aboutsummaryrefslogblamecommitdiff
path: root/nixops/modules/websites/tools/mediagoblin/mediagoblin.nix
blob: bc423db19ef37f272758aa107dc1ca384654fa08 (plain) (tree)
1
                                                                                                                                                                                 




































































                                                                                                     
                                                                     


         
                                                      






                                                 
                           


























                                                                       




                                                











                                                                             

                                                          






























































                                                                                                                  

                                         





                                  
 


                                                           
 

                                                               
 


                                  
 
                            
 
                                                             
 






                                                                       
 

                                               
 


                                                
 



                                              
 















                                                                                                                     
       



































                                                                                                                                                       
                                                                              
                                     


             
{ env, makeWrapper, stdenv, writeText, fetchurl, buildBowerComponents, fetchedGit, fetchedGithub, which, python36, pkgs, automake, autoconf, nodejs, nodePackages, git, cacert }:
let
  plugins = {
    basicsearch = stdenv.mkDerivation (fetchedGithub ./mediagoblin-plugin-basicsearch.json // rec {
      phases = "unpackPhase installPhase";
      installPhase = ''
          cp -R . $out
      '';
    });
  };
  overridePython = let
    packageOverrides = self: super: {
      celery = super.celery.overridePythonAttrs(old: rec {
        version = "3.1.26.post2";
        src = self.fetchPypi {
          inherit version;
          inherit (old) pname;
          sha256 = "5493e172ae817b81ba7d09443ada114886765a8ce02f16a56e6fac68d953a9b2";
        };
        patches = [];
        doCheck = false;
      });
      billiard = super.billiard.overridePythonAttrs(old: rec {
        version = "3.3.0.23";
        src = self.fetchPypi {
          inherit version;
          inherit (old) pname;
          sha256 = "02wxsc6bhqvzh8j6w758kvgqbnj14l796mvmrcms8fgfamd2lak9";
        };
      });
      amqp = super.amqp.overridePythonAttrs(old: rec {
        version = "1.4.9";
        src = self.fetchPypi {
          inherit version;
          inherit (old) pname;
          sha256 = "2dea4d16d073c902c3b89d9b96620fb6729ac0f7a923bbc777cb4ad827c0c61a";
        };
      });
      kombu = super.kombu.overridePythonAttrs(old: rec {
        version = "3.0.37";
        src = self.fetchPypi {
          inherit version;
          inherit (old) pname;
          sha256 = "e064a00c66b4d1058cd2b0523fb8d98c82c18450244177b6c0f7913016642650";
        };
        propagatedBuildInputs = old.propagatedBuildInputs ++ [ self.anyjson ];
        doCheck = false;
      });
      sqlalchemy = super.sqlalchemy.overridePythonAttrs(old: rec {
        version = "1.1.18";
        src = self.fetchPypi {
          inherit version;
          inherit (old) pname;
          sha256 = "8b0ec71af9291191ba83a91c03d157b19ab3e7119e27da97932a4773a3f664a9";
        };
      });
      tempita_5_3_dev = super.buildPythonPackage (fetchedGithub ./tempita.json // rec {
        buildInputs = with self; [ nose ];
        disabled = false;
      });
      sqlalchemy_migrate = super.sqlalchemy_migrate.overridePythonAttrs(old: rec {
        propagatedBuildInputs = with self; [ pbr tempita_5_3_dev decorator sqlalchemy six sqlparse ];
      });
      pasteScript = super.pasteScript.overridePythonAttrs(old: rec {
        version = "2.0.2";
        name = "PasteScript-${version}";
        src = fetchurl {
          url = "mirror://pypi/P/PasteScript/${name}.tar.gz";
          sha256 = "1h3nnhn45kf4pbcv669ik4faw04j58k8vbj1hwrc532k0nc28gy0";
        };
        propagatedBuildInputs = with self; [ six paste PasteDeploy ];
      });
    };
    in
      python36.override { inherit packageOverrides; };
  pythonEnv = python-pkgs: with python-pkgs; [
    waitress alembic dateutil wtforms pybcrypt
    pytest pytest_xdist werkzeug celery
    kombu jinja2 Babel webtest configobj markdown
    sqlalchemy itsdangerous pytz sphinx six
    oauthlib unidecode jsonschema PasteDeploy
    requests PyLD exifread
    typing pasteScript lxml
    # For images plugin
    pillow
    # For video plugin
    gst-python
    # migrations
    sqlalchemy_migrate
    # authentication
    ldap3
    redis
    psycopg2
  ];
  python = overridePython.withPackages pythonEnv;
  gmg = writeText "gmg" ''
    #!${python}/bin/python
    __requires__ = 'mediagoblin'
    import sys
    from pkg_resources import load_entry_point

    if __name__ == '__main__':
        sys.exit(
            load_entry_point('mediagoblin', 'console_scripts', 'gmg')()
        )
    '';
in
  rec {
    socketsDir = "/run/mediagoblin";
    varDir = "/var/lib/mediagoblin";
    bowerComponents = buildBowerComponents {
      name = "mediagoblin-bower-components";
      generated = ./bower-packages.nix;
      src = (fetchedGit ./mediagoblin.json).src;
    };
    mediagoblin = stdenv.mkDerivation (fetchedGit ./mediagoblin.json // rec {
      preConfigure = ''
        # ./bootstrap.sh
        aclocal -I m4 --install
        autoreconf -fvi
        # end
        export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt
        export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
        export HOME=$PWD
        '';
      configureFlags = [ "--with-python3" "--without-virtualenv" ];
      postBuild = ''
        cp -a ${bowerComponents}/bower_components/* extlib
        chmod -R u+w extlib
        make extlib
        '';
      installPhase = ''
        sed -i "s/registry.has_key(current_theme_name)/current_theme_name in registry/" mediagoblin/tools/theme.py
        sed -i -e "s@\[DEFAULT\]@[DEFAULT]\nhere = $out@" mediagoblin/config_spec.ini
        cp ${./ldap_fix.py} mediagoblin/plugins/ldap/tools.py
        ln -s ${plugins.basicsearch}/basicsearch mediagoblin/plugins/basicsearch
        find . -name '*.pyc' -delete
        find . -type f -exec sed -i "s|$PWD|$out|g" {} \;
        python setup.py build
        cp -a . $out
        mkdir $out/bin
        cp ${gmg} $out/bin/gmg
        chmod a+x $out/bin/gmg
        '';
      buildInputs = [ makeWrapper git cacert automake autoconf which nodePackages.bower nodejs python ];
      propagatedBuildInputs = [ python ];
    });
    paste_local = writeText "paste_local.ini" ''
      [DEFAULT]
      debug = false

      [pipeline:main]
      pipeline = mediagoblin

      [app:mediagoblin]
      use = egg:mediagoblin#app
      config = %(here)s/mediagoblin_local.ini %(here)s/mediagoblin.ini
      /mgoblin_static = %(here)s/mediagoblin/static

      [loggers]
      keys = root

      [handlers]
      keys = console

      [formatters]
      keys = generic

      [logger_root]
      level = INFO
      handlers = console

      [handler_console]
      class = StreamHandler
      args = (sys.stderr,)
      level = NOTSET
      formatter = generic

      [formatter_generic]
      format = %(levelname)-7.7s [%(name)s] %(message)s

      [filter:errors]
      use = egg:mediagoblin#errors
      debug = false

      [server:main]
      use = egg:waitress#main
      unix_socket = ${socketsDir}/mediagoblin.sock
      unix_socket_perms = 777
      url_scheme = https
      '';

    keys = [{
      dest = "webapps/tools-mediagoblin";
      user = "mediagoblin";
      group = "mediagoblin";
      permissions = "0400";
      text = ''
        [DEFAULT]
        data_basedir = "${varDir}"

        [mediagoblin]
        direct_remote_path = /mgoblin_static/
        email_sender_address = "mediagoblin@tools.immae.eu"

        #sql_engine = sqlite:///%(data_basedir)s/mediagoblin.db
        sql_engine = ${env.psql_url}

        email_debug_mode = false
        allow_registration = false
        allow_reporting = true

        theme = airymodified

        user_privilege_scheme = "uploader,commenter,reporter"

        # We need to redefine them here since we override data_basedir
        # cf /usr/share/webapps/mediagoblin/mediagoblin/config_spec.ini
        workbench_path = %(data_basedir)s/media/workbench
        crypto_path = %(data_basedir)s/crypto
        theme_install_dir = %(data_basedir)s/themes/
        theme_linked_assets_dir = %(data_basedir)s/theme_static/
        plugin_linked_assets_dir = %(data_basedir)s/plugin_static/

        [storage:queuestore]
        base_dir = %(data_basedir)s/media/queue

        [storage:publicstore]
        base_dir = %(data_basedir)s/media/public
        base_url = /mgoblin_media/

        [celery]
        CELERY_RESULT_DBURI = ${env.redis_url}
        BROKER_URL = ${env.redis_url}
        CELERYD_CONCURRENCY = 1

        [plugins]
          [[mediagoblin.plugins.geolocation]]
          [[mediagoblin.plugins.ldap]]
            [[[immae.eu]]]
              LDAP_SERVER_URI = 'ldaps://ldap.immae.eu:636'
              LDAP_SEARCH_BASE = 'dc=immae,dc=eu'
              LDAP_BIND_DN = 'cn=mediagoblin,ou=services,dc=immae,dc=eu'
              LDAP_BIND_PW = '${env.ldap.password}'
              LDAP_SEARCH_FILTER = '(&(memberOf=cn=users,cn=mediagoblin,ou=services,dc=immae,dc=eu)(uid={username}))'
              EMAIL_SEARCH_FIELD = 'mail'
          [[mediagoblin.plugins.basicsearch]]
          [[mediagoblin.plugins.piwigo]]
          [[mediagoblin.plugins.processing_info]]
          [[mediagoblin.media_types.image]]
          [[mediagoblin.media_types.video]]
        '';
    }];
    pythonRoot =
      with pkgs.gst_all_1;
      stdenv.mkDerivation {
        name = "mediagoblin_immae";
        inherit mediagoblin;
        buildInputs=  [ makeWrapper ];
        propagatedBuildInputs = [ gst-libav gst-plugins-good gst-plugins-bad gst-plugins-ugly gstreamer ];
        builder = let
          libpaths = [
            python
            gstreamer
            gst-plugins-base
            gst-libav
            gst-plugins-good
            gst-plugins-bad
            gst-plugins-ugly
          ];
          plugin_paths = builtins.concatStringsSep ":" (map (x: "${x}/lib") libpaths);
          typelib_paths = "${gstreamer}/lib/girepository-1.0:${gst-plugins-base}/lib/girepository-1.0";
        in writeText "build_mediagoblin_immae" ''
          source $stdenv/setup
          cp -a $mediagoblin $out
          cd $out
          chmod -R u+rwX .
          sed -i -e "/from gi.repository import GstPbutils/s/^/gi.require_version('GstPbutils', '1.0')\n/" mediagoblin/media_types/video/transcoders.py
          wrapProgram bin/gmg --prefix PYTHONPATH : "$out:$PYTHONPATH" \
            --prefix GST_PLUGIN_SYSTEM_PATH : ${plugin_paths} \
            --prefix GI_TYPELIB_PATH : ${typelib_paths}
          makeWrapper ${python}/bin/paster bin/paster --prefix PYTHONPATH : "$out:$PYTHONPATH" \
            --prefix GST_PLUGIN_SYSTEM_PATH : ${plugin_paths} \
            --prefix GI_TYPELIB_PATH : ${typelib_paths}
          makeWrapper ${python}/bin/celery bin/celery --prefix PYTHONPATH : "$out:$PYTHONPATH" \
            --prefix GST_PLUGIN_SYSTEM_PATH : ${plugin_paths} \
            --prefix GI_TYPELIB_PATH : ${typelib_paths}
          find . -type f -exec sed -i "s|$mediagoblin|$out|g" {} \;
          ln -s ${paste_local} ./paste_local.ini
          ln -s /var/secrets/webapps/tools-mediagoblin ./mediagoblin_local.ini
          ln -sf ${varDir} ./user_dev
          '';
      };
  }