nixos-config/pkgs/pds/default.nix

{
  stdenv,
  makeBinaryWrapper,
  removeReferencesTo,
  srcOnly,
  python3,
  pnpm_9,
  fetchFromGitHub,
  nodejs,
  vips,
  pkg-config,
  writeShellApplication,
  bash,
  xxd,
  openssl,
  nixosTests,
  lib,
}:

let
  generateSecrets = writeShellApplication {
    name = "generate-pds-secrets";

    runtimeInputs = [
      xxd
      openssl
    ];

    # Commands from https://github.com/bluesky-social/pds/blob/8b9fc24cec5f30066b0d0b86d2b0ba3d66c2b532/installer.sh
    text = ''
      echo "PDS_JWT_SECRET=$(openssl rand --hex 16)"
      echo "PDS_ADMIN_PASSWORD=$(openssl rand --hex 16)"
      echo "PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=$(openssl ecparam --name secp256k1 --genkey --noout --outform DER | tail --bytes=+8 | head --bytes=32 | xxd --plain --cols 32)"
    '';
  };

  nodeSources = srcOnly nodejs;
  pythonEnv = python3.withPackages (p: [ p.setuptools ]);
in

stdenv.mkDerivation (finalAttrs: {
  pname = "pds";
  version = "0.4.74";

  src = fetchFromGitHub {
    owner = "bluesky-social";
    repo = "pds";
    rev = "v${finalAttrs.version}";
    hash = "sha256-kNHsQ6funmo8bnkFBNWHQ0Fmd5nf/uh+x9buaRJMZnM=";
  };

  sourceRoot = "${finalAttrs.src.name}/service";

  nativeBuildInputs = [
    makeBinaryWrapper
    nodejs
    pythonEnv
    pkg-config
    pnpm_9.configHook
  ];

  # Required for `sharp` NPM dependency
  buildInputs = [ vips ];

  pnpmDeps = pnpm_9.fetchDeps {
    inherit (finalAttrs)
      pname
      version
      src
      sourceRoot
      ;
    hash = "sha256-oU4dwlBdsMmgAUv1ICaOqaqucmg/TjKOZxjnxpm0qL8=";
  };

  buildPhase = ''
    runHook preBuild

    pushd ./node_modules/.pnpm/better-sqlite3@*/node_modules/better-sqlite3
    npm run build-release --offline --nodedir="${nodeSources}"
    find build -type f -exec remove-references-to -t "${nodeSources}" {} \;
    popd

    makeWrapper "${lib.getExe nodejs}" "$out/bin/pds" \
      --add-flags --enable-source-maps                \
      --add-flags "$out/lib/pds/index.js"             \
      --set-default NODE_ENV production

    runHook postBuild
  '';

  installPhase = ''
    runHook preInstall

    mkdir -p $out/{bin,lib/pds}
    mv node_modules $out/lib/pds
    mv index.js $out/lib/pds

    runHook postInstall
  '';

  passthru = {
    inherit generateSecrets;
    tests = {
      inherit (nixosTests) pds;
    };
  };

  meta = {
    description = "Bluesky Personal Data Server (PDS)";
    homepage = "https://bsky.social";
    license = with lib.licenses; [
      mit
      asl20
    ];
    maintainers = with lib.maintainers; [ t4ccer ];
    platforms = lib.platforms.unix;
    mainProgram = "pds";
  };
})
Set up Bluesky PDS 2024-12-03 20:02:13 +01:00			`{`
pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00			`stdenv,`
			`makeBinaryWrapper,`
			`removeReferencesTo,`
			`srcOnly,`
			`python3,`
pds: Update 2025-01-23 14:01:26 +01:00			`pnpm_9,`
Set up Bluesky PDS 2024-12-03 20:02:13 +01:00			`fetchFromGitHub,`
			`nodejs,`
			`vips,`
			`pkg-config,`
			`writeShellApplication,`
pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00			`bash,`
Set up Bluesky PDS 2024-12-03 20:02:13 +01:00			`xxd,`
			`openssl,`
			`nixosTests,`
			`lib,`
			`}:`

			`let`
			`generateSecrets = writeShellApplication {`
			`name = "generate-pds-secrets";`

			`runtimeInputs = [`
			`xxd`
			`openssl`
			`];`

			`# Commands from https://github.com/bluesky-social/pds/blob/8b9fc24cec5f30066b0d0b86d2b0ba3d66c2b532/installer.sh`
			`text = ''`
			`echo "PDS_JWT_SECRET=$(openssl rand --hex 16)"`
			`echo "PDS_ADMIN_PASSWORD=$(openssl rand --hex 16)"`
			`echo "PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=$(openssl ecparam --name secp256k1 --genkey --noout --outform DER \| tail --bytes=+8 \| head --bytes=32 \| xxd --plain --cols 32)"`
			`'';`
			`};`
pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00
			`nodeSources = srcOnly nodejs;`
pds: Update 2025-01-23 14:01:26 +01:00			`pythonEnv = python3.withPackages (p: [ p.setuptools ]);`
Set up Bluesky PDS 2024-12-03 20:02:13 +01:00			`in`

pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00			`stdenv.mkDerivation (finalAttrs: {`
Set up Bluesky PDS 2024-12-03 20:02:13 +01:00			`pname = "pds";`
pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00			`version = "0.4.74";`
Set up Bluesky PDS 2024-12-03 20:02:13 +01:00
			`src = fetchFromGitHub {`
			`owner = "bluesky-social";`
			`repo = "pds";`
pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00			`rev = "v${finalAttrs.version}";`
			`hash = "sha256-kNHsQ6funmo8bnkFBNWHQ0Fmd5nf/uh+x9buaRJMZnM=";`
Set up Bluesky PDS 2024-12-03 20:02:13 +01:00			`};`

pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00			`sourceRoot = "${finalAttrs.src.name}/service";`
Set up Bluesky PDS 2024-12-03 20:02:13 +01:00
pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00			`nativeBuildInputs = [`
			`makeBinaryWrapper`
			`nodejs`
pds: Update 2025-01-23 14:01:26 +01:00			`pythonEnv`
pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00			`pkg-config`
pds: Update 2025-01-23 14:01:26 +01:00			`pnpm_9.configHook`
pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00			`];`
Set up Bluesky PDS 2024-12-03 20:02:13 +01:00
			# Required for `sharp` NPM dependency
			`buildInputs = [ vips ];`

pds: Update 2025-01-23 14:01:26 +01:00			`pnpmDeps = pnpm_9.fetchDeps {`
pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00			`inherit (finalAttrs)`
			`pname`
			`version`
			`src`
			`sourceRoot`
			`;`
			`hash = "sha256-oU4dwlBdsMmgAUv1ICaOqaqucmg/TjKOZxjnxpm0qL8=";`
			`};`

Set up Bluesky PDS 2024-12-03 20:02:13 +01:00			`buildPhase = ''`
			`runHook preBuild`

pds: Update 2025-01-23 14:01:26 +01:00			`pushd ./node_modules/.pnpm/better-sqlite3@*/node_modules/better-sqlite3`
			`npm run build-release --offline --nodedir="${nodeSources}"`
			`find build -type f -exec remove-references-to -t "${nodeSources}" {} \;`
			`popd`
pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00
Set up Bluesky PDS 2024-12-03 20:02:13 +01:00			`makeWrapper "${lib.getExe nodejs}" "$out/bin/pds" \`
			`--add-flags --enable-source-maps \`
			`--add-flags "$out/lib/pds/index.js" \`
			`--set-default NODE_ENV production`

			`runHook postBuild`
			`'';`

			`installPhase = ''`
			`runHook preInstall`

			`mkdir -p $out/{bin,lib/pds}`
			`mv node_modules $out/lib/pds`
			`mv index.js $out/lib/pds`

			`runHook postInstall`
			`'';`

			`passthru = {`
			`inherit generateSecrets;`
			`tests = {`
			`inherit (nixosTests) pds;`
			`};`
			`};`

			`meta = {`
			`description = "Bluesky Personal Data Server (PDS)";`
			`homepage = "https://bsky.social";`
			`license = with lib.licenses; [`
			`mit`
			`asl20`
			`];`
			`maintainers = with lib.maintainers; [ t4ccer ];`
			`platforms = lib.platforms.unix;`
			`mainProgram = "pds";`
			`};`
pds/pdsadmin: 0.4.67 -> 0.4.74 2024-12-19 22:54:57 +01:00			`})`