nix: init flake
This commit is contained in:
parent
bcd4d41513
commit
b69562bfae
|
@ -0,0 +1,27 @@
|
||||||
|
{
|
||||||
|
"nodes": {
|
||||||
|
"nixpkgs": {
|
||||||
|
"info": {
|
||||||
|
"lastModified": 1589389290,
|
||||||
|
"narHash": "sha256-K5etYl0wKAPvU/B9LliwIgH/m/hYo1WyVlEIhLm8cV0="
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "d5ba826821ae7d895c6385ea99af73c7052e2e79",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"id": "nixpkgs",
|
||||||
|
"type": "indirect"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"root": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": "nixpkgs"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"root": "root",
|
||||||
|
"version": 5
|
||||||
|
}
|
|
@ -0,0 +1,39 @@
|
||||||
|
{
|
||||||
|
description = "A flake for the construct matrix homeserver";
|
||||||
|
|
||||||
|
outputs = { self, nixpkgs }: let
|
||||||
|
forAllSystems = nixpkgs.lib.genAttrs [ "x86_64-linux" "i686-linux" "aarch64-linux" "x86_64-darwin" ];
|
||||||
|
in {
|
||||||
|
|
||||||
|
overlay = final: prev: rec {
|
||||||
|
matrix-construct-source = let
|
||||||
|
inherit (prev) lib linkFarm;
|
||||||
|
srcFilter = n: t: (lib.hasSuffix ".cc" n || lib.hasSuffix ".h" n || lib.hasSuffix ".S" n
|
||||||
|
|| lib.hasSuffix ".md" n || t == "directory");
|
||||||
|
repo = lib.cleanSourceWith { filter = srcFilter; src = lib.cleanSource "./."; };
|
||||||
|
|
||||||
|
buildFileWith = root: name: type: rec {
|
||||||
|
inherit name; file = "${root}/${name}";
|
||||||
|
path = if type == "directory" then buildFarmFrom name file else "${file}";
|
||||||
|
};
|
||||||
|
buildFarm = root: lib.mapAttrsToList (buildFileWith root) (builtins.readDir root);
|
||||||
|
buildFarmFrom = basename: root: linkFarm (lib.strings.sanitizeDerivationName basename) (buildFarm root);
|
||||||
|
in buildFarmFrom "construct" self;
|
||||||
|
|
||||||
|
matrix-construct = prev.callPackage ./nix/package {
|
||||||
|
rev = if self ? rev then self.rev else "development";
|
||||||
|
source = matrix-construct-source;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
packages = forAllSystems (system: let
|
||||||
|
pkgs = nixpkgs.legacyPackages.${system};
|
||||||
|
in self.overlay pkgs pkgs);
|
||||||
|
|
||||||
|
defaultPackage = forAllSystems (system: self.packages.${system}.matrix-construct);
|
||||||
|
|
||||||
|
nixosModules = {
|
||||||
|
matrix-construct = import ./nix/module self;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,89 @@
|
||||||
|
self: { config, system, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.services.matrix-construct;
|
||||||
|
in {
|
||||||
|
options.services.matrix-construct = with lib; {
|
||||||
|
enable = mkEnableOption "the construct server";
|
||||||
|
|
||||||
|
useScreen = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = true;
|
||||||
|
example = false;
|
||||||
|
description = ''
|
||||||
|
Run construct in screen for stdio access.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
setupUnbound = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = true;
|
||||||
|
example = false;
|
||||||
|
description = ''
|
||||||
|
Setup default unbound forwardAddresses.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
extraArgs = mkOption {
|
||||||
|
type = with types; listOf str;
|
||||||
|
default = [];
|
||||||
|
example = [ "-6" "--debug" ];
|
||||||
|
description = ''
|
||||||
|
Extra flags to pass to construct.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
package = mkOption {
|
||||||
|
type = types.package;
|
||||||
|
default = self.packages.${system}.matrix-construct;
|
||||||
|
defaultText = "pkgs.matrix-construct";
|
||||||
|
description = ''
|
||||||
|
Guix package to use.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
server = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = null;
|
||||||
|
example = "matrix.example.org";
|
||||||
|
description = ''
|
||||||
|
Server configuration to run construct with.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
environment.systemPackages = [ cfg.package ] ++ lib.optional cfg.useScreen pkgs.screen;
|
||||||
|
|
||||||
|
systemd.services.construct = {
|
||||||
|
description = "Matrix Construct";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
|
||||||
|
## bin/construct host.tld [servername]
|
||||||
|
## Connect to screen
|
||||||
|
## Wait for init, then press ctrl-c
|
||||||
|
## Create listener with `net listen matrix * 8448 privkey.pem cert.pem chain.pem`
|
||||||
|
## ..I used /var/lib/acme/xa0.uk/key.pem /(...)/xa0.uk/fullchain.pem /(...)/xa0.uk/fullchain.pem`
|
||||||
|
## Route and test with https://matrix.org/federationtester/api/report?server_name=host.tld
|
||||||
|
## Restart, or reload with `mod reload web_root`
|
||||||
|
## Exit screen
|
||||||
|
script = '' cd $STATE_DIRECTORY && exec ''
|
||||||
|
+ (if cfg.useScreen then '' ${pkgs.screen}/bin/screen -D -m '' else "")
|
||||||
|
+ '' ${cfg.package}/bin/construct ${cfg.server} ${lib.concatStringsSep " " cfg.extraArgs} '';
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
Restart = "on-failure";
|
||||||
|
ConfigurationDirectory = "construct";
|
||||||
|
RuntimeDirectory = "construct";
|
||||||
|
StateDirectory = "construct"; # Todo: bootstrap
|
||||||
|
LogsDirectory = "construct";
|
||||||
|
StandardOutput = "syslog";
|
||||||
|
StandardError = "syslog";
|
||||||
|
TimeoutStopSec = "120";
|
||||||
|
KillSignal = "SIGQUIT";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.unbound.forwardAddresses = lib.mkIf cfg.setupUnbound [ "4.2.2.1" "4.2.2.2" "4.2.2.3" "4.2.2.4" "4.2.2.5" "4.2.2.6" ];
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,17 +1,10 @@
|
||||||
{ rev ? "c7e0e9ed5abd0043e50ee371129fcb8640264fc4"
|
{ source, rev, pkgs, lib, stdenv ? if useClang
|
||||||
, sha256 ? "0c28mpvjhjc8kiwj2w8zcjsr2rayw989a1wnsqda71zpcyas3mq2"
|
|
||||||
, pkgs ? import (builtins.fetchTarball { inherit sha256;
|
|
||||||
url = "https://github.com/NixOS/nixpkgs/archive/${rev}.tar.gz";
|
|
||||||
}) { }
|
|
||||||
|
|
||||||
, stdenv ? if useClang
|
|
||||||
then (if pkgs.stdenv.cc.isClang
|
then (if pkgs.stdenv.cc.isClang
|
||||||
then pkgs.stdenv
|
then pkgs.stdenv
|
||||||
else pkgs.llvmPackages_latest.stdenv)
|
else pkgs.llvmPackages_latest.stdenv)
|
||||||
else (if pkgs.stdenv.cc.isGNU
|
else (if pkgs.stdenv.cc.isGNU
|
||||||
then pkgs.stdenv
|
then pkgs.stdenv
|
||||||
else pkgs.gcc.stdenv)
|
else pkgs.gcc.stdenv)
|
||||||
, lib ? pkgs.lib
|
|
||||||
|
|
||||||
, debug ? false # Debug Build
|
, debug ? false # Debug Build
|
||||||
, useClang ? false # Use Clang over GCC
|
, useClang ? false # Use Clang over GCC
|
||||||
|
@ -21,34 +14,13 @@
|
||||||
|
|
||||||
let
|
let
|
||||||
pname = "matrix-construct";
|
pname = "matrix-construct";
|
||||||
version = "development";
|
version = lib.substring 0 9 rev;
|
||||||
|
|
||||||
source = let
|
|
||||||
srcFilter = n: t: (lib.hasSuffix ".cc" n || lib.hasSuffix ".h" n || lib.hasSuffix ".S" n
|
|
||||||
|| lib.hasSuffix ".md" n || t == "directory");
|
|
||||||
repo = lib.cleanSourceWith { filter = srcFilter; src = lib.cleanSource ./.; };
|
|
||||||
|
|
||||||
buildFileWith = root: name: type: rec {
|
|
||||||
inherit name; file = "${root}/${name}";
|
|
||||||
path = if type == "directory" then buildFarmFrom name file else "${file}";
|
|
||||||
};
|
|
||||||
buildFarm = root: lib.mapAttrsToList (buildFileWith root) (builtins.readDir root);
|
|
||||||
buildFarmFrom = basename: root: pkgs.linkFarm (lib.strings.sanitizeDerivationName basename) (buildFarm root);
|
|
||||||
in buildFarmFrom "construct" repo;
|
|
||||||
|
|
||||||
buildArgs = buildInputs: nativeBuildInputs: {
|
buildArgs = buildInputs: nativeBuildInputs: {
|
||||||
inherit buildInputs nativeBuildInputs;
|
inherit buildInputs nativeBuildInputs;
|
||||||
preferLocalBuild = true;
|
preferLocalBuild = true;
|
||||||
allowSubstitutes = false;
|
allowSubstitutes = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
VERSION_COMMIT_CMD = "git rev-parse --short HEAD";
|
|
||||||
VERSION_BRANCH_CMD = "git rev-parse --abbrev-ref HEAD";
|
|
||||||
VERSION_TAG_CMD = "git describe --tags --abbrev=0 --dirty --always --broken";
|
|
||||||
VERSION_CMD = "git describe --tags --always --broken";
|
|
||||||
runWithGit = id: cmd: lib.removeSuffix "\n" (builtins.readFile (pkgs.runCommandNoCCLocal "construct-${id}" {
|
|
||||||
buildInputs = [ pkgs.git ];
|
|
||||||
} "cd ${./.} && ${cmd} > $out"));
|
|
||||||
in stdenv.mkDerivation rec {
|
in stdenv.mkDerivation rec {
|
||||||
inherit pname version;
|
inherit pname version;
|
||||||
src = source;
|
src = source;
|
||||||
|
@ -528,7 +500,7 @@ in stdenv.mkDerivation rec {
|
||||||
libtool --tag=CXX --mode=link g++ -std=gnu++17 -ftls-model=initial-exec -pthread ${CXXOPTS} -version-info 3:2:0 \
|
libtool --tag=CXX --mode=link g++ -std=gnu++17 -ftls-model=initial-exec -pthread ${CXXOPTS} -version-info 3:2:0 \
|
||||||
-Wl,--no-undefined-version -Wl,--weak-unresolved-symbols -Wl,--unresolved-symbols=ignore-in-shared-libs \
|
-Wl,--no-undefined-version -Wl,--weak-unresolved-symbols -Wl,--unresolved-symbols=ignore-in-shared-libs \
|
||||||
-Wl,--wrap=pthread_create -Wl,--wrap=pthread_join -Wl,--wrap=pthread_timedjoin_np -Wl,--wrap=pthread_self -Wl,--wrap=pthread_setname_np \
|
-Wl,--wrap=pthread_create -Wl,--wrap=pthread_join -Wl,--wrap=pthread_timedjoin_np -Wl,--wrap=pthread_self -Wl,--wrap=pthread_setname_np \
|
||||||
-Wl,-z,nodelete -Wl,-z,nodlopen -Wl,-z,lazy -L${boost.out}/lib \
|
-Wl,-z,nodelete -Wl,-z,nodlopen -Wl,-z,lazy -L${pkgs.boost.out}/lib \
|
||||||
-Wl,-fuse-ld=gold -Wl,--gdb-index -Wl,--warn-common -Wl,--warn-execstack -Wl,--detect-odr-violations -Wl,--rosegment -Wl,-z,noexecstack -Wl,-z,combreloc -Wl,-z,text-unlikely-segment \
|
-Wl,-fuse-ld=gold -Wl,--gdb-index -Wl,--warn-common -Wl,--warn-execstack -Wl,--detect-odr-violations -Wl,--rosegment -Wl,-z,noexecstack -Wl,-z,combreloc -Wl,-z,text-unlikely-segment \
|
||||||
-o $out/${laFile} ${lib.concatStringsSep " " loFiles} ${extraArgs} \
|
-o $out/${laFile} ${lib.concatStringsSep " " loFiles} ${extraArgs} \
|
||||||
-lrocksdb -lboost_coroutine -lboost_context -lboost_thread -lboost_filesystem -lboost_chrono -lboost_system -lssl -lcrypto -L${pkgs.libsodium.out}/lib -lsodium -lmagic -lz -lpthread -latomic -lrocksdb -ldl
|
-lrocksdb -lboost_coroutine -lboost_context -lboost_thread -lboost_filesystem -lboost_chrono -lboost_system -lssl -lcrypto -L${pkgs.libsodium.out}/lib -lsodium -lmagic -lz -lpthread -latomic -lrocksdb -ldl
|
||||||
|
@ -570,11 +542,11 @@ in stdenv.mkDerivation rec {
|
||||||
|
|
||||||
versionDefs = let
|
versionDefs = let
|
||||||
versions = {
|
versions = {
|
||||||
BRANDING_VERSION = "${runWithGit "version" VERSION_CMD}";
|
BRANDING_VERSION = lib.substring 0 9 rev;
|
||||||
RB_VERSION = "${runWithGit "version" VERSION_CMD}";
|
RB_VERSION = lib.substring 0 9 rev;
|
||||||
RB_VERSION_BRANCH = "${runWithGit "version-branch" VERSION_BRANCH_CMD}";
|
RB_VERSION_BRANCH = "master";
|
||||||
RB_VERSION_COMMIT = "${runWithGit "version-commit" VERSION_COMMIT_CMD}";
|
RB_VERSION_COMMIT = rev;
|
||||||
RB_VERSION_TAG = "${runWithGit "version-tag" VERSION_TAG_CMD}";
|
RB_VERSION_TAG = rev;
|
||||||
};
|
};
|
||||||
in lib.concatStringsSep " " (lib.mapAttrsToList (k: v: "-U${k} -D'${k}=\"${v}\"'") versions);
|
in lib.concatStringsSep " " (lib.mapAttrsToList (k: v: "-U${k} -D'${k}=\"${v}\"'") versions);
|
||||||
|
|
12
shell.nix
12
shell.nix
|
@ -20,17 +20,7 @@ let
|
||||||
'';
|
'';
|
||||||
in pkgs.mkShell {
|
in pkgs.mkShell {
|
||||||
buildInputs = with pkgs; [
|
buildInputs = with pkgs; [
|
||||||
libsodium openssl file boost gmp llvm
|
libsodium openssl file boost gmp llvm rocksdb
|
||||||
(rocksdb.overrideAttrs (super: rec {
|
|
||||||
version = "5.16.6";
|
|
||||||
src = pkgs.fetchFromGitHub {
|
|
||||||
owner = "facebook";
|
|
||||||
repo = "rocksdb";
|
|
||||||
rev = "v${version}";
|
|
||||||
sha256 = "0yy09myzbi99qdmh2c2mxlddr12pwxzh66ym1y6raaqglrsmax66";
|
|
||||||
};
|
|
||||||
NIX_CFLAGS_COMPILE = "${super.NIX_CFLAGS_COMPILE} -Wno-error=redundant-move";
|
|
||||||
}))
|
|
||||||
zlib lz4 snappy
|
zlib lz4 snappy
|
||||||
graphicsmagick
|
graphicsmagick
|
||||||
jemalloc
|
jemalloc
|
||||||
|
|
Loading…
Reference in New Issue