Unverified Commit fdecb1da authored by Pol Dellaiera's avatar Pol Dellaiera Committed by GitHub
Browse files

Merge pull request #244941 from h7x4/reduce-options-in-hedgedoc-module 

nixos/hedgedoc: refactor to reduce option count
parents feb3b252 abe46882

nixos/doc/manual/release-notes/rl-2311.section.md

+2 −0
Original line number Diff line number Diff line
@@ -355,6 +355,8 @@ 


- The application firewall `opensnitch` now uses the process monitor method eBPF as default as recommended by upstream. The method can be changed with the setting [services.opensnitch.settings.ProcMonitorMethod](#opt-services.opensnitch.settings.ProcMonitorMethod).



- `services.hedgedoc` has been heavily refactored, reducing the amount of declared options in the module. Most of the options should still work without any changes. Some options have been deprecated, as they no longer have any effect. See [#244941](https://github.com/NixOS/nixpkgs/pull/244941) for more details.



- The module [services.ankisyncd](#opt-services.ankisyncd.package) has been switched to [anki-sync-server-rs](https://github.com/ankicommunity/anki-sync-server-rs) from the old python version, which was difficult to update, had not been updated in a while, and did not support recent versions of anki.

Unfortunately all servers supporting new clients (newer version of anki-sync-server, anki's built in sync server and this new rust package) do not support the older sync protocol that was used in the old server, so such old clients will also need updating and in particular the anki package in nixpkgs is also being updated in this release.

The module update takes care of the new config syntax and the data itself (user login and cards) are compatible, so users of the module will be able to just log in again after updating both client and server without any extra action.

nixos/modules/services/web-apps/hedgedoc.nix

+237 −989

File changed.

Preview size limit exceeded, changes collapsed.

nixos/tests/hedgedoc.nix

+49 −13
Original line number Diff line number Diff line
@@ -8,25 +8,54 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: 


  nodes = {

    hedgedocSqlite = { ... }: {

      services.hedgedoc.enable = true;

    };



    hedgedocPostgresWithTCPSocket = { ... }: {

      systemd.services.hedgedoc.after = [ "postgresql.service" ];

      services = {

        hedgedoc = {

          enable = true;

          settings.dbURL = "sqlite:///var/lib/hedgedoc/hedgedoc.db";

          settings.db = {

            dialect = "postgres";

            user = "hedgedoc";

            password = "$DB_PASSWORD";

            host = "localhost";

            port = 5432;

            database = "hedgedocdb";

          };



          /*

           * Do not use pkgs.writeText for secrets as

           * they will end up in the world-readable Nix store.

           */

          environmentFile = pkgs.writeText "hedgedoc-env" ''

            DB_PASSWORD=snakeoilpassword

          '';

        };

        postgresql = {

          enable = true;

          initialScript = pkgs.writeText "pg-init-script.sql" ''

            CREATE ROLE hedgedoc LOGIN PASSWORD 'snakeoilpassword';

            CREATE DATABASE hedgedocdb OWNER hedgedoc;

          '';

        };

      };

    };



    hedgedocPostgres = { ... }: {

    hedgedocPostgresWithUNIXSocket = { ... }: {

      systemd.services.hedgedoc.after = [ "postgresql.service" ];

      services = {

        hedgedoc = {

          enable = true;

          settings.dbURL = "postgres://hedgedoc:\${DB_PASSWORD}@localhost:5432/hedgedocdb";

          settings.db = {

            dialect = "postgres";

            user = "hedgedoc";

            password = "$DB_PASSWORD";

            host = "/run/postgresql";

            database = "hedgedocdb";

          };



          /*

           * Do not use pkgs.writeText for secrets as

           * they will end up in the world-readable Nix store.

           */

          environmentFile = pkgs.writeText "hedgedoc-env" ''

            DB_PASSWORD=snakeoilpassword

          '';
@@ -50,11 +79,18 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: 
        hedgedocSqlite.wait_for_open_port(3000)

        hedgedocSqlite.wait_until_succeeds("curl -sSf http://localhost:3000/new")



    with subtest("HedgeDoc postgres"):

        hedgedocPostgres.wait_for_unit("postgresql.service")

        hedgedocPostgres.wait_for_unit("hedgedoc.service")

        hedgedocPostgres.wait_for_open_port(5432)

        hedgedocPostgres.wait_for_open_port(3000)

        hedgedocPostgres.wait_until_succeeds("curl -sSf http://localhost:3000/new")

    with subtest("HedgeDoc postgres with TCP socket"):

        hedgedocPostgresWithTCPSocket.wait_for_unit("postgresql.service")

        hedgedocPostgresWithTCPSocket.wait_for_unit("hedgedoc.service")

        hedgedocPostgresWithTCPSocket.wait_for_open_port(5432)

        hedgedocPostgresWithTCPSocket.wait_for_open_port(3000)

        hedgedocPostgresWithTCPSocket.wait_until_succeeds("curl -sSf http://localhost:3000/new")



    with subtest("HedgeDoc postgres with UNIX socket"):

        hedgedocPostgresWithUNIXSocket.wait_for_unit("postgresql.service")

        hedgedocPostgresWithUNIXSocket.wait_for_unit("hedgedoc.service")

        hedgedocPostgresWithUNIXSocket.wait_for_open_port(5432)

        hedgedocPostgresWithUNIXSocket.wait_for_open_port(3000)

        hedgedocPostgresWithUNIXSocket.wait_until_succeeds("curl -sSf http://localhost:3000/new")

  '';

})