shiori: 1.5.5 -> 1.7.0 (4f021e14) · Commits · mdf / nixpkgs

nixos/modules/services/web-apps/shiori.nix

+55 −21

Original line number	Diff line number	Diff line
		{ config, lib, pkgs, ... }:

		with lib;
		let
		cfg = config.services.shiori;
		let cfg = config.services.shiori;
		in {
		options = {
		services.shiori = {
		enable = mkEnableOption "Shiori simple bookmarks manager";
		enable = lib.mkEnableOption "Shiori simple bookmarks manager";

		package = mkPackageOption pkgs "shiori" { };
		package = lib.mkPackageOption pkgs "shiori" { };

		address = mkOption {
		type = types.str;
		address = lib.mkOption {
		type = lib.types.str;
		default = "";
		description = ''
		The IP address on which Shiori will listen.
		@@ -19,30 +17,55 @@ in {
		'';
		};

		port = mkOption {
		type = types.port;
		port = lib.mkOption {
		type = lib.types.port;
		default = 8080;
		description = "The port of the Shiori web application";
		};

		webRoot = mkOption {
		type = types.str;
		webRoot = lib.mkOption {
		type = lib.types.str;
		default = "/";
		example = "/shiori";
		description = "The root of the Shiori web application";
		};

		environmentFile = lib.mkOption {
		type = lib.types.null or lib.types.path;
		default = null;
		example = "/path/to/environmentFile";
		description = ''
		Path to file containing environment variables.
		Useful for passing down secrets.
		<https://github.com/go-shiori/shiori/blob/master/docs/Configuration.md#overall-configuration>
		'';
		};

		databaseUrl = lib.mkOption {
		type = lib.types.null or lib.types.str;
		default = null;
		example = "postgresql:///shiori?host=/run/postgresql";
		description = "The connection URL to connect to MySQL or PostgreSQL";
		};
		};
		};

		config = mkIf cfg.enable {
		systemd.services.shiori = with cfg; {
		config = lib.mkIf cfg.enable {
		systemd.services.shiori = {
		description = "Shiori simple bookmarks manager";
		wantedBy = [ "multi-user.target" ];

		environment.SHIORI_DIR = "/var/lib/shiori";
		after = [ "postgresql.service" "mysql.service" ];
		environment = {
		SHIORI_DIR = "/var/lib/shiori";
		} // lib.optionalAttrs (cfg.databaseUrl != null) {
		SHIORI_DATABASE_URL = cfg.databaseUrl;
		};

		serviceConfig = {
		ExecStart = "${package}/bin/shiori serve --address '${address}' --port '${toString port}' --webroot '${webRoot}'";
		ExecStart =
		"${cfg.package}/bin/shiori server --address '${cfg.address}' --port '${
		toString cfg.port
		}' --webroot '${cfg.webRoot}'";

		DynamicUser = true;
		StateDirectory = "shiori";
		@@ -50,15 +73,20 @@ in {
		RuntimeDirectory = "shiori";

		# Security options

		EnvironmentFile =
		lib.optional (cfg.environmentFile != null) cfg.environmentFile;
		BindReadOnlyPaths = [
		"/nix/store"

		# For SSL certificates, and the resolv.conf
		"/etc"
		];
		] ++ lib.optional (lib.strings.hasInfix "postgres" cfg.databaseUrl
		&& config.services.postgresql.enable) "/run/postgresql"
		++ lib.optional (lib.strings.hasInfix "mysql" cfg.databaseUrl
		&& config.services.mysql.enable) "/var/run/mysqld";

		CapabilityBoundingSet = "";
		AmbientCapabilities = "CAP_NET_BIND_SERVICE";

		DeviceAllow = "";

		@@ -78,7 +106,7 @@ in {
		ProtectKernelTunables = true;

		RestrictNamespaces = true;
		RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
		RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
		RestrictRealtime = true;
		RestrictSUIDSGID = true;

		@@ -88,11 +116,17 @@ in {
		SystemCallErrorNumber = "EPERM";
		SystemCallFilter = [
		"@system-service"
		"~@cpu-emulation" "~@debug" "~@keyring" "~@memlock" "~@obsolete" "~@privileged" "~@setuid"
		"~@cpu-emulation"
		"~@debug"
		"~@keyring"
		"~@memlock"
		"~@obsolete"
		"~@privileged"
		"~@setuid"
		];
		};
		};
		};

		meta.maintainers = with maintainers; [ minijackson ];
		meta.maintainers = with lib.maintainers; [ minijackson CaptainJawZ ];
		}

nixos/tests/shiori.nix

+66 −67

Original line number	Diff line number	Diff line
		@@ -4,9 +4,7 @@ import ./make-test-python.nix ({ pkgs, lib, ...}:
		name = "shiori";
		meta.maintainers = with lib.maintainers; [ minijackson ];

		nodes.machine =
		{ ... }:
		{ services.shiori.enable = true; };
		nodes.machine = { ... }: { services.shiori.enable = true; };

		testScript = let
		authJSON = pkgs.writeText "auth.json" (builtins.toJSON {
		@@ -20,7 +18,8 @@ import ./make-test-python.nix ({ pkgs, lib, ...}:
		title = "Example Bookmark";
		};

		insertBookmarkJSON = pkgs.writeText "insertBookmark.json" (builtins.toJSON insertBookmark);
		insertBookmarkJSON =
		pkgs.writeText "insertBookmark.json" (builtins.toJSON insertBookmark);
		in ''
		import json

pkgs/servers/web-apps/shiori/default.nix

+14 −8

Original line number	Diff line number	Diff line
		{ lib, buildGoModule, fetchFromGitHub, nixosTests }:
		{ lib, buildGoModule, fetchFromGitHub, nixosTests, installShellFiles }:

		buildGoModule rec {
		pname = "shiori";
		version = "1.5.5";
		version = "1.7.0";

		vendorHash = "sha256-suWdtqf5IZntEVD+NHGD6RsL1tjcGH9vh5skISW+aCc=";
		vendorHash = "sha256-fakRqgoEcdzw9WZuubaxfGfvVrMvb8gV/IwPikMnfRQ=";

		doCheck = false;

		@@ -12,18 +12,24 @@ buildGoModule rec {
		owner = "go-shiori";
		repo = pname;
		rev = "v${version}";
		sha256 = "sha256-kGPvCYvLLixEH9qih/F3StUyGPqlKukTWLSw41+Mq8E=";
		sha256 = "sha256-5+hTtvBnj3Nh5HitReVkLift9LTiMYVuuYx5EirN0SA=";
		};

		passthru.tests = {
		smoke-test = nixosTests.shiori;
		};
		nativeBuildInputs = [ installShellFiles ];
		postInstall = ''
		installShellCompletion --cmd shiori \
		--bash <($out/bin/shiori completion bash) \
		--fish <($out/bin/shiori completion fish) \
		--zsh <($out/bin/shiori completion zsh)
		'';

		# passthru.tests.smoke-test = nixosTests.shiori; # test broken

		meta = with lib; {
		description = "Simple bookmark manager built with Go";
		mainProgram = "shiori";
		homepage = "https://github.com/go-shiori/shiori";
		license = licenses.mit;
		maintainers = with maintainers; [ minijackson ];
		maintainers = with maintainers; [ minijackson CaptainJawZ ];
		};
		}

Admin message