add nix flake
This commit is contained in:
parent
14d219eef7
commit
415ffc9bc4
173
default.nix
173
default.nix
|
@ -1,164 +1,11 @@
|
|||
{
|
||||
pkgs,
|
||||
python ? pkgs.python310,
|
||||
nodejs ? pkgs.nodejs,
|
||||
...}:
|
||||
let
|
||||
nixNodePackage = builtins.fetchGit {
|
||||
url = "https://github.com/mkg20001/nix-node-package.git";
|
||||
rev = "03285e212016db5f28530563b58cfcc5706ff73f";
|
||||
};
|
||||
makeNode = import "${nixNodePackage}/nix/default.nix" pkgs {
|
||||
root = ./.;
|
||||
install = false;
|
||||
nodejs = nodejs;
|
||||
};
|
||||
node-env = makeNode { };
|
||||
|
||||
urlobject = with python.pkgs; buildPythonPackage rec {
|
||||
pname = "URLObject";
|
||||
version = "2.4.3";
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "47b2e20e6ab9c8366b2f4a3566b6ff4053025dad311c4bb71279bbcfa2430caa";
|
||||
};
|
||||
doCheck = true;
|
||||
propagatedBuildInputs = [
|
||||
];
|
||||
};
|
||||
|
||||
python_attrs = with python.pkgs; buildPythonPackage rec {
|
||||
pname = "attrs";
|
||||
version = "21.4.0";
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "626ba8234211db98e869df76230a137c4c40a12d72445c45d5f5b716f076e2fd";
|
||||
};
|
||||
#doCheck = true;
|
||||
doCheck = false;
|
||||
propagatedBuildInputs = [
|
||||
];
|
||||
};
|
||||
|
||||
flask-dance = with python.pkgs; buildPythonPackage rec {
|
||||
pname = "Flask-Dance";
|
||||
version = "6.0.0";
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "15bb3c412eb789a2d904bfd0fd44aac2d94f82703a51d14123fd336136d55db0";
|
||||
};
|
||||
doCheck = false;
|
||||
propagatedBuildInputs = [
|
||||
requests
|
||||
oauthlib
|
||||
requests_oauthlib
|
||||
flask
|
||||
urlobject
|
||||
];
|
||||
checkInputs = [
|
||||
pytest
|
||||
nose
|
||||
pytest-mock
|
||||
responses
|
||||
freezegun
|
||||
coverage
|
||||
# testing sqlalchemy support
|
||||
sqlalchemy
|
||||
flask_sqlalchemy
|
||||
# testing integration with other extensions
|
||||
flask_login
|
||||
flask-caching
|
||||
betamax
|
||||
# we need the `signedtoken` extra for `oauthlib`
|
||||
# oauthlib[signedtoken]
|
||||
];
|
||||
|
||||
};
|
||||
ldap3-orm = with python.pkgs; buildPythonPackage rec {
|
||||
pname = "ldap3-orm";
|
||||
version = "2.7.0";
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "8783886d4ce90d66da61ce24619593a265b50f0de1fbebe86df95c6788661664";
|
||||
};
|
||||
doCheck = false;
|
||||
propagatedBuildInputs = [
|
||||
ldap3
|
||||
six
|
||||
];
|
||||
|
||||
};
|
||||
u2flib-server = {};
|
||||
ory-hydra-client-old = with python.pkgs; buildPythonPackage rec {
|
||||
pname = "ory-hydra-client";
|
||||
version = "1.10.6";
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "57f877e55a8f202db27f5cbae9c55a1b1a91848ef46d0cbd3b710ef77882095c";
|
||||
};
|
||||
doCheck = false;
|
||||
propagatedBuildInputs = [
|
||||
urllib3
|
||||
python-dateutil
|
||||
];
|
||||
};
|
||||
ory-hydra-client = with python.pkgs; buildPythonPackage rec {
|
||||
pname = "ory-hydra-client";
|
||||
version = "1.9.2";
|
||||
src = ./libs/ory-hydra-client;
|
||||
# doCheck = false;
|
||||
propagatedBuildInputs = [
|
||||
urllib3
|
||||
python-dateutil
|
||||
#python_attrs
|
||||
attrs
|
||||
httpx
|
||||
];
|
||||
};
|
||||
in
|
||||
{
|
||||
nativeBuildInputs = with python.pkgs; [
|
||||
flask
|
||||
flask-restful
|
||||
flask_sqlalchemy
|
||||
flask_wtf
|
||||
flask-babel
|
||||
flask_login
|
||||
requests
|
||||
requests_oauthlib
|
||||
ldap3
|
||||
ldap3-orm
|
||||
pyotp
|
||||
cryptography
|
||||
blinker
|
||||
ory-hydra-client
|
||||
authlib # as oauth client lib
|
||||
fido2 # for webauthn
|
||||
flask_migrate # db migrations
|
||||
|
||||
nodejs
|
||||
#node-env
|
||||
gunicorn
|
||||
|
||||
flask-dance
|
||||
|
||||
#python-u2flib-server
|
||||
|
||||
|
||||
#flask-debug
|
||||
|
||||
];
|
||||
|
||||
testBuildInputs = with python.pkgs; [
|
||||
pytest
|
||||
pytest-mypy
|
||||
flask_testing
|
||||
tox
|
||||
|
||||
types-dateutil
|
||||
|
||||
nose
|
||||
mypy
|
||||
|
||||
];
|
||||
}
|
||||
(import
|
||||
(
|
||||
let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
|
||||
fetchTarball {
|
||||
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
|
||||
sha256 = lock.nodes.flake-compat.locked.narHash;
|
||||
}
|
||||
)
|
||||
{ src = ./.; }
|
||||
).defaultNix
|
60
flake.lock
Normal file
60
flake.lock
Normal file
|
@ -0,0 +1,60 @@
|
|||
{
|
||||
"nodes": {
|
||||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1673956053,
|
||||
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-node-package": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1645439390,
|
||||
"narHash": "sha256-mYkNbWBzQkv7O0mVZ4llqo9ZNeeo/IWPJk5WMa34SgQ=",
|
||||
"owner": "mkg20001",
|
||||
"repo": "nix-node-package",
|
||||
"rev": "03285e212016db5f28530563b58cfcc5706ff73f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "mkg20001",
|
||||
"repo": "nix-node-package",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1679037998,
|
||||
"narHash": "sha256-WnlfwX3IbZ/+hgxNZokGBVDwN7EciJA3ivrKQqoRr00=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "1a19ae5b677797c0f2ba4f28304dd054964ed3b9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat",
|
||||
"nix-node-package": "nix-node-package",
|
||||
"nixpkgs": "nixpkgs"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
160
flake.nix
Normal file
160
flake.nix
Normal file
|
@ -0,0 +1,160 @@
|
|||
{
|
||||
description = "Lenticular cloud interface";
|
||||
inputs = {
|
||||
nixpkgs.url = "github:NixOS/nixpkgs";
|
||||
flake-compat = {
|
||||
url = "github:edolstra/flake-compat";
|
||||
flake = false;
|
||||
};
|
||||
nix-node-package = {
|
||||
url = "github:mkg20001/nix-node-package";
|
||||
flake = false;
|
||||
};
|
||||
};
|
||||
outputs = inputs@{ self, nixpkgs, nix-node-package, ... }:
|
||||
let
|
||||
makeNode = nix-node-package.lib.nix-node-package.makeNode;
|
||||
node-env = makeNode { };
|
||||
pkgs = nixpkgs.legacyPackages.x86_64-linux;
|
||||
python_default = pkgs.python310;
|
||||
nodejs = pkgs.nodejs;
|
||||
lenticular_cloud = {python}: with python.pkgs; let
|
||||
|
||||
urlobject = buildPythonPackage rec {
|
||||
pname = "URLObject";
|
||||
version = "2.4.3";
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "47b2e20e6ab9c8366b2f4a3566b6ff4053025dad311c4bb71279bbcfa2430caa";
|
||||
};
|
||||
doCheck = true;
|
||||
propagatedBuildInputs = [
|
||||
];
|
||||
};
|
||||
flask-dance = with python.pkgs; buildPythonPackage rec {
|
||||
pname = "Flask-Dance";
|
||||
version = "6.0.0";
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "15bb3c412eb789a2d904bfd0fd44aac2d94f82703a51d14123fd336136d55db0";
|
||||
};
|
||||
doCheck = false;
|
||||
propagatedBuildInputs = [
|
||||
requests
|
||||
oauthlib
|
||||
requests_oauthlib
|
||||
flask
|
||||
urlobject
|
||||
];
|
||||
checkInputs = [
|
||||
pytest
|
||||
nose
|
||||
pytest-mock
|
||||
responses
|
||||
freezegun
|
||||
coverage
|
||||
# testing sqlalchemy support
|
||||
sqlalchemy
|
||||
flask_sqlalchemy
|
||||
# testing integration with other extensions
|
||||
flask_login
|
||||
flask-caching
|
||||
betamax
|
||||
# we need the `signedtoken` extra for `oauthlib`
|
||||
# oauthlib[signedtoken]
|
||||
];
|
||||
|
||||
};
|
||||
ory-hydra-client = buildPythonPackage rec {
|
||||
pname = "ory-hydra-client";
|
||||
version = "2.0.3";
|
||||
src = ./libs/ory-hydra-client;
|
||||
# doCheck = false;
|
||||
propagatedBuildInputs = [
|
||||
urllib3
|
||||
python-dateutil
|
||||
attrs
|
||||
httpx
|
||||
];
|
||||
};
|
||||
in
|
||||
buildPythonApplication rec { # TODO change to buildPythonApplication
|
||||
pname = "lenticular_cloud";
|
||||
version = "0.2";
|
||||
src = ./.;
|
||||
propagatedBuildInputs = [
|
||||
flask
|
||||
flask-restful
|
||||
flask_sqlalchemy
|
||||
flask_wtf
|
||||
flask-babel
|
||||
flask_login
|
||||
requests
|
||||
requests_oauthlib
|
||||
ldap3
|
||||
#ldap3-orm
|
||||
pyotp
|
||||
cryptography
|
||||
blinker
|
||||
ory-hydra-client
|
||||
authlib # as oauth client lib
|
||||
fido2 # for webauthn
|
||||
flask_migrate # db migrations
|
||||
|
||||
nodejs
|
||||
#node-env
|
||||
gunicorn
|
||||
|
||||
flask-dance
|
||||
];
|
||||
testBuildInputs = with python.pkgs; [
|
||||
pytest
|
||||
pytest-mypy
|
||||
flask_testing
|
||||
tox
|
||||
|
||||
types-dateutil
|
||||
|
||||
nose
|
||||
mypy
|
||||
|
||||
];
|
||||
passthru = {
|
||||
inherit python;
|
||||
pythonPath = python.pkgs.makePythonPath propagatedBuildInputs;
|
||||
};
|
||||
|
||||
|
||||
doCheck = false;
|
||||
checkInputs = [
|
||||
pytest
|
||||
] ++ lenticular_settings.testBuildInputs;
|
||||
};
|
||||
in {
|
||||
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
|
||||
#packages.x86_64-linux.default = import ./shell.nix { inherit pkgs; };
|
||||
# TODO
|
||||
|
||||
packages.x86_64-linux.default = lenticular_cloud {python=python_default;};
|
||||
nixosModules = {
|
||||
default = (import "${self}/module.nix" { inherit lenticular_cloud; });
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
|
||||
#ldap3-orm = with python.pkgs; buildPythonPackage rec {
|
||||
# pname = "ldap3-orm";
|
||||
# version = "2.7.0";
|
||||
# src = fetchPypi {
|
||||
# inherit pname version;
|
||||
# sha256 = "8783886d4ce90d66da61ce24619593a265b50f0de1fbebe86df95c6788661664";
|
||||
# };
|
||||
# doCheck = false;
|
||||
# propagatedBuildInputs = [
|
||||
# ldap3
|
||||
# six
|
||||
# ];#
|
||||
#};
|
||||
|
68
module.nix
Normal file
68
module.nix
Normal file
|
@ -0,0 +1,68 @@
|
|||
{ lenticular_cloud }: { config, pkgs, lib, modulesPath, ... }:
|
||||
let
|
||||
python = pkgs.python310;
|
||||
gevent = python.pkgs.gevent;
|
||||
gunicorn = python.pkgs.gunicorn;
|
||||
psycopg2 = python.pkgs.psycopg2;
|
||||
lenticular-pkg = lenticular_cloud { inherit python;};
|
||||
in
|
||||
{
|
||||
options = with lib.options; {
|
||||
services.lenticular-cloud ={
|
||||
enable = mkEnableOption "lenticluar service enable";
|
||||
};
|
||||
};
|
||||
imports = [
|
||||
];
|
||||
config = {
|
||||
environment.systemPackages = [ lenticular-pkg ];
|
||||
|
||||
users = {
|
||||
groups.lenticular = {
|
||||
};
|
||||
users.lenticular = {
|
||||
createHome = true;
|
||||
home = "/var/lib/lenticular";
|
||||
description = "web server";
|
||||
extraGroups = [
|
||||
];
|
||||
group = "lenticular";
|
||||
isSystemUser = true;
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.lenticular-cloud = {
|
||||
description = "lenticular account";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
environment = let
|
||||
python_path = python.pkgs.makePythonPath [ lenticular-pkg gevent psycopg2];
|
||||
in {
|
||||
CONFIG_FILE = "/etc/lenticular_cloud/production.conf";
|
||||
PYTHONPATH = "${lenticular-pkg.pythonPath}:${lenticular-pkg}/lib/python3.10/site-packages:${python_path}";
|
||||
};
|
||||
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
WorkingDirectory = /var/lib/lenticular;
|
||||
#User="lenticular"; #done by gunicorn
|
||||
ExecStartPre = pkgs.writeScript "lenticular-cloud-server-init" ''
|
||||
#!/bin/sh
|
||||
#cat > /var/lib/lenticular/foobar.conf <<EOF
|
||||
#SECRET_KEY=""
|
||||
#EOF
|
||||
${lenticular-pkg}/bin/lenticular_cloud-cli db_upgrade
|
||||
'';
|
||||
ExecStart = ''${gunicorn}/bin/gunicorn lenticular_cloud.wsgi --name lenticular_cloud \
|
||||
-u lenticular \
|
||||
-g lenticular \
|
||||
--workers 3 --log-level=info \
|
||||
--bind=unix:/run/lenticular.sock \
|
||||
-k gevent'';
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
}
|
1
mypy.ini
1
mypy.ini
|
@ -6,3 +6,4 @@ warn_unused_configs = True
|
|||
ignore_missing_imports = True
|
||||
follow_imports_for_stubs= True
|
||||
files=lenticular_cloud/**/*.py
|
||||
#plugins = sqlalchemy.ext.mypy.plugin
|
22
shell.nix
22
shell.nix
|
@ -1,12 +1,10 @@
|
|||
{
|
||||
pkgs ? import <nixpkgs> {},
|
||||
python ? pkgs.python310
|
||||
}:
|
||||
let
|
||||
settings = import ./default.nix {inherit pkgs python;};
|
||||
in
|
||||
pkgs.mkShell {
|
||||
# nativeBuildInputs is usually what you want -- tools you need to run
|
||||
nativeBuildInputs = settings.nativeBuildInputs ++ settings.testBuildInputs ++ [ pkgs.nodePackages.npm pkgs.nodejs python.pkgs.build ];
|
||||
}
|
||||
|
||||
(import
|
||||
(
|
||||
let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
|
||||
fetchTarball {
|
||||
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
|
||||
sha256 = lock.nodes.flake-compat.locked.narHash;
|
||||
}
|
||||
)
|
||||
{ src = ./.; }
|
||||
).defaultNix
|
Loading…
Reference in a new issue