125 lines
2.7 KiB
Nix
125 lines
2.7 KiB
Nix
{
|
|
stdenv,
|
|
makeBinaryWrapper,
|
|
removeReferencesTo,
|
|
srcOnly,
|
|
python3,
|
|
pnpm,
|
|
fetchFromGitHub,
|
|
nodejs,
|
|
vips,
|
|
pkg-config,
|
|
writeShellApplication,
|
|
bash,
|
|
xxd,
|
|
openssl,
|
|
nixosTests,
|
|
lib,
|
|
}:
|
|
|
|
let
|
|
generateSecrets = writeShellApplication {
|
|
name = "generate-pds-secrets";
|
|
|
|
runtimeInputs = [
|
|
xxd
|
|
openssl
|
|
];
|
|
|
|
# Commands from https://github.com/bluesky-social/pds/blob/8b9fc24cec5f30066b0d0b86d2b0ba3d66c2b532/installer.sh
|
|
text = ''
|
|
echo "PDS_JWT_SECRET=$(openssl rand --hex 16)"
|
|
echo "PDS_ADMIN_PASSWORD=$(openssl rand --hex 16)"
|
|
echo "PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=$(openssl ecparam --name secp256k1 --genkey --noout --outform DER | tail --bytes=+8 | head --bytes=32 | xxd --plain --cols 32)"
|
|
'';
|
|
};
|
|
|
|
nodeSources = srcOnly nodejs;
|
|
customPython3 = python3.withPackages (p: [ p.setuptools ]);
|
|
in
|
|
|
|
stdenv.mkDerivation (finalAttrs: {
|
|
pname = "pds";
|
|
version = "0.4.74";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "bluesky-social";
|
|
repo = "pds";
|
|
rev = "v${finalAttrs.version}";
|
|
hash = "sha256-kNHsQ6funmo8bnkFBNWHQ0Fmd5nf/uh+x9buaRJMZnM=";
|
|
};
|
|
|
|
sourceRoot = "${finalAttrs.src.name}/service";
|
|
|
|
npmDepsHash = "sha256-uQKhODaVHLj+JEq6LYiJ/zXuu7kDCLmpxOs/VCc0GqQ=";
|
|
|
|
nativeBuildInputs = [
|
|
makeBinaryWrapper
|
|
nodejs
|
|
customPython3
|
|
pkg-config
|
|
pnpm.configHook
|
|
];
|
|
|
|
# Required for `sharp` NPM dependency
|
|
buildInputs = [ vips ];
|
|
|
|
pnpmDeps = pnpm.fetchDeps {
|
|
inherit (finalAttrs)
|
|
pname
|
|
version
|
|
src
|
|
sourceRoot
|
|
;
|
|
hash = "sha256-oU4dwlBdsMmgAUv1ICaOqaqucmg/TjKOZxjnxpm0qL8=";
|
|
};
|
|
|
|
buildPhase = ''
|
|
runHook preBuild
|
|
|
|
for f in $(find -path '*/node_modules/better-sqlite3' -type d); do
|
|
(cd "$f" && (
|
|
npm run build-release --offline --nodedir=${nodeSources}
|
|
find build -type f -exec \
|
|
${lib.getExe removeReferencesTo} \
|
|
-t "${nodeSources}" {} \;
|
|
))
|
|
done
|
|
|
|
makeWrapper "${lib.getExe nodejs}" "$out/bin/pds" \
|
|
--add-flags --enable-source-maps \
|
|
--add-flags "$out/lib/pds/index.js" \
|
|
--set-default NODE_ENV production
|
|
|
|
runHook postBuild
|
|
'';
|
|
|
|
installPhase = ''
|
|
runHook preInstall
|
|
|
|
mkdir -p $out/{bin,lib/pds}
|
|
mv node_modules $out/lib/pds
|
|
mv index.js $out/lib/pds
|
|
|
|
runHook postInstall
|
|
'';
|
|
|
|
passthru = {
|
|
inherit generateSecrets;
|
|
tests = {
|
|
inherit (nixosTests) pds;
|
|
};
|
|
};
|
|
|
|
meta = {
|
|
description = "Bluesky Personal Data Server (PDS)";
|
|
homepage = "https://bsky.social";
|
|
license = with lib.licenses; [
|
|
mit
|
|
asl20
|
|
];
|
|
maintainers = with lib.maintainers; [ t4ccer ];
|
|
platforms = lib.platforms.unix;
|
|
mainProgram = "pds";
|
|
};
|
|
})
|