v/infrastructure
1
0
Fork 0
Code Issues 13 Pull requests 1 Projects Releases Packages Activity Actions
infrastructure/nixos/pkgs/glitch-soc/default.nix
Vivian c788335493
Some checks are pending
Plex Update / update (push) Waiting to run
Details
update masto
2025-03-24 12:14:12 +01:00

200 lines
5.9 KiB
Nix
Raw Blame History

{ stdenv, stdenvNoCC, nodejs-slim, bundlerEnv
, yarn-berry, callPackage, ruby_3_4, writeShellScript
, brotli, cacert
}:
let
# optimally, updates only need to touch `version_data.nix`, and nothing else should be in there
versionData = import ./version_data.nix;
# use the first 7 characters of the glitch-soc commit hash as version string
version = builtins.substring 0 7 versionData.rev;
# the patched glitch-soc source
src = callPackage ./source.nix { };
# ruby gems, built from `gemset.nix`, which is generated by bundix in `update.sh` from the source Gemfile
mastodonGems = bundlerEnv {
name = "glitch-soc-gems-${version}"; # bundlerEnv breaks when pname is set instead
inherit version;
ruby = ruby_3_4;
gemset = ./gemset.nix;
gemdir = src;
};
# fetches JS dependencies via yarn based on the lockfile in the source
mastodonYarnDeps = stdenvNoCC.mkDerivation {
pname = "glitch-soc-yarn-deps";
inherit version src;
nativeBuildInputs = [ yarn-berry cacert ];
dontInstall = true;
NODE_EXTRA_CA_CERTS = "${cacert}/etc/ssl/certs/ca-bundle.crt";
buildPhase = ''
mkdir -p $out
export HOME=$(mktemp -d)
echo $HOME
export YARN_ENABLE_TELEMETRY=0
export YARN_COMPRESSION_LEVEL=0
cache="$(yarn config get cacheFolder)"
yarn install --immutable --mode skip-build
cp -r $cache/* $out/
'';
outputHashAlgo = "sha256";
outputHash = versionData.yarnHash;
outputHashMode = "recursive";
};
# builds the node modules for mastodon using the previously fetched yarn deps
mastodonModules = stdenv.mkDerivation {
pname = "glitch-soc-modules";
inherit version src;
yarnOfflineCache = mastodonYarnDeps;
nativeBuildInputs = [ nodejs-slim yarn-berry brotli mastodonGems mastodonGems.wrappedRuby ];
RAILS_ENV = "production";
NODE_ENV = "production";
/*
So it seems that somehow a change in Linux 6.9 changed something that broke libuv, an IO lib
used by Node. This undocumented env var disables the broken IO feature in libuv and it works
again.
- https://lore.kernel.org/lkml/d7003b6e-b8e3-41c4-9e6e-2b9abd0c5572@gmail.com/t/
- https://github.com/nodejs/node/issues/53051#issuecomment-2124940205
- https://github.com/nodejs/docker-node/issues/1912#issuecomment-1594233686
*/
UV_USE_IO_URING = "0";
buildPhase = ''
runHook preBuild
export HOME=$PWD
# This option is needed for openssl-3 compatibility
# Otherwise we encounter this upstream issue: https://github.com/mastodon/mastodon/issues/17924
export NODE_OPTIONS=--openssl-legacy-provider
export YARN_ENABLE_TELEMETRY=0
mkdir -p ~/.yarn/berry
ln -sf $yarnOfflineCache ~/.yarn/berry/cache
# --inline-builds prints build logs inline so they can be inspected with nix log
yarn install --immutable --immutable-cache --inline-builds
patchShebangs ~/bin
patchShebangs ~/node_modules
# skip running yarn install
rm -rf ~/bin/yarn
OTP_SECRET=precompile_placeholder \
SECRET_KEY_BASE=precompile_placeholder \
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=precompile_placeholder \
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=precompile_placeholder \
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=precompile_placeholder \
rails assets:precompile
yarn cache clean
rm -rf ~/node_modules/.cache
# Create missing static gzip and brotli files
gzip --best --keep ~/public/assets/500.html
gzip --best --keep ~/public/packs/report.html
find ~/public/assets -maxdepth 1 -type f -name '.*.json' \
-exec gzip --best --keep --force {} ';'
brotli --best --keep ~/public/packs/report.html
find ~/public/assets -type f -regextype posix-extended -iregex '.*\.(css|js|json|html)' \
-exec brotli --best --keep {} ';'
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir -p $out/public
cp -r node_modules $out/node_modules
cp -r public/assets $out/public
cp -r public/packs $out/public
runHook postInstall
'';
};
# the actual main glitch-soc package
in stdenv.mkDerivation {
pname = "glitch-soc";
inherit version src mastodonGems mastodonModules;
propagatedBuildInputs = [ mastodonGems.wrappedRuby ];
nativeBuildInputs = [ brotli ];
buildInputs = [ mastodonGems nodejs-slim ];
buildPhase = ''
runHook preBuild
ln -s $mastodonModules/node_modules node_modules
ln -s $mastodonModules/public/assets public/assets
ln -s $mastodonModules/public/packs public/packs
patchShebangs bin/
for b in $(ls $mastodonGems/bin/)
do
if [ ! -f bin/$b ]; then
ln -s $mastodonGems/bin/$b bin/$b
fi
done
# Remove execute permissions
chmod 0444 public/emoji/*.svg
# Create missing static gzip and brotli files
find public -maxdepth 1 -type f -regextype posix-extended -iregex '.*\.(css|js|svg|txt|xml)' \
-exec gzip --best --keep --force {} ';' \
-exec brotli --best --keep {} ';'
find public/emoji -type f -name '.*.svg' \
-exec gzip --best --keep --force {} ';' \
-exec brotli --best --keep {} ';'
ln -s assets/500.html.gz public/500.html.gz
ln -s assets/500.html.br public/500.html.br
ln -s packs/sw.js.gz public/sw.js.gz
ln -s packs/sw.js.br public/sw.js.br
ln -s packs/sw.js.map.gz public/sw.js.map.gz
ln -s packs/sw.js.map.br public/sw.js.map.br
rm -rf log
ln -s /var/log/mastodon log
ln -s /tmp tmp
runHook postBuild
'';
installPhase = let
run-streaming = writeShellScript "run-streaming.sh" ''
# NixOS helper script to consistently use the same NodeJS version the package was built with.
${nodejs-slim}/bin/node ./streaming
'';
in ''
runHook preInstall
mkdir -p $out
cp -r * $out/
ln -s ${run-streaming} $out/run-streaming.sh
runHook postInstall
'';
}
Reference in a new issue View git blame Copy permalink