sharkey wip (dont merge yet) #296697
sharkey wip (dont merge yet) #296697
Conversation
ofborg
bot
added
10.rebuild-darwin: 0
|
noo ofborg 💀 I forgot to swap out the maintainer info there for a second before pushing 😭 |
|
Info for people looking at this: |
|
@Weathercold can you test this for me and give me your thoughts on it? This way we can get it merged quicker* *limiting factor will still be getting someone with commit rights to merge in the end ;P Edit: pinging you here because your question on the old PR makes me assume you are interested in using it once its merged. |
I was about to ask why was I pinged for this 😹 I guess this is tangentially related though since the pnpm deps code is from Vesktop |
github-actions
bot
added
6.topic: nixos
yes. this is a unholy fusion of vesktop and #161855 maybe I will do that for misskey too later down the line.. Vesktop is the first pnpm nix impl that works here tho 😸 |
|
Have you seen #290715? That is essentially Vesktop's pnpm deps logic packaged into a fetcher 😺 |
|
Also, please mark the PR as a draft if you don't want it merged or thoroughly reviewed by other people with write perms :) Change the title too to the standard format: 'sharkey: init at x.y.z' |
ofborg
bot
added
the
11.by: package-maintainer
yes, but I would not like to wait for it :d |
I want it thoroughly reviewed tho! Its not marked as a draft because it should be tested already! I just dont want it to be merged because my commits dont follow the contribution guidelines right now and I will forcepush to make the changes into commits how they should be once we tested everything <3 |
|
I am fairly certain, that this code already 100% works and would be ready to merge, but because we did not setup a server with it yet to test if everything including AP federation works flawlessly, its not ready to merge in my eyes. |
| { config, ... }: | ||
|
|
||
| { | ||
| services.misskey = { |
| ensureDatabases = [ "sharkey" ]; | ||
| ensureUsers = [ | ||
| { | ||
| name = "sharkey; |
There was a problem hiding this comment.
Missing closing quotation mark
- name = "sharkey;
+ name = "sharkey”;| owner = "TransFem-org"; | ||
| repo = "Sharkey"; | ||
| domain = "activitypub.software"; | ||
| rev = "${finalAttrs.version}"; |
There was a problem hiding this comment.
Nit: unnecessary quotes & interpolation
| postPatch = '' | ||
| mv package.json package.json.orig | ||
| jq --raw-output ". * $pnpmPatch" package.json.orig > package.json | ||
| ''; |
There was a problem hiding this comment.
ime running pnpm with --force(as in #290715) seems to be more reliable than this package.json patching in some cases involving cross-platform builds? not sure on the conditions of such a thing happening, so take with a pinch of salt
There was a problem hiding this comment.
--force is better, yes. See pnpm/pnpm#7695
But I am still not very confident on this fixed-output derivation as it does not provide stable hashes across different versions of pnpm
There was a problem hiding this comment.
hmm, how can we execute scripts without making it unreproducible?
|
Hey, is this still being worked on? I'm interested in hosting an instance of Sharkey on NixOS, and this seems like a good start probably. If this is abandoned, i might try to continue these efforts in a new PR. |
its not abandoned. other things in my calendar where just taking up time more. Feel free to request changes / add yourself as second maintainer later. |
|
I based some work in my own config off of this PR. I've got it running now. The modules are in the |
|
awesome! i will look update this PR in a day or two |
|
|
||
| ( | ||
| cd node_modules/.pnpm/node_modules/v-code-diff | ||
| node scripts/postinstall.js |
There was a problem hiding this comment.
This file is named postinstall.cjs, and it needs to have the correct extension to run.
It seems clearer to just run their postinstall script, which does actually just run this file.
| node scripts/postinstall.js | |
| pnpm run postinstall |
| preBuild = '' | ||
| export HOME=$(mktemp -d) | ||
| export STORE_PATH=$(mktemp -d) | ||
| export NODE_OPTIONS="--max_old_space_size=4096" |
There was a problem hiding this comment.
Is this necessary? The frontend fails to build with a very unintuitive error, which on some sources say that this flag will fix because it's out of memory. Manually running cd packages/frontend; pnpm build (so that it actually shows its output rather than being mangled by the TTY-centric "overview" interface) shows that it's actually v-code-diff failing to build, as far as i can tell. Running that install script correctly makes this flag unnecessary for me.
| jemalloc | ||
| ffmpeg-headless | ||
| stdenv.cc.cc.lib | ||
| ]); |
There was a problem hiding this comment.
We also need to add a binary path for nodePackages.pnpm and bash, because they are used in the npm scripts of Sharkey (e.g. pnpm migrateandstart will use shell scripting && to run pnpm migrate && pnpm start; in particular, pnpm isn't qualified here so it needs to be in PATH, even if we qualify it fully for direct invocations)
There was a problem hiding this comment.
| ]); | |
| ]); | |
| binPath = lib.makeBinPath [ | |
| bash | |
| nodePackages.pnpm | |
| ]; |
|
|
||
| makeWrapper ${nodePackages.pnpm}/bin/pnpm $out/bin/sharkey \ | ||
| --run $out/data | ||
| --prefix LD_LIBRARY_PATH : ${libPath} \ |
There was a problem hiding this comment.
See above comment at the start of the install phase.
| --prefix LD_LIBRARY_PATH : ${libPath} \ | |
| --prefix LD_LIBRARY_PATH : ${libPath} \ | |
| --prefix PATH : ${binPath} \ |
| mkdir -p $out/data/packages/client | ||
| ln -s /var/lib/sharkey $out/data/files | ||
| ln -s /run/sharkey $out/data/.config | ||
| cp -r locales node_modules built fluent-emojis tossface-emojis sharkey-assets packages package.json pnpm-workspace.yaml $out/data |
There was a problem hiding this comment.
Some of these files are nonexistent. Why are we selecting them in such a fragile way?
| cp -r locales node_modules built fluent-emojis tossface-emojis sharkey-assets packages package.json pnpm-workspace.yaml $out/data | |
| cp -r * $out/data |
| '' | ||
| runHook preInstall | ||
|
|
||
| mkdir -p $out/data |
There was a problem hiding this comment.
Why data? That feels very generic and undescriptive. Why not, e.g., Sharkey (matching the actual name of the corresponding directory in a typical install)
| # https://gist.github.com/MikaelFangel/2c36f7fd07ca50fac5a3255fa1992d1a | ||
|
|
||
| makeWrapper ${nodePackages.pnpm}/bin/pnpm $out/bin/sharkey \ | ||
| --run $out/data |
There was a problem hiding this comment.
Needs a backslash.
| --run $out/data | |
| --run $out/data \ |
| makeWrapper ${nodePackages.pnpm}/bin/pnpm $out/bin/sharkey \ | ||
| --run $out/data | ||
| --prefix LD_LIBRARY_PATH : ${libPath} \ | ||
| --prefix NODE_ENV : production |
There was a problem hiding this comment.
This is also missing a backslash. Also, why --prefix? This isn't a list.
| --prefix NODE_ENV : production | |
| --set-default NODE_ENV production \ |
| --run $out/data | ||
| --prefix LD_LIBRARY_PATH : ${libPath} \ | ||
| --prefix NODE_ENV : production | ||
| --add-flags migrateandstart |
There was a problem hiding this comment.
Should this really be always passed? Wouldn't it make more sense to not be passing it and let the consumer choose which script to invoke? e.g. a consumer might want to run just sharkey migrate when doing internal maintenance, or just sharkey start to start without a db migration. there also exists sharkey init which is mostly useless because sharkey migrate will initialize an empty DB, and there's also sharkey revert which undoes a migration, and that one is not covered by migrateandstart.
migrateandstart is a good choice for the "default command", though, so we should absolutely be using that for the systemd service.
| ''; | ||
|
|
||
| postBuild = '' | ||
| pnpm build --reporter=ndjson |
There was a problem hiding this comment.
This --reporter=ndjson doesn't seem to do much, because pnpm build here is just a script that immediately invokes pnpm -r build and --reported=ndjson does not get passed to it. Also, why is this postBuild? That's clearly the main build step.
| ${pkgs.envsubst}/bin/envsubst -i "${configFile}" > /run/sharkey/default.yml | ||
| cd ${pkgs.sharkey}/data | ||
| ''; | ||
| serviceConfig = { |
There was a problem hiding this comment.
Is this running as root?
| serviceConfig = { | |
| serviceConfig = { | |
| User = "sharkey"; |
| SystemCallFilter = "@system-service"; | ||
| UMask = "0077"; | ||
| }; | ||
| environment.NODE_ENV = "production"; |
There was a problem hiding this comment.
Why are we setting NODE_ENV here and in the wrapper?
| ( | ||
| cd node_modules/.pnpm/node_modules/v-code-diff | ||
| node scripts/postinstall.js | ||
| ) |
There was a problem hiding this comment.
re2 and sharp also need install scripts to run. They use node-gyp, so we need to set the node path or else it'll try to fetch headers from nodejs.org.
Without them, the build succeeds but we get runtime errors as the binaries can't be loaded (so, the package won't actually work).
| ) | |
| ) | |
| export npm_config_nodedir=${nodePackages.nodejs} | |
| ( | |
| cd node_modules/.pnpm/node_modules/re2 | |
| pnpm run rebuild | |
| ) | |
| ( | |
| cd node_modules/.pnpm/node_modules/sharp | |
| pnpm run install | |
| ) |
h7x4
added
8.has: documentation
8.has: module (new)
I am a Nix novice, but I'd be happy to help, too, if you are still very busy. |
Description of changes
WIP PR to show the progress of Sharkey > Nixpkgs
continuation of #259829
Things done
nix.conf? (See Nix manual)sandbox = relaxedsandbox = truenix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)Add a 👍 reaction to pull requests you find important.