movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-09 19:13:26 +03:00
Code Issues Projects Releases Packages Wiki Activity
nixpkgs/nixos/modules/services/web-apps/plausible.nix

338 lines
11 KiB
Nix
Raw Normal View History

treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
{
lib,
pkgs,
config,
...
}:
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
with lib;
let
cfg = config.services.plausible;
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
in
{
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
options.services.plausible = {
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
enable = mkEnableOption "plausible";
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
treewide: replace `mkPackageOptionMD` with `mkPackageOption`
2023-11-30 19:03:14 +01:00
package = mkPackageOption pkgs "plausible" { };
nixos/plausible: add package option
2023-04-17 11:18:23 +02:00
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
database = {
clickhouse = {
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
setup = mkEnableOption "creating a clickhouse instance" // {
default = true;
};
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
url = mkOption {
default = "http://localhost:8123/default";
type = types.str;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
nixos/*: automatically convert option docs
2022-08-15 07:16:25 +02:00
The URL to be used to connect to `clickhouse`.
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
'';
};
};
postgres = {
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
setup = mkEnableOption "creating a postgresql instance" // {
default = true;
};
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
dbname = mkOption {
default = "plausible";
type = types.str;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
Name of the database to use.
'';
};
socket = mkOption {
default = "/run/postgresql";
type = types.str;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
nixos/*: automatically convert option docs
2022-08-15 07:16:25 +02:00
Path to the UNIX domain-socket to communicate with `postgres`.
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
'';
};
};
};
server = {
disableRegistration = mkOption {
default = true;
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
type = types.enum [
true
false
"invite_only"
];
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
nixos/plausible: add invite only registrations
2023-10-26 16:54:25 +02:00
Whether to prohibit creating an account in plausible's UI or allow on `invite_only`.
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
'';
};
secretKeybaseFile = mkOption {
type = types.either types.path types.str;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
treewide: automatically md-convert option descriptions the conversion procedure is simple: - find all things that look like options, ie calls to either `mkOption` or `lib.mkOption` that take an attrset. remember the attrset as the option - for all options, find a `description` attribute who's value is not a call to `mdDoc` or `lib.mdDoc` - textually convert the entire value of the attribute to MD with a few simple regexes (the set from mdize-module.sh) - if the change produced a change in the manual output, discard - if the change kept the manual unchanged, add some text to the description to make sure we've actually found an option. if the manual changes this time, keep the converted description this procedure converts 80% of nixos options to markdown. around 2000 options remain to be inspected, but most of those fail the "does not change the manual output check": currently the MD conversion process does not faithfully convert docbook tags like <code> and <package>, so any option using such tags will not be converted at all.
2022-07-28 23:19:15 +02:00
Path to the secret used by the `phoenix`-framework. Instructions
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
how to generate one are documented in the
nixos/plausible: fix documentation link formatting
2025-02-12 11:23:30 -05:00
[framework docs](https://hexdocs.pm/phoenix/Mix.Tasks.Phx.Gen.Secret.html#content).
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
'';
};
plausible, nixos/plausible: Add `listenAddress` option. This changes * the plausible HTTP web server to be listening on localhost only, explicitly. This makes Plausible have an explicit safe default configuration, like all other networked services in NixOS. For background discussion, see: https://github.com/NixOS/nixpkgs/issues/130244 As per my upstream Plausible contribution (https://github.com/plausible/analytics/pull/1190) Plausible >= 1.5 also defaults to listening to localhost only; nevertheless, this default should be stated explicitly in nixpkgs for easier review and independence from upstream changes, and a NixOS user must be able to configure the `listenAddress`, as there are valid use cases for that. Also, disable * the Erlang Beam VM inter-node RPC port * the Erlang EPMD port because Plausible does not use them (see added comment). This is done by setting `RELEASE_DISTRIBUTION=none`. Thus, this commit also removes the NixOS setting `releaseCookiePath`, because it now has no effect.
2022-01-13 03:21:32 +00:00
listenAddress = mkOption {
default = "127.0.0.1";
type = types.str;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
plausible, nixos/plausible: Add `listenAddress` option. This changes * the plausible HTTP web server to be listening on localhost only, explicitly. This makes Plausible have an explicit safe default configuration, like all other networked services in NixOS. For background discussion, see: https://github.com/NixOS/nixpkgs/issues/130244 As per my upstream Plausible contribution (https://github.com/plausible/analytics/pull/1190) Plausible >= 1.5 also defaults to listening to localhost only; nevertheless, this default should be stated explicitly in nixpkgs for easier review and independence from upstream changes, and a NixOS user must be able to configure the `listenAddress`, as there are valid use cases for that. Also, disable * the Erlang Beam VM inter-node RPC port * the Erlang EPMD port because Plausible does not use them (see added comment). This is done by setting `RELEASE_DISTRIBUTION=none`. Thus, this commit also removes the NixOS setting `releaseCookiePath`, because it now has no effect.
2022-01-13 03:21:32 +00:00
The IP address on which the server is listening.
'';
};
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
port = mkOption {
default = 8000;
type = types.port;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
Port where the service should be available.
'';
};
baseUrl = mkOption {
type = types.str;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
Public URL where plausible is available.
nixos/plausible: docs: Mention caveate of `baseUrl`
2021-07-14 03:28:57 +00:00
treewide: automatically md-convert option descriptions the conversion procedure is simple: - find all things that look like options, ie calls to either `mkOption` or `lib.mkOption` that take an attrset. remember the attrset as the option - for all options, find a `description` attribute who's value is not a call to `mdDoc` or `lib.mdDoc` - textually convert the entire value of the attribute to MD with a few simple regexes (the set from mdize-module.sh) - if the change produced a change in the manual output, discard - if the change kept the manual unchanged, add some text to the description to make sure we've actually found an option. if the manual changes this time, keep the converted description this procedure converts 80% of nixos options to markdown. around 2000 options remain to be inspected, but most of those fail the "does not change the manual output check": currently the MD conversion process does not faithfully convert docbook tags like <code> and <package>, so any option using such tags will not be converted at all.
2022-07-28 23:19:15 +02:00
Note that `/path` components are currently ignored:
nixos/plausible: fix documentation link formatting
2025-02-12 11:23:30 -05:00
<https://github.com/plausible/analytics/issues/1182>.
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
'';
};
};
mail = {
email = mkOption {
plausible: first review fix iteration * Most significant is probably the patching necessary to run plausible with postgres without superuser privilege. This change includes: * updating ecto_sql to 3.6 where `CREATE DATABASE` is only executed if it doesn't exist[1]. * patching a migration to only modify the `users.email` column (to use `citext` rather than creating the extension. `plausible-postgres` takes care of that). * Correctly declare dependencies in systemd. * A few minor fixes. [1] https://github.com/elixir-ecto/ecto_sql/commit/051baf669ef6ec92639ccc8b113d00b98047e927
2021-05-29 16:13:20 +02:00
default = "hello@plausible.local";
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
type = types.str;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
treewide: automatically md-convert option descriptions the conversion procedure is simple: - find all things that look like options, ie calls to either `mkOption` or `lib.mkOption` that take an attrset. remember the attrset as the option - for all options, find a `description` attribute who's value is not a call to `mdDoc` or `lib.mdDoc` - textually convert the entire value of the attribute to MD with a few simple regexes (the set from mdize-module.sh) - if the change produced a change in the manual output, discard - if the change kept the manual unchanged, add some text to the description to make sure we've actually found an option. if the manual changes this time, keep the converted description this procedure converts 80% of nixos options to markdown. around 2000 options remain to be inspected, but most of those fail the "does not change the manual output check": currently the MD conversion process does not faithfully convert docbook tags like <code> and <package>, so any option using such tags will not be converted at all.
2022-07-28 23:19:15 +02:00
The email id to use for as *from* address of all communications
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
from Plausible.
'';
};
smtp = {
hostAddr = mkOption {
default = "localhost";
type = types.str;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
The host address of your smtp server.
'';
};
hostPort = mkOption {
default = 25;
type = types.port;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
The port of your smtp server.
'';
};
user = mkOption {
default = null;
type = types.nullOr types.str;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
The username/email in case SMTP auth is enabled.
'';
};
passwordFile = mkOption {
default = null;
type = with types; nullOr (either str path);
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
The path to the file with the password in case SMTP auth is enabled.
'';
};
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
enableSSL = mkEnableOption "SSL when connecting to the SMTP server";
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
retries = mkOption {
type = types.ints.unsigned;
default = 2;
nixos: remove all uses of lib.mdDoc these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
2024-04-13 14:54:15 +02:00
description = ''
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
Number of retries to make until mailer gives up.
'';
};
};
};
};
plausible, nixos/plausible: Add `listenAddress` option. This changes * the plausible HTTP web server to be listening on localhost only, explicitly. This makes Plausible have an explicit safe default configuration, like all other networked services in NixOS. For background discussion, see: https://github.com/NixOS/nixpkgs/issues/130244 As per my upstream Plausible contribution (https://github.com/plausible/analytics/pull/1190) Plausible >= 1.5 also defaults to listening to localhost only; nevertheless, this default should be stated explicitly in nixpkgs for easier review and independence from upstream changes, and a NixOS user must be able to configure the `listenAddress`, as there are valid use cases for that. Also, disable * the Erlang Beam VM inter-node RPC port * the Erlang EPMD port because Plausible does not use them (see added comment). This is done by setting `RELEASE_DISTRIBUTION=none`. Thus, this commit also removes the NixOS setting `releaseCookiePath`, because it now has no effect.
2022-01-13 03:21:32 +00:00
imports = [
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
(mkRemovedOptionModule [ "services" "plausible" "releaseCookiePath" ]
"Plausible uses no distributed Erlang features, so this option is no longer necessary and was removed"
)
(mkRemovedOptionModule [
"services"
"plausible"
"adminUser"
"name"
] "Admin user is now created using first start wizard")
(mkRemovedOptionModule [
"services"
"plausible"
"adminUser"
"email"
] "Admin user is now created using first start wizard")
(mkRemovedOptionModule [
"services"
"plausible"
"adminUser"
"passwordFile"
] "Admin user is now created using first start wizard")
(mkRemovedOptionModule [
"services"
"plausible"
"adminUser"
"activate"
] "Admin user is now created using first start wizard")
plausible, nixos/plausible: Add `listenAddress` option. This changes * the plausible HTTP web server to be listening on localhost only, explicitly. This makes Plausible have an explicit safe default configuration, like all other networked services in NixOS. For background discussion, see: https://github.com/NixOS/nixpkgs/issues/130244 As per my upstream Plausible contribution (https://github.com/plausible/analytics/pull/1190) Plausible >= 1.5 also defaults to listening to localhost only; nevertheless, this default should be stated explicitly in nixpkgs for easier review and independence from upstream changes, and a NixOS user must be able to configure the `listenAddress`, as there are valid use cases for that. Also, disable * the Erlang Beam VM inter-node RPC port * the Erlang EPMD port because Plausible does not use them (see added comment). This is done by setting `RELEASE_DISTRIBUTION=none`. Thus, this commit also removes the NixOS setting `releaseCookiePath`, because it now has no effect.
2022-01-13 03:21:32 +00:00
];
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
config = mkIf cfg.enable {
services.postgresql = mkIf cfg.database.postgres.setup {
enable = true;
};
services.clickhouse = mkIf cfg.database.clickhouse.setup {
enable = true;
};
nixos/plausible: add package option
2023-04-17 11:18:23 +02:00
environment.systemPackages = [ cfg.package ];
plausible: add remote connection with iex
2021-11-09 08:15:53 -05:00
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
systemd.services = mkMerge [
{
plausible = {
nixos/plausible: add package option
2023-04-17 11:18:23 +02:00
inherit (cfg.package.meta) description;
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
documentation = [ "https://plausible.io/docs/self-hosting" ];
plausible: first review fix iteration * Most significant is probably the patching necessary to run plausible with postgres without superuser privilege. This change includes: * updating ecto_sql to 3.6 where `CREATE DATABASE` is only executed if it doesn't exist[1]. * patching a migration to only modify the `users.email` column (to use `citext` rather than creating the extension. `plausible-postgres` takes care of that). * Correctly declare dependencies in systemd. * A few minor fixes. [1] https://github.com/elixir-ecto/ecto_sql/commit/051baf669ef6ec92639ccc8b113d00b98047e927
2021-05-29 16:13:20 +02:00
wantedBy = [ "multi-user.target" ];
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
after =
optional cfg.database.clickhouse.setup "clickhouse.service"
++ optionals cfg.database.postgres.setup [
make plausible service start after clickhouse service Plausible fails on start because clickhouse is not ready, when clickhouse has low CPU available, eg. ```nix {systemd.services.clickhouse.serviceConfig.CPUWeight = 20;} ``` Fixed with ```nix {systemd.services.plausible.after = [ "clickhouse.service" ];} ```
2022-08-14 16:53:42 +02:00
"postgresql.service"
"plausible-postgres.service"
];
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
requires =
optional cfg.database.clickhouse.setup "clickhouse.service"
plausible: first review fix iteration * Most significant is probably the patching necessary to run plausible with postgres without superuser privilege. This change includes: * updating ecto_sql to 3.6 where `CREATE DATABASE` is only executed if it doesn't exist[1]. * patching a migration to only modify the `users.email` column (to use `citext` rather than creating the extension. `plausible-postgres` takes care of that). * Correctly declare dependencies in systemd. * A few minor fixes. [1] https://github.com/elixir-ecto/ecto_sql/commit/051baf669ef6ec92639ccc8b113d00b98047e927
2021-05-29 16:13:20 +02:00
++ optionals cfg.database.postgres.setup [
"postgresql.service"
"plausible-postgres.service"
];
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
environment =
{
# NixOS specific option to avoid that it's trying to write into its store-path.
# See also https://github.com/lau/tzdata#data-directory-and-releases
STORAGE_DIR = "/var/lib/plausible/elixir_tzdata";
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
# Configuration options from
# https://plausible.io/docs/self-hosting-configuration
PORT = toString cfg.server.port;
LISTEN_IP = cfg.server.listenAddress;
plausible, nixos/plausible: Add `listenAddress` option. This changes * the plausible HTTP web server to be listening on localhost only, explicitly. This makes Plausible have an explicit safe default configuration, like all other networked services in NixOS. For background discussion, see: https://github.com/NixOS/nixpkgs/issues/130244 As per my upstream Plausible contribution (https://github.com/plausible/analytics/pull/1190) Plausible >= 1.5 also defaults to listening to localhost only; nevertheless, this default should be stated explicitly in nixpkgs for easier review and independence from upstream changes, and a NixOS user must be able to configure the `listenAddress`, as there are valid use cases for that. Also, disable * the Erlang Beam VM inter-node RPC port * the Erlang EPMD port because Plausible does not use them (see added comment). This is done by setting `RELEASE_DISTRIBUTION=none`. Thus, this commit also removes the NixOS setting `releaseCookiePath`, because it now has no effect.
2022-01-13 03:21:32 +00:00
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
# Note [plausible-needs-no-erlang-distributed-features]:
# Plausible does not use, and does not plan to use, any of
# Erlang's distributed features, see:
# https://github.com/plausible/analytics/pull/1190#issuecomment-1018820934
# Thus, disable distribution for improved simplicity and security:
#
# When distribution is enabled,
treewide: fix typos
2025-06-02 15:54:57 +02:00
# Elixir spawns the Erlang VM, which will listen by default on all
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
# interfaces for messages between Erlang nodes (capable of
# remote code execution); it can be protected by a cookie; see
# https://erlang.org/doc/reference_manual/distributed.html#security).
#
# It would be possible to restrict the interface to one of our choice
# (e.g. localhost or a VPN IP) similar to how we do it with `listenAddress`
# for the Plausible web server; if distribution is ever needed in the future,
# https://github.com/NixOS/nixpkgs/pull/130297 shows how to do it.
#
# But since Plausible does not use this feature in any way,
# we just disable it.
RELEASE_DISTRIBUTION = "none";
# Additional safeguard, in case `RELEASE_DISTRIBUTION=none` ever
# stops disabling the start of EPMD.
ERL_EPMD_ADDRESS = "127.0.0.1";
plausible, nixos/plausible: Add `listenAddress` option. This changes * the plausible HTTP web server to be listening on localhost only, explicitly. This makes Plausible have an explicit safe default configuration, like all other networked services in NixOS. For background discussion, see: https://github.com/NixOS/nixpkgs/issues/130244 As per my upstream Plausible contribution (https://github.com/plausible/analytics/pull/1190) Plausible >= 1.5 also defaults to listening to localhost only; nevertheless, this default should be stated explicitly in nixpkgs for easier review and independence from upstream changes, and a NixOS user must be able to configure the `listenAddress`, as there are valid use cases for that. Also, disable * the Erlang Beam VM inter-node RPC port * the Erlang EPMD port because Plausible does not use them (see added comment). This is done by setting `RELEASE_DISTRIBUTION=none`. Thus, this commit also removes the NixOS setting `releaseCookiePath`, because it now has no effect.
2022-01-13 03:21:32 +00:00
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
DISABLE_REGISTRATION =
if isBool cfg.server.disableRegistration then
boolToString cfg.server.disableRegistration
else
cfg.server.disableRegistration;
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
RELEASE_TMP = "/var/lib/plausible/tmp";
# Home is needed to connect to the node with iex
HOME = "/var/lib/plausible";
plausible: first review fix iteration * Most significant is probably the patching necessary to run plausible with postgres without superuser privilege. This change includes: * updating ecto_sql to 3.6 where `CREATE DATABASE` is only executed if it doesn't exist[1]. * patching a migration to only modify the `users.email` column (to use `citext` rather than creating the extension. `plausible-postgres` takes care of that). * Correctly declare dependencies in systemd. * A few minor fixes. [1] https://github.com/elixir-ecto/ecto_sql/commit/051baf669ef6ec92639ccc8b113d00b98047e927
2021-05-29 16:13:20 +02:00
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
DATABASE_URL = "postgresql:///${cfg.database.postgres.dbname}?host=${cfg.database.postgres.socket}";
CLICKHOUSE_DATABASE_URL = cfg.database.clickhouse.url;
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
BASE_URL = cfg.server.baseUrl;
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
MAILER_EMAIL = cfg.mail.email;
SMTP_HOST_ADDR = cfg.mail.smtp.hostAddr;
SMTP_HOST_PORT = toString cfg.mail.smtp.hostPort;
SMTP_RETRIES = toString cfg.mail.smtp.retries;
SMTP_HOST_SSL_ENABLED = boolToString cfg.mail.smtp.enableSSL;
plausible: first review fix iteration * Most significant is probably the patching necessary to run plausible with postgres without superuser privilege. This change includes: * updating ecto_sql to 3.6 where `CREATE DATABASE` is only executed if it doesn't exist[1]. * patching a migration to only modify the `users.email` column (to use `citext` rather than creating the extension. `plausible-postgres` takes care of that). * Correctly declare dependencies in systemd. * A few minor fixes. [1] https://github.com/elixir-ecto/ecto_sql/commit/051baf669ef6ec92639ccc8b113d00b98047e927
2021-05-29 16:13:20 +02:00
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
SELFHOST = "true";
}
// (optionalAttrs (cfg.mail.smtp.user != null) {
SMTP_USER_NAME = cfg.mail.smtp.user;
});
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
path = [ cfg.package ] ++ optional cfg.database.postgres.setup config.services.postgresql.package;
plausible: use loadcredentials plausible: service fixes, remove console attempt plausible: fix yarn.nix call
2021-10-30 21:58:21 +09:00
script = ''
plausible, nixos/plausible: Add `listenAddress` option. This changes * the plausible HTTP web server to be listening on localhost only, explicitly. This makes Plausible have an explicit safe default configuration, like all other networked services in NixOS. For background discussion, see: https://github.com/NixOS/nixpkgs/issues/130244 As per my upstream Plausible contribution (https://github.com/plausible/analytics/pull/1190) Plausible >= 1.5 also defaults to listening to localhost only; nevertheless, this default should be stated explicitly in nixpkgs for easier review and independence from upstream changes, and a NixOS user must be able to configure the `listenAddress`, as there are valid use cases for that. Also, disable * the Erlang Beam VM inter-node RPC port * the Erlang EPMD port because Plausible does not use them (see added comment). This is done by setting `RELEASE_DISTRIBUTION=none`. Thus, this commit also removes the NixOS setting `releaseCookiePath`, because it now has no effect.
2022-01-13 03:21:32 +00:00
# Elixir does not start up if `RELEASE_COOKIE` is not set,
# even though we set `RELEASE_DISTRIBUTION=none` so the cookie should be unused.
# Thus, make a random one, which should then be ignored.
export RELEASE_COOKIE=$(tr -dc A-Za-z0-9 < /dev/urandom | head -c 20)
plausible: fix admin user password seed and SMTP passwords LoadCredential was misused as it is not building any environment variable, it is the responsibility of our preStart to do it so Plausible's script can pick it up.
2023-07-02 17:03:53 +02:00
export SECRET_KEY_BASE="$(< $CREDENTIALS_DIRECTORY/SECRET_KEY_BASE )"
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
${lib.optionalString (
cfg.mail.smtp.passwordFile != null
) ''export SMTP_USER_PWD="$(< $CREDENTIALS_DIRECTORY/SMTP_USER_PWD )"''}
plausible: 1.4.0 -> 1.4.3 ChangeLog: https://github.com/plausible/analytics/blob/v1.4.3/CHANGELOG.md#unreleased Also makes the option `services.plausible.releaseCookiePath` mandatory[1]: since Elixir 1.13 the `RELEASE_COOKIE` env-var *must* be set, otherwise the startup fails[2]. Since we drop `$out/releases/COOKIE` in the `fixupPhase` of `mixRelease` and Elixir seems to always attempt to generate such a file[3], I figured it's reasonable to just make it mandatory now. Closes #155575 [1] https://nixos.org/manual/nixos/stable/options.html#opt-services.plausible.releaseCookiePath [2] https://github.com/elixir-lang/elixir/commit/f24eb2c1ef3cfb345e9420945c57f276148c0a89 / https://github.com/elixir-lang/elixir/issues/11114 [3] https://hexdocs.pm/mix/Mix.Tasks.Release.html, see `:cookie`
2022-01-25 17:19:49 +01:00
plausible: Do not run createdb.sh unless configured to setup the database Closes #300088
2024-03-29 16:23:18 -05:00
${lib.optionalString cfg.database.postgres.setup ''
# setup
nixos/plausible: fix unit start script In 8bb777ee378082942231f63a035923a475538030 a condition was added to only execute the createdb.sh script if database setup was configurated. However a superfluace " was added at the end of the line which cased an escaping error the resulted in #309520. Fixes #309520
2024-05-07 15:27:08 +02:00
${cfg.package}/createdb.sh
plausible: Do not run createdb.sh unless configured to setup the database Closes #300088
2024-03-29 16:23:18 -05:00
''}
nixos/plausible: add package option
2023-04-17 11:18:23 +02:00
${cfg.package}/migrate.sh
plausible: 1.5.1 -> 2.0.0 Changelog: https://github.com/plausible/analytics/blob/v2.0.0/CHANGELOG.md Co-authored-by: Kirill Radzikhovskyy <kirillrdy@gmail.com>
2023-09-06 12:00:20 -07:00
export IP_GEOLOCATION_DB=${pkgs.dbip-country-lite}/share/dbip/dbip-country-lite.mmdb
plausible: 1.4.0 -> 1.4.3 ChangeLog: https://github.com/plausible/analytics/blob/v1.4.3/CHANGELOG.md#unreleased Also makes the option `services.plausible.releaseCookiePath` mandatory[1]: since Elixir 1.13 the `RELEASE_COOKIE` env-var *must* be set, otherwise the startup fails[2]. Since we drop `$out/releases/COOKIE` in the `fixupPhase` of `mixRelease` and Elixir seems to always attempt to generate such a file[3], I figured it's reasonable to just make it mandatory now. Closes #155575 [1] https://nixos.org/manual/nixos/stable/options.html#opt-services.plausible.releaseCookiePath [2] https://github.com/elixir-lang/elixir/commit/f24eb2c1ef3cfb345e9420945c57f276148c0a89 / https://github.com/elixir-lang/elixir/issues/11114 [3] https://hexdocs.pm/mix/Mix.Tasks.Release.html, see `:cookie`
2022-01-25 17:19:49 +01:00
exec plausible start
plausible: use loadcredentials plausible: service fixes, remove console attempt plausible: fix yarn.nix call
2021-10-30 21:58:21 +09:00
'';
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
serviceConfig = {
DynamicUser = true;
PrivateTmp = true;
WorkingDirectory = "/var/lib/plausible";
StateDirectory = "plausible";
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00
LoadCredential =
[
"SECRET_KEY_BASE:${cfg.server.secretKeybaseFile}"
]
++ lib.optionals (cfg.mail.smtp.passwordFile != null) [
"SMTP_USER_PWD:${cfg.mail.smtp.passwordFile}"
];
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
};
};
}
(mkIf cfg.database.postgres.setup {
plausible: first review fix iteration * Most significant is probably the patching necessary to run plausible with postgres without superuser privilege. This change includes: * updating ecto_sql to 3.6 where `CREATE DATABASE` is only executed if it doesn't exist[1]. * patching a migration to only modify the `users.email` column (to use `citext` rather than creating the extension. `plausible-postgres` takes care of that). * Correctly declare dependencies in systemd. * A few minor fixes. [1] https://github.com/elixir-ecto/ecto_sql/commit/051baf669ef6ec92639ccc8b113d00b98047e927
2021-05-29 16:13:20 +02:00
# `plausible' requires the `citext'-extension.
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
plausible-postgres = {
after = [ "postgresql.service" ];
partOf = [ "plausible.service" ];
plausible: use loadcredentials plausible: service fixes, remove console attempt plausible: fix yarn.nix call
2021-10-30 21:58:21 +09:00
serviceConfig = {
Type = "oneshot";
User = config.services.postgresql.superUser;
RemainAfterExit = true;
};
script = with cfg.database.postgres; ''
plausible: first review fix iteration * Most significant is probably the patching necessary to run plausible with postgres without superuser privilege. This change includes: * updating ecto_sql to 3.6 where `CREATE DATABASE` is only executed if it doesn't exist[1]. * patching a migration to only modify the `users.email` column (to use `citext` rather than creating the extension. `plausible-postgres` takes care of that). * Correctly declare dependencies in systemd. * A few minor fixes. [1] https://github.com/elixir-ecto/ecto_sql/commit/051baf669ef6ec92639ccc8b113d00b98047e927
2021-05-29 16:13:20 +02:00
PSQL() {
plausible: use loadcredentials plausible: service fixes, remove console attempt plausible: fix yarn.nix call
2021-10-30 21:58:21 +09:00
${config.services.postgresql.package}/bin/psql --port=5432 "$@"
plausible: first review fix iteration * Most significant is probably the patching necessary to run plausible with postgres without superuser privilege. This change includes: * updating ecto_sql to 3.6 where `CREATE DATABASE` is only executed if it doesn't exist[1]. * patching a migration to only modify the `users.email` column (to use `citext` rather than creating the extension. `plausible-postgres` takes care of that). * Correctly declare dependencies in systemd. * A few minor fixes. [1] https://github.com/elixir-ecto/ecto_sql/commit/051baf669ef6ec92639ccc8b113d00b98047e927
2021-05-29 16:13:20 +02:00
}
plausible: use loadcredentials plausible: service fixes, remove console attempt plausible: fix yarn.nix call
2021-10-30 21:58:21 +09:00
# check if the database already exists
if ! PSQL -lqt | ${pkgs.coreutils}/bin/cut -d \| -f 1 | ${pkgs.gnugrep}/bin/grep -qw ${dbname} ; then
PSQL -tAc "CREATE ROLE plausible WITH LOGIN;"
PSQL -tAc "CREATE DATABASE ${dbname} WITH OWNER plausible;"
PSQL -d ${dbname} -tAc "CREATE EXTENSION IF NOT EXISTS citext;"
fi
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
'';
};
})
];
};
nixos/outline: add cyberus team as maintainer
2024-07-30 12:37:45 +02:00
meta.maintainers = teams.cyberus.members;
nixos/manual: render module chapters with nixos-render-docs this converts meta.doc into an md pointer, not an xml pointer. since we no longer need xml for manual chapters we can also remove support for manual chapters from md-to-db.sh since pandoc converts smart quotes to docbook quote elements and our nixos-render-docs does not we lose this distinction in the rendered output. that's probably not that bad, our stylesheet didn't make use of this anyway (and pre-23.05 versions of the chapters didn't use quote elements either). also updates the nixpkgs manual to clarify that option docs support all extensions (although it doesn't support headings at all, so heading anchors don't work by extension).
2023-01-25 00:33:40 +01:00
meta.doc = ./plausible.md;
plausible: init at 1.3.0
2021-05-21 23:15:23 +02:00
}
Reference in a new issue Copy permalink