Merge pull request #280322 from h7x4/add-hocon-format-generator

/pkgs/pkgs-lib                                   @infinisil

## Format generators/serializers

/pkgs/pkgs-lib/formats/libconfig                 @ckiee @h7x4

/pkgs/pkgs-lib/formats/hocon                     @h7x4

# pkgs/by-name

/pkgs/test/nixpkgs-check-by-name @infinisil

let

  cfg = config.services.jibri;

  # Copied from the jitsi-videobridge.nix file.

  toHOCON = x:

    if isAttrs x && x ? __hocon_envvar then ("\${" + x.__hocon_envvar + "}")

    else if isAttrs x then "{${ concatStringsSep "," (mapAttrsToList (k: v: ''"${k}":${toHOCON v}'') x) }}"

    else if isList x then "[${ concatMapStringsSep "," toHOCON x }]"

    else builtins.toJSON x;

  format = pkgs.formats.hocon { };

  # We're passing passwords in environment variables that have names generated

  # from an attribute name, which may not be a valid bash identifier.

        control-login = {

          domain = env.control.login.domain;

          username = env.control.login.username;

          password.__hocon_envvar = toVarName "${name}_control";

          password = format.lib.mkSubstitution (toVarName "${name}_control");

        };

        call-login = {

          domain = env.call.login.domain;

          username = env.call.login.username;

          password.__hocon_envvar = toVarName "${name}_call";

          password = format.lib.mkSubstitution (toVarName "${name}_call");

        };

        strip-from-room-domain = env.stripFromRoomDomain;

  };

  # Allow overriding leaves of the default config despite types.attrs not doing any merging.

  jibriConfig = recursiveUpdate defaultJibriConfig cfg.config;

  configFile = pkgs.writeText "jibri.conf" (toHOCON { jibri = jibriConfig; });

  configFile = format.generate "jibri.conf" { jibri = jibriConfig; };

in

{

  options.services.jibri = with types; {

    enable = mkEnableOption (lib.mdDoc "Jitsi BRoadcasting Infrastructure. Currently Jibri must be run on a host that is also running {option}`services.jitsi-meet.enable`, so for most use cases it will be simpler to run {option}`services.jitsi-meet.jibri.enable`");

    config = mkOption {

      type = attrs;

      type = format.type;

      default = { };

      description = lib.mdDoc ''

        Jibri configuration.

let

  cfg = config.services.jicofo;

  # HOCON is a JSON superset that some jitsi-meet components use for configuration

  toHOCON = x: if isAttrs x && x ? __hocon_envvar then ("\${" + x.__hocon_envvar + "}")

    else if isAttrs x && x ? __hocon_unquoted_string then x.__hocon_unquoted_string

    else if isAttrs x then "{${ concatStringsSep "," (mapAttrsToList (k: v: ''"${k}":${toHOCON v}'') x) }}"

    else if isList x then "[${ concatMapStringsSep "," toHOCON x }]"

    else builtins.toJSON x;

  configFile = pkgs.writeText "jicofo.conf" (toHOCON cfg.config);

  format = pkgs.formats.hocon { };

  configFile = format.generate "jicofo.conf" cfg.config;

in

{

  options.services.jicofo = with types; {

    };

    config = mkOption {

      type = (pkgs.formats.json {}).type;

      type = format.type;

      default = { };

      example = literalExpression ''

        {

            hostname = cfg.xmppHost;

            username = cfg.userName;

            domain = cfg.userDomain;

            password = { __hocon_envvar = "JICOFO_AUTH_PASS"; };

            password = format.lib.mkSubstitution "JICOFO_AUTH_PASS";

            xmpp-domain = if cfg.xmppDomain == null then cfg.xmppHost else cfg.xmppDomain;

          };

          service = client;

  cfg = config.services.jitsi-videobridge;

  attrsToArgs = a: concatStringsSep " " (mapAttrsToList (k: v: "${k}=${toString v}") a);

  # HOCON is a JSON superset that videobridge2 uses for configuration.

  # It can substitute environment variables which we use for passwords here.

  # https://github.com/lightbend/config/blob/master/README.md

  #

  # Substitution for environment variable FOO is represented as attribute set

  # { __hocon_envvar = "FOO"; }

  toHOCON = x: if isAttrs x && x ? __hocon_envvar then ("\${" + x.__hocon_envvar + "}")

    else if isAttrs x then "{${ concatStringsSep "," (mapAttrsToList (k: v: ''"${k}":${toHOCON v}'') x) }}"

    else if isList x then "[${ concatMapStringsSep "," toHOCON x }]"

    else builtins.toJSON x;

  format = pkgs.formats.hocon { };

  # We're passing passwords in environment variables that have names generated

  # from an attribute name, which may not be a valid bash identifier.

        hostname = xmppConfig.hostName;

        domain = xmppConfig.domain;

        username = xmppConfig.userName;

        password = { __hocon_envvar = toVarName name; };

        password = format.lib.mkSubstitution (toVarName name);

        muc_jids = xmppConfig.mucJids;

        muc_nickname = xmppConfig.mucNickname;

        disable_certificate_verification = xmppConfig.disableCertificateVerification;

        "-Dnet.java.sip.communicator.SC_HOME_DIR_LOCATION" = "/etc/jitsi";

        "-Dnet.java.sip.communicator.SC_HOME_DIR_NAME" = "videobridge";

        "-Djava.util.logging.config.file" = "/etc/jitsi/videobridge/logging.properties";

        "-Dconfig.file" = pkgs.writeText "jvb.conf" (toHOCON jvbConfig);

        "-Dconfig.file" = format.generate "jvb.conf" jvbConfig;

        # Mitigate CVE-2021-44228

        "-Dlog4j2.formatMsgNoLookups" = true;

      } // (mapAttrs' (k: v: nameValuePair "-D${k}" v) cfg.extraProperties);

let

  cfg = config.services.suwayomi-server;

  inherit (lib) mkOption mdDoc mkEnableOption mkIf types;

  format = pkgs.formats.hocon { };

in

{

  options = {

      settings = mkOption {

        type = types.submodule {

          freeformType =

            let

              recursiveAttrsType = with types; attrsOf (nullOr (oneOf [

                str

                path

                int

                float

                bool

                (listOf str)

                (recursiveAttrsType // { description = "instances of this type recursively"; })

              ]));

            in

            recursiveAttrsType;

          freeformType = format.type;

          options = {

            server = {

              ip = mkOption {

    systemd.services.suwayomi-server =

      let

        flattenConfig = prefix: config:

          lib.foldl'

            lib.mergeAttrs

            { }

            (lib.attrValues

              (lib.mapAttrs

                (k: v:

                  if !(lib.isAttrs v)

                  then { "${prefix}${k}" = v; }

                  else flattenConfig "${prefix}${k}." v

                )

                config

              )

            );

        #  HOCON is a JSON superset that suwayomi-server use for configuration

        toHOCON = attr:

          let

            attrType = builtins.typeOf attr;

          in

          if builtins.elem attrType [ "string" "path" "int" "float" ]

          then ''"${toString attr}"''

          else if attrType == "bool"

          then lib.boolToString attr

          else if attrType == "list"

          then "[\n${lib.concatMapStringsSep ",\n" toHOCON attr}\n]"

          else # attrs, lambda, null

            throw ''

              [suwayomi-server]: invalid config value type '${attrType}'.

            '';

        configFile = pkgs.writeText "server.conf" (lib.pipe cfg.settings [

        configFile = format.generate "server.conf" (lib.pipe cfg.settings [

          (settings: lib.recursiveUpdate settings {

            server.basicAuthPasswordFile = null;

            server.basicAuthPassword =

              then "$TACHIDESK_SERVER_BASIC_AUTH_PASSWORD"

              else null;

          })

          (flattenConfig "")

          (lib.filterAttrs (_: x: x != null))

          (lib.mapAttrsToList (name: value: ''${name} = ${toHOCON value}''))

          lib.concatLines

          (lib.filterAttrsRecursive (_: x: x != null))

        ]);

      in

      {

        description = "A free and open source manga reader server that runs extensions built for Tachiyomi.";