{ stdenv, nodejs-slim, bundlerEnv, defaultGemConfig
, yarn-berry, callPackage, ruby, writeShellScript
, brotli, openssl
}:

let

  # optimally, updates only need to touch `version_data.nix`, and nothing else should be in there
  versionData = import ./version_data.nix;

  # use the first 7 characters of the glitch-soc commit hash as version string
  version = builtins.substring 0 7 versionData.rev;

  # the patched glitch-soc source
  src = callPackage ./source.nix { };

  # ruby gems, built from `gemset.nix`, which is generated by bundix in `update.sh` from the source Gemfile
  mastodonGems = bundlerEnv {
    name = "glitch-soc-gems-${version}";  # bundlerEnv breaks when pname is set instead
    inherit version;
    ruby = ruby;
    gemset = ./gemset.nix;
    gemdir = src;
    /*
    See:
    - https://wiki.nixos.org/wiki/Packaging/Ruby#Adding_a_global_override_for_a_gem
    - https://nixos.org/manual/nixpkgs/stable/#gem-specific-configurations-and-workarounds
    */
    gemConfig = defaultGemConfig // {
      hiredis-client = attrs: {
        buildInputs = [ openssl ];
      };
    };
  };

  # fetches JS dependencies via yarn based on the lockfile in the source
  mastodonYarnDeps = yarn-berry.fetchYarnBerryDeps {
    inherit src;
    hash = versionData.yarnHash;
    missingHashes = ./missing-hashes.json;
  };

  # builds the node modules for mastodon using the previously fetched yarn deps
  mastodonModules = stdenv.mkDerivation {
    pname = "glitch-soc-modules";
    inherit version src;

    yarnOfflineCache = mastodonYarnDeps;
    missingHashes = ./missing-hashes.json;

    nativeBuildInputs = [
      nodejs-slim
      yarn-berry
      yarn-berry.yarnBerryConfigHook
      brotli
      mastodonGems
      mastodonGems.wrappedRuby
    ];

    RAILS_ENV = "production";
    NODE_ENV = "production";

    /*
    So it seems that somehow a change in Linux 6.9 changed something that broke libuv, an IO lib
    used by Node. This undocumented env var disables the broken IO feature in libuv and it works
    again.

    - https://lore.kernel.org/lkml/d7003b6e-b8e3-41c4-9e6e-2b9abd0c5572@gmail.com/t/
    - https://github.com/nodejs/node/issues/53051#issuecomment-2124940205
    - https://github.com/nodejs/docker-node/issues/1912#issuecomment-1594233686
    */
    UV_USE_IO_URING = "0";

    buildPhase = ''
      runHook preBuild

      export SECRET_KEY_BASE_DUMMY=1

      patchShebangs bin

      bundle exec rails assets:precompile

      rm -rf node_modules/.cache

      # Remove workspace "package" as it contains broken symlinks
      # See https://github.com/NixOS/nixpkgs/issues/380366
      rm -rf node_modules/@mastodon

      # Remove execute permissions
      find public/assets -type f ! -perm 0555 \
        -exec chmod 0444 {} ';'

      # Create missing static gzip and brotli files
      # see: https://git.catgirl.cloud/999eagle/dotfiles-nix/-/blob/5d0da33c4f6b52b48777b404593c68a13e292721/overlay/mastodon/glitch/default.nix#L30
      # see: https://code.hackerspace.pl/ar/nibylandia/src/commit/7bbb773554204026644fb98c9463fd15726976e9/pkgs/glitch-soc/modules.nix#L52
      find public/assets public/packs -type f -regextype posix-extended -iregex '.*\.(css|html|js|js.map|json|svg)' \
        -exec gzip --best --keep --force {} ';' \
        -exec brotli --best --keep {} ';'

      runHook postBuild
    '';

    installPhase = ''
      runHook preInstall

      mkdir -p $out/public
      cp -r node_modules $out/node_modules
      cp -r public/assets $out/public
      cp -r public/packs $out/public

      runHook postInstall
    '';
  };

# the actual main glitch-soc package

in stdenv.mkDerivation {

  pname = "glitch-soc";
  inherit version src mastodonGems mastodonModules;

  propagatedBuildInputs = [ mastodonGems.wrappedRuby ];
  nativeBuildInputs = [ brotli ];
  buildInputs = [ mastodonGems nodejs-slim ];

  buildPhase = ''
    runHook preBuild

    ln -s $mastodonModules/node_modules node_modules
    ln -s $mastodonModules/public/assets public/assets
    ln -s $mastodonModules/public/packs public/packs

    patchShebangs bin/
    for b in $(ls $mastodonGems/bin/)
    do
      if [ ! -f bin/$b ]; then
        ln -s $mastodonGems/bin/$b bin/$b
      fi
    done

    # Remove execute permissions
    chmod 0444 public/emoji/*.svg

    # Create missing static gzip and brotli files
    find public -maxdepth 1 -type f -regextype posix-extended -iregex '.*\.(css|js|svg|txt|xml)' \
      -exec gzip --best --keep --force {} ';' \
      -exec brotli --best --keep {} ';'
    find public/emoji -type f -name '.*.svg' \
      -exec gzip --best --keep --force {} ';' \
      -exec brotli --best --keep {} ';'
    ln -s assets/500.html.gz public/500.html.gz
    ln -s assets/500.html.br public/500.html.br
    ln -s packs/sw.js.gz public/sw.js.gz
    ln -s packs/sw.js.br public/sw.js.br
    ln -s packs/sw.js.map.gz public/sw.js.map.gz
    ln -s packs/sw.js.map.br public/sw.js.map.br

    rm -rf log
    ln -s /var/log/mastodon log
    ln -s /tmp tmp

    runHook postBuild
  '';

  installPhase = let
    run-streaming = writeShellScript "run-streaming.sh" ''
      # NixOS helper script to consistently use the same NodeJS version the package was built with.
      ${nodejs-slim}/bin/node ./streaming
    '';
  in ''
    runHook preInstall

    mkdir -p $out
    cp -r * $out/
    ln -s ${run-streaming} $out/run-streaming.sh

    runHook postInstall
  '';

}