nix: init flake

This commit is contained in:
Tony Olagbaiye 2020-05-13 19:36:40 +01:00
parent bcd4d41513
commit b69562bfae
No known key found for this signature in database
GPG Key ID: 9E2FF3BDEBDFC910
5 changed files with 170 additions and 53 deletions

27
flake.lock Normal file
View File

@ -0,0 +1,27 @@
{
"nodes": {
"nixpkgs": {
"info": {
"lastModified": 1589389290,
"narHash": "sha256-K5etYl0wKAPvU/B9LliwIgH/m/hYo1WyVlEIhLm8cV0="
},
"locked": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d5ba826821ae7d895c6385ea99af73c7052e2e79",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 5
}

39
flake.nix Normal file
View File

@ -0,0 +1,39 @@
{
description = "A flake for the construct matrix homeserver";
outputs = { self, nixpkgs }: let
forAllSystems = nixpkgs.lib.genAttrs [ "x86_64-linux" "i686-linux" "aarch64-linux" "x86_64-darwin" ];
in {
overlay = final: prev: rec {
matrix-construct-source = let
inherit (prev) lib linkFarm;
srcFilter = n: t: (lib.hasSuffix ".cc" n || lib.hasSuffix ".h" n || lib.hasSuffix ".S" n
|| lib.hasSuffix ".md" n || t == "directory");
repo = lib.cleanSourceWith { filter = srcFilter; src = lib.cleanSource "./."; };
buildFileWith = root: name: type: rec {
inherit name; file = "${root}/${name}";
path = if type == "directory" then buildFarmFrom name file else "${file}";
};
buildFarm = root: lib.mapAttrsToList (buildFileWith root) (builtins.readDir root);
buildFarmFrom = basename: root: linkFarm (lib.strings.sanitizeDerivationName basename) (buildFarm root);
in buildFarmFrom "construct" self;
matrix-construct = prev.callPackage ./nix/package {
rev = if self ? rev then self.rev else "development";
source = matrix-construct-source;
};
};
packages = forAllSystems (system: let
pkgs = nixpkgs.legacyPackages.${system};
in self.overlay pkgs pkgs);
defaultPackage = forAllSystems (system: self.packages.${system}.matrix-construct);
nixosModules = {
matrix-construct = import ./nix/module self;
};
};
}

89
nix/module/default.nix Normal file
View File

@ -0,0 +1,89 @@
self: { config, system, pkgs, lib, ... }:
let
cfg = config.services.matrix-construct;
in {
options.services.matrix-construct = with lib; {
enable = mkEnableOption "the construct server";
useScreen = mkOption {
type = types.bool;
default = true;
example = false;
description = ''
Run construct in screen for stdio access.
'';
};
setupUnbound = mkOption {
type = types.bool;
default = true;
example = false;
description = ''
Setup default unbound forwardAddresses.
'';
};
extraArgs = mkOption {
type = with types; listOf str;
default = [];
example = [ "-6" "--debug" ];
description = ''
Extra flags to pass to construct.
'';
};
package = mkOption {
type = types.package;
default = self.packages.${system}.matrix-construct;
defaultText = "pkgs.matrix-construct";
description = ''
Guix package to use.
'';
};
server = mkOption {
type = types.str;
default = null;
example = "matrix.example.org";
description = ''
Server configuration to run construct with.
'';
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ] ++ lib.optional cfg.useScreen pkgs.screen;
systemd.services.construct = {
description = "Matrix Construct";
wantedBy = [ "multi-user.target" ];
## bin/construct host.tld [servername]
## Connect to screen
## Wait for init, then press ctrl-c
## Create listener with `net listen matrix * 8448 privkey.pem cert.pem chain.pem`
## ..I used /var/lib/acme/xa0.uk/key.pem /(...)/xa0.uk/fullchain.pem /(...)/xa0.uk/fullchain.pem`
## Route and test with https://matrix.org/federationtester/api/report?server_name=host.tld
## Restart, or reload with `mod reload web_root`
## Exit screen
script = '' cd $STATE_DIRECTORY && exec ''
+ (if cfg.useScreen then '' ${pkgs.screen}/bin/screen -D -m '' else "")
+ '' ${cfg.package}/bin/construct ${cfg.server} ${lib.concatStringsSep " " cfg.extraArgs} '';
serviceConfig = {
Restart = "on-failure";
ConfigurationDirectory = "construct";
RuntimeDirectory = "construct";
StateDirectory = "construct"; # Todo: bootstrap
LogsDirectory = "construct";
StandardOutput = "syslog";
StandardError = "syslog";
TimeoutStopSec = "120";
KillSignal = "SIGQUIT";
};
};
services.unbound.forwardAddresses = lib.mkIf cfg.setupUnbound [ "4.2.2.1" "4.2.2.2" "4.2.2.3" "4.2.2.4" "4.2.2.5" "4.2.2.6" ];
};
}

View File

@ -1,17 +1,10 @@
{ rev ? "c7e0e9ed5abd0043e50ee371129fcb8640264fc4"
, sha256 ? "0c28mpvjhjc8kiwj2w8zcjsr2rayw989a1wnsqda71zpcyas3mq2"
, pkgs ? import (builtins.fetchTarball { inherit sha256;
url = "https://github.com/NixOS/nixpkgs/archive/${rev}.tar.gz";
}) { }
, stdenv ? if useClang
then (if pkgs.stdenv.cc.isClang
then pkgs.stdenv
else pkgs.llvmPackages_latest.stdenv)
else (if pkgs.stdenv.cc.isGNU
then pkgs.stdenv
else pkgs.gcc.stdenv)
, lib ? pkgs.lib
{ source, rev, pkgs, lib, stdenv ? if useClang
then (if pkgs.stdenv.cc.isClang
then pkgs.stdenv
else pkgs.llvmPackages_latest.stdenv)
else (if pkgs.stdenv.cc.isGNU
then pkgs.stdenv
else pkgs.gcc.stdenv)
, debug ? false # Debug Build
, useClang ? false # Use Clang over GCC
@ -21,34 +14,13 @@
let
pname = "matrix-construct";
version = "development";
source = let
srcFilter = n: t: (lib.hasSuffix ".cc" n || lib.hasSuffix ".h" n || lib.hasSuffix ".S" n
|| lib.hasSuffix ".md" n || t == "directory");
repo = lib.cleanSourceWith { filter = srcFilter; src = lib.cleanSource ./.; };
buildFileWith = root: name: type: rec {
inherit name; file = "${root}/${name}";
path = if type == "directory" then buildFarmFrom name file else "${file}";
};
buildFarm = root: lib.mapAttrsToList (buildFileWith root) (builtins.readDir root);
buildFarmFrom = basename: root: pkgs.linkFarm (lib.strings.sanitizeDerivationName basename) (buildFarm root);
in buildFarmFrom "construct" repo;
version = lib.substring 0 9 rev;
buildArgs = buildInputs: nativeBuildInputs: {
inherit buildInputs nativeBuildInputs;
preferLocalBuild = true;
allowSubstitutes = false;
};
VERSION_COMMIT_CMD = "git rev-parse --short HEAD";
VERSION_BRANCH_CMD = "git rev-parse --abbrev-ref HEAD";
VERSION_TAG_CMD = "git describe --tags --abbrev=0 --dirty --always --broken";
VERSION_CMD = "git describe --tags --always --broken";
runWithGit = id: cmd: lib.removeSuffix "\n" (builtins.readFile (pkgs.runCommandNoCCLocal "construct-${id}" {
buildInputs = [ pkgs.git ];
} "cd ${./.} && ${cmd} > $out"));
in stdenv.mkDerivation rec {
inherit pname version;
src = source;
@ -528,7 +500,7 @@ in stdenv.mkDerivation rec {
libtool --tag=CXX --mode=link g++ -std=gnu++17 -ftls-model=initial-exec -pthread ${CXXOPTS} -version-info 3:2:0 \
-Wl,--no-undefined-version -Wl,--weak-unresolved-symbols -Wl,--unresolved-symbols=ignore-in-shared-libs \
-Wl,--wrap=pthread_create -Wl,--wrap=pthread_join -Wl,--wrap=pthread_timedjoin_np -Wl,--wrap=pthread_self -Wl,--wrap=pthread_setname_np \
-Wl,-z,nodelete -Wl,-z,nodlopen -Wl,-z,lazy -L${boost.out}/lib \
-Wl,-z,nodelete -Wl,-z,nodlopen -Wl,-z,lazy -L${pkgs.boost.out}/lib \
-Wl,-fuse-ld=gold -Wl,--gdb-index -Wl,--warn-common -Wl,--warn-execstack -Wl,--detect-odr-violations -Wl,--rosegment -Wl,-z,noexecstack -Wl,-z,combreloc -Wl,-z,text-unlikely-segment \
-o $out/${laFile} ${lib.concatStringsSep " " loFiles} ${extraArgs} \
-lrocksdb -lboost_coroutine -lboost_context -lboost_thread -lboost_filesystem -lboost_chrono -lboost_system -lssl -lcrypto -L${pkgs.libsodium.out}/lib -lsodium -lmagic -lz -lpthread -latomic -lrocksdb -ldl
@ -570,11 +542,11 @@ in stdenv.mkDerivation rec {
versionDefs = let
versions = {
BRANDING_VERSION = "${runWithGit "version" VERSION_CMD}";
RB_VERSION = "${runWithGit "version" VERSION_CMD}";
RB_VERSION_BRANCH = "${runWithGit "version-branch" VERSION_BRANCH_CMD}";
RB_VERSION_COMMIT = "${runWithGit "version-commit" VERSION_COMMIT_CMD}";
RB_VERSION_TAG = "${runWithGit "version-tag" VERSION_TAG_CMD}";
BRANDING_VERSION = lib.substring 0 9 rev;
RB_VERSION = lib.substring 0 9 rev;
RB_VERSION_BRANCH = "master";
RB_VERSION_COMMIT = rev;
RB_VERSION_TAG = rev;
};
in lib.concatStringsSep " " (lib.mapAttrsToList (k: v: "-U${k} -D'${k}=\"${v}\"'") versions);

View File

@ -20,17 +20,7 @@ let
'';
in pkgs.mkShell {
buildInputs = with pkgs; [
libsodium openssl file boost gmp llvm
(rocksdb.overrideAttrs (super: rec {
version = "5.16.6";
src = pkgs.fetchFromGitHub {
owner = "facebook";
repo = "rocksdb";
rev = "v${version}";
sha256 = "0yy09myzbi99qdmh2c2mxlddr12pwxzh66ym1y6raaqglrsmax66";
};
NIX_CFLAGS_COMPILE = "${super.NIX_CFLAGS_COMPILE} -Wno-error=redundant-move";
}))
libsodium openssl file boost gmp llvm rocksdb
zlib lz4 snappy
graphicsmagick
jemalloc