fricloud/server-configs
2
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: fricloud:076d676c414799c1e93dab5435491270c52f7b98
Branches Tags
fricloud:main
fricloud:rememberme
fricloud:proxy_images
fricloud:element
..
compare: fricloud:c1772d69fc6349ee7ee19d0e0c465335554180dc
Branches Tags
fricloud:main
fricloud:rememberme
fricloud:proxy_images
fricloud:element

No commits in common. "076d676c414799c1e93dab5435491270c52f7b98" and "c1772d69fc6349ee7ee19d0e0c465335554180dc" have entirely different histories.
076d676c41 ... c1772d69fc

5 changed files with 50 additions and 110 deletions
Download patch file Download diff file Expand all files Collapse all files

2
machines/gerd.nix
View file

@ -62,7 +62,7 @@
platforms.hetzner = {
enable = true;
network.address = [
"65.108.221.240"
"65.108.221.240/32"
"2a01:4f9:c012:743e::1/64"
];
};

30
machines/gerd/services/wger/default.nix
View file

@ -1,4 +1,4 @@
{ config, lib, ... }:
{ config, ... }:
let
svc_domain = "wger.${config.mine.shared.settings.domain}";
@ -20,26 +20,19 @@ in {
wgerSettings = {
EMAIL_FROM = "wger Workout Manager <wger@${config.mine.shared.settings.domain}>";
# use authelia for authentication (disable guest users + regisration)
AUTH_PROXY_HEADER = config.mine.shared.lib.authelia.protectedHeaders.username;
ALLOW_GUEST_USERS = false;
ALLOW_REGISTRATION = false;
};
# django specific settings
djangoSettings = let
headerToDjangoHeader = v: "HTTP_" + (lib.toUpper ((lib.replaceStrings [ "-" ] [ "_" ] v)));
in rec {
djangoSettings = rec {
# setup site stuff
SITE_URL = "https://${svc_domain}";
CSRF_TRUSTED_ORIGINS = [ "https://${svc_domain}" ];
ALLOWED_HOSTS = [ svc_domain ];
# proxy auth
AUTH_PROXY_HEADER = headerToDjangoHeader config.mine.shared.lib.authelia.protectedHeaders.username;
AUTH_PROXY_USER_EMAIL_HEADER = headerToDjangoHeader config.mine.shared.lib.authelia.protectedHeaders.email;
AUTH_PROXY_USER_NAME_HEADER = headerToDjangoHeader config.mine.shared.lib.authelia.protectedHeaders.name;
AUTH_PROXY_TRUSTED_IPS = [ "127.0.0.1" ];
AUTH_PROXY_CREATE_UNKNOWN_USER = true;
# setup email
EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend";
EMAIL_HOST = config.mine.shared.settings.mail.domain_smtp;
@ -49,21 +42,6 @@ in {
EMAIL_HOST_PASSWORD = "file:${config.age.secrets.wger-ldap-pass.path}";
EMAIL_FROM_ADDRESS = config.services.wger.wgerSettings.EMAIL_FROM;
EMAIL_PAGE_DOMAIN = SITE_URL;
# LOGGING = {
# version = 1;
# disable_existing_loggers = false;
# formatters.simple.format = "%(levelname)s %(asctime)s %(module)s %(message)s";
# handlers.console = {
# level = "DEBUG";
# class = "logging.StreamHandler";
# formatter = "simple";
# };
# loggers."" = {
# handlers = ["console"];
# level = "DEBUG";
# };
# };
};
};

110
machines/gerd/services/wger/wgerpkg/default.nix
View file

@ -1,104 +1,65 @@
{
lib
, python
, fetchFromGitHub
, buildPythonPackage
, callPackage
, writeText
, fetchpatch
# build systems
, hatchling
# deps
, bleach
, celery
, django-crispy-bootstrap5
, django
, django-activity-stream ? callPackage ./django-activity-stream.nix {}
, django-axes
, django-compressor
, django-cors-headers
, django-crispy-forms
, django-email-verification ? callPackage ./django-email-verification.nix {}
, django-environ
, django-filter
, django-formtools
, django-prometheus
, django-recaptcha ? callPackage ./django-recaptcha.nix {}
, django-simple-history
, django-sortedm2m ? callPackage ./django-sortedm2m.nix {}
, django-storages
, djangorestframework
, djangorestframework-simplejwt
, drf-spectacular
, easy-thumbnails
, flower
, fontawesomefree
, icalendar
, invoke
, openfoodfacts ? callPackage ./openfoodfacts.nix {}
, pillow
, reportlab
, requests
, tqdm
, tzdata
# extra deps
, redis
, django-redis
, drf-spectacular-sidecar
, django-bootstrap-breadcrumbs ? callPackage ./django-bootstrap-breadcrumbs.nix {}
, psycopg2
lib,
python3,
fetchFromGitHub,
callPackage,
writeText,
fetchpatch,
}:
let
frontend = callPackage ./frontend.nix {};
in buildPythonPackage rec {
in python3.pkgs.buildPythonPackage rec {
pname = "wger";
version = "2.3";
pyproject = true;
# src = fetchFromGitHub {
# owner = "wger-project";
# repo = "wger";
# rev = version;
# hash = "sha256-riJyVl0/GwAGkcHVzkJc666owPk1E4ca8DV5qTjEbjk=";
# };
# TMP: until it's merged
src = fetchFromGitHub {
owner = "eyJhb";
owner = "wger-project";
repo = "wger";
rev = "proxyauthheaderv2";
hash = "sha256-9GMU7CSMKcgBFYrUh6m9LFiJQ7XLkhaJ8EPt+FSZFqY=";
rev = version;
hash = "sha256-riJyVl0/GwAGkcHVzkJc666owPk1E4ca8DV5qTjEbjk=";
};
# src = /tmp/wger;
build-system = [
hatchling
python3.pkgs.hatchling
];
patches = [
./patches/pyproject.patch
./patches/manage.patch
./patches/exercises-no-gifs.patch
# adds support for proxy auth header
(fetchpatch {
url = "https://github.com/wger-project/wger/pull/1859/commits/331b2d5d2d520411a7b75193823bbc175802e547.patch";
sha256 = "sha256-5OuuInEO8e7OuWaI311HeHp5Pl6bZmix6wLDn8bEgR4=";
})
];
propagatedBuildInputs = [
# dependencies = with python3.pkgs; [
propagatedBuildInputs = with python3.pkgs; [
bleach
celery
django-crispy-bootstrap5
django
django-activity-stream
# django-activity-stream
(python3.pkgs.callPackage ./django-activity-stream.nix {})
django-axes
django-compressor
django-cors-headers
django-crispy-forms
django-email-verification
# django-email-verification
(python3.pkgs.callPackage ./django-email-verification.nix {})
django-environ
django-filter
django-formtools
django-prometheus
django-recaptcha
# django-recaptcha
(python3.pkgs.callPackage ./django-recaptcha.nix {})
django-simple-history
django-sortedm2m
# django-sortedm2m
(python3.pkgs.callPackage ./django-sortedm2m.nix {})
django-storages
djangorestframework
djangorestframework-simplejwt
@ -108,7 +69,8 @@ in buildPythonPackage rec {
fontawesomefree
icalendar
invoke
openfoodfacts
# openfoodfacts
(python3.pkgs.callPackage ./openfoodfacts.nix {})
pillow
reportlab
requests
@ -119,7 +81,7 @@ in buildPythonPackage rec {
redis
django-redis
drf-spectacular-sidecar
django-bootstrap-breadcrumbs
(python3.pkgs.callPackage ./django-bootstrap-breadcrumbs.nix {})
psycopg2
];
@ -140,7 +102,7 @@ in buildPythonPackage rec {
'';
in ''
# copy over static yarn things
# cp -a ${frontend}/static/yarn $out/${python.sitePackages}/wger/core/static
# cp -a ${frontend}/static/yarn $out/${python3.sitePackages}/wger/core/static
cp -a ${frontend}/static/yarn wger/core/static
python3 -m wger create-settings -s $PWD/tmp_settings.py
@ -148,18 +110,18 @@ in buildPythonPackage rec {
mkdir tmpstatic
pushd tmpstatic
static=. WGER_SETTINGS=../tmp_settings.py python ../manage.py collectstatic --no-input
static=. WGER_SETTINGS=../tmp_settings.py python ../manage.py compress --force
static=. WGER_SETTINGS=../tmp_settings.py python3 ../manage.py collectstatic --no-input
static=. WGER_SETTINGS=../tmp_settings.py python3 ../manage.py compress --force
popd
'';
postInstall = ''
rm -rf $out/${python.sitePackages}/wger/core/static
cp -a tmpstatic $out/${python.sitePackages}/wger/core/static
rm -rf $out/${python3.sitePackages}/wger/core/static
cp -a tmpstatic $out/${python3.sitePackages}/wger/core/static
mkdir $out/share
cp -a $out/${python.sitePackages}/wger/core/static $out/share
cp -a $out/${python3.sitePackages}/wger/core/static $out/share
'';
pythonImportsCheck = [

6
machines/gerd/services/wger/wgerpkg/module.nix
View file

@ -7,7 +7,7 @@ let
defaultUser = "wger";
wgerpkgs = pkgs.python3Packages.callPackage ./default.nix {};
wgerpkgs = pkgs.callPackage ./default.nix {};
# generate settings files
settingsFormat = pkgs.formats.json {};
@ -210,7 +210,7 @@ in
pythonEnv = pkgs.python3.withPackages (ps: with ps; [
gunicorn
# TODO: fix this, it should work with cfg.package
(ps.callPackage ./default.nix {})
(pkgs.python3Packages.callPackage ./default.nix {})
]);
in ''
# initial setup
@ -220,7 +220,7 @@ in
# run server
# ${cfg.package}/bin/wger start -s ${settingsFile}
PYTHONPATH="${pythonEnv}/${pkgs.python3.sitePackages}:${settingsFileDir}" ${pythonEnv}/bin/gunicorn wger.wsgi:application --bind ${cfg.address}:${builtins.toString cfg.port}
PYTHONPATH="${pythonEnv}/${pkgs.python3.sitePackages}:${settingsFileDir}" ${pythonEnv}/bin/gunicorn wger.wsgi:application --reload --bind ${cfg.address}:${builtins.toString cfg.port}
'';
serviceConfig = {

12
shared/sources/sources.json
View file

@ -17,10 +17,10 @@
"homepage": "",
"owner": "nix-community",
"repo": "disko",
"rev": "51d33bbb7f1e74ba5f9d9a77357735149da99081",
"sha256": "0fg2ym4kc1pcayfg4jka742512r8nackwl8w1syxvg82yasixnjc",
"rev": "19c1140419c4f1cdf88ad4c1cfb6605597628940",
"sha256": "0rlzjdw5l0gcjmh34san0qb25a3xxfcwdh75ppr343nzfrj8zbsq",
"type": "tarball",
"url": "https://github.com/nix-community/disko/archive/51d33bbb7f1e74ba5f9d9a77357735149da99081.tar.gz",
"url": "https://github.com/nix-community/disko/archive/19c1140419c4f1cdf88ad4c1cfb6605597628940.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"drasl": {
@ -60,10 +60,10 @@
"homepage": null,
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef",
"sha256": "09dahi81cn02gnzsc8a00n945dxc18656ar0ffx5vgxjj1nhgsvy",
"rev": "6313551cd05425cd5b3e63fe47dbc324eabb15e4",
"sha256": "0fxw15gia9cc72spsqf1870bggp8gx694cr2g8hspm3jbj87xr0g",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef.tar.gz",
"url": "https://github.com/NixOS/nixpkgs/archive/6313551cd05425cd5b3e63fe47dbc324eabb15e4.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}
}