add nix flake

This commit is contained in:
TuxCoder 2023-03-18 12:00:49 +01:00
parent 14d219eef7
commit 415ffc9bc4
6 changed files with 309 additions and 175 deletions

View file

@ -1,164 +1,11 @@
{
pkgs,
python ? pkgs.python310,
nodejs ? pkgs.nodejs,
...}:
let
nixNodePackage = builtins.fetchGit {
url = "https://github.com/mkg20001/nix-node-package.git";
rev = "03285e212016db5f28530563b58cfcc5706ff73f";
};
makeNode = import "${nixNodePackage}/nix/default.nix" pkgs {
root = ./.;
install = false;
nodejs = nodejs;
};
node-env = makeNode { };
urlobject = with python.pkgs; buildPythonPackage rec { (import
pname = "URLObject"; (
version = "2.4.3"; let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
src = fetchPypi { fetchTarball {
inherit pname version; url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = "47b2e20e6ab9c8366b2f4a3566b6ff4053025dad311c4bb71279bbcfa2430caa"; sha256 = lock.nodes.flake-compat.locked.narHash;
};
doCheck = true;
propagatedBuildInputs = [
];
};
python_attrs = with python.pkgs; buildPythonPackage rec {
pname = "attrs";
version = "21.4.0";
src = fetchPypi {
inherit pname version;
sha256 = "626ba8234211db98e869df76230a137c4c40a12d72445c45d5f5b716f076e2fd";
};
#doCheck = true;
doCheck = false;
propagatedBuildInputs = [
];
};
flask-dance = with python.pkgs; buildPythonPackage rec {
pname = "Flask-Dance";
version = "6.0.0";
src = fetchPypi {
inherit pname version;
sha256 = "15bb3c412eb789a2d904bfd0fd44aac2d94f82703a51d14123fd336136d55db0";
};
doCheck = false;
propagatedBuildInputs = [
requests
oauthlib
requests_oauthlib
flask
urlobject
];
checkInputs = [
pytest
nose
pytest-mock
responses
freezegun
coverage
# testing sqlalchemy support
sqlalchemy
flask_sqlalchemy
# testing integration with other extensions
flask_login
flask-caching
betamax
# we need the `signedtoken` extra for `oauthlib`
# oauthlib[signedtoken]
];
};
ldap3-orm = with python.pkgs; buildPythonPackage rec {
pname = "ldap3-orm";
version = "2.7.0";
src = fetchPypi {
inherit pname version;
sha256 = "8783886d4ce90d66da61ce24619593a265b50f0de1fbebe86df95c6788661664";
};
doCheck = false;
propagatedBuildInputs = [
ldap3
six
];
};
u2flib-server = {};
ory-hydra-client-old = with python.pkgs; buildPythonPackage rec {
pname = "ory-hydra-client";
version = "1.10.6";
src = fetchPypi {
inherit pname version;
sha256 = "57f877e55a8f202db27f5cbae9c55a1b1a91848ef46d0cbd3b710ef77882095c";
};
doCheck = false;
propagatedBuildInputs = [
urllib3
python-dateutil
];
};
ory-hydra-client = with python.pkgs; buildPythonPackage rec {
pname = "ory-hydra-client";
version = "1.9.2";
src = ./libs/ory-hydra-client;
# doCheck = false;
propagatedBuildInputs = [
urllib3
python-dateutil
#python_attrs
attrs
httpx
];
};
in
{
nativeBuildInputs = with python.pkgs; [
flask
flask-restful
flask_sqlalchemy
flask_wtf
flask-babel
flask_login
requests
requests_oauthlib
ldap3
ldap3-orm
pyotp
cryptography
blinker
ory-hydra-client
authlib # as oauth client lib
fido2 # for webauthn
flask_migrate # db migrations
nodejs
#node-env
gunicorn
flask-dance
#python-u2flib-server
#flask-debug
];
testBuildInputs = with python.pkgs; [
pytest
pytest-mypy
flask_testing
tox
types-dateutil
nose
mypy
];
} }
)
{ src = ./.; }
).defaultNix

60
flake.lock Normal file
View file

@ -0,0 +1,60 @@
{
"nodes": {
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"nix-node-package": {
"flake": false,
"locked": {
"lastModified": 1645439390,
"narHash": "sha256-mYkNbWBzQkv7O0mVZ4llqo9ZNeeo/IWPJk5WMa34SgQ=",
"owner": "mkg20001",
"repo": "nix-node-package",
"rev": "03285e212016db5f28530563b58cfcc5706ff73f",
"type": "github"
},
"original": {
"owner": "mkg20001",
"repo": "nix-node-package",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1679037998,
"narHash": "sha256-WnlfwX3IbZ/+hgxNZokGBVDwN7EciJA3ivrKQqoRr00=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1a19ae5b677797c0f2ba4f28304dd054964ed3b9",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"flake-compat": "flake-compat",
"nix-node-package": "nix-node-package",
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

160
flake.nix Normal file
View file

@ -0,0 +1,160 @@
{
description = "Lenticular cloud interface";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs";
flake-compat = {
url = "github:edolstra/flake-compat";
flake = false;
};
nix-node-package = {
url = "github:mkg20001/nix-node-package";
flake = false;
};
};
outputs = inputs@{ self, nixpkgs, nix-node-package, ... }:
let
makeNode = nix-node-package.lib.nix-node-package.makeNode;
node-env = makeNode { };
pkgs = nixpkgs.legacyPackages.x86_64-linux;
python_default = pkgs.python310;
nodejs = pkgs.nodejs;
lenticular_cloud = {python}: with python.pkgs; let
urlobject = buildPythonPackage rec {
pname = "URLObject";
version = "2.4.3";
src = fetchPypi {
inherit pname version;
sha256 = "47b2e20e6ab9c8366b2f4a3566b6ff4053025dad311c4bb71279bbcfa2430caa";
};
doCheck = true;
propagatedBuildInputs = [
];
};
flask-dance = with python.pkgs; buildPythonPackage rec {
pname = "Flask-Dance";
version = "6.0.0";
src = fetchPypi {
inherit pname version;
sha256 = "15bb3c412eb789a2d904bfd0fd44aac2d94f82703a51d14123fd336136d55db0";
};
doCheck = false;
propagatedBuildInputs = [
requests
oauthlib
requests_oauthlib
flask
urlobject
];
checkInputs = [
pytest
nose
pytest-mock
responses
freezegun
coverage
# testing sqlalchemy support
sqlalchemy
flask_sqlalchemy
# testing integration with other extensions
flask_login
flask-caching
betamax
# we need the `signedtoken` extra for `oauthlib`
# oauthlib[signedtoken]
];
};
ory-hydra-client = buildPythonPackage rec {
pname = "ory-hydra-client";
version = "2.0.3";
src = ./libs/ory-hydra-client;
# doCheck = false;
propagatedBuildInputs = [
urllib3
python-dateutil
attrs
httpx
];
};
in
buildPythonApplication rec { # TODO change to buildPythonApplication
pname = "lenticular_cloud";
version = "0.2";
src = ./.;
propagatedBuildInputs = [
flask
flask-restful
flask_sqlalchemy
flask_wtf
flask-babel
flask_login
requests
requests_oauthlib
ldap3
#ldap3-orm
pyotp
cryptography
blinker
ory-hydra-client
authlib # as oauth client lib
fido2 # for webauthn
flask_migrate # db migrations
nodejs
#node-env
gunicorn
flask-dance
];
testBuildInputs = with python.pkgs; [
pytest
pytest-mypy
flask_testing
tox
types-dateutil
nose
mypy
];
passthru = {
inherit python;
pythonPath = python.pkgs.makePythonPath propagatedBuildInputs;
};
doCheck = false;
checkInputs = [
pytest
] ++ lenticular_settings.testBuildInputs;
};
in {
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
#packages.x86_64-linux.default = import ./shell.nix { inherit pkgs; };
# TODO
packages.x86_64-linux.default = lenticular_cloud {python=python_default;};
nixosModules = {
default = (import "${self}/module.nix" { inherit lenticular_cloud; });
};
};
}
#ldap3-orm = with python.pkgs; buildPythonPackage rec {
# pname = "ldap3-orm";
# version = "2.7.0";
# src = fetchPypi {
# inherit pname version;
# sha256 = "8783886d4ce90d66da61ce24619593a265b50f0de1fbebe86df95c6788661664";
# };
# doCheck = false;
# propagatedBuildInputs = [
# ldap3
# six
# ];#
#};

68
module.nix Normal file
View file

@ -0,0 +1,68 @@
{ lenticular_cloud }: { config, pkgs, lib, modulesPath, ... }:
let
python = pkgs.python310;
gevent = python.pkgs.gevent;
gunicorn = python.pkgs.gunicorn;
psycopg2 = python.pkgs.psycopg2;
lenticular-pkg = lenticular_cloud { inherit python;};
in
{
options = with lib.options; {
services.lenticular-cloud ={
enable = mkEnableOption "lenticluar service enable";
};
};
imports = [
];
config = {
environment.systemPackages = [ lenticular-pkg ];
users = {
groups.lenticular = {
};
users.lenticular = {
createHome = true;
home = "/var/lib/lenticular";
description = "web server";
extraGroups = [
];
group = "lenticular";
isSystemUser = true;
};
};
systemd.services.lenticular-cloud = {
description = "lenticular account";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
environment = let
python_path = python.pkgs.makePythonPath [ lenticular-pkg gevent psycopg2];
in {
CONFIG_FILE = "/etc/lenticular_cloud/production.conf";
PYTHONPATH = "${lenticular-pkg.pythonPath}:${lenticular-pkg}/lib/python3.10/site-packages:${python_path}";
};
serviceConfig = {
Type = "simple";
WorkingDirectory = /var/lib/lenticular;
#User="lenticular"; #done by gunicorn
ExecStartPre = pkgs.writeScript "lenticular-cloud-server-init" ''
#!/bin/sh
#cat > /var/lib/lenticular/foobar.conf <<EOF
#SECRET_KEY=""
#EOF
${lenticular-pkg}/bin/lenticular_cloud-cli db_upgrade
'';
ExecStart = ''${gunicorn}/bin/gunicorn lenticular_cloud.wsgi --name lenticular_cloud \
-u lenticular \
-g lenticular \
--workers 3 --log-level=info \
--bind=unix:/run/lenticular.sock \
-k gevent'';
Restart = "on-failure";
};
};
};
}

View file

@ -6,3 +6,4 @@ warn_unused_configs = True
ignore_missing_imports = True ignore_missing_imports = True
follow_imports_for_stubs= True follow_imports_for_stubs= True
files=lenticular_cloud/**/*.py files=lenticular_cloud/**/*.py
#plugins = sqlalchemy.ext.mypy.plugin

View file

@ -1,12 +1,10 @@
{ (import
pkgs ? import <nixpkgs> {}, (
python ? pkgs.python310 let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
}: fetchTarball {
let url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
settings = import ./default.nix {inherit pkgs python;}; sha256 = lock.nodes.flake-compat.locked.narHash;
in
pkgs.mkShell {
# nativeBuildInputs is usually what you want -- tools you need to run
nativeBuildInputs = settings.nativeBuildInputs ++ settings.testBuildInputs ++ [ pkgs.nodePackages.npm pkgs.nodejs python.pkgs.build ];
} }
)
{ src = ./.; }
).defaultNix