Remove mastodon build dependency on environment variables

[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / mastodon / mastodon.nix
diff --git a/nixops/modules/websites/tools/mastodon/mastodon.nix b/nixops/modules/websites/tools/mastodon/mastodon.nix

index 8650ee310b860e9e28e5d6780b60b421c69aa771..67d4d48b01230351ce5b21f599b4f5c0789b44dc 100644 (file)
--- a/nixops/modules/websites/tools/mastodon/mastodon.nix
+++ b/nixops/modules/websites/tools/mastodon/mastodon.nix
@@ -1,14 +1,24 @@
-{ env, ruby_2_5, bundlerEnv, defaultGemConfig, fetchedGithub, stdenv, writeText, pkgs }:
+{ env, ruby_2_6, bundlerEnv, defaultGemConfig, yarn2nixPackage, fetchedGithub, stdenv, writeText, pkgs }:
  let
    varDir = "/var/lib/mastodon_immae";
    socketsDir = "/run/mastodon";
    gems = bundlerEnv {
      name = "mastodon-env";
-    ruby = ruby_2_5;
+    ruby = ruby_2_6;
      gemset = ./gemset.nix;
      gemdir = (fetchedGithub ./mastodon.json).src;
      groups = [ "default" "production" "test" "development" ];
      gemConfig = defaultGemConfig // {
+      redis-rack = attrs: {
+        preBuild = ''
+          sed -i 's!s\.files.*!!' redis-rack.gemspec
+          '';
+      };
+      tzinfo = attrs: {
+        preBuild = ''
+          sed -i 's!s\.files.*!!' tzinfo.gemspec
+          '';
+      };
        cld3 = attrs: {
          buildInputs = with pkgs; [ protobuf protobufc pkgconfig ];
        };
@@ -22,36 +32,24 @@ let
    };
    yarnModules = let
        info = fetchedGithub ./mastodon.json;
+      packagejson = pkgs.runCommand "package.json" { buildInputs = [ pkgs.jq ]; } ''
+        cat ${info.src}/package.json | jq -r '.version = "${info.version}"' > $out
+        '';
      in
-      pkgs.yarn2nix.mkYarnModules {
-        name = "mastodon-yarn-modules";
-        packageJSON = "${info.src}/package.json";
+      yarn2nixPackage.mkYarnModules rec {
+        name = "mastodon-yarn";
+        pname = name;
+        version = info.version;
+        packageJSON = packagejson;
          yarnLock = "${info.src}/yarn.lock";
          yarnNix = ./yarn-packages.nix;
          pkgConfig = {
-          uws = {
-            postInstall = ''
-              node-gyp rebuild > build_log.txt 2>&1 || true
-              '';
-            buildInputs = with pkgs; [ nodePackages.node-gyp ];
+          all = {
+            buildInputs = [ yarn2nixPackage.src ];
            };
-          node-zopfli = {
+          uws = {
              postInstall = ''
-              node-pre-gyp install --fallback-to-build
-              '';
-            buildInputs = with pkgs; [ nodePackages.node-pre-gyp ];
-          };
-          node-sass = {
-            buildInputs = with pkgs; [ binutils libsass python ];
-            postInstall = let
-              nodeHeaders = pkgs.fetchurl {
-                url = "https://nodejs.org/download/release/v${pkgs.nodejs.version}/node-v${pkgs.nodejs.version}-headers.tar.gz";
-                sha256 = "12zzsf8my43b8qnlacp871ih5vqafl2vlpqp51xp6h3gckn2frwy";
-              };
-            in
-              ''
-                export AR=${pkgs.binutils.bintools}/bin/ar
-                node scripts/build.js --tarball=${nodeHeaders}
+              npx node-gyp rebuild > build_log.txt 2>&1 || true
                '';
            };
          };
@@ -61,55 +59,64 @@ let
        cp -a . $out
        cp -a ${yarnModules}/node_modules $out
      '';
-    buildInputs = [ yarnModules gems ];
+    buildInputs = [ yarnModules ];
    });
-  config = writeText "mastodon_environment" ''
-    REDIS_HOST=${env.redis.host}
-    REDIS_PORT=${env.redis.port}
-    REDIS_DB=${env.redis.db}
-    DB_HOST=${env.postgresql.socket}
-    DB_USER=${env.postgresql.user}
-    DB_NAME=${env.postgresql.database}
-    DB_PASS=${env.postgresql.password}
-    DB_PORT=${env.postgresql.port}
+  keys.mastodon = {
+    dest = "webapps/tools-mastodon";
+    user = "mastodon";
+    group = "mastodon";
+    permissions = "0400";
+    text = ''
+      REDIS_HOST=${env.redis.host}
+      REDIS_PORT=${env.redis.port}
+      REDIS_DB=${env.redis.db}
+      DB_HOST=${env.postgresql.socket}
+      DB_USER=${env.postgresql.user}
+      DB_NAME=${env.postgresql.database}
+      DB_PASS=${env.postgresql.password}
+      DB_PORT=${env.postgresql.port}
  
-    LOCAL_DOMAIN=mastodon.immae.eu
-    LOCAL_HTTPS=true
-    ALTERNATE_DOMAINS=immae.eu
+      LOCAL_DOMAIN=mastodon.immae.eu
+      LOCAL_HTTPS=true
+      ALTERNATE_DOMAINS=immae.eu
  
-    PAPERCLIP_SECRET=${env.paperclip_secret}
-    SECRET_KEY_BASE=${env.secret_key_base}
-    OTP_SECRET=${env.otp_secret}
+      PAPERCLIP_SECRET=${env.paperclip_secret}
+      SECRET_KEY_BASE=${env.secret_key_base}
+      OTP_SECRET=${env.otp_secret}
  
-    VAPID_PRIVATE_KEY=${env.vapid.private}
-    VAPID_PUBLIC_KEY=${env.vapid.public}
+      VAPID_PRIVATE_KEY=${env.vapid.private}
+      VAPID_PUBLIC_KEY=${env.vapid.public}
  
-    SMTP_DELIVERY_METHOD=sendmail
-    SMTP_FROM_ADDRESS=notifications@mastodon.immae.eu
-    SENDMAIL_LOCATION="/run/wrappers/bin/sendmail"
-    PAPERCLIP_ROOT_PATH=${varDir}
+      SMTP_DELIVERY_METHOD=sendmail
+      SMTP_FROM_ADDRESS=mastodon@tools.immae.eu
+      SENDMAIL_LOCATION="/run/wrappers/bin/sendmail"
+      PAPERCLIP_ROOT_PATH=${varDir}
  
-    STREAMING_CLUSTER_NUM=1
+      STREAMING_CLUSTER_NUM=1
  
-    # LDAP authentication (optional)
-    LDAP_ENABLED=true
-    LDAP_HOST=ldap.immae.eu
-    LDAP_PORT=636
-    LDAP_METHOD=simple_tls
-    LDAP_BASE="dc=immae,dc=eu"
-    LDAP_BIND_DN="cn=mastodon,ou=services,dc=immae,dc=eu"
-    LDAP_PASSWORD="${env.ldap.password}"
-    LDAP_UID="uid"
-    LDAP_SEARCH_FILTER="(&(%{uid}=%{email})(memberOf=cn=users,cn=mastodon,ou=services,dc=immae,dc=eu))"
+      RAILS_LOG_LEVEL=warn
+
+      # LDAP authentication (optional)
+      LDAP_ENABLED=true
+      LDAP_HOST=ldap.immae.eu
+      LDAP_PORT=636
+      LDAP_METHOD=simple_tls
+      LDAP_BASE="dc=immae,dc=eu"
+      LDAP_BIND_DN="cn=mastodon,ou=services,dc=immae,dc=eu"
+      LDAP_PASSWORD="${env.ldap.password}"
+      LDAP_UID="uid"
+      LDAP_SEARCH_FILTER="(&(%{uid}=%{email})(memberOf=cn=users,cn=mastodon,ou=services,dc=immae,dc=eu))"
      '';
+  };
  
      railsRoot = stdenv.mkDerivation {
        name = "mastodon_immae";
-      inherit config mastodon;
+      inherit mastodon;
        builder = writeText "build_mastodon_immae" ''
          source $stdenv/setup
          set -a
-        source $config
+        SECRET_KEY_BASE=Dummy
+        OTP_SECRET=Dummy
          set +a
          cp -a $mastodon $out
          cd $out
@@ -118,13 +125,14 @@ let
          sed -i -e 's@^end$@  config.action_mailer.sendmail_settings = { location: ENV.fetch("SENDMAIL_LOCATION", "/usr/sbin/sendmail") }\nend@' config/environments/production.rb
          RAILS_ENV=production ${gems}/bin/rails assets:precompile
          rm -rf tmp/cache
-        ln -sf ../../../../../../../${varDir}/tmp/cache tmp
+        ln -sf ${varDir}/tmp/cache tmp
          '';
        buildInputs = [ gems gems.ruby pkgs.nodejs pkgs.yarn ];
      };
  in
    {
-    inherit railsRoot config varDir socketsDir gems;
+    inherit railsRoot varDir socketsDir gems;
+    keys = builtins.attrValues keys;
      nodeSocket = "${socketsDir}/live_immae_node.sock";
      railsSocket = "${socketsDir}/live_immae_puma.sock";
    }