From b8bcfd96b09b9e64685691e45091ea040bcfd003 Mon Sep 17 00:00:00 2001 From: Sam <30577766+Samasaur1@users.noreply.github.com> Date: Wed, 26 Jul 2023 10:07:30 -0700 Subject: [PATCH 1/7] Add nix flake --- .gitignore | 3 ++- default.nix | 43 +++++++++++++++++++++++++++++++++++++++++++ flake.lock | 25 +++++++++++++++++++++++++ flake.nix | 12 ++++++++++++ 4 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 default.nix create mode 100644 flake.lock create mode 100644 flake.nix diff --git a/.gitignore b/.gitignore index ad508b3..a124a00 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /target /files -/previews \ No newline at end of file +/previews +result diff --git a/default.nix b/default.nix new file mode 100644 index 0000000..7a66b7c --- /dev/null +++ b/default.nix @@ -0,0 +1,43 @@ +{ lib +, rustPlatform +, pkg-config +, libgit2 +, openssl +, zlib +, stdenv +, darwin +}: + +rustPlatform.buildRustPackage rec { + pname = "remote-text-server"; + version = (builtins.fromTOML (builtins.readFile ./Cargo.toml)).package.version; + + src = ./.; + + cargoHash = "sha256-g6QiGH9eqC/mrGzeZOJ5wqm5V5D2xsDm4OOyzmE4sqM="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + libgit2 + openssl + zlib + ] ++ lib.optionals stdenv.isDarwin [ + darwin.apple_sdk.frameworks.IOKit + darwin.apple_sdk.frameworks.Security + ]; + + env = { + OPENSSL_NO_VENDOR = true; + VERGEN_IDEMPOTENT = true; + }; + + meta = with lib; { + description = "The server-side software for Remote Text"; + homepage = "https://github.com/Remote-Text/remote-text-server"; + license = with licenses; [ ]; + maintainers = with maintainers; [ ]; + }; +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..076597c --- /dev/null +++ b/flake.lock @@ -0,0 +1,25 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1690327932, + "narHash": "sha256-Fv7PYZxN4eo0K6zXhHG/vOc+e2iuqQ5ywDrh0yeRjP0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a9b47d85504bdd199e90846622c76aa0bfeabfac", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..91899c5 --- /dev/null +++ b/flake.nix @@ -0,0 +1,12 @@ +{ + description = "The server-side software for Remote Text"; + + outputs = { nixpkgs, ... }: + let + forAllSystems = gen: + nixpkgs.lib.genAttrs nixpkgs.lib.systems.flakeExposed + (system: gen nixpkgs.legacyPackages.${system}); + in { + packages = forAllSystems (pkgs: { default = pkgs.callPackage ./. { }; }); + }; +} From 759ed43f83e687cc18f2d2fbc876f22dacc8a8ce Mon Sep 17 00:00:00 2001 From: Sam <30577766+Samasaur1@users.noreply.github.com> Date: Sun, 7 Jan 2024 10:19:10 +0100 Subject: [PATCH 2/7] Add Docker image --- flake.nix | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 91899c5..d579319 100644 --- a/flake.nix +++ b/flake.nix @@ -7,6 +7,15 @@ nixpkgs.lib.genAttrs nixpkgs.lib.systems.flakeExposed (system: gen nixpkgs.legacyPackages.${system}); in { - packages = forAllSystems (pkgs: { default = pkgs.callPackage ./. { }; }); + packages = forAllSystems (pkgs: rec { + remote-text-server = pkgs.callPackage ./. { }; + default = remote-text-server; + dockerImage = pkgs.dockerTools.buildImage { + name = "remote-text-server"; + config = { + Cmd = [ "${remote-text-server}/bin/remote-text-server" ]; + }; + }; + }); }; } From bff88cf8ad3d907cc7c47d191fa19bc25a6429f6 Mon Sep 17 00:00:00 2001 From: Sam <30577766+Samasaur1@users.noreply.github.com> Date: Sun, 7 Jan 2024 10:37:37 +0100 Subject: [PATCH 3/7] Add creation date to Docker image --- flake.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index d579319..8843378 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { description = "The server-side software for Remote Text"; - outputs = { nixpkgs, ... }: + outputs = { self, nixpkgs, ... }: let forAllSystems = gen: nixpkgs.lib.genAttrs nixpkgs.lib.systems.flakeExposed @@ -12,6 +12,8 @@ default = remote-text-server; dockerImage = pkgs.dockerTools.buildImage { name = "remote-text-server"; + # Based on the last commit date, see: https://nixos.wiki/wiki/Docker#Reproducible_image_dates + created = builtins.substring 0 8 self.lastModifiedDate; config = { Cmd = [ "${remote-text-server}/bin/remote-text-server" ]; }; From 3201fdf8b03982b981463f676a7ed67140e3c0a8 Mon Sep 17 00:00:00 2001 From: Sam <30577766+Samasaur1@users.noreply.github.com> Date: Sun, 7 Jan 2024 16:01:26 +0100 Subject: [PATCH 4/7] Fix creation date --- flake.lock | 16 ++++++++++++++++ flake.nix | 10 +++++++--- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 076597c..01ee1b0 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,20 @@ { "nodes": { + "flockenzeit": { + "locked": { + "lastModified": 1671185345, + "narHash": "sha256-+5IWi+iJAYcRxvLN15hKO2hVwNokfN3U+lvWf/zFtCg=", + "owner": "balsoft", + "repo": "Flockenzeit", + "rev": "90abba65671690d95b5d28ce6dd8de7959aa1339", + "type": "github" + }, + "original": { + "owner": "balsoft", + "repo": "Flockenzeit", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1690327932, @@ -16,6 +31,7 @@ }, "root": { "inputs": { + "flockenzeit": "flockenzeit", "nixpkgs": "nixpkgs" } } diff --git a/flake.nix b/flake.nix index 8843378..f47a57c 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,12 @@ { description = "The server-side software for Remote Text"; - outputs = { self, nixpkgs, ... }: + inputs.flockenzeit = { + url = "github:balsoft/Flockenzeit"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = { self, flockenzeit, nixpkgs, ... }: let forAllSystems = gen: nixpkgs.lib.genAttrs nixpkgs.lib.systems.flakeExposed @@ -12,8 +17,7 @@ default = remote-text-server; dockerImage = pkgs.dockerTools.buildImage { name = "remote-text-server"; - # Based on the last commit date, see: https://nixos.wiki/wiki/Docker#Reproducible_image_dates - created = builtins.substring 0 8 self.lastModifiedDate; + created = flockenzeit.lib.ISO-8601 self.lastModified; config = { Cmd = [ "${remote-text-server}/bin/remote-text-server" ]; }; From b47644da9297d27738cdd766c101179198a7d32c Mon Sep 17 00:00:00 2001 From: Sam <30577766+Samasaur1@users.noreply.github.com> Date: Sun, 7 Jan 2024 21:47:17 +0100 Subject: [PATCH 5/7] Fix flake input warning --- flake.lock | 6 +++--- flake.nix | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 01ee1b0..3099104 100644 --- a/flake.lock +++ b/flake.lock @@ -17,11 +17,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1690327932, - "narHash": "sha256-Fv7PYZxN4eo0K6zXhHG/vOc+e2iuqQ5ywDrh0yeRjP0=", + "lastModified": 1704161960, + "narHash": "sha256-QGua89Pmq+FBAro8NriTuoO/wNaUtugt29/qqA8zeeM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a9b47d85504bdd199e90846622c76aa0bfeabfac", + "rev": "63143ac2c9186be6d9da6035fa22620018c85932", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f47a57c..a952d43 100644 --- a/flake.nix +++ b/flake.nix @@ -1,9 +1,9 @@ { description = "The server-side software for Remote Text"; - inputs.flockenzeit = { - url = "github:balsoft/Flockenzeit"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs = { + # nixpkgs.url = "github:NixOS/nixpkgs"; + flockenzeit.url = "github:balsoft/Flockenzeit"; }; outputs = { self, flockenzeit, nixpkgs, ... }: From 29421a0ed88e52c0ef5a48c3e0ff5810f0fbad01 Mon Sep 17 00:00:00 2001 From: Sam <30577766+Samasaur1@users.noreply.github.com> Date: Sun, 21 Jan 2024 16:25:18 -0800 Subject: [PATCH 6/7] initial nixos module attempt --- default.nix | 12 +++++++++++ flake.nix | 6 +++++- module.nix | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 74 insertions(+), 1 deletion(-) create mode 100644 module.nix diff --git a/default.nix b/default.nix index 7a66b7c..38d1847 100644 --- a/default.nix +++ b/default.nix @@ -6,6 +6,9 @@ , zlib , stdenv , darwin +, pandoc +, texlive +, makeWrapper }: rustPlatform.buildRustPackage rec { @@ -24,11 +27,20 @@ rustPlatform.buildRustPackage rec { libgit2 openssl zlib + makeWrapper ] ++ lib.optionals stdenv.isDarwin [ darwin.apple_sdk.frameworks.IOKit darwin.apple_sdk.frameworks.Security ]; + postFixup = '' + wrapProgram $out/bin/remote-text-server \ + --set PATH ${lib.makeBinPath [ + pandoc + texlive + ]} + ''; + env = { OPENSSL_NO_VENDOR = true; VERGEN_IDEMPOTENT = true; diff --git a/flake.nix b/flake.nix index a952d43..d7bc049 100644 --- a/flake.nix +++ b/flake.nix @@ -13,7 +13,7 @@ (system: gen nixpkgs.legacyPackages.${system}); in { packages = forAllSystems (pkgs: rec { - remote-text-server = pkgs.callPackage ./. { }; + remote-text-server = pkgs.callPackage ./. { texlive = pkgs.texliveFull; }; default = remote-text-server; dockerImage = pkgs.dockerTools.buildImage { name = "remote-text-server"; @@ -23,5 +23,9 @@ }; }; }); + nixosModules = rec { + remote-text-server = import ./module.nix; + default = remote-text-server; + }; }; } diff --git a/module.nix b/module.nix new file mode 100644 index 0000000..0e6f0cc --- /dev/null +++ b/module.nix @@ -0,0 +1,57 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.services.remote-text-server; +in +{ + options.services.remote-text-server = { + enable = mkEnableOption "remote-text-server"; + package = mkOption { + default = pkgs.callPackage ./. { texlive = pkgs.texliveFull; }; + defaultText = "remote-text-server"; + description = "The remote-text-server package to use"; + type = types.package; + }; + port = mkOption { + type = types.port; + default = 7870; + example = 46264; + description = "The port to listen on. Currently ignored and always uses 3030"; + }; + }; + + config = mkIf cfg.enable { + systemd.services.remote-text-server = { + description = "RemoteText Server"; + + script = '' + cd $STATE_DIRECTORY + ${cfg.package}/bin/remote-text-server --port ${toString cfg.port} + ''; + + serviceConfig = { + DynamicUser = true; + # EnvironmentFile = "/etc/jekyll-comments-env"; + StateDirectory = "remote-text-server"; + + PrivateDevices = true; + PrivateMounts = true; + PrivateUsers = true; + ProtectControlGroups = true; + ProtectHome = true; + ProtectHostname = true; + ProtectKernelLogs = true; + ProtectKernelModules = true; + ProtectKernelTunables = true; + }; + + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; + }; + # unnecessary bc tailscale is open. also should be set by the end user + # networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ cfg.port ]; + }; +} From 4aa1609eaa58ea8efa721a2b073488da577fe616 Mon Sep 17 00:00:00 2001 From: Sam <30577766+Samasaur1@users.noreply.github.com> Date: Wed, 24 Jan 2024 16:41:57 -0800 Subject: [PATCH 7/7] Add example of overriding Tex distribution --- module.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/module.nix b/module.nix index 0e6f0cc..a4b1e0a 100644 --- a/module.nix +++ b/module.nix @@ -11,6 +11,7 @@ in package = mkOption { default = pkgs.callPackage ./. { texlive = pkgs.texliveFull; }; defaultText = "remote-text-server"; + example = "inputs.remote-text-server.packages.${pkgs.system}.default.override { texlive = pkgs.texliveMinimal; }"; description = "The remote-text-server package to use"; type = types.package; };