diff --git a/flake.lock b/flake.lock index 6119fb1..0622fe8 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1697851979, - "narHash": "sha256-lJ8k4qkkwdvi+t/Xc6Fn74kUuobpu9ynPGxNZR6OwoA=", + "lastModified": 1700851152, + "narHash": "sha256-3PWITNJZyA3jz5IGREJRfSykM6xSLmD8u5A3WpBCyDM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5550a85a087c04ddcace7f892b0bdc9d8bb080c8", + "rev": "1216a5ba22a93a4a3a3bfdb4bff0f4727c576fcc", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 46bfb8f..8fcb711 100644 --- a/flake.nix +++ b/flake.nix @@ -7,296 +7,292 @@ }; }; - outputs = { self, nixpkgs }@inputs: - let - system = "x86_64-linux"; - pkgs = import nixpkgs { - inherit system; - }; - py = pkgs.python3.override { - packageOverrides = final: prev: { - django = prev.django_4; - cronsim = - let - version = "2.5"; - pname = "cronsim"; - src = pkgs.fetchPypi { - inherit pname version; - hash = "sha256-FTzwIZ3MGgyp5xqDav22B5ZTfYxSHGhsenMTSDdXM78="; - }; - in - prev.buildPythonPackage { - inherit pname version src; - # nativeCheckInputs = [ prev.pytestCheckHook ]; - pythonImportsCheck = [ - "cronsim" - ]; - }; - }; - }; - baseImage = { - tag = "latest"; - maxLayers = 2; - contents = [ - pkgs.bash - pkgs.coreutils-full - ]; - config = { - User = "5000:5000"; - Volumes = { - "/tmp" = { }; + outputs = { + self, + nixpkgs, + } @ inputs: let + system = "x86_64-linux"; + pkgs = import nixpkgs { + inherit system; + }; + py = pkgs.python3.override { + packageOverrides = final: prev: { + django = prev.django_4; + cronsim = let + version = "2.5"; + pname = "cronsim"; + src = pkgs.fetchPypi { + inherit pname version; + hash = "sha256-FTzwIZ3MGgyp5xqDav22B5ZTfYxSHGhsenMTSDdXM78="; }; - WorkingDir = "${self.packages.${system}.healthchecks}/app"; - Env = [ - "LANG=en_US.UTF-8" - "PYTHONPATH=${self.packages.${system}.healthchecks.pythonPath}" - "PYTHONUNBUFFERED=1" - "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" - "STATIC_ROOT=${self.packages.${system}.healthchecks.static}" - ]; - }; - }; - in - { - packages.${system} = { - healthchecks = - let - pname = "healthchecks"; - version = "3.0"; - hash = "sha256-1xEWsNl1Gs+Xb5+KIZhnVrK4yT4CcVPfHEBP5EYQAD0="; - localSettings = pkgs.writeText "local_settings.py" '' - import os - CSRF_TRUSTED_HOSTS = os.getenv("CSRF_TRUSTED_HOSTS", "").split(",") - STATIC_ROOT = os.getenv("STATIC_ROOT") - STATICFILES_DIRS = [ ] - SECRET_KEY_FILE = os.getenv("SECRET_KEY_FILE") - if SECRET_KEY_FILE: - with open(SECRET_KEY_FILE, "r") as file: - SECRET_KEY = file.readline() - ''; - propagatedBuildInputs = with py.pkgs; [ - aiosmtpd - apprise - cron-descriptor - cronsim - django - django-compressor - django-stubs-ext - fido2 - minio - psycopg2 - pycurl - pydantic - pyotp - segno - statsd - whitenoise + in + prev.buildPythonPackage { + inherit pname version src; + # nativeCheckInputs = [ prev.pytestCheckHook ]; + pythonImportsCheck = [ + "cronsim" ]; - in - py.pkgs.buildPythonApplication { - inherit pname version propagatedBuildInputs; - format = "other"; - - outputs = [ "out" "static" "doc" ]; - - src = pkgs.fetchFromGitHub { - owner = "healthchecks"; - repo = pname; - rev = "v${version}"; - inherit hash; - }; - - dontPatch = true; - dontConfigure = true; - dontBuild = true; - doCheck = false; - - installPhase = '' - mkdir -p $out/app - cp -r CHANGELOG.md hc manage.py templates $out/app - chmod +x $out/app/manage.py - - mkdir -p $doc - cp -r *.md LICENSE $doc - - mkdir -p $static - DEBUG=False SECRET_KEY=build-key STATIC_ROOT=$static ${py}/bin/python ./manage.py collectstatic --noinput - DEBUG=False SECRET_KEY=build-key STATIC_ROOT=$static ${py}/bin/python ./manage.py compress - cp -r static-collected/* $static - - cp ${localSettings} $out/app/hc/local_settings.py - ''; - - passthru = { - # PYTHONPATH of all dependencies used by the package - pythonPath = py.pkgs.makePythonPath propagatedBuildInputs; - - tests = { - inherit (pkgs.nixosTests) healthchecks; - }; - }; - - meta = with pkgs.lib; { - homepage = "https://github.com/healthchecks/healthchecks"; - description = "A cron monitoring tool written in Python & Django "; - license = licenses.bsd3; - }; }; - - smtpd = pkgs.dockerTools.buildLayeredImage ( - pkgs.lib.attrsets.recursiveUpdate baseImage { - name = "healthchecks-smtpd"; - config = { - Cmd = [ - "${self.packages.${system}.healthchecks}/app/manage.py" - "smtpd" - "--port" - "2525" - ]; - ExposedPorts = { - "2525/tcp" = { }; - }; - }; - } - ); - - sendalerts = pkgs.dockerTools.buildLayeredImage ( - pkgs.lib.attrsets.recursiveUpdate baseImage { - name = "healthchecks-sendalerts"; - config = { - Cmd = [ - "${self.packages.${system}.healthchecks}/app/manage.py" - "sendalerts" - ]; - ExposedPorts = { }; - }; - } - ); - - sendreports = pkgs.dockerTools.buildLayeredImage ( - pkgs.lib.attrsets.recursiveUpdate baseImage { - name = "healthchecks-sendreports"; - config = { - Cmd = [ - "${self.packages.${system}.healthchecks}/app/manage.py" - "sendreports" - "--loop" - ]; - ExposedPorts = { }; - }; - } - ); - - maintenance = - let - script = pkgs.writeShellScript "maintenance" '' - CURL_OPTIONS="--fail --silent --show-error --max-time 10 --retry 5 --output /dev/null" - ${pkgs.curl}/bin/curl $CURL_OPTIONS http://webserver.healthchecks.svc/ping/$MAINTENANCE_CHECK_UUID/start - ${self.packages.${system}.healthchecks}/app/manage.py prunenotifications - ${self.packages.${system}.healthchecks}/app/manage.py pruneusers - ${self.packages.${system}.healthchecks}/app/manage.py prunetokenbucket - ${self.packages.${system}.healthchecks}/app/manage.py pruneflips - ${pkgs.curl}/bin/curl $CURL_OPTIONS http://webserver.healthchecks.svc/ping/$MAINTENANCE_CHECK_UUID - ''; - in - pkgs.dockerTools.buildLayeredImage ( - pkgs.lib.attrsets.recursiveUpdate baseImage { - name = "healthchecks-maintenance"; - config = { - Cmd = [ - "${script}" - ]; - ExposedPorts = { }; - }; - } - ); - - migrate = pkgs.dockerTools.buildLayeredImage ( - pkgs.lib.attrsets.recursiveUpdate baseImage { - name = "healthchecks-migrate"; - config = { - Cmd = [ - "${self.packages.${system}.healthchecks}/app/manage.py" - "migrate" - ]; - ExposedPorts = { }; - }; - } - ); - - webserver = - let - uwsgi = pkgs.uwsgi.override { - plugins = [ "python3" ]; - }; - uwsgi-ini = pkgs.writeTextFile { - name = "uwsgi.ini"; - text = '' - [uwsgi] - buffer-size = 32768 - chdir = ${self.packages.${system}.healthchecks}/app - die-on-term - disable-write-exception - enable-threads - harakiri = 10 - http-socket = :8000 - master - max-fd = 10000 - mime-file = ${pkgs.mailcap}/etc/nginx/mime.types - module = hc.wsgi:application - plugins = python3 - post-buffering = 16192 - processes = 4 - threads = 1 - thunder-lock - ''; - }; - in - pkgs.dockerTools.buildLayeredImage ( - pkgs.lib.attrsets.recursiveUpdate baseImage { - name = "healthchecks-webserver"; - fakeRootCommands = ''; - mkdir /tmp - chmod 0777 /tmp - ''; - config = { - Cmd = [ - "${uwsgi}/bin/uwsgi" - "${uwsgi-ini}" - ]; - ExposedPorts = { - "8000/tcp" = { }; - }; - }; - } - ); - - static = pkgs.dockerTools.buildLayeredImage { - name = "healthchecks-static"; - tag = "latest"; - maxLayers = 2; - config = { - User = "5000:5000"; - Cmd = [ - "${pkgs.static-web-server}/bin/static-web-server" - "--port=8000" - "--root=${self.packages.${system}.healthchecks.static}" - ]; - ExposedPorts = { - "8000/tcp" = { }; - }; - }; - }; - - }; - checks.${system} = { - webserver = self.packages.${system}.webserver; - smtpd = self.packages.${system}.smtpd; - sendalerts = self.packages.${system}.sendalerts; - sendreports = self.packages.${system}.sendreports; - maintenance = self.packages.${system}.maintenance; - migrate = self.packages.${system}.migrate; - static = self.packages.${system}.static; }; }; + baseImage = { + tag = "latest"; + maxLayers = 2; + contents = [ + pkgs.bash + pkgs.coreutils-full + ]; + config = { + User = "5000:5000"; + Volumes = { + "/tmp" = {}; + }; + WorkingDir = "${self.packages.${system}.healthchecks}/app"; + Env = [ + "LANG=en_US.UTF-8" + "PYTHONPATH=${self.packages.${system}.healthchecks.pythonPath}" + "PYTHONUNBUFFERED=1" + "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" + "STATIC_ROOT=${self.packages.${system}.healthchecks.static}" + ]; + }; + }; + in { + packages.${system} = { + healthchecks = let + pname = "healthchecks"; + version = "3.0.1"; + hash = "sha256-r8wzIZPetnTEJDKPx/Oxk+gzs8gbjEHSi40LSxLb1Js="; + localSettings = pkgs.writeText "local_settings.py" '' + import os + CSRF_TRUSTED_HOSTS = os.getenv("CSRF_TRUSTED_HOSTS", "").split(",") + STATIC_ROOT = os.getenv("STATIC_ROOT") + STATICFILES_DIRS = [ ] + SECRET_KEY_FILE = os.getenv("SECRET_KEY_FILE") + if SECRET_KEY_FILE: + with open(SECRET_KEY_FILE, "r") as file: + SECRET_KEY = file.readline() + ''; + propagatedBuildInputs = with py.pkgs; [ + aiosmtpd + apprise + cron-descriptor + cronsim + django + django-compressor + django-stubs-ext + fido2 + minio + psycopg2 + pycurl + pydantic + pyotp + segno + statsd + whitenoise + ]; + in + py.pkgs.buildPythonApplication { + inherit pname version propagatedBuildInputs; + format = "other"; + + outputs = ["out" "static" "doc"]; + + src = pkgs.fetchFromGitHub { + owner = "healthchecks"; + repo = pname; + rev = "v${version}"; + inherit hash; + }; + + dontPatch = true; + dontConfigure = true; + dontBuild = true; + doCheck = false; + + installPhase = '' + mkdir -p $out/app + cp -r CHANGELOG.md hc manage.py templates $out/app + chmod +x $out/app/manage.py + + mkdir -p $doc + cp -r *.md LICENSE $doc + + mkdir -p $static + DEBUG=False SECRET_KEY=build-key STATIC_ROOT=$static ${py}/bin/python ./manage.py collectstatic --noinput + DEBUG=False SECRET_KEY=build-key STATIC_ROOT=$static ${py}/bin/python ./manage.py compress + cp -r static-collected/* $static + + cp ${localSettings} $out/app/hc/local_settings.py + ''; + + passthru = { + # PYTHONPATH of all dependencies used by the package + pythonPath = py.pkgs.makePythonPath propagatedBuildInputs; + + tests = { + inherit (pkgs.nixosTests) healthchecks; + }; + }; + + meta = with pkgs.lib; { + homepage = "https://github.com/healthchecks/healthchecks"; + description = "A cron monitoring tool written in Python & Django "; + license = licenses.bsd3; + }; + }; + + smtpd = pkgs.dockerTools.buildLayeredImage ( + pkgs.lib.attrsets.recursiveUpdate baseImage { + name = "healthchecks-smtpd"; + config = { + Cmd = [ + "${self.packages.${system}.healthchecks}/app/manage.py" + "smtpd" + "--port" + "2525" + ]; + ExposedPorts = { + "2525/tcp" = {}; + }; + }; + } + ); + + sendalerts = pkgs.dockerTools.buildLayeredImage ( + pkgs.lib.attrsets.recursiveUpdate baseImage { + name = "healthchecks-sendalerts"; + config = { + Cmd = [ + "${self.packages.${system}.healthchecks}/app/manage.py" + "sendalerts" + ]; + ExposedPorts = {}; + }; + } + ); + + sendreports = pkgs.dockerTools.buildLayeredImage ( + pkgs.lib.attrsets.recursiveUpdate baseImage { + name = "healthchecks-sendreports"; + config = { + Cmd = [ + "${self.packages.${system}.healthchecks}/app/manage.py" + "sendreports" + "--loop" + ]; + ExposedPorts = {}; + }; + } + ); + + maintenance = let + script = pkgs.writeShellScript "maintenance" '' + CURL_OPTIONS="--fail --silent --show-error --max-time 10 --retry 5 --output /dev/null" + ${pkgs.curl}/bin/curl $CURL_OPTIONS http://webserver.healthchecks.svc/ping/$MAINTENANCE_CHECK_UUID/start + ${self.packages.${system}.healthchecks}/app/manage.py prunenotifications + ${self.packages.${system}.healthchecks}/app/manage.py pruneusers + ${self.packages.${system}.healthchecks}/app/manage.py prunetokenbucket + ${self.packages.${system}.healthchecks}/app/manage.py pruneflips + ${pkgs.curl}/bin/curl $CURL_OPTIONS http://webserver.healthchecks.svc/ping/$MAINTENANCE_CHECK_UUID + ''; + in + pkgs.dockerTools.buildLayeredImage ( + pkgs.lib.attrsets.recursiveUpdate baseImage { + name = "healthchecks-maintenance"; + config = { + Cmd = [ + "${script}" + ]; + ExposedPorts = {}; + }; + } + ); + + migrate = pkgs.dockerTools.buildLayeredImage ( + pkgs.lib.attrsets.recursiveUpdate baseImage { + name = "healthchecks-migrate"; + config = { + Cmd = [ + "${self.packages.${system}.healthchecks}/app/manage.py" + "migrate" + ]; + ExposedPorts = {}; + }; + } + ); + + webserver = let + uwsgi = pkgs.uwsgi.override { + plugins = ["python3"]; + }; + uwsgi-ini = pkgs.writeTextFile { + name = "uwsgi.ini"; + text = '' + [uwsgi] + buffer-size = 32768 + chdir = ${self.packages.${system}.healthchecks}/app + die-on-term + disable-write-exception + enable-threads + harakiri = 10 + http-socket = :8000 + master + max-fd = 10000 + mime-file = ${pkgs.mailcap}/etc/nginx/mime.types + module = hc.wsgi:application + plugins = python3 + post-buffering = 16192 + processes = 4 + threads = 1 + thunder-lock + ''; + }; + in + pkgs.dockerTools.buildLayeredImage ( + pkgs.lib.attrsets.recursiveUpdate baseImage { + name = "healthchecks-webserver"; + fakeRootCommands = '' ; + mkdir /tmp + chmod 0777 /tmp + ''; + config = { + Cmd = [ + "${uwsgi}/bin/uwsgi" + "${uwsgi-ini}" + ]; + ExposedPorts = { + "8000/tcp" = {}; + }; + }; + } + ); + + static = pkgs.dockerTools.buildLayeredImage { + name = "healthchecks-static"; + tag = "latest"; + maxLayers = 2; + config = { + User = "5000:5000"; + Cmd = [ + "${pkgs.static-web-server}/bin/static-web-server" + "--port=8000" + "--root=${self.packages.${system}.healthchecks.static}" + ]; + ExposedPorts = { + "8000/tcp" = {}; + }; + }; + }; + }; + checks.${system} = { + webserver = self.packages.${system}.webserver; + smtpd = self.packages.${system}.smtpd; + sendalerts = self.packages.${system}.sendalerts; + sendreports = self.packages.${system}.sendreports; + maintenance = self.packages.${system}.maintenance; + migrate = self.packages.${system}.migrate; + static = self.packages.${system}.static; + }; + }; }