]> Git — Sourcephile - sourcephile-nix.git/blob - nixpkgs/patches/sourcehut.diff
nftables: wg-intra: cleanup
[sourcephile-nix.git] / nixpkgs / patches / sourcehut.diff
1 diff --git a/nixos/modules/services/misc/sourcehut/builds.nix b/nixos/modules/services/misc/sourcehut/builds.nix
2 deleted file mode 100644
3 index 685a132d350..00000000000
4 --- a/nixos/modules/services/misc/sourcehut/builds.nix
5 +++ /dev/null
6 @@ -1,236 +0,0 @@
7 -{ config, lib, options, pkgs, ... }:
8 -
9 -with lib;
10 -let
11 - cfg = config.services.sourcehut;
12 - opt = options.services.sourcehut;
13 - scfg = cfg.builds;
14 - rcfg = config.services.redis;
15 - iniKey = "builds.sr.ht";
16 -
17 - drv = pkgs.sourcehut.buildsrht;
18 -in
19 -{
20 - options.services.sourcehut.builds = {
21 - user = mkOption {
22 - type = types.str;
23 - default = "buildsrht";
24 - description = ''
25 - User for builds.sr.ht.
26 - '';
27 - };
28 -
29 - port = mkOption {
30 - type = types.port;
31 - default = 5002;
32 - description = ''
33 - Port on which the "builds" module should listen.
34 - '';
35 - };
36 -
37 - database = mkOption {
38 - type = types.str;
39 - default = "builds.sr.ht";
40 - description = ''
41 - PostgreSQL database name for builds.sr.ht.
42 - '';
43 - };
44 -
45 - statePath = mkOption {
46 - type = types.path;
47 - default = "${cfg.statePath}/buildsrht";
48 - defaultText = literalExpression ''"''${config.${opt.statePath}}/buildsrht"'';
49 - description = ''
50 - State path for builds.sr.ht.
51 - '';
52 - };
53 -
54 - enableWorker = mkOption {
55 - type = types.bool;
56 - default = false;
57 - description = ''
58 - Run workers for builds.sr.ht.
59 - '';
60 - };
61 -
62 - images = mkOption {
63 - type = types.attrsOf (types.attrsOf (types.attrsOf types.package));
64 - default = { };
65 - example = lib.literalExpression ''(let
66 - # Pinning unstable to allow usage with flakes and limit rebuilds.
67 - pkgs_unstable = builtins.fetchGit {
68 - url = "https://github.com/NixOS/nixpkgs";
69 - rev = "ff96a0fa5635770390b184ae74debea75c3fd534";
70 - ref = "nixos-unstable";
71 - };
72 - image_from_nixpkgs = pkgs_unstable: (import ("''${pkgs.sourcehut.buildsrht}/lib/images/nixos/image.nix") {
73 - pkgs = (import pkgs_unstable {});
74 - });
75 - in
76 - {
77 - nixos.unstable.x86_64 = image_from_nixpkgs pkgs_unstable;
78 - }
79 - )'';
80 - description = ''
81 - Images for builds.sr.ht. Each package should be distro.release.arch and point to a /nix/store/package/root.img.qcow2.
82 - '';
83 - };
84 -
85 - };
86 -
87 - config = with scfg; let
88 - image_dirs = lib.lists.flatten (
89 - lib.attrsets.mapAttrsToList
90 - (distro: revs:
91 - lib.attrsets.mapAttrsToList
92 - (rev: archs:
93 - lib.attrsets.mapAttrsToList
94 - (arch: image:
95 - pkgs.runCommand "buildsrht-images" { } ''
96 - mkdir -p $out/${distro}/${rev}/${arch}
97 - ln -s ${image}/*.qcow2 $out/${distro}/${rev}/${arch}/root.img.qcow2
98 - '')
99 - archs)
100 - revs)
101 - scfg.images);
102 - image_dir_pre = pkgs.symlinkJoin {
103 - name = "builds.sr.ht-worker-images-pre";
104 - paths = image_dirs ++ [
105 - "${pkgs.sourcehut.buildsrht}/lib/images"
106 - ];
107 - };
108 - image_dir = pkgs.runCommand "builds.sr.ht-worker-images" { } ''
109 - mkdir -p $out/images
110 - cp -Lr ${image_dir_pre}/* $out/images
111 - '';
112 - in
113 - lib.mkIf (cfg.enable && elem "builds" cfg.services) {
114 - users = {
115 - users = {
116 - "${user}" = {
117 - isSystemUser = true;
118 - group = user;
119 - extraGroups = lib.optionals cfg.builds.enableWorker [ "docker" ];
120 - description = "builds.sr.ht user";
121 - };
122 - };
123 -
124 - groups = {
125 - "${user}" = { };
126 - };
127 - };
128 -
129 - services.postgresql = {
130 - authentication = ''
131 - local ${database} ${user} trust
132 - '';
133 - ensureDatabases = [ database ];
134 - ensureUsers = [
135 - {
136 - name = user;
137 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
138 - }
139 - ];
140 - };
141 -
142 - systemd = {
143 - tmpfiles.rules = [
144 - "d ${statePath} 0755 ${user} ${user} -"
145 - ] ++ (lib.optionals cfg.builds.enableWorker
146 - [ "d ${statePath}/logs 0775 ${user} ${user} - -" ]
147 - );
148 -
149 - services = {
150 - buildsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey
151 - {
152 - after = [ "postgresql.service" "network.target" ];
153 - requires = [ "postgresql.service" ];
154 - wantedBy = [ "multi-user.target" ];
155 -
156 - description = "builds.sr.ht website service";
157 -
158 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
159 -
160 - # Hack to bypass this hack: https://git.sr.ht/~sircmpwn/core.sr.ht/tree/master/item/srht-update-profiles#L6
161 - } // { preStart = " "; };
162 -
163 - buildsrht-worker = {
164 - enable = scfg.enableWorker;
165 - after = [ "postgresql.service" "network.target" ];
166 - requires = [ "postgresql.service" ];
167 - wantedBy = [ "multi-user.target" ];
168 - partOf = [ "buildsrht.service" ];
169 - description = "builds.sr.ht worker service";
170 - path = [ pkgs.openssh pkgs.docker ];
171 - preStart = let qemuPackage = pkgs.qemu_kvm;
172 - in ''
173 - if [[ "$(docker images -q qemu:latest 2> /dev/null)" == "" || "$(cat ${statePath}/docker-image-qemu 2> /dev/null || true)" != "${qemuPackage.version}" ]]; then
174 - # Create and import qemu:latest image for docker
175 - ${
176 - pkgs.dockerTools.streamLayeredImage {
177 - name = "qemu";
178 - tag = "latest";
179 - contents = [ qemuPackage ];
180 - }
181 - } | docker load
182 - # Mark down current package version
183 - printf "%s" "${qemuPackage.version}" > ${statePath}/docker-image-qemu
184 - fi
185 - '';
186 - serviceConfig = {
187 - Type = "simple";
188 - User = user;
189 - Group = "nginx";
190 - Restart = "always";
191 - };
192 - serviceConfig.ExecStart = "${pkgs.sourcehut.buildsrht}/bin/builds.sr.ht-worker";
193 - };
194 - };
195 - };
196 -
197 - services.sourcehut.settings = {
198 - # URL builds.sr.ht is being served at (protocol://domain)
199 - "builds.sr.ht".origin = mkDefault "http://builds.${cfg.originBase}";
200 - # Address and port to bind the debug server to
201 - "builds.sr.ht".debug-host = mkDefault "0.0.0.0";
202 - "builds.sr.ht".debug-port = mkDefault port;
203 - # Configures the SQLAlchemy connection string for the database.
204 - "builds.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
205 - # Set to "yes" to automatically run migrations on package upgrade.
206 - "builds.sr.ht".migrate-on-upgrade = mkDefault "yes";
207 - # builds.sr.ht's OAuth client ID and secret for meta.sr.ht
208 - # Register your client at meta.example.org/oauth
209 - "builds.sr.ht".oauth-client-id = mkDefault null;
210 - "builds.sr.ht".oauth-client-secret = mkDefault null;
211 - # The redis connection used for the celery worker
212 - "builds.sr.ht".redis = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/3";
213 - # The shell used for ssh
214 - "builds.sr.ht".shell = mkDefault "runner-shell";
215 - # Register the builds.sr.ht dispatcher
216 - "git.sr.ht::dispatch".${builtins.unsafeDiscardStringContext "${pkgs.sourcehut.buildsrht}/bin/buildsrht-keys"} = mkDefault "${user}:${user}";
217 -
218 - # Location for build logs, images, and control command
219 - } // lib.attrsets.optionalAttrs scfg.enableWorker {
220 - # Default worker stores logs that are accessible via this address:port
221 - "builds.sr.ht::worker".name = mkDefault "127.0.0.1:5020";
222 - "builds.sr.ht::worker".buildlogs = mkDefault "${scfg.statePath}/logs";
223 - "builds.sr.ht::worker".images = mkDefault "${image_dir}/images";
224 - "builds.sr.ht::worker".controlcmd = mkDefault "${image_dir}/images/control";
225 - "builds.sr.ht::worker".timeout = mkDefault "3m";
226 - };
227 -
228 - services.nginx.virtualHosts."logs.${cfg.originBase}" =
229 - if scfg.enableWorker then {
230 - listen = with builtins; let address = split ":" cfg.settings."builds.sr.ht::worker".name;
231 - in [{ addr = elemAt address 0; port = lib.toInt (elemAt address 2); }];
232 - locations."/logs".root = "${scfg.statePath}";
233 - } else { };
234 -
235 - services.nginx.virtualHosts."builds.${cfg.originBase}" = {
236 - forceSSL = true;
237 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
238 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
239 - locations."/static".root = "${pkgs.sourcehut.buildsrht}/${pkgs.sourcehut.python.sitePackages}/buildsrht";
240 - };
241 - };
242 -}
243 diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix
244 index 5a6d011a729..f5e4742d902 100644
245 --- a/nixos/modules/services/misc/sourcehut/default.nix
246 +++ b/nixos/modules/services/misc/sourcehut/default.nix
247 @@ -83,7 +83,7 @@ let
248 python = pkgs.sourcehut.python.withPackages (ps: with ps; [
249 gunicorn
250 eventlet
251 - # For monitoring Celery: sudo -u listssrht celery --app listssrht.process -b redis+socket:///run/redis-sourcehut/redis.sock?virtual_host=5 flower
252 + # For monitoring Celery: sudo -u listssrht celery --app listssrht.process -b redis+socket:///run/redis-sourcehut/redis.sock?virtual_host=1 flower
253 flower
254 # Sourcehut services
255 srht
256 @@ -905,6 +905,11 @@ in
257 inherit configIniOfService;
258 srvsrht = "buildsrht";
259 port = 5002;
260 + extraServices.buildsrht-api = {
261 + serviceConfig.Restart = "always";
262 + serviceConfig.RestartSec = "2s";
263 + serviceConfig.ExecStart = "${pkgs.sourcehut.buildsrht}/bin/buildsrht-api -b ${cfg.listenAddress}:${toString (cfg.builds.port + 100)}";
264 + };
265 # TODO: a celery worker on the master and worker are apparently needed
266 extraServices.buildsrht-worker = let
267 qemuPackage = pkgs.qemu_kvm;
268 @@ -928,13 +933,13 @@ in
269 fi
270 '';
271 serviceConfig = {
272 - ExecStart = "${pkgs.sourcehut.buildsrht}/bin/builds.sr.ht-worker";
273 + ExecStart = "${pkgs.sourcehut.buildsrht}/bin/buildsrht-worker";
274 BindPaths = [ cfg.settings."builds.sr.ht::worker".buildlogs ];
275 LogsDirectory = [ "sourcehut/${serviceName}" ];
276 RuntimeDirectory = [ "sourcehut/${serviceName}/subdir" ];
277 StateDirectory = [ "sourcehut/${serviceName}" ];
278 TimeoutStartSec = "1800s";
279 - # builds.sr.ht-worker looks up ../config.ini
280 + # buildsrht-worker looks up ../config.ini
281 WorkingDirectory = "-"+"/run/sourcehut/${serviceName}/subdir";
282 };
283 };
284 @@ -952,12 +957,12 @@ in
285 ) cfg.builds.images
286 );
287 image_dir_pre = pkgs.symlinkJoin {
288 - name = "builds.sr.ht-worker-images-pre";
289 + name = "buildsrht-worker-images-pre";
290 paths = image_dirs;
291 # FIXME: not working, apparently because ubuntu/latest is a broken link
292 # ++ [ "${pkgs.sourcehut.buildsrht}/lib/images" ];
293 };
294 - image_dir = pkgs.runCommand "builds.sr.ht-worker-images" { } ''
295 + image_dir = pkgs.runCommand "buildsrht-worker-images" { } ''
296 mkdir -p $out/images
297 cp -Lr ${image_dir_pre}/* $out/images
298 '';
299 @@ -1081,6 +1086,11 @@ in
300 };
301 })
302 ];
303 + extraServices.gitsrht-api = {
304 + serviceConfig.Restart = "always";
305 + serviceConfig.RestartSec = "2s";
306 + serviceConfig.ExecStart = "${pkgs.sourcehut.gitsrht}/bin/gitsrht-api -b ${cfg.listenAddress}:${toString (cfg.git.port + 100)}";
307 + };
308 extraServices.gitsrht-fcgiwrap = mkIf cfg.nginx.enable {
309 serviceConfig = {
310 # Socket is passed by gitsrht-fcgiwrap.socket
311 @@ -1124,6 +1134,11 @@ in
312 timerConfig.OnCalendar = ["daily"];
313 timerConfig.AccuracySec = "1h";
314 };
315 + extraServices.hgsrht-api = {
316 + serviceConfig.Restart = "always";
317 + serviceConfig.RestartSec = "2s";
318 + serviceConfig.ExecStart = "${pkgs.sourcehut.hgsrht}/bin/hgsrht-api -b ${cfg.listenAddress}:${toString (cfg.hg.port + 100)}";
319 + };
320 extraConfig = mkMerge [
321 {
322 users.users.${cfg.hg.user}.shell = pkgs.bash;
323 @@ -1184,6 +1199,11 @@ in
324 inherit configIniOfService;
325 port = 5006;
326 webhooks = true;
327 + extraServices.listssrht-api = {
328 + serviceConfig.Restart = "always";
329 + serviceConfig.RestartSec = "2s";
330 + serviceConfig.ExecStart = "${pkgs.sourcehut.listssrht}/bin/listssrht-api -b ${cfg.listenAddress}:${toString (cfg.lists.port + 100)}";
331 + };
332 # Receive the mail from Postfix and enqueue them into Redis and PostgreSQL
333 extraServices.listssrht-lmtp = {
334 wants = [ "postfix.service" ];
335 @@ -1232,6 +1252,10 @@ in
336 inherit configIniOfService;
337 port = 5000;
338 webhooks = true;
339 + extraTimers.metasrht-daily.timerConfig = {
340 + OnCalendar = ["daily"];
341 + AccuracySec = "1h";
342 + };
343 extraServices.metasrht-api = {
344 serviceConfig.Restart = "always";
345 serviceConfig.RestartSec = "2s";
346 @@ -1248,10 +1272,6 @@ in
347 ) cfg.settings));
348 serviceConfig.ExecStart = "${pkgs.sourcehut.metasrht}/bin/metasrht-api -b ${cfg.listenAddress}:${toString (cfg.meta.port + 100)}";
349 };
350 - extraTimers.metasrht-daily.timerConfig = {
351 - OnCalendar = ["daily"];
352 - AccuracySec = "1h";
353 - };
354 extraConfig = mkMerge [
355 {
356 assertions = [
357 @@ -1348,6 +1368,11 @@ in
358 inherit configIniOfService;
359 port = 5003;
360 webhooks = true;
361 + extraServices.todosrht-api = {
362 + serviceConfig.Restart = "always";
363 + serviceConfig.RestartSec = "2s";
364 + serviceConfig.ExecStart = "${pkgs.sourcehut.todosrht}/bin/todosrht-api -b ${cfg.listenAddress}:${toString (cfg.todo.port + 100)}";
365 + };
366 extraServices.todosrht-lmtp = {
367 wants = [ "postfix.service" ];
368 unitConfig.JoinsNamespaceOf = optional cfg.postfix.enable "postfix.service";
369 diff --git a/nixos/modules/services/misc/sourcehut/dispatch.nix b/nixos/modules/services/misc/sourcehut/dispatch.nix
370 deleted file mode 100644
371 index 292a51d3e1c..00000000000
372 --- a/nixos/modules/services/misc/sourcehut/dispatch.nix
373 +++ /dev/null
374 @@ -1,127 +0,0 @@
375 -{ config, lib, options, pkgs, ... }:
376 -
377 -with lib;
378 -let
379 - cfg = config.services.sourcehut;
380 - opt = options.services.sourcehut;
381 - cfgIni = cfg.settings;
382 - scfg = cfg.dispatch;
383 - iniKey = "dispatch.sr.ht";
384 -
385 - drv = pkgs.sourcehut.dispatchsrht;
386 -in
387 -{
388 - options.services.sourcehut.dispatch = {
389 - user = mkOption {
390 - type = types.str;
391 - default = "dispatchsrht";
392 - description = ''
393 - User for dispatch.sr.ht.
394 - '';
395 - };
396 -
397 - port = mkOption {
398 - type = types.port;
399 - default = 5005;
400 - description = ''
401 - Port on which the "dispatch" module should listen.
402 - '';
403 - };
404 -
405 - database = mkOption {
406 - type = types.str;
407 - default = "dispatch.sr.ht";
408 - description = ''
409 - PostgreSQL database name for dispatch.sr.ht.
410 - '';
411 - };
412 -
413 - statePath = mkOption {
414 - type = types.path;
415 - default = "${cfg.statePath}/dispatchsrht";
416 - defaultText = literalExpression ''"''${config.${opt.statePath}}/dispatchsrht"'';
417 - description = ''
418 - State path for dispatch.sr.ht.
419 - '';
420 - };
421 - };
422 -
423 - config = with scfg; lib.mkIf (cfg.enable && elem "dispatch" cfg.services) {
424 -
425 - users = {
426 - users = {
427 - "${user}" = {
428 - isSystemUser = true;
429 - group = user;
430 - description = "dispatch.sr.ht user";
431 - };
432 - };
433 -
434 - groups = {
435 - "${user}" = { };
436 - };
437 - };
438 -
439 - services.postgresql = {
440 - authentication = ''
441 - local ${database} ${user} trust
442 - '';
443 - ensureDatabases = [ database ];
444 - ensureUsers = [
445 - {
446 - name = user;
447 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
448 - }
449 - ];
450 - };
451 -
452 - systemd = {
453 - tmpfiles.rules = [
454 - "d ${statePath} 0750 ${user} ${user} -"
455 - ];
456 -
457 - services.dispatchsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
458 - after = [ "postgresql.service" "network.target" ];
459 - requires = [ "postgresql.service" ];
460 - wantedBy = [ "multi-user.target" ];
461 -
462 - description = "dispatch.sr.ht website service";
463 -
464 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
465 - };
466 - };
467 -
468 - services.sourcehut.settings = {
469 - # URL dispatch.sr.ht is being served at (protocol://domain)
470 - "dispatch.sr.ht".origin = mkDefault "http://dispatch.${cfg.originBase}";
471 - # Address and port to bind the debug server to
472 - "dispatch.sr.ht".debug-host = mkDefault "0.0.0.0";
473 - "dispatch.sr.ht".debug-port = mkDefault port;
474 - # Configures the SQLAlchemy connection string for the database.
475 - "dispatch.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
476 - # Set to "yes" to automatically run migrations on package upgrade.
477 - "dispatch.sr.ht".migrate-on-upgrade = mkDefault "yes";
478 - # dispatch.sr.ht's OAuth client ID and secret for meta.sr.ht
479 - # Register your client at meta.example.org/oauth
480 - "dispatch.sr.ht".oauth-client-id = mkDefault null;
481 - "dispatch.sr.ht".oauth-client-secret = mkDefault null;
482 -
483 - # Github Integration
484 - "dispatch.sr.ht::github".oauth-client-id = mkDefault null;
485 - "dispatch.sr.ht::github".oauth-client-secret = mkDefault null;
486 -
487 - # Gitlab Integration
488 - "dispatch.sr.ht::gitlab".enabled = mkDefault null;
489 - "dispatch.sr.ht::gitlab".canonical-upstream = mkDefault "gitlab.com";
490 - "dispatch.sr.ht::gitlab".repo-cache = mkDefault "./repo-cache";
491 - # "dispatch.sr.ht::gitlab"."gitlab.com" = mkDefault "GitLab:application id:secret";
492 - };
493 -
494 - services.nginx.virtualHosts."dispatch.${cfg.originBase}" = {
495 - forceSSL = true;
496 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
497 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
498 - locations."/static".root = "${pkgs.sourcehut.dispatchsrht}/${pkgs.sourcehut.python.sitePackages}/dispatchsrht";
499 - };
500 - };
501 -}
502 diff --git a/nixos/modules/services/misc/sourcehut/git.nix b/nixos/modules/services/misc/sourcehut/git.nix
503 deleted file mode 100644
504 index ff110905d18..00000000000
505 --- a/nixos/modules/services/misc/sourcehut/git.nix
506 +++ /dev/null
507 @@ -1,217 +0,0 @@
508 -{ config, lib, options, pkgs, ... }:
509 -
510 -with lib;
511 -let
512 - cfg = config.services.sourcehut;
513 - opt = options.services.sourcehut;
514 - scfg = cfg.git;
515 - iniKey = "git.sr.ht";
516 -
517 - rcfg = config.services.redis;
518 - drv = pkgs.sourcehut.gitsrht;
519 -in
520 -{
521 - options.services.sourcehut.git = {
522 - user = mkOption {
523 - type = types.str;
524 - visible = false;
525 - internal = true;
526 - readOnly = true;
527 - default = "git";
528 - description = ''
529 - User for git.sr.ht.
530 - '';
531 - };
532 -
533 - port = mkOption {
534 - type = types.port;
535 - default = 5001;
536 - description = ''
537 - Port on which the "git" module should listen.
538 - '';
539 - };
540 -
541 - database = mkOption {
542 - type = types.str;
543 - default = "git.sr.ht";
544 - description = ''
545 - PostgreSQL database name for git.sr.ht.
546 - '';
547 - };
548 -
549 - statePath = mkOption {
550 - type = types.path;
551 - default = "${cfg.statePath}/gitsrht";
552 - defaultText = literalExpression ''"''${config.${opt.statePath}}/gitsrht"'';
553 - description = ''
554 - State path for git.sr.ht.
555 - '';
556 - };
557 -
558 - package = mkOption {
559 - type = types.package;
560 - default = pkgs.git;
561 - defaultText = literalExpression "pkgs.git";
562 - example = literalExpression "pkgs.gitFull";
563 - description = ''
564 - Git package for git.sr.ht. This can help silence collisions.
565 - '';
566 - };
567 - };
568 -
569 - config = with scfg; lib.mkIf (cfg.enable && elem "git" cfg.services) {
570 - # sshd refuses to run with `Unsafe AuthorizedKeysCommand ... bad ownership or modes for directory /nix/store`
571 - environment.etc."ssh/gitsrht-dispatch" = {
572 - mode = "0755";
573 - text = ''
574 - #! ${pkgs.stdenv.shell}
575 - ${cfg.python}/bin/gitsrht-dispatch "$@"
576 - '';
577 - };
578 -
579 - # Needs this in the $PATH when sshing into the server
580 - environment.systemPackages = [ cfg.git.package ];
581 -
582 - users = {
583 - users = {
584 - "${user}" = {
585 - isSystemUser = true;
586 - group = user;
587 - # https://stackoverflow.com/questions/22314298/git-push-results-in-fatal-protocol-error-bad-line-length-character-this
588 - # Probably could use gitsrht-shell if output is restricted to just parameters...
589 - shell = pkgs.bash;
590 - description = "git.sr.ht user";
591 - };
592 - };
593 -
594 - groups = {
595 - "${user}" = { };
596 - };
597 - };
598 -
599 - services = {
600 - cron.systemCronJobs = [ "*/20 * * * * ${cfg.python}/bin/gitsrht-periodic" ];
601 - fcgiwrap.enable = true;
602 -
603 - openssh.authorizedKeysCommand = ''/etc/ssh/gitsrht-dispatch "%u" "%h" "%t" "%k"'';
604 - openssh.authorizedKeysCommandUser = "root";
605 - openssh.extraConfig = ''
606 - PermitUserEnvironment SRHT_*
607 - '';
608 -
609 - postgresql = {
610 - authentication = ''
611 - local ${database} ${user} trust
612 - '';
613 - ensureDatabases = [ database ];
614 - ensureUsers = [
615 - {
616 - name = user;
617 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
618 - }
619 - ];
620 - };
621 - };
622 -
623 - systemd = {
624 - tmpfiles.rules = [
625 - # /var/log is owned by root
626 - "f /var/log/git-srht-shell 0644 ${user} ${user} -"
627 -
628 - "d ${statePath} 0750 ${user} ${user} -"
629 - "d ${cfg.settings."${iniKey}".repos} 2755 ${user} ${user} -"
630 - ];
631 -
632 - services = {
633 - gitsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
634 - after = [ "redis.service" "postgresql.service" "network.target" ];
635 - requires = [ "redis.service" "postgresql.service" ];
636 - wantedBy = [ "multi-user.target" ];
637 -
638 - # Needs internally to create repos at the very least
639 - path = [ pkgs.git ];
640 - description = "git.sr.ht website service";
641 -
642 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
643 - };
644 -
645 - gitsrht-webhooks = {
646 - after = [ "postgresql.service" "network.target" ];
647 - requires = [ "postgresql.service" ];
648 - wantedBy = [ "multi-user.target" ];
649 -
650 - description = "git.sr.ht webhooks service";
651 - serviceConfig = {
652 - Type = "simple";
653 - User = user;
654 - Restart = "always";
655 - };
656 -
657 - serviceConfig.ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info";
658 - };
659 - };
660 - };
661 -
662 - services.sourcehut.settings = {
663 - # URL git.sr.ht is being served at (protocol://domain)
664 - "git.sr.ht".origin = mkDefault "http://git.${cfg.originBase}";
665 - # Address and port to bind the debug server to
666 - "git.sr.ht".debug-host = mkDefault "0.0.0.0";
667 - "git.sr.ht".debug-port = mkDefault port;
668 - # Configures the SQLAlchemy connection string for the database.
669 - "git.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
670 - # Set to "yes" to automatically run migrations on package upgrade.
671 - "git.sr.ht".migrate-on-upgrade = mkDefault "yes";
672 - # The redis connection used for the webhooks worker
673 - "git.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/1";
674 -
675 - # A post-update script which is installed in every git repo.
676 - "git.sr.ht".post-update-script = mkDefault "${pkgs.sourcehut.gitsrht}/bin/gitsrht-update-hook";
677 -
678 - # git.sr.ht's OAuth client ID and secret for meta.sr.ht
679 - # Register your client at meta.example.org/oauth
680 - "git.sr.ht".oauth-client-id = mkDefault null;
681 - "git.sr.ht".oauth-client-secret = mkDefault null;
682 - # Path to git repositories on disk
683 - "git.sr.ht".repos = mkDefault "/var/lib/git";
684 -
685 - "git.sr.ht".outgoing-domain = mkDefault "http://git.${cfg.originBase}";
686 -
687 - # The authorized keys hook uses this to dispatch to various handlers
688 - # The format is a program to exec into as the key, and the user to match as the
689 - # value. When someone tries to log in as this user, this program is executed
690 - # and is expected to omit an AuthorizedKeys file.
691 - #
692 - # Discard of the string context is in order to allow derivation-derived strings.
693 - # This is safe if the relevant package is installed which will be the case if the setting is utilized.
694 - "git.sr.ht::dispatch".${builtins.unsafeDiscardStringContext "${pkgs.sourcehut.gitsrht}/bin/gitsrht-keys"} = mkDefault "${user}:${user}";
695 - };
696 -
697 - services.nginx.virtualHosts."git.${cfg.originBase}" = {
698 - forceSSL = true;
699 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
700 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
701 - locations."/static".root = "${pkgs.sourcehut.gitsrht}/${pkgs.sourcehut.python.sitePackages}/gitsrht";
702 - extraConfig = ''
703 - location = /authorize {
704 - proxy_pass http://${cfg.address}:${toString port};
705 - proxy_pass_request_body off;
706 - proxy_set_header Content-Length "";
707 - proxy_set_header X-Original-URI $request_uri;
708 - }
709 - location ~ ^/([^/]+)/([^/]+)/(HEAD|info/refs|objects/info/.*|git-upload-pack).*$ {
710 - auth_request /authorize;
711 - root /var/lib/git;
712 - fastcgi_pass unix:/run/fcgiwrap.sock;
713 - fastcgi_param SCRIPT_FILENAME ${pkgs.git}/bin/git-http-backend;
714 - fastcgi_param PATH_INFO $uri;
715 - fastcgi_param GIT_PROJECT_ROOT $document_root;
716 - fastcgi_read_timeout 500s;
717 - include ${config.services.nginx.package}/conf/fastcgi_params;
718 - gzip off;
719 - }
720 - '';
721 -
722 - };
723 - };
724 -}
725 diff --git a/nixos/modules/services/misc/sourcehut/hg.nix b/nixos/modules/services/misc/sourcehut/hg.nix
726 deleted file mode 100644
727 index 6ba1df8b6dd..00000000000
728 --- a/nixos/modules/services/misc/sourcehut/hg.nix
729 +++ /dev/null
730 @@ -1,175 +0,0 @@
731 -{ config, lib, options, pkgs, ... }:
732 -
733 -with lib;
734 -let
735 - cfg = config.services.sourcehut;
736 - opt = options.services.sourcehut;
737 - scfg = cfg.hg;
738 - iniKey = "hg.sr.ht";
739 -
740 - rcfg = config.services.redis;
741 - drv = pkgs.sourcehut.hgsrht;
742 -in
743 -{
744 - options.services.sourcehut.hg = {
745 - user = mkOption {
746 - type = types.str;
747 - internal = true;
748 - readOnly = true;
749 - default = "hg";
750 - description = ''
751 - User for hg.sr.ht.
752 - '';
753 - };
754 -
755 - port = mkOption {
756 - type = types.port;
757 - default = 5010;
758 - description = ''
759 - Port on which the "hg" module should listen.
760 - '';
761 - };
762 -
763 - database = mkOption {
764 - type = types.str;
765 - default = "hg.sr.ht";
766 - description = ''
767 - PostgreSQL database name for hg.sr.ht.
768 - '';
769 - };
770 -
771 - statePath = mkOption {
772 - type = types.path;
773 - default = "${cfg.statePath}/hgsrht";
774 - defaultText = literalExpression ''"''${config.${opt.statePath}}/hgsrht"'';
775 - description = ''
776 - State path for hg.sr.ht.
777 - '';
778 - };
779 -
780 - cloneBundles = mkOption {
781 - type = types.bool;
782 - default = false;
783 - description = ''
784 - Generate clonebundles (which require more disk space but dramatically speed up cloning large repositories).
785 - '';
786 - };
787 - };
788 -
789 - config = with scfg; lib.mkIf (cfg.enable && elem "hg" cfg.services) {
790 - # In case it ever comes into being
791 - environment.etc."ssh/hgsrht-dispatch" = {
792 - mode = "0755";
793 - text = ''
794 - #! ${pkgs.stdenv.shell}
795 - ${cfg.python}/bin/gitsrht-dispatch $@
796 - '';
797 - };
798 -
799 - environment.systemPackages = [ pkgs.mercurial ];
800 -
801 - users = {
802 - users = {
803 - "${user}" = {
804 - isSystemUser = true;
805 - group = user;
806 - # Assuming hg.sr.ht needs this too
807 - shell = pkgs.bash;
808 - description = "hg.sr.ht user";
809 - };
810 - };
811 -
812 - groups = {
813 - "${user}" = { };
814 - };
815 - };
816 -
817 - services = {
818 - cron.systemCronJobs = [ "*/20 * * * * ${cfg.python}/bin/hgsrht-periodic" ]
819 - ++ optional cloneBundles "0 * * * * ${cfg.python}/bin/hgsrht-clonebundles";
820 -
821 - openssh.authorizedKeysCommand = ''/etc/ssh/hgsrht-dispatch "%u" "%h" "%t" "%k"'';
822 - openssh.authorizedKeysCommandUser = "root";
823 - openssh.extraConfig = ''
824 - PermitUserEnvironment SRHT_*
825 - '';
826 -
827 - postgresql = {
828 - authentication = ''
829 - local ${database} ${user} trust
830 - '';
831 - ensureDatabases = [ database ];
832 - ensureUsers = [
833 - {
834 - name = user;
835 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
836 - }
837 - ];
838 - };
839 - };
840 -
841 - systemd = {
842 - tmpfiles.rules = [
843 - # /var/log is owned by root
844 - "f /var/log/hg-srht-shell 0644 ${user} ${user} -"
845 -
846 - "d ${statePath} 0750 ${user} ${user} -"
847 - "d ${cfg.settings."${iniKey}".repos} 2755 ${user} ${user} -"
848 - ];
849 -
850 - services.hgsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
851 - after = [ "redis.service" "postgresql.service" "network.target" ];
852 - requires = [ "redis.service" "postgresql.service" ];
853 - wantedBy = [ "multi-user.target" ];
854 -
855 - path = [ pkgs.mercurial ];
856 - description = "hg.sr.ht website service";
857 -
858 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
859 - };
860 - };
861 -
862 - services.sourcehut.settings = {
863 - # URL hg.sr.ht is being served at (protocol://domain)
864 - "hg.sr.ht".origin = mkDefault "http://hg.${cfg.originBase}";
865 - # Address and port to bind the debug server to
866 - "hg.sr.ht".debug-host = mkDefault "0.0.0.0";
867 - "hg.sr.ht".debug-port = mkDefault port;
868 - # Configures the SQLAlchemy connection string for the database.
869 - "hg.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
870 - # The redis connection used for the webhooks worker
871 - "hg.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/1";
872 - # A post-update script which is installed in every mercurial repo.
873 - "hg.sr.ht".changegroup-script = mkDefault "${cfg.python}/bin/hgsrht-hook-changegroup";
874 - # hg.sr.ht's OAuth client ID and secret for meta.sr.ht
875 - # Register your client at meta.example.org/oauth
876 - "hg.sr.ht".oauth-client-id = mkDefault null;
877 - "hg.sr.ht".oauth-client-secret = mkDefault null;
878 - # Path to mercurial repositories on disk
879 - "hg.sr.ht".repos = mkDefault "/var/lib/hg";
880 - # Path to the srht mercurial extension
881 - # (defaults to where the hgsrht code is)
882 - # "hg.sr.ht".srhtext = mkDefault null;
883 - # .hg/store size (in MB) past which the nightly job generates clone bundles.
884 - # "hg.sr.ht".clone_bundle_threshold = mkDefault 50;
885 - # Path to hg-ssh (if not in $PATH)
886 - # "hg.sr.ht".hg_ssh = mkDefault /path/to/hg-ssh;
887 -
888 - # The authorized keys hook uses this to dispatch to various handlers
889 - # The format is a program to exec into as the key, and the user to match as the
890 - # value. When someone tries to log in as this user, this program is executed
891 - # and is expected to omit an AuthorizedKeys file.
892 - #
893 - # Uncomment the relevant lines to enable the various sr.ht dispatchers.
894 - "hg.sr.ht::dispatch"."/run/current-system/sw/bin/hgsrht-keys" = mkDefault "${user}:${user}";
895 - };
896 -
897 - # TODO: requires testing and addition of hg-specific requirements
898 - services.nginx.virtualHosts."hg.${cfg.originBase}" = {
899 - forceSSL = true;
900 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
901 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
902 - locations."/static".root = "${pkgs.sourcehut.hgsrht}/${pkgs.sourcehut.python.sitePackages}/hgsrht";
903 - };
904 - };
905 -}
906 diff --git a/nixos/modules/services/misc/sourcehut/hub.nix b/nixos/modules/services/misc/sourcehut/hub.nix
907 deleted file mode 100644
908 index 7d137a76505..00000000000
909 --- a/nixos/modules/services/misc/sourcehut/hub.nix
910 +++ /dev/null
911 @@ -1,120 +0,0 @@
912 -{ config, lib, options, pkgs, ... }:
913 -
914 -with lib;
915 -let
916 - cfg = config.services.sourcehut;
917 - opt = options.services.sourcehut;
918 - cfgIni = cfg.settings;
919 - scfg = cfg.hub;
920 - iniKey = "hub.sr.ht";
921 -
922 - drv = pkgs.sourcehut.hubsrht;
923 -in
924 -{
925 - options.services.sourcehut.hub = {
926 - user = mkOption {
927 - type = types.str;
928 - default = "hubsrht";
929 - description = ''
930 - User for hub.sr.ht.
931 - '';
932 - };
933 -
934 - port = mkOption {
935 - type = types.port;
936 - default = 5014;
937 - description = ''
938 - Port on which the "hub" module should listen.
939 - '';
940 - };
941 -
942 - database = mkOption {
943 - type = types.str;
944 - default = "hub.sr.ht";
945 - description = ''
946 - PostgreSQL database name for hub.sr.ht.
947 - '';
948 - };
949 -
950 - statePath = mkOption {
951 - type = types.path;
952 - default = "${cfg.statePath}/hubsrht";
953 - defaultText = literalExpression ''"''${config.${opt.statePath}}/hubsrht"'';
954 - description = ''
955 - State path for hub.sr.ht.
956 - '';
957 - };
958 - };
959 -
960 - config = with scfg; lib.mkIf (cfg.enable && elem "hub" cfg.services) {
961 - users = {
962 - users = {
963 - "${user}" = {
964 - isSystemUser = true;
965 - group = user;
966 - description = "hub.sr.ht user";
967 - };
968 - };
969 -
970 - groups = {
971 - "${user}" = { };
972 - };
973 - };
974 -
975 - services.postgresql = {
976 - authentication = ''
977 - local ${database} ${user} trust
978 - '';
979 - ensureDatabases = [ database ];
980 - ensureUsers = [
981 - {
982 - name = user;
983 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
984 - }
985 - ];
986 - };
987 -
988 - systemd = {
989 - tmpfiles.rules = [
990 - "d ${statePath} 0750 ${user} ${user} -"
991 - ];
992 -
993 - services.hubsrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
994 - after = [ "postgresql.service" "network.target" ];
995 - requires = [ "postgresql.service" ];
996 - wantedBy = [ "multi-user.target" ];
997 -
998 - description = "hub.sr.ht website service";
999 -
1000 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1001 - };
1002 - };
1003 -
1004 - services.sourcehut.settings = {
1005 - # URL hub.sr.ht is being served at (protocol://domain)
1006 - "hub.sr.ht".origin = mkDefault "http://hub.${cfg.originBase}";
1007 - # Address and port to bind the debug server to
1008 - "hub.sr.ht".debug-host = mkDefault "0.0.0.0";
1009 - "hub.sr.ht".debug-port = mkDefault port;
1010 - # Configures the SQLAlchemy connection string for the database.
1011 - "hub.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1012 - # Set to "yes" to automatically run migrations on package upgrade.
1013 - "hub.sr.ht".migrate-on-upgrade = mkDefault "yes";
1014 - # hub.sr.ht's OAuth client ID and secret for meta.sr.ht
1015 - # Register your client at meta.example.org/oauth
1016 - "hub.sr.ht".oauth-client-id = mkDefault null;
1017 - "hub.sr.ht".oauth-client-secret = mkDefault null;
1018 - };
1019 -
1020 - services.nginx.virtualHosts."${cfg.originBase}" = {
1021 - forceSSL = true;
1022 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1023 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1024 - locations."/static".root = "${pkgs.sourcehut.hubsrht}/${pkgs.sourcehut.python.sitePackages}/hubsrht";
1025 - };
1026 - services.nginx.virtualHosts."hub.${cfg.originBase}" = {
1027 - globalRedirect = "${cfg.originBase}";
1028 - forceSSL = true;
1029 - };
1030 - };
1031 -}
1032 diff --git a/nixos/modules/services/misc/sourcehut/lists.nix b/nixos/modules/services/misc/sourcehut/lists.nix
1033 deleted file mode 100644
1034 index 76f155caa05..00000000000
1035 --- a/nixos/modules/services/misc/sourcehut/lists.nix
1036 +++ /dev/null
1037 @@ -1,187 +0,0 @@
1038 -# Email setup is fairly involved, useful references:
1039 -# https://drewdevault.com/2018/08/05/Local-mail-server.html
1040 -
1041 -{ config, lib, options, pkgs, ... }:
1042 -
1043 -with lib;
1044 -let
1045 - cfg = config.services.sourcehut;
1046 - opt = options.services.sourcehut;
1047 - cfgIni = cfg.settings;
1048 - scfg = cfg.lists;
1049 - iniKey = "lists.sr.ht";
1050 -
1051 - rcfg = config.services.redis;
1052 - drv = pkgs.sourcehut.listssrht;
1053 -in
1054 -{
1055 - options.services.sourcehut.lists = {
1056 - user = mkOption {
1057 - type = types.str;
1058 - default = "listssrht";
1059 - description = ''
1060 - User for lists.sr.ht.
1061 - '';
1062 - };
1063 -
1064 - port = mkOption {
1065 - type = types.port;
1066 - default = 5006;
1067 - description = ''
1068 - Port on which the "lists" module should listen.
1069 - '';
1070 - };
1071 -
1072 - database = mkOption {
1073 - type = types.str;
1074 - default = "lists.sr.ht";
1075 - description = ''
1076 - PostgreSQL database name for lists.sr.ht.
1077 - '';
1078 - };
1079 -
1080 - statePath = mkOption {
1081 - type = types.path;
1082 - default = "${cfg.statePath}/listssrht";
1083 - defaultText = literalExpression ''"''${config.${opt.statePath}}/listssrht"'';
1084 - description = ''
1085 - State path for lists.sr.ht.
1086 - '';
1087 - };
1088 - };
1089 -
1090 - config = with scfg; lib.mkIf (cfg.enable && elem "lists" cfg.services) {
1091 - users = {
1092 - users = {
1093 - "${user}" = {
1094 - isSystemUser = true;
1095 - group = user;
1096 - extraGroups = [ "postfix" ];
1097 - description = "lists.sr.ht user";
1098 - };
1099 - };
1100 - groups = {
1101 - "${user}" = { };
1102 - };
1103 - };
1104 -
1105 - services.postgresql = {
1106 - authentication = ''
1107 - local ${database} ${user} trust
1108 - '';
1109 - ensureDatabases = [ database ];
1110 - ensureUsers = [
1111 - {
1112 - name = user;
1113 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
1114 - }
1115 - ];
1116 - };
1117 -
1118 - systemd = {
1119 - tmpfiles.rules = [
1120 - "d ${statePath} 0750 ${user} ${user} -"
1121 - ];
1122 -
1123 - services = {
1124 - listssrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1125 - after = [ "postgresql.service" "network.target" ];
1126 - requires = [ "postgresql.service" ];
1127 - wantedBy = [ "multi-user.target" ];
1128 -
1129 - description = "lists.sr.ht website service";
1130 -
1131 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1132 - };
1133 -
1134 - listssrht-process = {
1135 - after = [ "postgresql.service" "network.target" ];
1136 - requires = [ "postgresql.service" ];
1137 - wantedBy = [ "multi-user.target" ];
1138 -
1139 - description = "lists.sr.ht process service";
1140 - serviceConfig = {
1141 - Type = "simple";
1142 - User = user;
1143 - Restart = "always";
1144 - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.process worker --loglevel=info";
1145 - };
1146 - };
1147 -
1148 - listssrht-lmtp = {
1149 - after = [ "postgresql.service" "network.target" ];
1150 - requires = [ "postgresql.service" ];
1151 - wantedBy = [ "multi-user.target" ];
1152 -
1153 - description = "lists.sr.ht process service";
1154 - serviceConfig = {
1155 - Type = "simple";
1156 - User = user;
1157 - Restart = "always";
1158 - ExecStart = "${cfg.python}/bin/listssrht-lmtp";
1159 - };
1160 - };
1161 -
1162 -
1163 - listssrht-webhooks = {
1164 - after = [ "postgresql.service" "network.target" ];
1165 - requires = [ "postgresql.service" ];
1166 - wantedBy = [ "multi-user.target" ];
1167 -
1168 - description = "lists.sr.ht webhooks service";
1169 - serviceConfig = {
1170 - Type = "simple";
1171 - User = user;
1172 - Restart = "always";
1173 - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info";
1174 - };
1175 - };
1176 - };
1177 - };
1178 -
1179 - services.sourcehut.settings = {
1180 - # URL lists.sr.ht is being served at (protocol://domain)
1181 - "lists.sr.ht".origin = mkDefault "http://lists.${cfg.originBase}";
1182 - # Address and port to bind the debug server to
1183 - "lists.sr.ht".debug-host = mkDefault "0.0.0.0";
1184 - "lists.sr.ht".debug-port = mkDefault port;
1185 - # Configures the SQLAlchemy connection string for the database.
1186 - "lists.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1187 - # Set to "yes" to automatically run migrations on package upgrade.
1188 - "lists.sr.ht".migrate-on-upgrade = mkDefault "yes";
1189 - # lists.sr.ht's OAuth client ID and secret for meta.sr.ht
1190 - # Register your client at meta.example.org/oauth
1191 - "lists.sr.ht".oauth-client-id = mkDefault null;
1192 - "lists.sr.ht".oauth-client-secret = mkDefault null;
1193 - # Outgoing email for notifications generated by users
1194 - "lists.sr.ht".notify-from = mkDefault "CHANGEME@example.org";
1195 - # The redis connection used for the webhooks worker
1196 - "lists.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/2";
1197 - # The redis connection used for the celery worker
1198 - "lists.sr.ht".redis = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/4";
1199 - # Network-key
1200 - "lists.sr.ht".network-key = mkDefault null;
1201 - # Allow creation
1202 - "lists.sr.ht".allow-new-lists = mkDefault "no";
1203 - # Posting Domain
1204 - "lists.sr.ht".posting-domain = mkDefault "lists.${cfg.originBase}";
1205 -
1206 - # Path for the lmtp daemon's unix socket. Direct incoming mail to this socket.
1207 - # Alternatively, specify IP:PORT and an SMTP server will be run instead.
1208 - "lists.sr.ht::worker".sock = mkDefault "/tmp/lists.sr.ht-lmtp.sock";
1209 - # The lmtp daemon will make the unix socket group-read/write for users in this
1210 - # group.
1211 - "lists.sr.ht::worker".sock-group = mkDefault "postfix";
1212 - "lists.sr.ht::worker".reject-url = mkDefault "https://man.sr.ht/lists.sr.ht/etiquette.md";
1213 - "lists.sr.ht::worker".reject-mimetypes = mkDefault "text/html";
1214 -
1215 - };
1216 -
1217 - services.nginx.virtualHosts."lists.${cfg.originBase}" = {
1218 - forceSSL = true;
1219 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1220 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1221 - locations."/static".root = "${pkgs.sourcehut.listssrht}/${pkgs.sourcehut.python.sitePackages}/listssrht";
1222 - };
1223 - };
1224 -}
1225 diff --git a/nixos/modules/services/misc/sourcehut/man.nix b/nixos/modules/services/misc/sourcehut/man.nix
1226 deleted file mode 100644
1227 index 8ca271c32ee..00000000000
1228 --- a/nixos/modules/services/misc/sourcehut/man.nix
1229 +++ /dev/null
1230 @@ -1,124 +0,0 @@
1231 -{ config, lib, options, pkgs, ... }:
1232 -
1233 -with lib;
1234 -let
1235 - cfg = config.services.sourcehut;
1236 - opt = options.services.sourcehut;
1237 - cfgIni = cfg.settings;
1238 - scfg = cfg.man;
1239 - iniKey = "man.sr.ht";
1240 -
1241 - drv = pkgs.sourcehut.mansrht;
1242 -in
1243 -{
1244 - options.services.sourcehut.man = {
1245 - user = mkOption {
1246 - type = types.str;
1247 - default = "mansrht";
1248 - description = ''
1249 - User for man.sr.ht.
1250 - '';
1251 - };
1252 -
1253 - port = mkOption {
1254 - type = types.port;
1255 - default = 5004;
1256 - description = ''
1257 - Port on which the "man" module should listen.
1258 - '';
1259 - };
1260 -
1261 - database = mkOption {
1262 - type = types.str;
1263 - default = "man.sr.ht";
1264 - description = ''
1265 - PostgreSQL database name for man.sr.ht.
1266 - '';
1267 - };
1268 -
1269 - statePath = mkOption {
1270 - type = types.path;
1271 - default = "${cfg.statePath}/mansrht";
1272 - defaultText = literalExpression ''"''${config.${opt.statePath}}/mansrht"'';
1273 - description = ''
1274 - State path for man.sr.ht.
1275 - '';
1276 - };
1277 - };
1278 -
1279 - config = with scfg; lib.mkIf (cfg.enable && elem "man" cfg.services) {
1280 - assertions =
1281 - [
1282 - {
1283 - assertion = hasAttrByPath [ "git.sr.ht" "oauth-client-id" ] cfgIni;
1284 - message = "man.sr.ht needs access to git.sr.ht.";
1285 - }
1286 - ];
1287 -
1288 - users = {
1289 - users = {
1290 - "${user}" = {
1291 - isSystemUser = true;
1292 - group = user;
1293 - description = "man.sr.ht user";
1294 - };
1295 - };
1296 -
1297 - groups = {
1298 - "${user}" = { };
1299 - };
1300 - };
1301 -
1302 - services.postgresql = {
1303 - authentication = ''
1304 - local ${database} ${user} trust
1305 - '';
1306 - ensureDatabases = [ database ];
1307 - ensureUsers = [
1308 - {
1309 - name = user;
1310 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
1311 - }
1312 - ];
1313 - };
1314 -
1315 - systemd = {
1316 - tmpfiles.rules = [
1317 - "d ${statePath} 0750 ${user} ${user} -"
1318 - ];
1319 -
1320 - services.mansrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1321 - after = [ "postgresql.service" "network.target" ];
1322 - requires = [ "postgresql.service" ];
1323 - wantedBy = [ "multi-user.target" ];
1324 -
1325 - description = "man.sr.ht website service";
1326 -
1327 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1328 - };
1329 - };
1330 -
1331 - services.sourcehut.settings = {
1332 - # URL man.sr.ht is being served at (protocol://domain)
1333 - "man.sr.ht".origin = mkDefault "http://man.${cfg.originBase}";
1334 - # Address and port to bind the debug server to
1335 - "man.sr.ht".debug-host = mkDefault "0.0.0.0";
1336 - "man.sr.ht".debug-port = mkDefault port;
1337 - # Configures the SQLAlchemy connection string for the database.
1338 - "man.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1339 - # Set to "yes" to automatically run migrations on package upgrade.
1340 - "man.sr.ht".migrate-on-upgrade = mkDefault "yes";
1341 - # man.sr.ht's OAuth client ID and secret for meta.sr.ht
1342 - # Register your client at meta.example.org/oauth
1343 - "man.sr.ht".oauth-client-id = mkDefault null;
1344 - "man.sr.ht".oauth-client-secret = mkDefault null;
1345 - };
1346 -
1347 - services.nginx.virtualHosts."man.${cfg.originBase}" = {
1348 - forceSSL = true;
1349 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1350 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1351 - locations."/static".root = "${pkgs.sourcehut.mansrht}/${pkgs.sourcehut.python.sitePackages}/mansrht";
1352 - };
1353 - };
1354 -}
1355 diff --git a/nixos/modules/services/misc/sourcehut/meta.nix b/nixos/modules/services/misc/sourcehut/meta.nix
1356 deleted file mode 100644
1357 index 33e4f2332b5..00000000000
1358 --- a/nixos/modules/services/misc/sourcehut/meta.nix
1359 +++ /dev/null
1360 @@ -1,213 +0,0 @@
1361 -{ config, lib, options, pkgs, ... }:
1362 -
1363 -with lib;
1364 -let
1365 - cfg = config.services.sourcehut;
1366 - opt = options.services.sourcehut;
1367 - cfgIni = cfg.settings;
1368 - scfg = cfg.meta;
1369 - iniKey = "meta.sr.ht";
1370 -
1371 - rcfg = config.services.redis;
1372 - drv = pkgs.sourcehut.metasrht;
1373 -in
1374 -{
1375 - options.services.sourcehut.meta = {
1376 - user = mkOption {
1377 - type = types.str;
1378 - default = "metasrht";
1379 - description = ''
1380 - User for meta.sr.ht.
1381 - '';
1382 - };
1383 -
1384 - port = mkOption {
1385 - type = types.port;
1386 - default = 5000;
1387 - description = ''
1388 - Port on which the "meta" module should listen.
1389 - '';
1390 - };
1391 -
1392 - database = mkOption {
1393 - type = types.str;
1394 - default = "meta.sr.ht";
1395 - description = ''
1396 - PostgreSQL database name for meta.sr.ht.
1397 - '';
1398 - };
1399 -
1400 - statePath = mkOption {
1401 - type = types.path;
1402 - default = "${cfg.statePath}/metasrht";
1403 - defaultText = literalExpression ''"''${config.${opt.statePath}}/metasrht"'';
1404 - description = ''
1405 - State path for meta.sr.ht.
1406 - '';
1407 - };
1408 - };
1409 -
1410 - config = with scfg; lib.mkIf (cfg.enable && elem "meta" cfg.services) {
1411 - assertions =
1412 - [
1413 - {
1414 - assertion = with cfgIni."meta.sr.ht::billing"; enabled == "yes" -> (stripe-public-key != null && stripe-secret-key != null);
1415 - message = "If meta.sr.ht::billing is enabled, the keys should be defined.";
1416 - }
1417 - ];
1418 -
1419 - users = {
1420 - users = {
1421 - ${user} = {
1422 - isSystemUser = true;
1423 - group = user;
1424 - description = "meta.sr.ht user";
1425 - };
1426 - };
1427 -
1428 - groups = {
1429 - "${user}" = { };
1430 - };
1431 - };
1432 -
1433 - services.cron.systemCronJobs = [ "0 0 * * * ${cfg.python}/bin/metasrht-daily" ];
1434 - services.postgresql = {
1435 - authentication = ''
1436 - local ${database} ${user} trust
1437 - '';
1438 - ensureDatabases = [ database ];
1439 - ensureUsers = [
1440 - {
1441 - name = user;
1442 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
1443 - }
1444 - ];
1445 - };
1446 -
1447 - systemd = {
1448 - tmpfiles.rules = [
1449 - "d ${statePath} 0750 ${user} ${user} -"
1450 - ];
1451 -
1452 - services = {
1453 - metasrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1454 - after = [ "postgresql.service" "network.target" ];
1455 - requires = [ "postgresql.service" ];
1456 - wantedBy = [ "multi-user.target" ];
1457 -
1458 - description = "meta.sr.ht website service";
1459 -
1460 - preStart = ''
1461 - # Configure client(s) as "preauthorized"
1462 - ${concatMapStringsSep "\n\n"
1463 - (attr: ''
1464 - if ! test -e "${statePath}/${attr}.oauth" || [ "$(cat ${statePath}/${attr}.oauth)" != "${cfgIni."${attr}".oauth-client-id}" ]; then
1465 - # Configure ${attr}'s OAuth client as "preauthorized"
1466 - psql ${database} \
1467 - -c "UPDATE oauthclient SET preauthorized = true WHERE client_id = '${cfgIni."${attr}".oauth-client-id}'"
1468 -
1469 - printf "%s" "${cfgIni."${attr}".oauth-client-id}" > "${statePath}/${attr}.oauth"
1470 - fi
1471 - '')
1472 - (builtins.attrNames (filterAttrs
1473 - (k: v: !(hasInfix "::" k) && builtins.hasAttr "oauth-client-id" v && v.oauth-client-id != null)
1474 - cfg.settings))}
1475 - '';
1476 -
1477 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1478 - };
1479 -
1480 - metasrht-api = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1481 - after = [ "postgresql.service" "network.target" ];
1482 - requires = [ "postgresql.service" ];
1483 - wantedBy = [ "multi-user.target" ];
1484 -
1485 - description = "meta.sr.ht api service";
1486 -
1487 - preStart = ''
1488 - # Configure client(s) as "preauthorized"
1489 - ${concatMapStringsSep "\n\n"
1490 - (attr: ''
1491 - if ! test -e "${statePath}/${attr}.oauth" || [ "$(cat ${statePath}/${attr}.oauth)" != "${cfgIni."${attr}".oauth-client-id}" ]; then
1492 - # Configure ${attr}'s OAuth client as "preauthorized"
1493 - psql ${database} \
1494 - -c "UPDATE oauthclient SET preauthorized = true WHERE client_id = '${cfgIni."${attr}".oauth-client-id}'"
1495 -
1496 - printf "%s" "${cfgIni."${attr}".oauth-client-id}" > "${statePath}/${attr}.oauth"
1497 - fi
1498 - '')
1499 - (builtins.attrNames (filterAttrs
1500 - (k: v: !(hasInfix "::" k) && builtins.hasAttr "oauth-client-id" v && v.oauth-client-id != null)
1501 - cfg.settings))}
1502 - '';
1503 -
1504 - serviceConfig.ExecStart = "${pkgs.sourcehut.metasrht}/bin/metasrht-api -b :${toString (port + 100)}";
1505 - };
1506 -
1507 - metasrht-webhooks = {
1508 - after = [ "postgresql.service" "network.target" ];
1509 - requires = [ "postgresql.service" ];
1510 - wantedBy = [ "multi-user.target" ];
1511 -
1512 - description = "meta.sr.ht webhooks service";
1513 - serviceConfig = {
1514 - Type = "simple";
1515 - User = user;
1516 - Restart = "always";
1517 - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info";
1518 - };
1519 -
1520 - };
1521 - };
1522 - };
1523 -
1524 - services.sourcehut.settings = {
1525 - # URL meta.sr.ht is being served at (protocol://domain)
1526 - "meta.sr.ht".origin = mkDefault "https://meta.${cfg.originBase}";
1527 - # Address and port to bind the debug server to
1528 - "meta.sr.ht".debug-host = mkDefault "0.0.0.0";
1529 - "meta.sr.ht".debug-port = mkDefault port;
1530 - # Configures the SQLAlchemy connection string for the database.
1531 - "meta.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1532 - # Set to "yes" to automatically run migrations on package upgrade.
1533 - "meta.sr.ht".migrate-on-upgrade = mkDefault "yes";
1534 - # If "yes", the user will be sent the stock sourcehut welcome emails after
1535 - # signup (requires cron to be configured properly). These are specific to the
1536 - # sr.ht instance so you probably want to patch these before enabling this.
1537 - "meta.sr.ht".welcome-emails = mkDefault "no";
1538 -
1539 - # The redis connection used for the webhooks worker
1540 - "meta.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/6";
1541 -
1542 - # If "no", public registration will not be permitted.
1543 - "meta.sr.ht::settings".registration = mkDefault "no";
1544 - # Where to redirect new users upon registration
1545 - "meta.sr.ht::settings".onboarding-redirect = mkDefault "https://meta.${cfg.originBase}";
1546 - # How many invites each user is issued upon registration (only applicable if
1547 - # open registration is disabled)
1548 - "meta.sr.ht::settings".user-invites = mkDefault 5;
1549 -
1550 - # Origin URL for API, 100 more than web
1551 - "meta.sr.ht".api-origin = mkDefault "http://localhost:5100";
1552 -
1553 - # You can add aliases for the client IDs of commonly used OAuth clients here.
1554 - #
1555 - # Example:
1556 - "meta.sr.ht::aliases" = mkDefault { };
1557 - # "meta.sr.ht::aliases"."git.sr.ht" = 12345;
1558 -
1559 - # "yes" to enable the billing system
1560 - "meta.sr.ht::billing".enabled = mkDefault "no";
1561 - # Get your keys at https://dashboard.stripe.com/account/apikeys
1562 - "meta.sr.ht::billing".stripe-public-key = mkDefault null;
1563 - "meta.sr.ht::billing".stripe-secret-key = mkDefault null;
1564 - };
1565 -
1566 - services.nginx.virtualHosts."meta.${cfg.originBase}" = {
1567 - forceSSL = true;
1568 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1569 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1570 - locations."/static".root = "${pkgs.sourcehut.metasrht}/${pkgs.sourcehut.python.sitePackages}/metasrht";
1571 - };
1572 - };
1573 -}
1574 diff --git a/nixos/modules/services/misc/sourcehut/paste.nix b/nixos/modules/services/misc/sourcehut/paste.nix
1575 deleted file mode 100644
1576 index b481ebaf891..00000000000
1577 --- a/nixos/modules/services/misc/sourcehut/paste.nix
1578 +++ /dev/null
1579 @@ -1,135 +0,0 @@
1580 -{ config, lib, options, pkgs, ... }:
1581 -
1582 -with lib;
1583 -let
1584 - cfg = config.services.sourcehut;
1585 - opt = options.services.sourcehut;
1586 - cfgIni = cfg.settings;
1587 - scfg = cfg.paste;
1588 - iniKey = "paste.sr.ht";
1589 -
1590 - rcfg = config.services.redis;
1591 - drv = pkgs.sourcehut.pastesrht;
1592 -in
1593 -{
1594 - options.services.sourcehut.paste = {
1595 - user = mkOption {
1596 - type = types.str;
1597 - default = "pastesrht";
1598 - description = ''
1599 - User for paste.sr.ht.
1600 - '';
1601 - };
1602 -
1603 - port = mkOption {
1604 - type = types.port;
1605 - default = 5011;
1606 - description = ''
1607 - Port on which the "paste" module should listen.
1608 - '';
1609 - };
1610 -
1611 - database = mkOption {
1612 - type = types.str;
1613 - default = "paste.sr.ht";
1614 - description = ''
1615 - PostgreSQL database name for paste.sr.ht.
1616 - '';
1617 - };
1618 -
1619 - statePath = mkOption {
1620 - type = types.path;
1621 - default = "${cfg.statePath}/pastesrht";
1622 - defaultText = literalExpression ''"''${config.${opt.statePath}}/pastesrht"'';
1623 - description = ''
1624 - State path for pastesrht.sr.ht.
1625 - '';
1626 - };
1627 - };
1628 -
1629 - config = with scfg; lib.mkIf (cfg.enable && elem "paste" cfg.services) {
1630 - users = {
1631 - users = {
1632 - "${user}" = {
1633 - isSystemUser = true;
1634 - group = user;
1635 - description = "paste.sr.ht user";
1636 - };
1637 - };
1638 -
1639 - groups = {
1640 - "${user}" = { };
1641 - };
1642 - };
1643 -
1644 - services.postgresql = {
1645 - authentication = ''
1646 - local ${database} ${user} trust
1647 - '';
1648 - ensureDatabases = [ database ];
1649 - ensureUsers = [
1650 - {
1651 - name = user;
1652 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
1653 - }
1654 - ];
1655 - };
1656 -
1657 - systemd = {
1658 - tmpfiles.rules = [
1659 - "d ${statePath} 0750 ${user} ${user} -"
1660 - ];
1661 -
1662 - services = {
1663 - pastesrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1664 - after = [ "postgresql.service" "network.target" ];
1665 - requires = [ "postgresql.service" ];
1666 - wantedBy = [ "multi-user.target" ];
1667 -
1668 - description = "paste.sr.ht website service";
1669 -
1670 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1671 - };
1672 -
1673 - pastesrht-webhooks = {
1674 - after = [ "postgresql.service" "network.target" ];
1675 - requires = [ "postgresql.service" ];
1676 - wantedBy = [ "multi-user.target" ];
1677 -
1678 - description = "paste.sr.ht webhooks service";
1679 - serviceConfig = {
1680 - Type = "simple";
1681 - User = user;
1682 - Restart = "always";
1683 - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info";
1684 - };
1685 -
1686 - };
1687 - };
1688 - };
1689 -
1690 - services.sourcehut.settings = {
1691 - # URL paste.sr.ht is being served at (protocol://domain)
1692 - "paste.sr.ht".origin = mkDefault "http://paste.${cfg.originBase}";
1693 - # Address and port to bind the debug server to
1694 - "paste.sr.ht".debug-host = mkDefault "0.0.0.0";
1695 - "paste.sr.ht".debug-port = mkDefault port;
1696 - # Configures the SQLAlchemy connection string for the database.
1697 - "paste.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1698 - # Set to "yes" to automatically run migrations on package upgrade.
1699 - "paste.sr.ht".migrate-on-upgrade = mkDefault "yes";
1700 - # paste.sr.ht's OAuth client ID and secret for meta.sr.ht
1701 - # Register your client at meta.example.org/oauth
1702 - "paste.sr.ht".oauth-client-id = mkDefault null;
1703 - "paste.sr.ht".oauth-client-secret = mkDefault null;
1704 - "paste.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/5";
1705 - };
1706 -
1707 - services.nginx.virtualHosts."paste.${cfg.originBase}" = {
1708 - forceSSL = true;
1709 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1710 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1711 - locations."/static".root = "${pkgs.sourcehut.pastesrht}/${pkgs.sourcehut.python.sitePackages}/pastesrht";
1712 - };
1713 - };
1714 -}
1715 diff --git a/nixos/modules/services/misc/sourcehut/service.nix b/nixos/modules/services/misc/sourcehut/service.nix
1716 index f1706ad0a6a..4ecc7a72669 100644
1717 --- a/nixos/modules/services/misc/sourcehut/service.nix
1718 +++ b/nixos/modules/services/misc/sourcehut/service.nix
1719 @@ -148,7 +148,7 @@ in
1720 redis = {
1721 host = mkOption {
1722 type = types.str;
1723 - default = "unix:/run/redis-sourcehut-${srvsrht}/redis.sock?db=0";
1724 + default = "unix:///run/redis-sourcehut-${srvsrht}/redis.sock?db=0";
1725 example = "redis://shared.wireguard:6379/0";
1726 description = ''
1727 The redis host URL. This is used for caching and temporary storage, and must
1728 diff --git a/nixos/modules/services/misc/sourcehut/todo.nix b/nixos/modules/services/misc/sourcehut/todo.nix
1729 deleted file mode 100644
1730 index 262fa48f59d..00000000000
1731 --- a/nixos/modules/services/misc/sourcehut/todo.nix
1732 +++ /dev/null
1733 @@ -1,163 +0,0 @@
1734 -{ config, lib, options, pkgs, ... }:
1735 -
1736 -with lib;
1737 -let
1738 - cfg = config.services.sourcehut;
1739 - opt = options.services.sourcehut;
1740 - cfgIni = cfg.settings;
1741 - scfg = cfg.todo;
1742 - iniKey = "todo.sr.ht";
1743 -
1744 - rcfg = config.services.redis;
1745 - drv = pkgs.sourcehut.todosrht;
1746 -in
1747 -{
1748 - options.services.sourcehut.todo = {
1749 - user = mkOption {
1750 - type = types.str;
1751 - default = "todosrht";
1752 - description = ''
1753 - User for todo.sr.ht.
1754 - '';
1755 - };
1756 -
1757 - port = mkOption {
1758 - type = types.port;
1759 - default = 5003;
1760 - description = ''
1761 - Port on which the "todo" module should listen.
1762 - '';
1763 - };
1764 -
1765 - database = mkOption {
1766 - type = types.str;
1767 - default = "todo.sr.ht";
1768 - description = ''
1769 - PostgreSQL database name for todo.sr.ht.
1770 - '';
1771 - };
1772 -
1773 - statePath = mkOption {
1774 - type = types.path;
1775 - default = "${cfg.statePath}/todosrht";
1776 - defaultText = literalExpression ''"''${config.${opt.statePath}}/todosrht"'';
1777 - description = ''
1778 - State path for todo.sr.ht.
1779 - '';
1780 - };
1781 - };
1782 -
1783 - config = with scfg; lib.mkIf (cfg.enable && elem "todo" cfg.services) {
1784 - users = {
1785 - users = {
1786 - "${user}" = {
1787 - isSystemUser = true;
1788 - group = user;
1789 - extraGroups = [ "postfix" ];
1790 - description = "todo.sr.ht user";
1791 - };
1792 - };
1793 - groups = {
1794 - "${user}" = { };
1795 - };
1796 - };
1797 -
1798 - services.postgresql = {
1799 - authentication = ''
1800 - local ${database} ${user} trust
1801 - '';
1802 - ensureDatabases = [ database ];
1803 - ensureUsers = [
1804 - {
1805 - name = user;
1806 - ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
1807 - }
1808 - ];
1809 - };
1810 -
1811 - systemd = {
1812 - tmpfiles.rules = [
1813 - "d ${statePath} 0750 ${user} ${user} -"
1814 - ];
1815 -
1816 - services = {
1817 - todosrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
1818 - after = [ "postgresql.service" "network.target" ];
1819 - requires = [ "postgresql.service" ];
1820 - wantedBy = [ "multi-user.target" ];
1821 -
1822 - description = "todo.sr.ht website service";
1823 -
1824 - serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
1825 - };
1826 -
1827 - todosrht-lmtp = {
1828 - after = [ "postgresql.service" "network.target" ];
1829 - bindsTo = [ "postgresql.service" ];
1830 - wantedBy = [ "multi-user.target" ];
1831 -
1832 - description = "todo.sr.ht process service";
1833 - serviceConfig = {
1834 - Type = "simple";
1835 - User = user;
1836 - Restart = "always";
1837 - ExecStart = "${cfg.python}/bin/todosrht-lmtp";
1838 - };
1839 - };
1840 -
1841 - todosrht-webhooks = {
1842 - after = [ "postgresql.service" "network.target" ];
1843 - requires = [ "postgresql.service" ];
1844 - wantedBy = [ "multi-user.target" ];
1845 -
1846 - description = "todo.sr.ht webhooks service";
1847 - serviceConfig = {
1848 - Type = "simple";
1849 - User = user;
1850 - Restart = "always";
1851 - ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel=info";
1852 - };
1853 -
1854 - };
1855 - };
1856 - };
1857 -
1858 - services.sourcehut.settings = {
1859 - # URL todo.sr.ht is being served at (protocol://domain)
1860 - "todo.sr.ht".origin = mkDefault "http://todo.${cfg.originBase}";
1861 - # Address and port to bind the debug server to
1862 - "todo.sr.ht".debug-host = mkDefault "0.0.0.0";
1863 - "todo.sr.ht".debug-port = mkDefault port;
1864 - # Configures the SQLAlchemy connection string for the database.
1865 - "todo.sr.ht".connection-string = mkDefault "postgresql:///${database}?user=${user}&host=/var/run/postgresql";
1866 - # Set to "yes" to automatically run migrations on package upgrade.
1867 - "todo.sr.ht".migrate-on-upgrade = mkDefault "yes";
1868 - # todo.sr.ht's OAuth client ID and secret for meta.sr.ht
1869 - # Register your client at meta.example.org/oauth
1870 - "todo.sr.ht".oauth-client-id = mkDefault null;
1871 - "todo.sr.ht".oauth-client-secret = mkDefault null;
1872 - # Outgoing email for notifications generated by users
1873 - "todo.sr.ht".notify-from = mkDefault "CHANGEME@example.org";
1874 - # The redis connection used for the webhooks worker
1875 - "todo.sr.ht".webhooks = mkDefault "redis://${rcfg.bind}:${toString rcfg.port}/1";
1876 - # Network-key
1877 - "todo.sr.ht".network-key = mkDefault null;
1878 -
1879 - # Path for the lmtp daemon's unix socket. Direct incoming mail to this socket.
1880 - # Alternatively, specify IP:PORT and an SMTP server will be run instead.
1881 - "todo.sr.ht::mail".sock = mkDefault "/tmp/todo.sr.ht-lmtp.sock";
1882 - # The lmtp daemon will make the unix socket group-read/write for users in this
1883 - # group.
1884 - "todo.sr.ht::mail".sock-group = mkDefault "postfix";
1885 -
1886 - "todo.sr.ht::mail".posting-domain = mkDefault "todo.${cfg.originBase}";
1887 - };
1888 -
1889 - services.nginx.virtualHosts."todo.${cfg.originBase}" = {
1890 - forceSSL = true;
1891 - locations."/".proxyPass = "http://${cfg.address}:${toString port}";
1892 - locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
1893 - locations."/static".root = "${pkgs.sourcehut.todosrht}/${pkgs.sourcehut.python.sitePackages}/todosrht";
1894 - };
1895 - };
1896 -}
1897 diff --git a/nixos/tests/sourcehut.nix b/nixos/tests/sourcehut.nix
1898 index 34a60247e00..6998f4f0c10 100644
1899 --- a/nixos/tests/sourcehut.nix
1900 +++ b/nixos/tests/sourcehut.nix
1901 @@ -195,6 +195,7 @@ in
1902 # Testing metasrht
1903 machine.wait_for_unit("metasrht-api.service")
1904 machine.wait_for_unit("metasrht.service")
1905 + machine.wait_for_unit("metasrht-webhooks.service")
1906 machine.wait_for_open_port(5000)
1907 machine.succeed("curl -sL http://localhost:5000 | grep meta.${domain}")
1908 machine.succeed("curl -sL http://meta.${domain} | grep meta.${domain}")
1909 diff --git a/pkgs/applications/version-management/sourcehut/builds.nix b/pkgs/applications/version-management/sourcehut/builds.nix
1910 index 350afd07fe1..99d6a05c4eb 100644
1911 --- a/pkgs/applications/version-management/sourcehut/builds.nix
1912 +++ b/pkgs/applications/version-management/sourcehut/builds.nix
1913 @@ -1,7 +1,7 @@
1914 { lib
1915 , fetchFromSourcehut
1916 -, buildPythonPackage
1917 , buildGoModule
1918 +, buildPythonPackage
1919 , srht
1920 , redis
1921 , celery
1922 @@ -9,21 +9,29 @@
1923 , markdown
1924 , ansi2html
1925 , python
1926 +, unzip
1927 }:
1928 let
1929 - version = "0.75.2";
1930 + version = "0.80.0";
1931
1932 src = fetchFromSourcehut {
1933 owner = "~sircmpwn";
1934 repo = "builds.sr.ht";
1935 rev = version;
1936 - sha256 = "sha256-SwyxMzmp9baRQ0vceuEn/OpfIv7z7jwq/l67hdOHXjM=";
1937 + sha256 = "sha256-SzA9bOXiXULRD4Eq9xBbbmMUpXT8egOtooZFF4p79ms=";
1938 };
1939
1940 - buildWorker = src: buildGoModule {
1941 + buildsrht-api = buildGoModule ({
1942 inherit src version;
1943 - pname = "builds-sr-ht-worker";
1944 + pname = "buildsrht-api";
1945 + modRoot = "api";
1946 + vendorSha256 = "sha256-roTwqtg4Y846PNtLdRN/LV3Jd0LVElqjFy3DJcrwoaI=";
1947 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
1948
1949 + buildsrht-worker = buildGoModule {
1950 + inherit src version;
1951 + sourceRoot = "source/worker";
1952 + pname = "buildsrht-worker";
1953 vendorSha256 = "sha256-Pf1M9a43eK4jr6QMi6kRHA8DodXQU0pqq9ua5VC3ER0=";
1954 };
1955 in
1956 @@ -31,10 +39,10 @@ buildPythonPackage rec {
1957 inherit src version;
1958 pname = "buildsrht";
1959
1960 - patches = [
1961 - # Revert change breaking Unix socket support for Redis
1962 - patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch
1963 - ];
1964 + postPatch = ''
1965 + substituteInPlace Makefile \
1966 + --replace "all: api worker" ""
1967 + '';
1968
1969 nativeBuildInputs = srht.nativeBuildInputs;
1970
1971 @@ -58,7 +66,8 @@ buildPythonPackage rec {
1972
1973 cp -r images $out/lib
1974 cp contrib/submit_image_build $out/bin/builds.sr.ht
1975 - cp ${buildWorker "${src}/worker"}/bin/worker $out/bin/builds.sr.ht-worker
1976 + ln -s ${buildsrht-api}/bin/api $out/bin/buildsrht-api
1977 + ln -s ${buildsrht-worker}/bin/worker $out/bin/buildsrht-worker
1978 '';
1979
1980 pythonImportsCheck = [ "buildsrht" ];
1981 diff --git a/pkgs/applications/version-management/sourcehut/core.nix b/pkgs/applications/version-management/sourcehut/core.nix
1982 index 805da8c3282..0648f21910f 100644
1983 --- a/pkgs/applications/version-management/sourcehut/core.nix
1984 +++ b/pkgs/applications/version-management/sourcehut/core.nix
1985 @@ -1,5 +1,5 @@
1986 { lib
1987 -, fetchgit
1988 +, fetchFromSourcehut
1989 , fetchNodeModules
1990 , buildPythonPackage
1991 , pgpy
1992 @@ -29,12 +29,13 @@
1993
1994 buildPythonPackage rec {
1995 pname = "srht";
1996 - version = "0.68.14";
1997 + version = "0.68.24";
1998
1999 - src = fetchgit {
2000 - url = "https://git.sr.ht/~sircmpwn/core.sr.ht";
2001 + src = fetchFromSourcehut {
2002 + owner = "~sircmpwn";
2003 + repo = "core.sr.ht";
2004 rev = version;
2005 - sha256 = "sha256-BY3W2rwrg0mhH3CltgUqg6Xv8Ve5VZNY/lI1cfbAjYM=";
2006 + sha256 = "sha256-ipukga6vfBgDIXOQCejCkU/iTmBt5egIjB+NlJyL2yo=";
2007 fetchSubmodules = true;
2008 };
2009
2010 @@ -47,6 +48,8 @@ buildPythonPackage rec {
2011 patches = [
2012 # Disable check for npm
2013 ./disable-npm-install.patch
2014 + # Fix Unix socket support in RedisQueueCollector
2015 + patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch
2016 ];
2017
2018 nativeBuildInputs = [
2019 diff --git a/pkgs/applications/version-management/sourcehut/default.nix b/pkgs/applications/version-management/sourcehut/default.nix
2020 index 00810f208cc..aee65dee3bb 100644
2021 --- a/pkgs/applications/version-management/sourcehut/default.nix
2022 +++ b/pkgs/applications/version-management/sourcehut/default.nix
2023 @@ -2,6 +2,7 @@
2024 , openssl
2025 , callPackage
2026 , recurseIntoAttrs
2027 +, nixosTests
2028 }:
2029
2030 # To expose the *srht modules, they have to be a python module so we use `buildPythonModule`
2031 @@ -44,4 +45,7 @@ with python.pkgs; recurseIntoAttrs {
2032 pagessrht = pagessrht;
2033 pastesrht = toPythonApplication pastesrht;
2034 todosrht = toPythonApplication todosrht;
2035 + passthru.tests = {
2036 + nixos-sourcehut = nixosTests.sourcehut;
2037 + };
2038 }
2039 diff --git a/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix
2040 new file mode 100644
2041 index 00000000000..1f94913292e
2042 --- /dev/null
2043 +++ b/pkgs/applications/version-management/sourcehut/fix-gqlgen-trimpath.nix
2044 @@ -0,0 +1,32 @@
2045 +{ unzip }:
2046 +{
2047 + overrideModAttrs = (_: {
2048 + # No need to workaround -trimpath: it's not used in go-modules,
2049 + # but do download `go generate`'s dependencies nonetheless.
2050 + preBuild = ''
2051 + set -x
2052 + go generate ./loaders
2053 + go generate ./graph
2054 + set +x
2055 + '';
2056 + });
2057 +
2058 + # Workaround:
2059 + # go: git.sr.ht/~emersion/go-emailthreads@v0.0.0-20220412093310-4fd792e343ba: module lookup disabled by GOPROXY=off
2060 + # tidy failed: go mod tidy failed: exit status 1
2061 + # graph/generate.go:10: running "go": exit status 1
2062 + proxyVendor = true;
2063 +
2064 + # Workaround -trimpath in the package derivation:
2065 + # https://github.com/99designs/gqlgen/issues/1537
2066 + # This is to give `go generate ./graph` access to gqlgen's *.gotpl files
2067 + # If it fails, the gqlgenVersion may have to be updated.
2068 + preBuild = let gqlgenVersion = "0.17.2"; in ''
2069 + set -x
2070 + ${unzip}/bin/unzip ''${GOPROXY#"file://"}/github.com/99designs/gqlgen/@v/v${gqlgenVersion}.zip
2071 + go generate ./loaders
2072 + go generate ./graph
2073 + rm -rf github.com
2074 + set +x
2075 + '';
2076 +}
2077 diff --git a/pkgs/applications/version-management/sourcehut/git.nix b/pkgs/applications/version-management/sourcehut/git.nix
2078 index 318bee4cf51..a721da0ecd3 100644
2079 --- a/pkgs/applications/version-management/sourcehut/git.nix
2080 +++ b/pkgs/applications/version-management/sourcehut/git.nix
2081 @@ -1,57 +1,67 @@
2082 { lib
2083 , fetchFromSourcehut
2084 -, buildPythonPackage
2085 , buildGoModule
2086 +, buildPythonPackage
2087 , python
2088 , srht
2089 , pygit2
2090 , scmsrht
2091 +, unzip
2092 }:
2093 let
2094 - version = "0.77.3";
2095 + version = "0.78.18";
2096
2097 src = fetchFromSourcehut {
2098 owner = "~sircmpwn";
2099 repo = "git.sr.ht";
2100 rev = version;
2101 - sha256 = "sha256-eJvXCcmdiUzTK0EqNJkLEZsAfr6toD/378HObnMbOWM=";
2102 + sha256 = "sha256-pGWphdFKaOIBIKWMxfNAFqXZQx/qHcrwb5Ylj9uag7s=";
2103 };
2104
2105 - buildShell = src: buildGoModule {
2106 + gitApi = buildGoModule ({
2107 inherit src version;
2108 - pname = "gitsrht-shell";
2109 - vendorSha256 = "sha256-aqUFICp0C2reqb2p6JCPAUIRsxzSv0t9BHoNWrTYfqk=";
2110 - };
2111 + pname = "gitsrht-api";
2112 + modRoot = "api";
2113 + vendorSha256 = "sha256-0YI20liP0X1McfiSUy29zJk2UqqAPBIfIfPLoJOE1uI=";
2114 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
2115
2116 - buildDispatcher = src: buildGoModule {
2117 + gitDispatch = buildGoModule {
2118 inherit src version;
2119 - pname = "gitsrht-dispatcher";
2120 + pname = "gitsrht-dispatch";
2121 + modRoot = "gitsrht-dispatch";
2122 vendorSha256 = "sha256-qWXPHo86s6iuRBhRMtmD5jxnAWKdrWHtA/iSUkdw89M=";
2123 };
2124
2125 - buildKeys = src: buildGoModule {
2126 + gitKeys = buildGoModule {
2127 inherit src version;
2128 pname = "gitsrht-keys";
2129 + modRoot = "gitsrht-keys";
2130 vendorSha256 = "sha256-9pojS69HCKVHUceyOpGtv9ewcxFD4WsOVsEzkmWJkF4=";
2131 };
2132
2133 - buildUpdateHook = src: buildGoModule {
2134 + gitShell = buildGoModule {
2135 inherit src version;
2136 - pname = "gitsrht-update-hook";
2137 - vendorSha256 = "sha256-sBlG7EFqdDm7CkAHVX50Mf4N3sl1rPNmWExG/bfbfGA=";
2138 + pname = "gitsrht-shell";
2139 + modRoot = "gitsrht-shell";
2140 + vendorSha256 = "sha256-WqfvSPuVsOHA//86u33atMfeA11+DJhjLmWy8Ivq0NI=";
2141 };
2142
2143 - updateHook = buildUpdateHook "${src}/gitsrht-update-hook";
2144 + gitUpdateHook = buildGoModule {
2145 + inherit src version;
2146 + pname = "gitsrht-update-hook";
2147 + modRoot = "gitsrht-update-hook";
2148 + vendorSha256 = "sha256-Bc3yPabS2S+qiroHFKrtkII/CfzBDYQ6xWxKHAME+Tc=";
2149 + };
2150
2151 in
2152 buildPythonPackage rec {
2153 inherit src version;
2154 pname = "gitsrht";
2155
2156 - patches = [
2157 - # Revert change breaking Unix socket support for Redis
2158 - patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch
2159 - ];
2160 + postPatch = ''
2161 + substituteInPlace Makefile \
2162 + --replace "all: api gitsrht-dispatch gitsrht-keys gitsrht-shell gitsrht-update-hook" ""
2163 + '';
2164
2165 nativeBuildInputs = srht.nativeBuildInputs;
2166
2167 @@ -68,14 +78,12 @@ buildPythonPackage rec {
2168
2169 postInstall = ''
2170 mkdir -p $out/bin
2171 - cp ${buildShell "${src}/gitsrht-shell"}/bin/gitsrht-shell $out/bin/gitsrht-shell
2172 - cp ${buildDispatcher "${src}/gitsrht-dispatch"}/bin/gitsrht-dispatch $out/bin/gitsrht-dispatch
2173 - cp ${buildKeys "${src}/gitsrht-keys"}/bin/gitsrht-keys $out/bin/gitsrht-keys
2174 - cp ${updateHook}/bin/gitsrht-update-hook $out/bin/gitsrht-update-hook
2175 + ln -s ${gitApi}/bin/api $out/bin/gitsrht-api
2176 + ln -s ${gitDispatch}/bin/gitsrht-dispatch $out/bin/gitsrht-dispatch
2177 + ln -s ${gitKeys}/bin/gitsrht-keys $out/bin/gitsrht-keys
2178 + ln -s ${gitShell}/bin/gitsrht-shell $out/bin/gitsrht-shell
2179 + ln -s ${gitUpdateHook}/bin/gitsrht-update-hook $out/bin/gitsrht-update-hook
2180 '';
2181 - passthru = {
2182 - inherit updateHook;
2183 - };
2184
2185 pythonImportsCheck = [ "gitsrht" ];
2186
2187 diff --git a/pkgs/applications/version-management/sourcehut/hg.nix b/pkgs/applications/version-management/sourcehut/hg.nix
2188 index f3e778b2f31..2aa4cc2c505 100644
2189 --- a/pkgs/applications/version-management/sourcehut/hg.nix
2190 +++ b/pkgs/applications/version-management/sourcehut/hg.nix
2191 @@ -1,21 +1,41 @@
2192 { lib
2193 , fetchhg
2194 +, buildGoModule
2195 , buildPythonPackage
2196 , srht
2197 , hglib
2198 , scmsrht
2199 , unidiff
2200 , python
2201 +, unzip
2202 }:
2203
2204 buildPythonPackage rec {
2205 pname = "hgsrht";
2206 - version = "0.29.4";
2207 + version = "0.31.2";
2208
2209 src = fetchhg {
2210 url = "https://hg.sr.ht/~sircmpwn/hg.sr.ht";
2211 rev = version;
2212 - sha256 = "Jn9M/R5tJK/GeJDWGo3LWCK2nwsfI9zh+/yo2M+X6Sk=";
2213 + sha256 = "F0dBykSSrlis+mumULLxvKNxD75DWR9+IDTYbmhkMDI=";
2214 + };
2215 + postPatch = ''
2216 + substituteInPlace Makefile \
2217 + --replace "all: api hgsrht-keys" ""
2218 + '';
2219 +
2220 + hgsrht-api = buildGoModule ({
2221 + inherit src version;
2222 + pname = "hgsrht-api";
2223 + modRoot = "api";
2224 + vendorSha256 = "sha256-W7A22qSIgJgcfS7xYNrmbYKaZBXbDtPilM9I6DxmTeU=";
2225 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
2226 +
2227 + hgsrht-keys = buildGoModule {
2228 + inherit src version;
2229 + pname = "hgsrht-keys";
2230 + modRoot = "hgsrht-keys";
2231 + vendorSha256 = "sha256-7ti8xCjSrxsslF7/1X/GY4FDl+69hPL4UwCDfjxmJLU=";
2232 };
2233
2234 nativeBuildInputs = srht.nativeBuildInputs;
2235 @@ -32,6 +52,11 @@ buildPythonPackage rec {
2236 export SRHT_PATH=${srht}/${python.sitePackages}/srht
2237 '';
2238
2239 + postInstall = ''
2240 + ln -s ${hgsrht-api}/bin/api $out/bin/hgsrht-api
2241 + ln -s ${hgsrht-keys}/bin/hgsrht-keys $out/bin/hgsrht-keys
2242 + '';
2243 +
2244 pythonImportsCheck = [ "hgsrht" ];
2245
2246 meta = with lib; {
2247 diff --git a/pkgs/applications/version-management/sourcehut/hub.nix b/pkgs/applications/version-management/sourcehut/hub.nix
2248 index 511ec359fc4..75d9efe5bd9 100644
2249 --- a/pkgs/applications/version-management/sourcehut/hub.nix
2250 +++ b/pkgs/applications/version-management/sourcehut/hub.nix
2251 @@ -6,13 +6,13 @@
2252
2253 buildPythonPackage rec {
2254 pname = "hubsrht";
2255 - version = "0.14.4";
2256 + version = "0.14.14";
2257
2258 src = fetchFromSourcehut {
2259 owner = "~sircmpwn";
2260 repo = "hub.sr.ht";
2261 rev = version;
2262 - sha256 = "sha256-7HF+jykWGqzPWA0YtJZQZU7pnID1yexcqLkEf2HpnSs=";
2263 + sha256 = "sha256-4n6oQ+AAvdJY/5KflxAp62chjyrlSUkmt319DKZk33w=";
2264 };
2265
2266 nativeBuildInputs = srht.nativeBuildInputs;
2267 diff --git a/pkgs/applications/version-management/sourcehut/lists.nix b/pkgs/applications/version-management/sourcehut/lists.nix
2268 index 3ba6375a913..b9a00ffd213 100644
2269 --- a/pkgs/applications/version-management/sourcehut/lists.nix
2270 +++ b/pkgs/applications/version-management/sourcehut/lists.nix
2271 @@ -1,5 +1,6 @@
2272 { lib
2273 , fetchFromSourcehut
2274 +, buildGoModule
2275 , buildPythonPackage
2276 , srht
2277 , asyncpg
2278 @@ -8,23 +9,31 @@
2279 , emailthreads
2280 , redis
2281 , python
2282 +, unzip
2283 }:
2284
2285 buildPythonPackage rec {
2286 pname = "listssrht";
2287 - version = "0.51.7";
2288 + version = "0.51.10";
2289
2290 src = fetchFromSourcehut {
2291 owner = "~sircmpwn";
2292 repo = "lists.sr.ht";
2293 rev = version;
2294 - sha256 = "sha256-oNY5A98oVoL2JKO0fU/8YVl8u7ywmHb/RHD8A6z9yIM=";
2295 + sha256 = "sha256-f8KvMctDva31W5c6uAIDDZ0eUrRL5ha10ew2pLEnJtw=";
2296 };
2297
2298 - patches = [
2299 - # Revert change breaking Unix socket support for Redis
2300 - patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch
2301 - ];
2302 + listssrht-api = buildGoModule ({
2303 + inherit src version;
2304 + pname = "listssrht-api";
2305 + modRoot = "api";
2306 + vendorSha256 = "sha256-xnmMkRSokbhWD+kz0XQ9AinYdm6/50FRBISURPvlzD0=";
2307 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
2308 +
2309 + postPatch = ''
2310 + substituteInPlace Makefile \
2311 + --replace "all: api" ""
2312 + '';
2313
2314 nativeBuildInputs = srht.nativeBuildInputs;
2315
2316 @@ -42,6 +51,10 @@ buildPythonPackage rec {
2317 export SRHT_PATH=${srht}/${python.sitePackages}/srht
2318 '';
2319
2320 + postInstall = ''
2321 + ln -s ${listssrht-api}/bin/api $out/bin/listssrht-api
2322 + '';
2323 +
2324 pythonImportsCheck = [ "listssrht" ];
2325
2326 meta = with lib; {
2327 diff --git a/pkgs/applications/version-management/sourcehut/man.nix b/pkgs/applications/version-management/sourcehut/man.nix
2328 index 8d43f297a4f..ccee76defde 100644
2329 --- a/pkgs/applications/version-management/sourcehut/man.nix
2330 +++ b/pkgs/applications/version-management/sourcehut/man.nix
2331 @@ -8,13 +8,13 @@
2332
2333 buildPythonPackage rec {
2334 pname = "mansrht";
2335 - version = "0.15.23";
2336 + version = "0.15.25";
2337
2338 src = fetchFromSourcehut {
2339 owner = "~sircmpwn";
2340 repo = "man.sr.ht";
2341 rev = version;
2342 - sha256 = "sha256-xrBptXdwMee+YkPup/BYL/iXBhCzSUQ5htSHIw/1Ncc=";
2343 + sha256 = "sha256-Mq3IHsqSkFHVdmy3g0E+9oLnKORthgv3lqvWyrKMIuU=";
2344 };
2345
2346 nativeBuildInputs = srht.nativeBuildInputs;
2347 diff --git a/pkgs/applications/version-management/sourcehut/meta.nix b/pkgs/applications/version-management/sourcehut/meta.nix
2348 index ab19cc88d25..896279addd3 100644
2349 --- a/pkgs/applications/version-management/sourcehut/meta.nix
2350 +++ b/pkgs/applications/version-management/sourcehut/meta.nix
2351 @@ -16,32 +16,34 @@
2352 , weasyprint
2353 , prometheus-client
2354 , python
2355 +, unzip
2356 }:
2357 let
2358 - version = "0.57.5";
2359 + version = "0.58.8";
2360
2361 src = fetchFromSourcehut {
2362 owner = "~sircmpwn";
2363 repo = "meta.sr.ht";
2364 rev = version;
2365 - sha256 = "sha256-qsCwZaCiqvY445U053OCWD98jlIUi9NB2jWVP2oW3Vk=";
2366 + sha256 = "sha256-lnEt5UoQBd5qlkD+nE6KL5DP4jf1FrAjgA06/mgRxTs=";
2367 };
2368
2369 - buildApi = src: buildGoModule {
2370 + metasrht-api = buildGoModule ({
2371 inherit src version;
2372 pname = "metasrht-api";
2373 - vendorSha256 = "sha256-8Ubrr9qRlgW2wsLHrPHwulSWLz+gp4VPcTvOZpg8TYM=";
2374 - };
2375 + modRoot = "api";
2376 + vendorSha256 = "sha256-3s9PYUy4qS06zyTIRDvnAmhfrjVLBa/03Nu3tMcIReI=";
2377 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
2378
2379 in
2380 buildPythonPackage rec {
2381 pname = "metasrht";
2382 inherit version src;
2383
2384 - patches = [
2385 - # Revert change breaking Unix socket support for Redis
2386 - patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch
2387 - ];
2388 + postPatch = ''
2389 + substituteInPlace Makefile \
2390 + --replace "all: api" ""
2391 + '';
2392
2393 nativeBuildInputs = srht.nativeBuildInputs;
2394
2395 @@ -68,7 +70,7 @@ buildPythonPackage rec {
2396
2397 postInstall = ''
2398 mkdir -p $out/bin
2399 - cp ${buildApi "${src}/api/"}/bin/api $out/bin/metasrht-api
2400 + ln -s ${metasrht-api}/bin/api $out/bin/metasrht-api
2401 '';
2402
2403 pythonImportsCheck = [ "metasrht" ];
2404 diff --git a/pkgs/applications/version-management/sourcehut/pages.nix b/pkgs/applications/version-management/sourcehut/pages.nix
2405 index b6a18b5bda7..faa6dbb4d49 100644
2406 --- a/pkgs/applications/version-management/sourcehut/pages.nix
2407 +++ b/pkgs/applications/version-management/sourcehut/pages.nix
2408 @@ -1,20 +1,21 @@
2409 { lib
2410 , fetchFromSourcehut
2411 , buildGoModule
2412 +, unzip
2413 }:
2414
2415 -buildGoModule rec {
2416 +buildGoModule (rec {
2417 pname = "pagessrht";
2418 - version = "0.6.2";
2419 + version = "0.7.3";
2420
2421 src = fetchFromSourcehut {
2422 owner = "~sircmpwn";
2423 repo = "pages.sr.ht";
2424 rev = version;
2425 - sha256 = "sha256-ob0+t9V2o8lhVC6fXbi1rNm0Mnbs+GoyAmhBqVZ13PA=";
2426 + sha256 = "sha256-fHhf4VQ82/k4g8pzyuN9Pr2f8mxT8zw+2Nq0nw1Msks=";
2427 };
2428
2429 - vendorSha256 = "sha256-b0sHSH0jkKoIVq045N96wszuLJDegkkj0v50nuDFleU=";
2430 + vendorSha256 = "sha256-/+XVl6PZUMOZIiuO6vEu0dacefz2hDSObaP8JsItSTw=";
2431
2432 postInstall = ''
2433 mkdir -p $out/share/sql/
2434 @@ -27,4 +28,6 @@ buildGoModule rec {
2435 license = licenses.agpl3Only;
2436 maintainers = with maintainers; [ eadwu ];
2437 };
2438 -}
2439 + # There is no ./loaders but this does not cause troubles
2440 + # to go generate
2441 +} // import ./fix-gqlgen-trimpath.nix {inherit unzip;})
2442 diff --git a/pkgs/applications/version-management/sourcehut/paste.nix b/pkgs/applications/version-management/sourcehut/paste.nix
2443 index c411f8e8c95..fbbc5fcd6a9 100644
2444 --- a/pkgs/applications/version-management/sourcehut/paste.nix
2445 +++ b/pkgs/applications/version-management/sourcehut/paste.nix
2446 @@ -8,13 +8,13 @@
2447
2448 buildPythonPackage rec {
2449 pname = "pastesrht";
2450 - version = "0.13.6";
2451 + version = "0.13.7";
2452
2453 src = fetchFromSourcehut {
2454 owner = "~sircmpwn";
2455 repo = "paste.sr.ht";
2456 rev = version;
2457 - sha256 = "sha256-Khcqk86iD9nxiKXN3+8mSLNoDau2qXNFOrLdkVu+rH8=";
2458 + sha256 = "sha256-EzcS6Zbh+wJinC/GKJOSWUPORODpKEA3tLpLGqoVGBU=";
2459 };
2460
2461 nativeBuildInputs = srht.nativeBuildInputs;
2462 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch
2463 deleted file mode 100644
2464 index ae8e95ddc0c..00000000000
2465 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/build/0001-Revert-Add-build-submission-and-queue-monitoring.patch
2466 +++ /dev/null
2467 @@ -1,69 +0,0 @@
2468 -From 069b03f85847ed4a9223183b62ee53f420838911 Mon Sep 17 00:00:00 2001
2469 -From: Julien Moutinho <julm+srht@sourcephile.fr>
2470 -Date: Thu, 16 Dec 2021 04:54:24 +0100
2471 -Subject: [PATCH builds.sr.ht] Revert "Add build submission and queue
2472 - monitoring"
2473 -
2474 -This reverts commit 690f1aa16c77e418dc40109cd5e8fdf4a7ed947a.
2475 -
2476 -This has broken Unix socket support for Redis
2477 -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E
2478 ----
2479 - buildsrht/app.py | 3 ---
2480 - buildsrht/runner.py | 9 +--------
2481 - 2 files changed, 1 insertion(+), 11 deletions(-)
2482 -
2483 -diff --git a/buildsrht/app.py b/buildsrht/app.py
2484 -index e5321a2..7c9977c 100644
2485 ---- a/buildsrht/app.py
2486 -+++ b/buildsrht/app.py
2487 -@@ -36,9 +36,6 @@ class BuildApp(SrhtFlask):
2488 - self.register_blueprint(secrets)
2489 - self.register_blueprint(gql_blueprint)
2490 -
2491 -- from buildsrht.runner import builds_queue_metrics_collector
2492 -- self.metrics_registry.register(builds_queue_metrics_collector)
2493 --
2494 - @self.context_processor
2495 - def inject():
2496 - return {
2497 -diff --git a/buildsrht/runner.py b/buildsrht/runner.py
2498 -index 7773452..0389c8e 100644
2499 ---- a/buildsrht/runner.py
2500 -+++ b/buildsrht/runner.py
2501 -@@ -5,13 +5,10 @@ from srht.config import cfg
2502 - from srht.database import db
2503 - from srht.email import send_email
2504 - from srht.oauth import UserType
2505 --from srht.metrics import RedisQueueCollector
2506 --from prometheus_client import Counter
2507 -
2508 - allow_free = cfg("builds.sr.ht", "allow-free", default="no") == "yes"
2509 -
2510 --builds_broker = cfg("builds.sr.ht", "redis")
2511 --runner = Celery('builds', broker=builds_broker, config_source={
2512 -+runner = Celery('builds', broker=cfg("builds.sr.ht", "redis"), config_source={
2513 - "CELERY_TASK_SERIALIZER": "json",
2514 - "CELERY_ACCEPT_CONTENT": ["json"],
2515 - "CELERY_RESULT_SERIALIZER": "json",
2516 -@@ -19,9 +16,6 @@ runner = Celery('builds', broker=builds_broker, config_source={
2517 - "CELERY_TASK_PROTOCOL": 1
2518 - })
2519 -
2520 --builds_queue_metrics_collector = RedisQueueCollector(builds_broker, "buildsrht_builds", "Number of builds currently in queue")
2521 --builds_submitted = Counter("buildsrht_builds_submited", "Number of builds submitted")
2522 --
2523 - def queue_build(job, manifest):
2524 - from buildsrht.types import JobStatus
2525 - job.status = JobStatus.queued
2526 -@@ -34,7 +28,6 @@ def queue_build(job, manifest):
2527 - cfg("sr.ht", "owner-email"),
2528 - "Cryptocurrency mining attempt on builds.sr.ht")
2529 - else:
2530 -- builds_submitted.inc()
2531 - run_build.delay(job.id, manifest.to_dict())
2532 -
2533 - def requires_payment(user):
2534 ---
2535 -2.34.0
2536 -
2537 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch
2538 new file mode 100644
2539 index 00000000000..889331f3e07
2540 --- /dev/null
2541 +++ b/pkgs/applications/version-management/sourcehut/patches/redis-socket/core/0001-Fix-Unix-socket-support-in-RedisQueueCollector.patch
2542 @@ -0,0 +1,42 @@
2543 +From 76dd636151735671be74ba9d55f773e190e22827 Mon Sep 17 00:00:00 2001
2544 +From: Julien Moutinho <julm+srht@sourcephile.fr>
2545 +Date: Fri, 13 May 2022 22:40:46 +0200
2546 +Subject: [PATCH core.sr.ht] Fix Unix socket support in RedisQueueCollector
2547 +
2548 +The broker URL is not necessarily in the format expected by Redis.from_url
2549 +
2550 +Especially, Redis.from_url supports this format for Unix sockets:
2551 + unix:///run/redis-sourcehut-metasrht/redis.sock?db=0
2552 +See https://redis-py.readthedocs.io/en/stable/#redis.ConnectionPool.from_url
2553 +
2554 +Whereas Celery+Kombu support Redis but also other transports
2555 +and thus expect another scheme:
2556 + redis+socket:///run/redis-sourcehut-metasrht/redis.sock?virtual_host=1
2557 +See https://docs.celeryproject.org/en/stable/userguide/configuration.html#redis-backend-settings
2558 +and https://github.com/celery/celery/blob/e5d99801e4b56a02af4a2e183879c767228d2817/celery/backends/redis.py#L299-L352
2559 +and https://github.com/celery/kombu/blob/master/kombu/utils/url.py
2560 +---
2561 + srht/metrics.py | 3 ++-
2562 + 1 file changed, 2 insertions(+), 1 deletion(-)
2563 +
2564 +diff --git a/srht/metrics.py b/srht/metrics.py
2565 +index 68caf8e..2df5777 100644
2566 +--- a/srht/metrics.py
2567 ++++ b/srht/metrics.py
2568 +@@ -1,11 +1,12 @@
2569 + import time
2570 ++from celery import Celery
2571 + from prometheus_client.metrics_core import GaugeMetricFamily
2572 + from redis import Redis, ResponseError
2573 +
2574 +
2575 + class RedisQueueCollector:
2576 + def __init__(self, broker, name, documentation, queue_name="celery"):
2577 +- self.redis = Redis.from_url(broker)
2578 ++ self.redis = Celery("collector", broker=broker).connection_for_read().channel().client
2579 + self.queue_name = queue_name
2580 + self.name = name
2581 + self.documentation = documentation
2582 +--
2583 +2.35.1
2584 +
2585 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch
2586 deleted file mode 100644
2587 index 4c526dd23e1..00000000000
2588 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/git/0001-Revert-Add-webhook-queue-monitoring.patch
2589 +++ /dev/null
2590 @@ -1,50 +0,0 @@
2591 -From 5ccb5386304c26f25b0a9eb10ce9edb6da32f91a Mon Sep 17 00:00:00 2001
2592 -From: Julien Moutinho <julm+srht@sourcephile.fr>
2593 -Date: Sat, 12 Feb 2022 00:11:59 +0100
2594 -Subject: [PATCH git.sr.ht] Revert "Add webhook queue monitoring"
2595 -
2596 -This reverts commit 7ea630b776947ab82438d0ffa263b0f9d33ebff3.
2597 -
2598 -Which has broken Unix socket support for Redis.
2599 -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E
2600 ----
2601 - gitsrht/app.py | 3 ---
2602 - gitsrht/webhooks.py | 5 +----
2603 - 2 files changed, 1 insertion(+), 7 deletions(-)
2604 -
2605 -diff --git a/gitsrht/app.py b/gitsrht/app.py
2606 -index e9ccb56..4928851 100644
2607 ---- a/gitsrht/app.py
2608 -+++ b/gitsrht/app.py
2609 -@@ -48,9 +48,6 @@ class GitApp(ScmSrhtFlask):
2610 - self.add_template_filter(url_quote)
2611 - self.add_template_filter(commit_links)
2612 -
2613 -- from gitsrht.webhooks import webhook_metrics_collector
2614 -- self.metrics_registry.register(webhook_metrics_collector)
2615 --
2616 - @self.context_processor
2617 - def inject():
2618 - notice = session.get("notice")
2619 -diff --git a/gitsrht/webhooks.py b/gitsrht/webhooks.py
2620 -index 8a203fe..6240d50 100644
2621 ---- a/gitsrht/webhooks.py
2622 -+++ b/gitsrht/webhooks.py
2623 -@@ -7,13 +7,10 @@ if not hasattr(db, "session"):
2624 - db.init()
2625 - from srht.webhook import Event
2626 - from srht.webhook.celery import CeleryWebhook, make_worker
2627 --from srht.metrics import RedisQueueCollector
2628 - from scmsrht.webhooks import UserWebhook
2629 - import sqlalchemy as sa
2630 -
2631 --webhook_broker = cfg("git.sr.ht", "webhooks")
2632 --worker = make_worker(broker=webhook_broker)
2633 --webhook_metrics_collector = RedisQueueCollector(webhook_broker, "srht_webhooks", "Webhook queue length")
2634 -+worker = make_worker(broker=cfg("git.sr.ht", "webhooks"))
2635 -
2636 - class RepoWebhook(CeleryWebhook):
2637 - events = [
2638 ---
2639 -2.34.1
2640 -
2641 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch
2642 deleted file mode 100644
2643 index 872d285b9bb..00000000000
2644 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/lists/0001-Revert-Add-webhook-queue-monitoring.patch
2645 +++ /dev/null
2646 @@ -1,48 +0,0 @@
2647 -From 730e090f31b150d42be4b4722751f8e4610835b0 Mon Sep 17 00:00:00 2001
2648 -From: Julien Moutinho <julm+srht@sourcephile.fr>
2649 -Date: Sat, 12 Feb 2022 00:38:12 +0100
2650 -Subject: [PATCH lists.sr.ht] Revert "Add webhook queue monitoring"
2651 -
2652 -This reverts commit e74e344808e8d523a9786cefcbf64c9a247d7a0e.
2653 -
2654 -Which has broken Unix socket support for Redis.
2655 -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E
2656 ----
2657 - listssrht/app.py | 3 ---
2658 - listssrht/webhooks.py | 5 +----
2659 - 2 files changed, 1 insertion(+), 7 deletions(-)
2660 -
2661 -diff --git a/listssrht/app.py b/listssrht/app.py
2662 -index aec59f3..83a355d 100644
2663 ---- a/listssrht/app.py
2664 -+++ b/listssrht/app.py
2665 -@@ -29,9 +29,6 @@ class ListsApp(SrhtFlask):
2666 - self.register_blueprint(user)
2667 - self.register_blueprint(gql_blueprint)
2668 -
2669 -- from listssrht.webhooks import webhook_metrics_collector
2670 -- self.metrics_registry.register(webhook_metrics_collector)
2671 --
2672 - @self.context_processor
2673 - def inject():
2674 - from listssrht.types import ListAccess
2675 -diff --git a/listssrht/webhooks.py b/listssrht/webhooks.py
2676 -index ae5b1cb..86421ba 100644
2677 ---- a/listssrht/webhooks.py
2678 -+++ b/listssrht/webhooks.py
2679 -@@ -8,11 +8,8 @@ if not hasattr(db, "session"):
2680 - db.init()
2681 - from srht.webhook import Event
2682 - from srht.webhook.celery import CeleryWebhook, make_worker
2683 --from srht.metrics import RedisQueueCollector
2684 -
2685 --webhook_broker = cfg("lists.sr.ht", "webhooks")
2686 --worker = make_worker(broker=webhook_broker)
2687 --webhook_metrics_collector = RedisQueueCollector(webhook_broker, "srht_webhooks", "Webhook queue length")
2688 -+worker = make_worker(broker=cfg("lists.sr.ht", "webhooks"))
2689 -
2690 - class ListWebhook(CeleryWebhook):
2691 - events = [
2692 ---
2693 -2.34.1
2694 -
2695 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch
2696 deleted file mode 100644
2697 index 9ec37670b06..00000000000
2698 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/meta/0001-Revert-Add-webhook-queue-monitoring.patch
2699 +++ /dev/null
2700 @@ -1,48 +0,0 @@
2701 -From d88bee195797c6c294320617ff14798da94cd0f3 Mon Sep 17 00:00:00 2001
2702 -From: Julien Moutinho <julm+srht@sourcephile.fr>
2703 -Date: Thu, 16 Dec 2021 04:52:08 +0100
2704 -Subject: [PATCH meta.sr.ht] Revert "Add webhook queue monitoring"
2705 -
2706 -This reverts commit 9931df3c23094af5179df9ef019ca732b8125dac.
2707 -
2708 -This has broken Unix socket support for Redis.
2709 -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E
2710 ----
2711 - metasrht/app.py | 3 ---
2712 - metasrht/webhooks.py | 5 +----
2713 - 2 files changed, 1 insertion(+), 7 deletions(-)
2714 -
2715 -diff --git a/metasrht/app.py b/metasrht/app.py
2716 -index b190875..89c59bc 100644
2717 ---- a/metasrht/app.py
2718 -+++ b/metasrht/app.py
2719 -@@ -49,9 +49,6 @@ class MetaApp(SrhtFlask):
2720 - from metasrht.blueprints.billing import billing
2721 - self.register_blueprint(billing)
2722 -
2723 -- from metasrht.webhooks import webhook_metrics_collector
2724 -- self.metrics_registry.register(webhook_metrics_collector)
2725 --
2726 - @self.context_processor
2727 - def inject():
2728 - return {
2729 -diff --git a/metasrht/webhooks.py b/metasrht/webhooks.py
2730 -index 3e1149e..3f0ba01 100644
2731 ---- a/metasrht/webhooks.py
2732 -+++ b/metasrht/webhooks.py
2733 -@@ -7,11 +7,8 @@ if not hasattr(db, "session"):
2734 - db.init()
2735 - from srht.webhook import Event
2736 - from srht.webhook.celery import CeleryWebhook, make_worker
2737 --from srht.metrics import RedisQueueCollector
2738 -
2739 --webhook_broker = cfg("meta.sr.ht", "webhooks", "redis://")
2740 --worker = make_worker(broker=webhook_broker)
2741 --webhook_metrics_collector = RedisQueueCollector(webhook_broker, "srht_webhooks", "Webhook queue length")
2742 -+worker = make_worker(broker=cfg("meta.sr.ht", "webhooks", "redis://"))
2743 -
2744 - class UserWebhook(CeleryWebhook):
2745 - events = [
2746 ---
2747 -2.34.0
2748 -
2749 diff --git a/pkgs/applications/version-management/sourcehut/patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch b/pkgs/applications/version-management/sourcehut/patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch
2750 deleted file mode 100644
2751 index 861608c1184..00000000000
2752 --- a/pkgs/applications/version-management/sourcehut/patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch
2753 +++ /dev/null
2754 @@ -1,50 +0,0 @@
2755 -From 42a27ea60d8454552d54e1f51f1b976d1067fc32 Mon Sep 17 00:00:00 2001
2756 -From: Julien Moutinho <julm+srht@sourcephile.fr>
2757 -Date: Sat, 12 Feb 2022 00:30:29 +0100
2758 -Subject: [PATCH todo.sr.ht] Revert "Add webhook queue monitoring"
2759 -
2760 -This reverts commit 320a5e8f7cd16ca43928c36f0320593f84d986fa.
2761 -
2762 -Which has broken Unix socket support for Redis.
2763 -See https://lists.sr.ht/~sircmpwn/sr.ht-dev/%3C20211208082636.65665-1-me%40ignaskiela.eu%3E#%3C20211216033723.wefibfulfjhqnhem@sourcephile.fr%3E
2764 ----
2765 - todosrht/flask.py | 3 ---
2766 - todosrht/webhooks.py | 6 +-----
2767 - 2 files changed, 1 insertion(+), 8 deletions(-)
2768 -
2769 -diff --git a/todosrht/flask.py b/todosrht/flask.py
2770 -index 5e8ac66..9d0fd27 100644
2771 ---- a/todosrht/flask.py
2772 -+++ b/todosrht/flask.py
2773 -@@ -43,9 +43,6 @@ class TodoApp(SrhtFlask):
2774 - self.add_template_filter(urls.tracker_url)
2775 - self.add_template_filter(urls.user_url)
2776 -
2777 -- from todosrht.webhooks import webhook_metrics_collector
2778 -- self.metrics_registry.register(webhook_metrics_collector)
2779 --
2780 - @self.context_processor
2781 - def inject():
2782 - return {
2783 -diff --git a/todosrht/webhooks.py b/todosrht/webhooks.py
2784 -index eb8e08a..950047f 100644
2785 ---- a/todosrht/webhooks.py
2786 -+++ b/todosrht/webhooks.py
2787 -@@ -7,13 +7,9 @@ if not hasattr(db, "session"):
2788 - db.init()
2789 - from srht.webhook import Event
2790 - from srht.webhook.celery import CeleryWebhook, make_worker
2791 --from srht.metrics import RedisQueueCollector
2792 - import sqlalchemy as sa
2793 -
2794 --
2795 --webhooks_broker = cfg("todo.sr.ht", "webhooks")
2796 --worker = make_worker(broker=webhooks_broker)
2797 --webhook_metrics_collector = RedisQueueCollector(webhooks_broker, "srht_webhooks", "Webhook queue length")
2798 -+worker = make_worker(broker=cfg("todo.sr.ht", "webhooks"))
2799 -
2800 - import todosrht.tracker_import
2801 -
2802 ---
2803 -2.34.1
2804 -
2805 diff --git a/pkgs/applications/version-management/sourcehut/scm.nix b/pkgs/applications/version-management/sourcehut/scm.nix
2806 index 10da3018843..49eea05a7a7 100644
2807 --- a/pkgs/applications/version-management/sourcehut/scm.nix
2808 +++ b/pkgs/applications/version-management/sourcehut/scm.nix
2809 @@ -9,13 +9,13 @@
2810
2811 buildPythonPackage rec {
2812 pname = "scmsrht";
2813 - version = "0.22.19"; # Untagged version
2814 + version = "0.22.22";
2815
2816 src = fetchFromSourcehut {
2817 owner = "~sircmpwn";
2818 repo = "scm.sr.ht";
2819 rev = version;
2820 - sha256 = "sha256-/QryPjWJ2S0Ov9DTdrwbM81HYucHiYcLh0oKacflywI=";
2821 + sha256 = "sha256-iSzzyI8HZOpOb4dyt520MV/wds14fNag2+UOF09KS7w=";
2822 };
2823
2824 nativeBuildInputs = srht.nativeBuildInputs;
2825 diff --git a/pkgs/applications/version-management/sourcehut/todo.nix b/pkgs/applications/version-management/sourcehut/todo.nix
2826 index 1446e68fa69..67367b71ff9 100644
2827 --- a/pkgs/applications/version-management/sourcehut/todo.nix
2828 +++ b/pkgs/applications/version-management/sourcehut/todo.nix
2829 @@ -1,5 +1,6 @@
2830 { lib
2831 , fetchFromSourcehut
2832 +, buildGoModule
2833 , buildPythonPackage
2834 , srht
2835 , redis
2836 @@ -8,23 +9,31 @@
2837 , pytest
2838 , factory_boy
2839 , python
2840 +, unzip
2841 }:
2842
2843 buildPythonPackage rec {
2844 pname = "todosrht";
2845 - version = "0.67.2";
2846 + version = "0.71.2";
2847
2848 src = fetchFromSourcehut {
2849 owner = "~sircmpwn";
2850 repo = "todo.sr.ht";
2851 rev = version;
2852 - sha256 = "sha256-/QHsMlhzyah85ubZyx8j4GDUoITuWcLDJKosbZGeOZU=";
2853 + sha256 = "sha256-m7FY+jXpwPnK1+b1iQiDGe8JPfAFQp65BzGH6WvNwhM=";
2854 };
2855
2856 - patches = [
2857 - # Revert change breaking Unix socket support for Redis
2858 - patches/redis-socket/todo/0001-Revert-Add-webhook-queue-monitoring.patch
2859 - ];
2860 + postPatch = ''
2861 + substituteInPlace Makefile \
2862 + --replace "all: api" ""
2863 + '';
2864 +
2865 + todosrht-api = buildGoModule ({
2866 + inherit src version;
2867 + pname = "todosrht-api";
2868 + modRoot = "api";
2869 + vendorSha256 = "sha256-ttGT7lUh8O+9KvbaEGWUsthefXQ2ATeli0tnlXCjZFk=";
2870 + } // import ./fix-gqlgen-trimpath.nix {inherit unzip;});
2871
2872 nativeBuildInputs = srht.nativeBuildInputs;
2873
2874 @@ -40,6 +49,10 @@ buildPythonPackage rec {
2875 export SRHT_PATH=${srht}/${python.sitePackages}/srht
2876 '';
2877
2878 + postInstall = ''
2879 + ln -s ${todosrht-api}/bin/api $out/bin/todosrht-api
2880 + '';
2881 +
2882 # pytest tests fail
2883 checkInputs = [
2884 pytest