + ln -s ${gitApi}/bin/api $out/bin/gitsrht-api
2176 + ln -s ${gitDispatch}/bin/gitsrht-dispatch $out/bin/gitsrht-dispatch
2177 + ln -s ${gitKeys}/bin/gitsrht-keys $out/bin/gitsrht-keys
2178 + ln -s ${gitShell}/bin/gitsrht-shell $out/bin/gitsrht-shell
2179 + ln -s ${gitUpdateHook}/bin/gitsrht-update-hook $out/bin/gitsrht-update-hook
2182 - inherit updateHook;
2185 pythonImportsCheck = [ "gitsrht" ];
2187 diff --git a/pkgs/applications/version-management/sourcehut/hg.nix b/pkgs/applications/version-management/sourcehut/hg.nix
2188 index f3e778b2f31..2aa4cc2c505 100644
2189 --- a/pkgs/applications/version-management/sourcehut/hg.nix
2190 +++ b/pkgs/applications/version-management/sourcehut/hg.nix
2195 , buildPythonPackage
2204 buildPythonPackage rec {
2206 - version = "0.29.4";
2207 + version = "0.31.2";
2210 url = "https://hg.sr.ht/~sircmpwn/hg.sr.ht";
2212 - sha256 = "Jn9M/R5tJK/GeJDWGo3LWCK2nwsfI9zh+/yo2M+X6Sk=";
2213 + sha256 = "F0dBykSSrlis+mumULLxvKNxD75DWR9+IDTYbmhkMDI=";
2216 + substituteInPlace Makefile \
2217 + --replace "all: api hgsrht-keys" ""
2220 + hgsrht-api = buildGoModule ({
2221 + inherit src version;
2222 + pname = "hgsrht-api";
2224 + vendorSha256 = "sha256-W7A22qSIgJgcfS7xYNrmbYKaZBXbDtPilM9I6DxmTeU=";
2225 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
2227 + hgsrht-keys = buildGoModule {
2228 + inherit src version;
2229 + pname = "hgsrht-keys";
2230 + modRoot = "hgsrht-keys";
2231 + vendorSha256 = "sha256-7ti8xCjSrxsslF7/1X/GY4FDl+69hPL4UwCDfjxmJLU=";
2234 nativeBuildInputs = srht.nativeBuildInputs;
2235 @@ -32,6 +52,11 @@ buildPythonPackage rec {
2236 export SRHT_PATH=${srht}/${python.sitePackages}/srht
2240 + ln -s ${hgsrht-api}/bin/api $out/bin/hgsrht-api
2241 + ln -s ${hgsrht-keys}/bin/hgsrht-keys $out/bin/hgsrht-keys
2244 pythonImportsCheck = [ "hgsrht" ];
2247 diff --git a/pkgs/applications/version-management/sourcehut/hub.nix b/pkgs/applications/version-management/sourcehut/hub.nix
2248 index 511ec359fc4..75d9efe5bd9 100644
2249 --- a/pkgs/applications/version-management/sourcehut/hub.nix
2250 +++ b/pkgs/applications/version-management/sourcehut/hub.nix
2253 buildPythonPackage rec {
2255 - version = "0.14.4";
2256 + version = "0.14.14";
2258 src = fetchFromSourcehut {
2259 owner = "~sircmpwn";
2262 - sha256 = "sha256-7HF+jykWGqzPWA0YtJZQZU7pnID1yexcqLkEf2HpnSs=";
2263 + sha256 = "sha256-4n6oQ+AAvdJY/5KflxAp62chjyrlSUkmt319DKZk33w=";
2266 nativeBuildInputs = srht.nativeBuildInputs;
2267 diff --git a/pkgs/applications/version-management/sourcehut/lists.nix b/pkgs/applications/version-management/sourcehut/lists.nix
2268 index 3ba6375a913..b9a00ffd213 100644
2269 --- a/pkgs/applications/version-management/sourcehut/lists.nix
2270 +++ b/pkgs/applications/version-management/sourcehut/lists.nix
2273 , fetchFromSourcehut
2275 , buildPythonPackage
2285 buildPythonPackage rec {
2286 pname = "listssrht";
2287 - version = "0.51.7";
2288 + version = "0.51.10";
2290 src = fetchFromSourcehut {
2291 owner = "~sircmpwn";
2292 repo = "lists.sr.ht";
2294 - sha256 = "sha256-oNY5A98oVoL2JKO0fU/8YVl8u7ywmHb/RHD8A6z9yIM=";
2295 + sha256 = "sha256-f8KvMctDva31W5c6uAIDDZ0eUrRL5ha10ew2pLEnJtw=";
2299 - # Revert change breaking Unix socket support for Redis
2300 - patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch
2302 + listssrht-api = buildGoModule ({
2303 + inherit src version;
2304 + pname = "listssrht-api";
2306 + vendorSha256 = "sha256-xnmMkRSokbhWD+kz0XQ9AinYdm6/50FRBISURPvlzD0=";
2307 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
2310 + substituteInPlace Makefile \
2311 + --replace "all: api" ""
2314 nativeBuildInputs = srht.nativeBuildInputs;
2316 @@ -42,6 +51,10 @@ buildPythonPackage rec {
2317 export SRHT_PATH=${srht}/${python.sitePackages}/srht
2321 + ln -s ${listssrht-api}/bin/api $out/bin/listssrht-api
2324 pythonImportsCheck = [ "listssrht" ];
2327 diff --git a/pkgs/applications/version-management/sourcehut/man.nix b/pkgs/applications/version-management/sourcehut/man.nix
2328 index 8d43f297a4f..ccee76defde 100644
2329 --- a/pkgs/applications/version-management/sourcehut/man.nix
2330 +++ b/pkgs/applications/version-management/sourcehut/man.nix
2333 buildPythonPackage rec {
2335 - version = "0.15.23";
2336 + version = "0.15.25";
2338 src = fetchFromSourcehut {
2339 owner = "~sircmpwn";
2342 - sha256 = "sha256-xrBptXdwMee+YkPup/BYL/iXBhCzSUQ5htSHIw/1Ncc=";
2343 + sha256 = "sha256-Mq3IHsqSkFHVdmy3g0E+9oLnKORthgv3lqvWyrKMIuU=";
2346 nativeBuildInputs = srht.nativeBuildInputs;
2347 diff --git a/pkgs/applications/version-management/sourcehut/meta.nix b/pkgs/applications/version-management/sourcehut/meta.nix
2348 index ab19cc88d25..896279addd3 100644
2349 --- a/pkgs/applications/version-management/sourcehut/meta.nix
2350 +++ b/pkgs/applications/version-management/sourcehut/meta.nix
2358 - version = "0.57.5";
2359 + version = "0.58.8";
2361 src = fetchFromSourcehut {
2362 owner = "~sircmpwn";
2363 repo = "meta.sr.ht";
2365 - sha256 = "sha256-qsCwZaCiqvY445U053OCWD98jlIUi9NB2jWVP2oW3Vk=";
2366 + sha256 = "sha256-lnEt5UoQBd5qlkD+nE6KL5DP4jf1FrAjgA06/mgRxTs=";
2369 - buildApi = src: buildGoModule {
2370 + metasrht-api = buildGoModule ({
2371 inherit src version;
2372 pname = "metasrht-api";
2373 - vendorSha256 = "sha256-8Ubrr9qRlgW2wsLHrPHwulSWLz+gp4VPcTvOZpg8TYM=";
2376 + vendorSha256 = "sha256-3s9PYUy4qS06zyTIRDvnAmhfrjVLBa/03Nu3tMcIReI=";
2377 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
2380 buildPythonPackage rec {
2382 inherit version src;
2385 - # Revert change breaking Unix socket support for Redis
2386 - patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch
2389 + substituteInPlace Makefile \
2390 + --replace "all: api" ""
2393 nativeBuildInputs = srht.nativeBuildInputs;
2395 @@ -68,7 +70,7 @@ buildPythonPackage rec {
2399 - cp ${buildApi "${src}/api/"}/bin/api $out/bin/metasrht-api
2400 + ln -s ${metasrht-api}/bin/api $out/bin/metasrht-api
2403 pythonImportsCheck = [ "metasrht" ];
2404 diff --git a/pkgs/applications/version-management/sourcehut/pages.nix b/pkgs/applications/version-management/sourcehut/pages.nix
2405 index b6a18b5bda7..faa6dbb4d49 100644
2406 --- a/pkgs/applications/version-management/sourcehut/pages.nix
2407 +++ b/pkgs/applications/version-management/sourcehut/pages.nix
2410 , fetchFromSourcehut
2415 -buildGoModule rec {
2416 +buildGoModule (rec {
2417 pname = "pagessrht";
2418 - version = "0.6.2";
2419 + version = "0.7.3";
2421 src = fetchFromSourcehut {
2422 owner = "~sircmpwn";
2423 repo = "pages.sr.ht";
2425 - sha256 = "sha256-ob0+t9V2o8lhVC6fXbi1rNm0Mnbs+GoyAmhBqVZ13PA=";
2426 + sha256 = "sha256-fHhf4VQ82/k4g8pzyuN9Pr2f8mxT8zw+2Nq0nw1Msks=";
2429 - vendorSha256 = "sha256-b0sHSH0jkKoIVq045N96wszuLJDegkkj0v50nuDFleU=";
2430 + vendorSha256 = "sha256-/+XVl6PZUMOZIiuO6vEu0dacefz2hDSObaP8JsItSTw=";
2433 mkdir -p $out/share/sql/
2434 @@ -27,4 +28,6 @@ buildGoModule rec {
2435 license = licenses.agpl3Only;
2436 maintainers = with maintainers; [ eadwu ];
2439 + # There is no ./loaders but this does not cause troubles
2441 +} // import ./fix-gqlgen-trimpath.nix {inherit unzip;})
2442 diff --git a/pkgs/applications/version-management/sourcehut/paste.nix b/pkgs/applications/version-management/sourcehut/paste.nix
2443 index c411f8e8c95..fbbc5fcd6a9 100644
2444 --- a/pkgs/applications/version-management/sourcehut/paste.nix
2445 +++ b/pkgs/applications/version-management/sourcehut/paste.nix
2448 buildPythonPackage rec {
2449 pname = "pastesrht";
2450 - version = "0.13.6";
2451 + version = "0.13.7";
2453 src = fetchFromSourcehut {
2454 owner = "~sircmpwn";
2455 repo = "paste.sr.ht";
2457 - sha256 = "sha256-Khcqk86iD9nxiKXN3+8mSLNoDau2qXNFOrLdkVu+rH8=";
2458 + sha256 = "sha256-EzcS6Zbh+wJinC/GKJOSWUPORODpKEA3tLpLGqoVGBU=";
2461 nativeBuildInputs = srht.nativeBuildInputs;
2462 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch
2463 deleted file mode 100644
2464 index ae8e95ddc0c..00000000000
2465 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch
2468 -From 069b03f85847ed4a9223183b62ee53f420838911 Mon Sep 17 00:00:00 2001
2469 -From: Julien Moutinho <julm+srht@sourcephile.fr>
2470 -Date: Thu, 16 Dec 2021 04:54:24 +0100
2471 -Subject: [PATCH builds.sr.ht] Revert "Add build submission and queue
2474 -This reverts commit 690f1aa16c77e418dc40109cd5e8fdf4a7ed947a.
2476 -This has broken Unix socket support for Redis
2477 -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E
2479 - buildsrht/app.py | 3 ---
2480 - buildsrht/runner.py | 9 +--------
2481 - 2 files changed, 1 insertion(+), 11 deletions(-)
2483 -diff --git a/buildsrht/app.py b/buildsrht/app.py
2484 -index e5321a2..7c9977c 100644
2485 ---- a/buildsrht/app.py
2486 -+++ b/buildsrht/app.py
2487 -@@ -36,9 +36,6 @@ class BuildApp(SrhtFlask):
2488 - self.register_blueprint(secrets)
2489 - self.register_blueprint(gql_blueprint)
2491 -- from buildsrht.runner import builds_queue_metrics_collector
2492 -- self.metrics_registry.register(builds_queue_metrics_collector)
2494 - @self.context_processor
2497 -diff --git a/buildsrht/runner.py b/buildsrht/runner.py
2498 -index 7773452..0389c8e 100644
2499 ---- a/buildsrht/runner.py
2500 -+++ b/buildsrht/runner.py
2501 -@@ -5,13 +5,10 @@ from srht.config import cfg
2502 - from srht.database import db
2503 - from srht.email import send_email
2504 - from srht.oauth import UserType
2505 --from srht.metrics import RedisQueueCollector
2506 --from prometheus_client import Counter
2508 - allow_free = cfg("builds.sr.ht", "allow-free", default="no") == "yes"
2510 --builds_broker = cfg("builds.sr.ht", "redis")
2511 --runner = Celery('builds', broker=builds_broker, config_source={
2512 -+runner = Celery('builds', broker=cfg("builds.sr.ht", "redis"), config_source={
2513 - "CELERY_TASK_SERIALIZER": "json",
2514 - "CELERY_ACCEPT_CONTENT": ["json"],
2515 - "CELERY_RESULT_SERIALIZER": "json",
2516 -@@ -19,9 +16,6 @@ runner = Celery('builds', broker=builds_broker, config_source={
2517 - "CELERY_TASK_PROTOCOL": 1
2520 --builds_queue_metrics_collector = RedisQueueCollector(builds_broker, "buildsrht_builds", "Number of builds currently in queue")
2521 --builds_submitted = Counter("buildsrht_builds_submited", "Number of builds submitted")
2523 - def queue_build(job, manifest):
2524 - from buildsrht.types import JobStatus
2525 - job.status = JobStatus.queued
2526 -@@ -34,7 +28,6 @@ def queue_build(job, manifest):
2527 - cfg("sr.ht", "owner-email"),
2528 - "Cryptocurrency mining attempt on builds.sr.ht")
2530 -- builds_submitted.inc()
2531 - run_build.delay(job.id, manifest.to_dict())
2533 - def requires_payment(user):
2537 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch
2538 new file mode 100644
2539 index 00000000000..889331f3e07
2541 +++ b/pkgs/applications/version-management/sourcehut/patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch
2543 +From 76dd636151735671be74ba9d55f773e190e22827 Mon Sep 17 00:00:00 2001
2544 +From: Julien Moutinho <julm+srht@sourcephile.fr>
2545 +Date: Fri, 13 May 2022 22:40:46 +0200
2546 +Subject: [PATCH core.sr.ht] Fix Unix socket support in RedisQueueCollector
2548 +The broker URL is not necessarily in the format expected by Redis.from_url
2550 +Especially, Redis.from_url supports this format for Unix sockets:
2551 + unix:///run/redis-sourcehut-metasrht/redis.sock?db=0
2552 +See https://redis-py.readthedocs.io/en/stable/#redis.ConnectionPool.from_url
2554 +Whereas Celery+Kombu support Redis but also other transports
2555 +and thus expect another scheme:
2556 + redis+socket:///run/redis-sourcehut-metasrht/redis.sock?virtual_host=1
2557 +See https://docs.celeryproject.org/en/stable/userguide/configuration.html#redis-backend-settings
2558 +and https://github.com/celery/celery/blob/e5d99801e4b56a02af4a2e183879c767228d2817/celery/backends/redis.py#L299-L352
2559 +and https://github.com/celery/kombu/blob/master/kombu/utils/url.py
2561 + srht/metrics.py | 3 ++-
2562 + 1 file changed, 2 insertions(+), 1 deletion(-)
2564 +diff --git a/srht/metrics.py b/srht/metrics.py
2565 +index 68caf8e..2df5777 100644
2566 +--- a/srht/metrics.py
2567 ++++ b/srht/metrics.py
2570 ++from celery import Celery
2571 + from prometheus_client.metrics_core import GaugeMetricFamily
2572 + from redis import Redis, ResponseError
2575 + class RedisQueueCollector:
2576 + def __init__(self, broker, name, documentation, queue_name="celery"):
2577 +- self.redis = Redis.from_url(broker)
2578 ++ self.redis = Celery("collector", broker=broker).connection_for_read().channel().client
2579 + self.queue_name = queue_name
2581 + self.documentation = documentation
2585 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch
2586 deleted file mode 100644
2587 index 4c526dd23e1..00000000000
2588 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch
2591 -From 5ccb5386304c26f25b0a9eb10ce9edb6da32f91a Mon Sep 17 00:00:00 2001
2592 -From: Julien Moutinho <julm+srht@sourcephile.fr>
2593 -Date: Sat, 12 Feb 2022 00:11:59 +0100
2594 -Subject: [PATCH git.sr.ht] Revert "Add webhook queue monitoring"
2596 -This reverts commit 7ea630b776947ab82438d0ffa263b0f9d33ebff3.
2598 -Which has broken Unix socket support for Redis.
2599 -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E
2601 - gitsrht/app.py | 3 ---
2602 - gitsrht/webhooks.py | 5 +----
2603 - 2 files changed, 1 insertion(+), 7 deletions(-)
2605 -diff --git a/gitsrht/app.py b/gitsrht/app.py
2606 -index e9ccb56..4928851 100644
2607 ---- a/gitsrht/app.py
2608 -+++ b/gitsrht/app.py
2609 -@@ -48,9 +48,6 @@ class GitApp(ScmSrhtFlask):
2610 - self.add_template_filter(url_quote)
2611 - self.add_template_filter(commit_links)
2613 -- from gitsrht.webhooks import webhook_metrics_collector
2614 -- self.metrics_registry.register(webhook_metrics_collector)
2616 - @self.context_processor
2618 - notice = session.get("notice")
2619 -diff --git a/gitsrht/webhooks.py b/gitsrht/webhooks.py
2620 -index 8a203fe..6240d50 100644
2621 ---- a/gitsrht/webhooks.py
2622 -+++ b/gitsrht/webhooks.py
2623 -@@ -7,13 +7,10 @@ if not hasattr(db, "session"):
2625 - from srht.webhook import Event
2626 - from srht.webhook.celery import CeleryWebhook, make_worker
2627 --from srht.metrics import RedisQueueCollector
2628 - from scmsrht.webhooks import UserWebhook
2629 - import sqlalchemy as sa
2631 --webhook_broker = cfg("git.sr.ht", "webhooks")
2632 --worker = make_worker(broker=webhook_broker)
2633 --webhook_metrics_collector = RedisQueueCollector(webhook_broker, "srht_webhooks", "Webhook queue length")
2634 -+worker = make_worker(broker=cfg("git.sr.ht", "webhooks"))
2636 - class RepoWebhook(CeleryWebhook):
2641 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch
2642 deleted file mode 100644
2643 index 872d285b9bb..00000000000
2644 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch
2647 -From 730e090f31b150d42be4b4722751f8e4610835b0 Mon Sep 17 00:00:00 2001
2648 -From: Julien Moutinho <julm+srht@sourcephile.fr>
2649 -Date: Sat, 12 Feb 2022 00:38:12 +0100
2650 -Subject: [PATCH lists.sr.ht] Revert "Add webhook queue monitoring"
2652 -This reverts commit e74e344808e8d523a9786cefcbf64c9a247d7a0e.
2654 -Which has broken Unix socket support for Redis.
2655 -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E
2657 - listssrht/app.py | 3 ---
2658 - listssrht/webhooks.py | 5 +----
2659 - 2 files changed, 1 insertion(+), 7 deletions(-)
2661 -diff --git a/listssrht/app.py b/listssrht/app.py
2662 -index aec59f3..83a355d 100644
2663 ---- a/listssrht/app.py
2664 -+++ b/listssrht/app.py
2665 -@@ -29,9 +29,6 @@ class ListsApp(SrhtFlask):
2666 - self.register_blueprint(user)
2667 - self.register_blueprint(gql_blueprint)
2669 -- from listssrht.webhooks import webhook_metrics_collector
2670 -- self.metrics_registry.register(webhook_metrics_collector)
2672 - @self.context_processor
2674 - from listssrht.types import ListAccess
2675 -diff --git a/listssrht/webhooks.py b/listssrht/webhooks.py
2676 -index ae5b1cb..86421ba 100644
2677 ---- a/listssrht/webhooks.py
2678 -+++ b/listssrht/webhooks.py
2679 -@@ -8,11 +8,8 @@ if not hasattr(db, "session"):
2681 - from srht.webhook import Event
2682 - from srht.webhook.celery import CeleryWebhook, make_worker
2683 --from srht.metrics import RedisQueueCollector
2685 --webhook_broker = cfg("lists.sr.ht", "webhooks")
2686 --worker = make_worker(broker=webhook_broker)
2687 --webhook_metrics_collector = RedisQueueCollector(webhook_broker, "srht_webhooks", "Webhook queue length")
2688 -+worker = make_worker(broker=cfg("lists.sr.ht", "webhooks"))
2690 - class ListWebhook(CeleryWebhook):
2695 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch
2696 deleted file mode 100644
2697 index 9ec37670b06..00000000000
2698 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch
2701 -From d88bee195797c6c294320617ff14798da94cd0f3 Mon Sep 17 00:00:00 2001
2702 -From: Julien Moutinho <julm+srht@sourcephile.fr>
2703 -Date: Thu, 16 Dec 2021 04:52:08 +0100
2704 -Subject: [PATCH meta.sr.ht] Revert "Add webhook queue monitoring"
2706 -This reverts commit 9931df3c23094af5179df9ef019ca732b8125dac.
2708 -This has broken Unix socket support for Redis.
2709 -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E
2711 - metasrht/app.py | 3 ---
2712 - metasrht/webhooks.py | 5 +----
2713 - 2 files changed, 1 insertion(+), 7 deletions(-)
2715 -diff --git a/metasrht/app.py b/metasrht/app.py
2716 -index b190875..89c59bc 100644
2717 ---- a/metasrht/app.py
2718 -+++ b/metasrht/app.py
2719 -@@ -49,9 +49,6 @@ class MetaApp(SrhtFlask):
2720 - from metasrht.blueprints.billing import billing
2721 - self.register_blueprint(billing)
2723 -- from metasrht.webhooks import webhook_metrics_collector
2724 -- self.metrics_registry.register(webhook_metrics_collector)
2726 - @self.context_processor
2729 -diff --git a/metasrht/webhooks.py b/metasrht/webhooks.py
2730 -index 3e1149e..3f0ba01 100644
2731 ---- a/metasrht/webhooks.py
2732 -+++ b/metasrht/webhooks.py
2733 -@@ -7,11 +7,8 @@ if not hasattr(db, "session"):
2735 - from srht.webhook import Event
2736 - from srht.webhook.celery import CeleryWebhook, make_worker
2737 --from srht.metrics import RedisQueueCollector
2739 --webhook_broker = cfg("meta.sr.ht", "webhooks", "redis://")
2740 --worker = make_worker(broker=webhook_broker)
2741 --webhook_metrics_collector = RedisQueueCollector(webhook_broker, "srht_webhooks", "Webhook queue length")
2742 -+worker = make_worker(broker=cfg("meta.sr.ht", "webhooks", "redis://"))
2744 - class UserWebhook(CeleryWebhook):
2749 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch
2750 deleted file mode 100644
2751 index 861608c1184..00000000000
2752 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch
2755 -From 42a27ea60d8454552d54e1f51f1b976d1067fc32 Mon Sep 17 00:00:00 2001
2756 -From: Julien Moutinho <julm+srht@sourcephile.fr>
2757 -Date: Sat, 12 Feb 2022 00:30:29 +0100
2758 -Subject: [PATCH todo.sr.ht] Revert "Add webhook queue monitoring"
2760 -This reverts commit 320a5e8f7cd16ca43928c36f0320593f84d986fa.
2762 -Which has broken Unix socket support for Redis.
2763 -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E
2765 - todosrht/flask.py | 3 ---
2766 - todosrht/webhooks.py | 6 +-----
2767 - 2 files changed, 1 insertion(+), 8 deletions(-)
2769 -diff --git a/todosrht/flask.py b/todosrht/flask.py
2770 -index 5e8ac66..9d0fd27 100644
2771 ---- a/todosrht/flask.py
2772 -+++ b/todosrht/flask.py
2773 -@@ -43,9 +43,6 @@ class TodoApp(SrhtFlask):
2774 - self.add_template_filter(urls.tracker_url)
2775 - self.add_template_filter(urls.user_url)
2777 -- from todosrht.webhooks import webhook_metrics_collector
2778 -- self.metrics_registry.register(webhook_metrics_collector)
2780 - @self.context_processor
2783 -diff --git a/todosrht/webhooks.py b/todosrht/webhooks.py
2784 -index eb8e08a..950047f 100644
2785 ---- a/todosrht/webhooks.py
2786 -+++ b/todosrht/webhooks.py
2787 -@@ -7,13 +7,9 @@ if not hasattr(db, "session"):
2789 - from srht.webhook import Event
2790 - from srht.webhook.celery import CeleryWebhook, make_worker
2791 --from srht.metrics import RedisQueueCollector
2792 - import sqlalchemy as sa
2795 --webhooks_broker = cfg("todo.sr.ht", "webhooks")
2796 --worker = make_worker(broker=webhooks_broker)
2797 --webhook_metrics_collector = RedisQueueCollector(webhooks_broker, "srht_webhooks", "Webhook queue length")
2798 -+worker = make_worker(broker=cfg("todo.sr.ht", "webhooks"))
2800 - import todosrht.tracker_import
2805 diff --git a/pkgs/applications/version-management/sourcehut/scm.nix b/pkgs/applications/version-management/sourcehut/scm.nix
2806 index 10da3018843..49eea05a7a7 100644
2807 --- a/pkgs/applications/version-management/sourcehut/scm.nix
2808 +++ b/pkgs/applications/version-management/sourcehut/scm.nix
2811 buildPythonPackage rec {
2813 - version = "0.22.19"; # Untagged version
2814 + version = "0.22.22";
2816 src = fetchFromSourcehut {
2817 owner = "~sircmpwn";
2820 - sha256 = "sha256-/QryPjWJ2S0Ov9DTdrwbM81HYucHiYcLh0oKacflywI=";
2821 + sha256 = "sha256-iSzzyI8HZOpOb4dyt520MV/wds14fNag2+UOF09KS7w=";
2824 nativeBuildInputs = srht.nativeBuildInputs;
2825 diff --git a/pkgs/applications/version-management/sourcehut/todo.nix b/pkgs/applications/version-management/sourcehut/todo.nix
2826 index 1446e68fa69..67367b71ff9 100644
2827 --- a/pkgs/applications/version-management/sourcehut/todo.nix
2828 +++ b/pkgs/applications/version-management/sourcehut/todo.nix
2831 , fetchFromSourcehut
2833 , buildPythonPackage
2843 buildPythonPackage rec {
2845 - version = "0.67.2";
2846 + version = "0.71.2";
2848 src = fetchFromSourcehut {
2849 owner = "~sircmpwn";
2850 repo = "todo.sr.ht";
2852 - sha256 = "sha256-/QHsMlhzyah85ubZyx8j4GDUoITuWcLDJKosbZGeOZU=";
2853 + sha256 = "sha256-m7FY+jXpwPnK1+b1iQiDGe8JPfAFQp65BzGH6WvNwhM=";
2857 - # Revert change breaking Unix socket support for Redis
2858 - patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch
2861 + substituteInPlace Makefile \
2862 + --replace "all: api" ""
2865 + todosrht-api = buildGoModule ({
2866 + inherit src version;
2867 + pname = "todosrht-api";
2869 + vendorSha256 = "sha256-ttGT7lUh8O+9KvbaEGWUsthefXQ2ATeli0tnlXCjZFk=";
2870 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
2872 nativeBuildInputs = srht.nativeBuildInputs;
2874 @@ -40,6 +49,10 @@ buildPythonPackage rec {
2875 export SRHT_PATH=${srht}/${python.sitePackages}/srht
2879 + ln -s ${todosrht-api}/bin/api $out/bin/todosrht-api