1
0
Fork 0

modularize cinny and ente-auth, add package ente-auth-web

The previous was more of a workaround not fitting in the spirit of
nixos, this fixes this and makes proper modules out of them. Sadly
ente-web-auth has to be build with a env var and therefore can't be
configured before properly.
This commit is contained in:
Philipp 2025-05-08 11:39:14 +02:00
parent 7d8e0da9ec
commit b0c86faf29
Signed by: Philipp
GPG key ID: 9EBD8439AFBAB750
5 changed files with 186 additions and 61 deletions

View file

@ -1,60 +0,0 @@
{
lib,
config,
namespace,
...
}:
with lib;
with lib.${namespace};
let
cfg = config.${namespace}.services.caddy;
in
{
options.${namespace}.services.caddy = {
enable = mkEnableOption "Caddy";
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [
1338
8686
];
services.caddy = {
enable = true;
virtualHosts = {
":1338" = {
extraConfig = ''
root * /var/lib/caddy/ente
file_server
'';
};
":8686" = {
extraConfig = ''
root * /var/lib/caddy/cinny
file_server
@index {
not path /index.html
not path /public/*
not path /assets/*
not path /config.json
not path /manifest.json
not path /sw.js
not path /pdf.worker.min.js
not path /olm.wasm
path /*
}
rewrite /*/olm.wasm /olm.wasm
rewrite @index /index.html
'';
};
};
};
};
}

View file

@ -0,0 +1,64 @@
{
lib,
pkgs,
config,
namespace,
...
}:
with lib;
with lib.${namespace};
let
cfg = config.${namespace}.services.cinny;
in
{
options.${namespace}.services.cinny = {
enable = mkEnableOption "Cinny";
package = mkOption {
description = "The package of Cinny to use.";
type = types.package;
default = pkgs.cinny-unwrapped;
};
port = mkOption {
description = "The port to serve Cinny on.";
type = types.nullOr types.int;
default = 8686;
};
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [
cfg.port
];
services.caddy = {
enable = true;
virtualHosts.":${builtins.toString cfg.port}" = {
extraConfig = ''
root * ${cfg.package}
file_server
@index {
not path /index.html
not path /public/*
not path /assets/*
not path /config.json
not path /manifest.json
not path /sw.js
not path /pdf.worker.min.js
not path /olm.wasm
path /*
}
rewrite /*/olm.wasm /olm.wasm
rewrite @index /index.html
'';
};
};
};
}

View file

@ -0,0 +1,47 @@
{
lib,
pkgs,
config,
namespace,
...
}:
with lib;
with lib.${namespace};
let
cfg = config.${namespace}.services.ente-auth;
in
{
options.${namespace}.services.ente-auth = {
enable = mkEnableOption "Ente-Auth";
package = mkOption {
description = "The package of Ente-Auth to use.";
type = types.package;
default = pkgs.awesome-flake.ente-web-auth;
};
port = mkOption {
description = "The port to serve Ente-Auth on.";
type = types.nullOr types.int;
default = 1338;
};
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [
cfg.port
];
services.caddy = {
enable = true;
virtualHosts = {
":${builtins.toString cfg.port}" = {
extraConfig = ''
root * ${cfg.package}
file_server
'';
};
};
};
};
}

View file

@ -0,0 +1,73 @@
{
lib,
stdenv,
fetchFromGitHub,
fetchYarnDeps,
nodejs,
yarnConfigHook,
yarnBuildHook,
nix-update-script,
extraBuildEnv ? { },
}:
stdenv.mkDerivation (finalAttrs: {
pname = "ente-web-auth";
version = "4.3.6";
src = fetchFromGitHub {
owner = "ente-io";
repo = "ente";
sparseCheckout = [ "auth" ];
tag = "auth-v${finalAttrs.version}";
fetchSubmodules = true;
hash = "sha256-/dWnaVll/kaKHTJ5gH18BR6JG5E6pF7/j+SgvE66b7M=";
};
sourceRoot = "${finalAttrs.src.name}/web";
offlineCache = fetchYarnDeps {
yarnLock = "${finalAttrs.src}/web/yarn.lock";
hash = "sha256-Wu0/YHqkqzrmA5hpVk0CX/W1wJUh8uZSjABuc+DPxMA=";
};
nativeBuildInputs = [
yarnConfigHook
yarnBuildHook
nodejs
];
# See: https://github.com/ente-io/ente/blob/main/web/apps/photos/.env
env = extraBuildEnv;
buildPhase = ''
export NEXT_PUBLIC_ENTE_ENDPOINT=https://ente-api.monapona.dev
yarn build:auth
'';
installPhase = ''
runHook preInstall
cp -r apps/auth/out $out
runHook postInstall
'';
passthru.updateScript = nix-update-script {
extraArgs = [
"--version-regex"
"auth-v(.*)"
];
};
meta = {
description = "Web client for Ente Auth";
homepage = "https://ente.io/";
changelog = "https://github.com/ente-io/ente/releases";
license = lib.licenses.agpl3Only;
maintainers = with lib.maintainers; [
surfaceflinger
pinpox
spaenny
];
platforms = lib.platforms.all;
};
})

View file

@ -53,7 +53,8 @@ with lib.${namespace};
awesome-flake = {
services = {
ssh = enabled;
caddy = enabled;
cinny = enabled;
ente-auth = enabled;
restic = enabled;
};