├── .gitignore ├── Makefile ├── Readme.md ├── configuration.nix ├── configuration2machines.nix ├── deploy ├── logical.nix ├── logical2machines.nix └── physical │ ├── ec2.nix │ ├── hetzner │ ├── configuration.nix │ └── hardware-configuration.nix │ ├── nixos-hetzner.nix │ ├── virtualbox.nix │ └── virtualbox2machines.nix ├── docs ├── dev-upgrading.md ├── infos.txt └── journal.md └── shell.nix /.gitignore: -------------------------------------------------------------------------------- 1 | work 2 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | superuser: 2 | nixops ssh -d funkwhale funkwhale -t "cd /srv/funkwhale && sudo --user=funkwhale sh -c './createSuperUser.sh'" 3 | import: 4 | rsync -azv ~/music/ root@funkwhale.local:/srv/funkwhale/music/imports/ 5 | nixops ssh -d funkwhale funkwhale -t "chown -R funkwhale.funkwhale /srv/funkwhale/music/imports && sudo --user=funkwhale sh -c 'cd ~funkwhale && ./importMusic.sh idOfYourMusicLibrary'" 6 | test: 7 | nixops destroy -d funkwhale-vbox 8 | nixops delete -d funkwhale-vbox 9 | nixops create ./deploy/logical.nix ./deploy/physical/virtualbox.nix -d funkwhale-vbox 10 | nixops deploy -d funkwhale-vbox --allow-reboot 11 | sleep 90 12 | nixops ssh -d funkwhale-vbox funkwhale -t "cd /srv/funkwhale && sudo --user=funkwhale sh -c './createSuperUser.sh'" 13 | testmodule: 14 | nixos-rebuild build-vm --fast -I nixos-config=./configuration.nix -I nixpkgs=~/travaux/nixpkgs 15 | test2machines: 16 | nixops destroy -d funkwhale2machines-vbox 17 | nixops delete -d funkwhale2machines-vbox 18 | nixops create ./deploy/logical2machines.nix ./deploy/physical/virtualbox2machines.nix -d funkwhale2machines-vbox 19 | nixops deploy -d funkwhale2machines-vbox --allow-reboot 20 | -------------------------------------------------------------------------------- /Readme.md: -------------------------------------------------------------------------------- 1 | # Funkwhale on NixOS 2 | 3 | **NOTE: for a more up to date Funkwhale configuration with nix flakes, see [mmai/funkwhale-flake](https://github.com/mmai/funkwhale-flake)** 4 | 5 | An example of how to deploy [Funkwhale](https://funkwhale.audio/) with NixOS and [NixOps](https://nixos.org/nixops/). 6 | 7 | This uses the Funkwhale package and module for NixOS. If you want to take a look, they are defined at the following path in NixOS packages repository: 8 | - [pkgs/servers/web-apps/funkwhale](https://github.com/mmai/nixpkgs/tree/funkwhale/pkgs/servers/web-apps/funkwhale) 9 | - [nixos/modules/services/web-apps/funkwhale](https://github.com/mmai/nixpkgs/tree/funkwhale/nixos/modules/services/web-apps/funkwhale.nix) 10 | 11 | ## Prepare local environment 12 | 13 | 1. Install [Nix](https://nixos.org/nix/) 14 | 15 | ``` 16 | curl https://nixos.org/nix/install | sh 17 | ``` 18 | 19 | Logout an login again to have the correct environment variables. 20 | 21 | 2. Get this repository 22 | 23 | ```bash 24 | git clone https://github.com/mmai/funkwhale-nixos.git 25 | cd funkwhale-nixos 26 | ``` 27 | 28 | 3. Bootstrap an environment with Funkwhale packages and the _nixops_ deployment tool (the Funkwhale packages are not merged in the official NixOS repository, the custom funkwhale repository is configured in _shell.nix_) : 29 | 30 | ``` 31 | nix-shell 32 | nix-env -i nixops 33 | ``` 34 | 35 | The nix-shell command takes some time to complete. 36 | 37 | ## Set up deployment target 38 | 39 | Here are instructions to set up the deployment depending on the targeted server. 40 | 41 | You may want to test a local deployment on a virtual machine first, see the following Virtualbox section. 42 | 43 | ### VirtualBox 44 | 45 | Make sure [VirtualBox](https://www.virtualbox.org/) is installed. 46 | 47 | The _vboxnet0_ network has to exist - you can add it in the VirtualBox general settings under _Networks - Host-only Networks_ if necessary. 48 | 49 | Then create the deployment configuration with : 50 | 51 | ```bash 52 | nixops create ./deploy/logical.nix ./deploy/physical/virtualbox.nix -d funkwhale 53 | ``` 54 | 55 | ### Amazon Web Services 56 | 57 | Set up an account on AWS. Copy your AWS access key and private key in ~/.ac2-keys, it should look like this : 58 | 59 | ``` 60 | youraccesskey yoursecretkey 61 | ``` 62 | 63 | On the AWS console, change settings for the default security group and allow ssh, http/https inbound outbound. 64 | 65 | Set the _accessKey_ and _region_ parameters in the _./deploy/physical/ec2.nix_ file. 66 | 67 | Then create the deployment configuration with : 68 | 69 | ```bash 70 | nixops create ./deploy/logical.nix ./deploy/physical/ec2.nix -d funkwhale 71 | ``` 72 | ### Hetzner Cloud 73 | 74 | Here is a video of the process https://www.youtube.com/watch?v=YUfv3JFwHe0 , or you can follow the instructions below. 75 | 76 | 1. Server creation 77 | 78 | - Go to https://www.hetzner.com/cloud and create an account if you don't have one 79 | - Create a new project 80 | - Add a server on this project, choose the defaults : ubuntu 18.04, small instance, create & buy 81 | - once the server is created, go to its page select mount an ISO image, choose "NixOS" and mount. 82 | - Connect via ssh with the password sent by mail at the server creation. You will be asked to change this password. So do it and disconnect. 83 | - copy your public ssh key to the server (you can create one by doing `ssh-keygen`) : `ssh-copy-id root@XX.XX.XX.XX`. 84 | - connect again, you should be able to do so without entering your password. Then reboot to boot on the NixOS ISO image and start the installer. 85 | 86 | 2. NixOS installation 87 | 88 | On the Hetzner dashboard, open the console (top right button next to the lock ). Wait for the NixOS image to boot, you will be directly connected as root. 89 | If your keyboard is not _qwerty_, you can change the keyboard layout with _loadkeys_, for a french _azerty_ keyboard, type `loadkeys fr`. 90 | 91 | First we copy our public key in a safe place, we will need it later 92 | ``` 93 | mount /dev/sda1 /mnt 94 | cp /mnt/root/.ssh/authorized_keys /root/ 95 | umount /mnt 96 | ``` 97 | 98 | We follow the instructions from https://nixos.org/nixos/manual/index.html#sec-installation legacy Boot (MBR), and a 2GiB swap partition : 99 | 100 | Create a MBR partition table, add root and swap partitions : launch `parted /dev/sda` and inside parted type : 101 | 102 | mklabel msdos 103 | mkpart primary 1MiB -2GiB 104 | mkpart primary linux-swap -2GiB 100% 105 | q 106 | 107 | Initialize partitions 108 | 109 | mkfs.ext4 -L nixos /dev/sda1 110 | mkswap -L swap /dev/sda2 111 | 112 | 113 | Configure nixos system 114 | 115 | mount /dev/disk/by-label/nixos /mnt 116 | swapon /dev/sda2 117 | nixos-generate-config --root /mnt 118 | cat ./authorized_keys >> /mnt/etc/nixos/configuration.nix # copy our ssh key to the conf file 119 | nano /mnt/etc/nixos/configuration.nix 120 | 121 | In configuration.nix : 122 | 123 | - uncomment the `boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only` line 124 | - you can change your language and keyboard layout in the _i18n_ section 125 | - add the following lines before the closing bracket, replacing `sh-rsa xxxxx you@desktop` by your public key that we copied at the end of the file the step before with the `cat` command (and remove that last line after that, the file should end with the closing bracket ) : 126 | 127 | ``` 128 | users.users.root.openssh.authorizedKeys.keys = [ 129 | "sh-rsa xxxxxx you@desktop" 130 | ]; 131 | 132 | networking.firewall.allowedTCPPorts = [ 22 ]; 133 | services.openssh.enable = true; 134 | ``` 135 | 136 | And the last step : 137 | 138 | ``` 139 | nixos-install 140 | ``` 141 | 142 | Wait for installation, enter a new root password when prompted. 143 | Before rebooting, go to the Hetzner console and unmount the NixOS ISO image. Then you can reboot 144 | 145 | ``` 146 | reboot 147 | ``` 148 | 149 | 3. Deployment configuration 150 | 151 | After rebooting your server, ensure that you are able to connect to it via ssh without needing a password : 152 | ``` 153 | ssh root@XX.XX.XX.XX 154 | exit 155 | ``` 156 | 157 | If it works, you can copy its configuration to your local machine : 158 | ``` 159 | cd deploy/physical/hetzner 160 | scp root@XX.XX.XX.XX:/etc/nixos/configuration.nix . 161 | scp root@XX.XX.XX.XX:/etc/nixos/hardware-configuration.nix . 162 | cd ../.. 163 | ``` 164 | 165 | Edit _physical/nixos-hetzner.nix_ file and set your server IP adress in the `deployment.targetHost` line. 166 | 167 | Edit the main _configuration.nix_ file and replace `funkwhale.local` by the domain name you want, you will need to associate this domain to the IP adress of your server (or you can edit your local _/etc/hosts_ file to test it) 168 | 169 | Then create the deployment configuration with : 170 | 171 | ```bash 172 | nixops create ./deploy/logical.nix ./deploy/physical/nixos-hetzner.nix -d funkwhale 173 | ``` 174 | 175 | ### Others 176 | 177 | See https://nixos.org/nixops/manual/ 178 | 179 | ## Deploy 180 | 181 | ``` 182 | nixops deploy -d funkwhale --allow-reboot 183 | ``` 184 | 185 | (you can remove `--allow-reboot` if you want to reboot manually) 186 | 187 | If you get an error `Exception: unable to activate new configuration` related to _virtualbox.service_, you can force deployment like this: 188 | 189 | ``` 190 | nixops deploy --force-reboot -d funkwhale 191 | ``` 192 | 193 | Get the IP adress of the server : 194 | ``` 195 | nixops info -d funkwhale 196 | ``` 197 | 198 | Edit your _/etc/hosts_ file and associate the configured domain name with the IP adress : 199 | ``` 200 | 192.168.56.101 funkwhale.localhost funkwhale.local 201 | ``` 202 | 203 | ## Create a Funkwhale admin user 204 | 205 | ``` 206 | make superuser 207 | ``` 208 | 209 | You should be able to login on http://funkwhale.local/login with the created account. 210 | 211 | ## Other commands 212 | 213 | Connect on the machine with 214 | ``` 215 | nixops ssh -d funkwhale funkwhale 216 | ``` 217 | 218 | -------------------------------------------------------------------------------- /configuration.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | with pkgs; 4 | 5 | let funkwhaleHost = "funkwhale.local"; 6 | in 7 | { 8 | networking.extraHosts = 9 | '' 10 | 127.0.0.1 ${funkwhaleHost} 11 | ''; 12 | 13 | # See nixos/modules/services/web-apps/funkwhale.nix for all available options 14 | services.funkwhale = { 15 | enable = true; 16 | hostname = funkwhaleHost; 17 | defaultFromEmail = "noreply@${funkwhaleHost}"; 18 | protocol = "http"; # Disable https for local tests 19 | api = { 20 | # Generate one using `openssl rand -base64 45`, for example 21 | djangoSecretKey = "i1vh21SWg1CEyM5KJILxn4aE1jEhvbF9XSxsT8chovgJll1v54VsH0X3AGsJ"; 22 | }; 23 | }; 24 | 25 | # Overrides default 30M 26 | services.nginx.clientMaxBodySize = "100m"; 27 | 28 | services.fail2ban.enable = true; 29 | time.timeZone = "Europe/Paris"; 30 | networking.firewall.allowedTCPPorts = [ 80 443 ]; 31 | 32 | # The NixOS release to be compatible with for stateful data such as databases. 33 | system.stateVersion = "20.03"; 34 | } 35 | -------------------------------------------------------------------------------- /configuration2machines.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | with pkgs; 4 | 5 | let funkwhaleHost = "funkwhale.local"; 6 | in 7 | { 8 | networking.extraHosts = 9 | '' 10 | 127.0.0.1 ${funkwhaleHost} 11 | ''; 12 | 13 | # See nixos/modules/services/web-apps/funkwhale.nix for all available options 14 | services.funkwhale = { 15 | enable = true; 16 | database = { 17 | createLocally = false; 18 | host = "postgresql"; 19 | user = "funkwhale"; 20 | password = "funkwhalepass"; 21 | }; 22 | hostname = funkwhaleHost; 23 | defaultFromEmail = "noreply@${funkwhaleHost}"; 24 | protocol = "http"; # Disable https for local tests 25 | api = { 26 | # Generate one using `openssl rand -base64 45`, for example 27 | djangoSecretKey = "i1vh21SWg1CEyM5KJILxn4aE1jEhvbF9XSxsT8chovgJll1v54VsH0X3AGsJ"; 28 | }; 29 | }; 30 | 31 | # Overrides default 30M 32 | services.nginx.clientMaxBodySize = "100m"; 33 | 34 | services.fail2ban.enable = true; 35 | time.timeZone = "Europe/Paris"; 36 | networking.firewall.allowedTCPPorts = [ 80 443 ]; 37 | 38 | # The NixOS release to be compatible with for stateful data such as databases. 39 | system.stateVersion = "20.03"; 40 | } 41 | -------------------------------------------------------------------------------- /deploy/logical.nix: -------------------------------------------------------------------------------- 1 | { 2 | # all in one server 3 | funkwhale = import ../configuration.nix; 4 | } 5 | -------------------------------------------------------------------------------- /deploy/logical2machines.nix: -------------------------------------------------------------------------------- 1 | { 2 | funkwhale = import ../configuration2machines.nix; 3 | postgresql = 4 | { pkgs, ... }: 5 | { services.postgresql.enable = true; 6 | services.postgresql.package = pkgs.postgresql; 7 | services.postgresql.enableTCPIP = true; 8 | services.postgresql.authentication = '' 9 | local all all trust 10 | host all all funkwhale trust 11 | ''; 12 | 13 | services.postgresql.initialScript = pkgs.writeText "backend-initScript" '' 14 | CREATE ROLE funkwhale WITH LOGIN PASSWORD 'funkwhalepass'; 15 | CREATE DATABASE funkwhale; 16 | GRANT ALL PRIVILEGES ON DATABASE funkwhale TO funkwhale; 17 | \c funkwhale 18 | CREATE EXTENSION IF NOT EXISTS "unaccent"; 19 | ''; 20 | networking.firewall.allowedTCPPorts = [ 5432 ]; 21 | 22 | 23 | }; 24 | } 25 | -------------------------------------------------------------------------------- /deploy/physical/ec2.nix: -------------------------------------------------------------------------------- 1 | let 2 | # Insert your AWS access key here 3 | accessKey = "youraccesskey"; 4 | region = "eu-west-1"; # Dublin 5 | in { 6 | # Mapping of our 'funkwhale' machine 7 | funkwhale = { resources, ... }: 8 | { deployment.targetEnv = "ec2"; 9 | deployment.ec2.region = region; 10 | deployment.ec2.instanceType = "t2.micro"; 11 | deployment.ec2.accessKeyId = accessKey; 12 | # We'll let NixOps generate a keypair automatically 13 | deployment.ec2.keyPair = resources.ec2KeyPairs.funkwhale-kp.name; 14 | }; 15 | 16 | # Here we create a keypair in the same region as our deployment 17 | resources.ec2KeyPairs.funkwhale-kp = { 18 | region = region; 19 | accessKeyId = accessKey; 20 | }; 21 | } 22 | 23 | #In the above expression, no AWS secret key is provided, you need to put that in your ~/.ec2-keys file where each line specifies a access key, followed by the secret key, e.g.: 24 | # youraccesskey yoursecretkey 25 | -------------------------------------------------------------------------------- /deploy/physical/hetzner/configuration.nix: -------------------------------------------------------------------------------- 1 | # Edit this configuration file to define what should be installed on 2 | # your system. Help is available in the configuration.nix(5) man page 3 | # and in the NixOS manual (accessible by running ‘nixos-help’). 4 | 5 | { config, pkgs, ... }: 6 | 7 | { 8 | imports = 9 | [ # Include the results of the hardware scan. 10 | ./hardware-configuration.nix 11 | ]; 12 | 13 | # Use the GRUB 2 boot loader. 14 | boot.loader.grub.enable = true; 15 | boot.loader.grub.version = 2; 16 | boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only 17 | 18 | # Put your public ssh keys here 19 | users.users.root.openssh.authorizedKeys.keys = [ 20 | "sh-rsa AAAAloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsumloremIpsum you@desktop" 21 | ]; 22 | 23 | networking.firewall.allowedTCPPorts = [ 22 ]; 24 | services.openssh.enable = true; 25 | 26 | } 27 | -------------------------------------------------------------------------------- /deploy/physical/hetzner/hardware-configuration.nix: -------------------------------------------------------------------------------- 1 | # this is an example file. Get it from your Hetzner VPS instance at /etc/nixos/hardware-configuration.nix 2 | 3 | # Do not modify this file! It was generated by ‘nixos-generate-config’ 4 | # and may be overwritten by future invocations. Please make changes 5 | # to /etc/nixos/configuration.nix instead. 6 | { config, lib, pkgs, ... }: 7 | 8 | { 9 | imports = 10 | [ 11 | ]; 12 | 13 | boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; 14 | boot.kernelModules = [ ]; 15 | boot.extraModulePackages = [ ]; 16 | 17 | fileSystems."/" = 18 | { device = "/dev/disk/by-uuid/3cdae94e-e109-45e2-a1fc-dff6fe1c9548"; 19 | fsType = "ext4"; 20 | }; 21 | 22 | swapDevices = 23 | [ { device = "/dev/disk/by-uuid/c7dac4ea-8da8-486b-9106-3cc737b91d98"; } 24 | ]; 25 | 26 | nix.maxJobs = lib.mkDefault 1; 27 | } 28 | -------------------------------------------------------------------------------- /deploy/physical/nixos-hetzner.nix: -------------------------------------------------------------------------------- 1 | { 2 | # all in one server 3 | funkwhale = 4 | { config, pkgs, ... }: 5 | { deployment.targetHost = "IP.of.your.server"; 6 | imports = [ 7 | ./hetzner/configuration.nix 8 | ]; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /deploy/physical/virtualbox.nix: -------------------------------------------------------------------------------- 1 | { 2 | # all in one server 3 | funkwhale = 4 | { config, pkgs, ... }: 5 | { deployment.targetEnv = "virtualbox"; 6 | deployment.virtualbox.memorySize = 1024; # megabytes 7 | deployment.virtualbox.vcpu = 2; # number of cpus 8 | }; 9 | } 10 | -------------------------------------------------------------------------------- /deploy/physical/virtualbox2machines.nix: -------------------------------------------------------------------------------- 1 | let vbox = 2 | { config, pkgs, ... }: 3 | { deployment.targetEnv = "virtualbox"; 4 | deployment.virtualbox.memorySize = 1024; # megabytes 5 | deployment.virtualbox.vcpu = 2; # number of cpus 6 | }; 7 | in 8 | { 9 | funkwhale = vbox; 10 | postgresql = vbox; 11 | } 12 | -------------------------------------------------------------------------------- /docs/dev-upgrading.md: -------------------------------------------------------------------------------- 1 | # Dev notes : how to upgrade 2 | 3 | ## Update nixpkgs repository 4 | 5 | Make sure upstream repository is configured : 6 | https://help.github.com/en/articles/configuring-a-remote-for-a-fork 7 | 8 | ``` 9 | cd ~/path-to/nixpkgs 10 | git remote add upstream https://github.com/NixOS/nixpkgs.git 11 | ``` 12 | 13 | Sync repo : 14 | 15 | ``` 16 | git fetch upstream 17 | git checkout master & git merge upstream/master 18 | git checkout funkwhale & git rebase master 19 | ``` 20 | 21 | (if it's a fix after a review : rebase, then force push (cf. https://nixos.org/nixpkgs/manual/#submitting-changes-commit-policy)) 22 | 23 | ## Update funkwhale nixos pkgs 24 | 25 | ### Module 26 | 27 | See changes in https://docs.funkwhale.audio/changelog.html 28 | (look for manual actions...) 29 | 30 | 31 | Funkwhale code is at https://dev.funkwhale.audio/funkwhale/funkwhale 32 | Look at theses files and make changes in _nixos/modules/services/web-apps/funkwhale/funkwhale.nix_ : 33 | - deploy/*.service 34 | - deploy/nginx.template 35 | 36 | Edit module in `nixos/modules/services/web-apps/funkwhale/` 37 | 38 | ### Package 39 | 40 | Look for requirements changes ( ex : `git diff 0.18 0.19.0 -- api/requirements/base.txt`) 41 | * system packages in api/requirements.apt 42 | * python packages in api/requirements/base.txt (add missing requirements, then change versions by testing, don't forget to add new python modules in _pkgs/top-level/python-packages.nix_) 43 | 44 | 45 | Edit pkg in `pkgs/servers/web-apps/funkwhale/` 46 | 47 | * update release version 48 | * update sha256 checksums 49 | 50 | ## Tests 51 | 52 | Test packages : 53 | 54 | `nix-build . -A funkwhale` 55 | `nix-build . -A python36Packages.unicode-slugify` 56 | 57 | Test module documentation : 58 | ``` 59 | cd nixos 60 | nix-build release.nix -A manual.x86_64-linux 61 | firefox result/share/doc/nixos/options.html 62 | ``` 63 | ## Test deployment 64 | 65 | ``` 66 | cd ~/path-to/funkwhale-nixos 67 | nix-shell --run "nixops deploy -d funkwhale-vbox" 68 | 69 | 70 | nixops info -d funkwhale-vbox 71 | nixops ssh -d funkwhale-vbox funkwhale 72 | make superuser 73 | ``` 74 | 75 | -------------------------------------------------------------------------------- /docs/infos.txt: -------------------------------------------------------------------------------- 1 | users.users.root.openssh.authorizedKeys.keys = [ 2 | "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCVKKqG2/2Vi3KS5PrBIRLZ8m6J4thXCWY2bsuBWHOQ67RSYzEufCD9ygcN0foXEYN5e2+Mqo8BquVbtFLXFsBD5RfMcN93SmP/XjeMI9IbKIikZ8qkpxgnh4XF8e6aRpaCao/hio3X+uY0OWBcwSqveOf26ou5C5fMDFSvDpMRwQTpalT8hsoQC3KiHSuenFrzDkwEscXSioecmkBG/brVEBMyYfUcMOFUWmq9lFmfsDRC4dfS3sAFxthnVhQ8Yl4Lzox5v8uRFpROy4/vHcelbZDsXVl59uQnoJblhoIJob5NWnp33x3vPRz1ycPcGxNSZLUHCBf01f00ueYNU5EB henri@henri-desktop" 3 | ]; 4 | 5 | networking.firewall.allowedTCPPorts = [ 22 ]; 6 | services.openssh.enable = true; 7 | 8 | 9 | 10 | -------------------------------------------------------------------------------- /docs/journal.md: -------------------------------------------------------------------------------- 1 | # Funkwhale on NixOS - journal 2 | 3 | ```bash 4 | mkdir work 5 | cd work 6 | git clone https://code.eliotberriot.com/funkwhale/funkwhale.git 7 | cd funkwhale/api 8 | git checkout 0.17 9 | vim requirements/base.txt # requests-http-signature==0.1 à la place de git+https://github.com/EliotBerriot/requests-http-signature.git@signature-header-support 10 | nixenv -i pypi2nix 11 | pypi2nix -V "3.6" -e setuptools-scm -e isort -e m2r -r requirements/base.txt -E "postgresql libffi openssl openldap cyrus_sasl pkgconfig libjpeg openjpeg zlib libtiff freetype lcms2 libwebp tcl" 12 | # (-e setuptools-scm est nécessaire pour certaindes dépendances (c. https://github.com/garbas/pypi2nix/issues/217)) tester avec: 13 | nix-shell requirements.nix -A interpreter 14 | 15 | ``` 16 | provoque erreur 17 | ``` 18 | error: infinite recursion encountered, at /nix/store/mxg4bbblxfns96yrz0nalxyiyjl7gj98-nix-2.1.2/share/nix/corepkgs/derivation.nix:18:9 19 | (use '--show-trace' to show detailed location information) 20 | ``` 21 | `--show-trace` permet de voir quel paquet a des dépendances circulaires (ici _Twisted_) 22 | 23 | Éditer le fichier `requirements_override.nix` et supprimer les dépendances circulaire sur ce modèle, en regardant dans requirements.nix quels paquets référencés dans _Twisted_ référencent eux-même _Twisted_ : 24 | 25 | ``` 26 | { pkgs, python }: 27 | 28 | let 29 | removeDependencies = names: deps: 30 | with builtins; with pkgs.lib; 31 | filter 32 | (drv: all 33 | (suf: 34 | ! hasSuffix ("-" + suf) 35 | (parseDrvName drv.name).name 36 | ) 37 | names 38 | ) 39 | deps; 40 | in 41 | 42 | self: super: { 43 | 44 | "Automat" = python.overrideDerivation super."Automat" (old: { 45 | propagatedBuildInputs = 46 | removeDependencies [ "Twisted" ] old.propagatedBuildInputs; 47 | buildInputs = old.buildInputs ++ [ self."m2r" self."setuptools-scm" ]; 48 | }); 49 | 50 | "incremental" = python.overrideDerivation super."incremental" (old: { 51 | propagatedBuildInputs = 52 | removeDependencies [ "Twisted" ] old.propagatedBuildInputs; 53 | }); 54 | 55 | } 56 | ``` 57 | 58 | problème `Could not find suitable distribution for Requirement.parse('pytest-runner')`, solution supprimer la dépendance dans Setup.py du paquet : 59 | 60 | ``` 61 | "ffmpeg-python" = python.overrideDerivation super."ffmpeg-python" (old: { 62 | patchPhase = '' 63 | sed -i \ 64 | -e "s|'pytest-runner'||" \ 65 | setup.py 66 | ''; 67 | }); 68 | 69 | ``` 70 | 71 | setuptools-scm : en plus du `-e setuptools-scm`, ajouter : 72 | 73 | ``` 74 | "python-dateutil" = python.overrideDerivation super."python-dateutil" (old: { 75 | buildInputs = old.buildInputs ++ [ self."setuptools-scm" ]; 76 | }); 77 | ``` 78 | 79 | 80 | problème compilation hiredis (encodage), solution : 81 | ``` 82 | "hiredis" = python.overrideDerivation super."hiredis" (old: { 83 | buildInputs = old.buildInputs ++ [ pkgs.glibcLocales ]; 84 | preConfigure = '' 85 | export LANG=en_US.UTF-8 86 | ''; 87 | }); 88 | 89 | ``` 90 | 91 | ``` 92 | cd ../.. 93 | cp work/funkwhale/api/requirements.nix . # référencer ce fichier dans packages/funkwhale.nix 94 | ``` 95 | 96 | ## Mise à jour 97 | 98 | Regarder les différences dans ces fichiers pour répercuter les changements dans _nixos/modules/services/web-apps/funkwhale/funkwhale.nix_ : 99 | - deploy/*.service 100 | - deploy/nginx.template 101 | 102 | ## Intégration dans dépôt officiel 103 | 104 | ``` 105 | cd ~/travaux/nixpkgs/ 106 | git checkout master && git pull 107 | git checkout funkwhale && git merge master 108 | ``` 109 | 110 | - pkg dans _pkgs/servers/web-apps/funkwhale/_ 111 | - module dans _nixos/modules/services/web-apps/funkwhale/_ 112 | 113 | Edition de _shell.nix_ : `pkgsSrc = /home/henri/travaux/nixpkgs` 114 | 115 | **Tester le déploiement avec** : 116 | ``` 117 | nix-shell --run "nixops deploy -d vbox-funkwhale" 118 | ``` 119 | 120 | **Tester package :** 121 | 122 | `nix-build ~/travaux/nixpkgs -A python37Packages.hiredis` 123 | 124 | **Tester module :** 125 | documentation : `cd nixos ; nix-build release.nix -A manual.x86_64-linux ; firefox result/share/doc/nixos/options.html ` 126 | 127 | -------------------------------------------------------------------------------- /shell.nix: -------------------------------------------------------------------------------- 1 | let 2 | # Use a local version of nixpkgs: 3 | pkgs = (import /home/henri/travaux/nixpkgs {}); 4 | 5 | # Use a specific version of nixpkgs: 6 | # cf. https://nixos.wiki/wiki/FAQ/Pinning_Nixpkgs 7 | # Commit hash as of 2019-06-14 8 | # `git ls-remote https://github.com/mmai/nixpkgs funkwhale` 9 | # rev = "3f3490063dee41ab6da51f18634e42ca1df7cbf9"; 10 | # pkgsSrc = builtins.fetchGit { 11 | # url = https://github.com/mmai/nixpkgs; 12 | # ref = "funkwhale"; 13 | # rev = rev; 14 | # }; 15 | # pkgs = (import pkgsSrc {}); 16 | 17 | in 18 | pkgs.stdenv.mkDerivation rec { 19 | name = "nixops-env"; 20 | buildInputs = with pkgs; [ pkgs.nixops ]; 21 | shellHook = '' 22 | export NIX_PATH=${pkgs.path}:nixpkgs=${pkgs.path}:. 23 | ''; 24 | } 25 | --------------------------------------------------------------------------------