aboutsummaryrefslogtreecommitdiff
path: root/cluster/prod/app/cryptpad/build/default.nix
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
committerAlex Auvolat <alex@adnab.me>2022-08-24 15:42:47 +0200
commit2e8923b383eb06c53261eee8e5c442b857fb67e4 (patch)
tree0ad148f75f7b54dfed2dbac8f43f6df9badc502a /cluster/prod/app/cryptpad/build/default.nix
parent9848f3090f77363a2fda0f9fa673ebcf1fb8228c (diff)
downloadnixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.tar.gz
nixcfg-2e8923b383eb06c53261eee8e5c442b857fb67e4.zip
Move app files into cluster subdirectories; add prod garage
Diffstat (limited to 'cluster/prod/app/cryptpad/build/default.nix')
-rw-r--r--cluster/prod/app/cryptpad/build/default.nix77
1 files changed, 77 insertions, 0 deletions
diff --git a/cluster/prod/app/cryptpad/build/default.nix b/cluster/prod/app/cryptpad/build/default.nix
new file mode 100644
index 0000000..f0a5c00
--- /dev/null
+++ b/cluster/prod/app/cryptpad/build/default.nix
@@ -0,0 +1,77 @@
+let
+ common = import ./common.nix;
+ pkgs = import common.pkgsSrc {};
+ nodejs = pkgs.${common.nodejs};
+
+ bower = (pkgs.buildBowerComponents {
+ name = "cryptpad-${common.cryptpadVersion}-bower";
+ generated = ./nix.lock/bower.nix;
+ src = common.cryptpadSrc;
+ }).overrideAttrs (old: {
+ bowerPackages = old.bowerPackages.override (old_: {
+ # add missing dependencies:
+ # Those dependencies are EOL and they are not installed by buildBowerComponents,
+ # but they are required, otherwise the resolver crashes.
+ # * add the second jquery ~2.1.0 entry
+ # * add the second bootstrap ~3.1.1 entry
+ paths = old_.paths ++ [
+ (pkgs.fetchbower "jquery" "2.1.0" "~2.1.0" "02kwvz93vzpv10qnp7s0dz3al0jh77awwrizb6wadsvgifxssnlr")
+ (pkgs.fetchbower "bootstrap" "3.1.1" "~3.1.1" "06bhjwa8p7mzbpr3jkgydd804z1nwrkdql66h7jkfml99psv9811")
+ ];
+ });
+ });
+
+ npm = import ./nix.lock/npm.nix {
+ inherit pkgs;
+ };
+
+in
+ pkgs.stdenv.mkDerivation {
+ name = "cryptpad-${common.cryptpadVersion}";
+ src = common.cryptpadSrc;
+
+ buildPhase = ''
+ cp -r ${npm.nodeDependencies}/lib/node_modules node_modules
+ chmod +w -R node_modules
+
+ # clear executable files inside the node_modules folder to reduce dependencies
+ # and attack surface
+ find node_modules -type f ! -path 'node_modules/gar/*' -executable -print | tee >(xargs -n 20 rm)
+
+ # Remove only office that IS BIG
+ # COMMENTED as it is not as easy as planned.
+ # rm -rf www/common/onlyoffice
+ '';
+
+ installPhase = ''
+ mkdir -p $out/{bin,opt}
+
+ out_cryptpad=$out/opt/
+
+ # copy the source code
+ cp -r .bowerrc bower.json package.json package-lock.json customize.dist lib server.js www $out_cryptpad
+
+ # mount node_modules
+ cp -r node_modules $out_cryptpad/node_modules
+
+ # patch
+ substituteInPlace $out_cryptpad/lib/workers/index.js --replace "lib/workers/db-worker" "$out_cryptpad/lib/workers/db-worker"
+
+ # mount bower, based on the .bowerrc file at the git repo root
+ cp -r ${bower}/bower_components $out_cryptpad/www/
+
+ # cryptpad is bugged with absolute path, this is a workaround to use absolute path as relative path
+ ln -s / $out_cryptpad/root
+
+ # start script, cryptpad is lost if its working directory is not its source directory
+ cat > $out/bin/cryptpad <<EOF
+ #!${pkgs.stdenv.shell}
+ cd $out_cryptpad
+ exec ${nodejs}/bin/node server.js
+ EOF
+
+ chmod +x $out/bin/cryptpad
+ '';
+
+ dontFixup = true;
+ }