authelia: split out main and web to separate files

This commit is contained in:
06kellyjac 2023-03-24 11:44:27 +00:00 committed by Anderson Torres
parent 818e73fc43
commit 3386631c48
4 changed files with 96 additions and 60 deletions

View File

@ -1,48 +1,14 @@
{ lib, fetchFromGitHub, buildGoModule, installShellFiles, buildNpmPackage }:
{ lib, fetchFromGitHub, buildGoModule, installShellFiles, callPackage }:
let
inherit (import ./sources.nix { inherit fetchFromGitHub; }) pname version src vendorHash;
web = callPackage ./web.nix { };
in
buildGoModule rec {
pname = "authelia";
version = "4.37.5";
src = fetchFromGitHub {
owner = "authelia";
repo = "authelia";
rev = "v${version}";
sha256 = "sha256-xsdBnyPHFIimhp2rcudWqvVR36WN4vBXbxRmvgqMcDw=";
};
vendorSha256 = "sha256-mzGE/T/2TT4+7uc2axTqG3aeLMnt1r9Ya7Zj2jIkw/w=";
inherit pname version src vendorHash;
nativeBuildInputs = [ installShellFiles ];
web = buildNpmPackage {
inherit src version;
pname = "authelia-web";
sourceRoot = "source/web";
patches = [
./change-web-out-dir.patch
];
postPatch = ''
cp ${./package-lock.json} ./package-lock.json
'';
npmDepsHash = "sha256-MGs6UAxT5QZd8S3AO75mxuCb6U0UdRkGEjenOVj+Oqs=";
npmFlags = [ "--legacy-peer-deps" ];
installPhase = ''
runHook preInstall
mkdir -p $out/share
mv dist $out/share/authelia-web
runHook postInstall
'';
};
postPatch = ''
cp -r ${web}/share/authelia-web/* internal/server/public_html
'';

View File

@ -0,0 +1,14 @@
{ fetchFromGitHub }:
rec {
pname = "authelia";
version = "4.37.5";
src = fetchFromGitHub {
owner = "authelia";
repo = "authelia";
rev = "v${version}";
hash = "sha256-xsdBnyPHFIimhp2rcudWqvVR36WN4vBXbxRmvgqMcDw=";
};
vendorHash = "sha256-mzGE/T/2TT4+7uc2axTqG3aeLMnt1r9Ya7Zj2jIkw/w=";
npmDepsHash = "sha256-MGs6UAxT5QZd8S3AO75mxuCb6U0UdRkGEjenOVj+Oqs=";
}

View File

@ -1,11 +1,11 @@
#! /usr/bin/env nix-shell
#! nix-shell -I nixpkgs=./. -i bash -p coreutils gnused nix nix-update nodePackages.npm
#! nix-shell -I nixpkgs=./. -i bash -p coreutils gnused curl nix jq nodePackages.npm
set -euo pipefail
DRV_DIR="$(dirname "${BASH_SOURCE[0]}")"
DRV_DIR=$(realpath $DRV_DIR)
DRV_DIR=$(realpath "$DRV_DIR")
NIXPKGS_ROOT="$DRV_DIR/../../.."
NIXPKGS_ROOT=$(realpath $NIXPKGS_ROOT)
NIXPKGS_ROOT=$(realpath "$NIXPKGS_ROOT")
instantiateClean() {
nix-instantiate --eval --strict -E "with import ./. {}; $1" | cut -d\" -f2
@ -23,37 +23,63 @@ grab_version() {
instantiateClean "authelia.version"
}
# provide a github token so you don't get rate limited
# if you use gh cli you can use:
# `export GITHUB_TOKEN="$(cat ~/.config/gh/config.yml | yq '.hosts."github.com".oauth_token' -r)"`
# or just set your token by hand:
# `read -s -p "Enter your token: " GITHUB_TOKEN; export GITHUB_TOKEN`
# (we use read so it doesn't show in our shell history and in secret mode so the token you paste isn't visible)
if [ -z "${GITHUB_TOKEN:-}" ]; then
echo "no GITHUB_TOKEN provided - you could meet API request limiting" >&2
fi
OLD_VERSION=$(instantiateClean "authelia.version")
nix-update authelia
LATEST_TAG=$(curl ${GITHUB_TOKEN:+" -u \":$GITHUB_TOKEN\""} --silent https://api.github.com/repos/authelia/authelia/releases/latest | jq -r '.tag_name')
NEW_VERSION=$(echo ${LATEST_TAG} | sed 's/^v//')
NEW_VERSION=$(instantiateClean "authelia.version")
if [[ "$OLD_VERSION" == "$NEW_VERSION" ]]; then
echo "already up to date"
exit
fi
TMP_HASH="sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="
echo "New version $NEW_VERSION"
replace "$OLD_VERSION" "$NEW_VERSION" "$DRV_DIR/sources.nix"
OLD_SRC_HASH="$(instantiateClean authelia.src.outputHash)"
echo "Old src hash $OLD_SRC_HASH"
replace "$OLD_SRC_HASH" "$TMP_HASH" "$DRV_DIR/sources.nix"
NEW_SRC_HASH="$(fetchNewSha authelia.src)"
echo "New src hash $NEW_SRC_HASH"
replace "$TMP_HASH" "$NEW_SRC_HASH" "$DRV_DIR/sources.nix"
# after updating src the next focus is the web dependencies
# build package-lock.json since authelia uses pnpm
# since they hard pin dependencies in package.json we can be pretty confident that versions will match
WEB_DIR=$(mktemp -d)
clean_up() {
rm -rf "$WEB_DIR"
}
trap clean_up EXIT
OLD_PWD=$PWD
cd $WEB_DIR
OUT=$(nix-build -E "with import $NIXPKGS_ROOT {}; authelia.src" --no-out-link)
cp -r $OUT/web/package.json .
npm install --package-lock-only --legacy-peer-deps --ignore-scripts
mv package-lock.json "$DRV_DIR/"
# OLD_PWD=$PWD
# cd $WEB_DIR
# OUT=$(nix-build -E "with import $NIXPKGS_ROOT {}; authelia.src" --no-out-link)
# cp -r $OUT/web/package.json .
# npm install --package-lock-only --legacy-peer-deps --ignore-scripts
# mv package-lock.json "$DRV_DIR/"
cd $OLD_PWD
OLD_HASH="$(instantiateClean authelia.web.npmDepsHash)"
echo "Old hash $OLD_HASH"
TMP_HASH="sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="
replace "$OLD_HASH" "$TMP_HASH" "$DRV_DIR/default.nix"
NEW_HASH="$(fetchNewSha authelia.web)"
echo "New hash $NEW_HASH"
replace "$TMP_HASH" "$NEW_HASH" "$DRV_DIR/default.nix"
# cd $OLD_PWD
OLD_NPM_DEPS_HASH="$(instantiateClean authelia.web.npmDepsHash)"
echo "Old npm deps hash $OLD_NPM_DEPS_HASH"
replace "$OLD_NPM_DEPS_HASH" "$TMP_HASH" "$DRV_DIR/sources.nix"
NEW_NPM_DEPS_HASH="$(fetchNewSha authelia.web)"
echo "New npm deps hash $NEW_NPM_DEPS_HASH"
replace "$TMP_HASH" "$NEW_NPM_DEPS_HASH" "$DRV_DIR/sources.nix"
clean_up
OLD_GO_VENDOR_HASH="$(instantiateClean authelia.vendorHash)"
echo "Old go vendor hash $OLD_GO_VENDOR_HASH"
replace "$OLD_GO_VENDOR_HASH" "$TMP_HASH" "$DRV_DIR/sources.nix"
NEW_GO_VENDOR_HASH="$(fetchNewSha authelia.go-modules)"
echo "New go vendor hash $NEW_GO_VENDOR_HASH"
replace "$TMP_HASH" "$NEW_GO_VENDOR_HASH" "$DRV_DIR/sources.nix"

View File

@ -0,0 +1,30 @@
{ buildNpmPackage, fetchFromGitHub }:
let
inherit (import ./sources.nix { inherit fetchFromGitHub; }) pname version src npmDepsHash;
in
buildNpmPackage {
pname = "${pname}-web";
inherit src version npmDepsHash;
sourceRoot = "source/web";
patches = [
./change-web-out-dir.patch
];
postPatch = ''
cp ${./package-lock.json} ./package-lock.json
'';
npmFlags = [ "--legacy-peer-deps" ];
installPhase = ''
runHook preInstall
mkdir -p $out/share
mv dist $out/share/authelia-web
runHook postInstall
'';
}