movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-15 14:09:17 +03:00
Code Issues Projects Releases Packages Wiki Activity

treewide: Format all Nix files

Browse source 
Format all Nix files using the officially approved formatter,
making the CI check introduced in the previous commit succeed:

  nix-build ci -A fmt.check

This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153)
of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166).

This commit will lead to merge conflicts for a number of PRs,
up to an estimated ~1100 (~33%) among the PRs with activity in the past 2
months, but that should be lower than what it would be without the previous
[partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537).

Merge conflicts caused by this commit can now automatically be resolved while rebasing using the
[auto-rebase script](8616af08d9/maintainers/scripts/auto-rebase).

If you run into any problems regarding any of this, please reach out to the
[formatting team](https://nixos.org/community/teams/formatting/) by
pinging @NixOS/nix-formatting.
This commit is contained in:
Silvan Mosberger 2025-04-01 20:10:43 +02:00
parent 2140bf39e4
commit 374e6bcc40
1523 changed files with 986047 additions and 513621 deletions
Download patch file Download diff file Expand all files Collapse all files

212
nixos/modules/services/web-apps/bookstack.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
@ -26,10 +31,19 @@ let
tlsEnabled = cfg.nginx.addSSL || cfg.nginx.forceSSL || cfg.nginx.onlySSL || cfg.nginx.enableACME;
in {
in
{
imports = [
(mkRemovedOptionModule [ "services" "bookstack" "extraConfig" ] "Use services.bookstack.config instead.")
(mkRemovedOptionModule [ "services" "bookstack" "cacheDir" ] "The cache directory is now handled automatically.")
(mkRemovedOptionModule [
"services"
"bookstack"
"extraConfig"
] "Use services.bookstack.config instead.")
(mkRemovedOptionModule [
"services"
"bookstack"
"cacheDir"
] "The cache directory is now handled automatically.")
];
options.services.bookstack = {
@ -126,7 +140,10 @@ in {
mail = {
driver = mkOption {
type = types.enum [ "smtp" "sendmail" ];
type = types.enum [
"smtp"
"sendmail"
];
default = "smtp";
description = "Mail driver to use.";
};
@ -180,7 +197,13 @@ in {
};
poolConfig = mkOption {
type = with types; attrsOf (oneOf [ str int bool ]);
type =
with types;
attrsOf (oneOf [
str
int
bool
]);
default = {
"pm" = "dynamic";
"pm.max_children" = 32;
@ -197,10 +220,9 @@ in {
nginx = mkOption {
type = types.submodule (
recursiveUpdate
(import ../web-servers/nginx/vhost-options.nix { inherit config lib; }) {}
recursiveUpdate (import ../web-servers/nginx/vhost-options.nix { inherit config lib; }) { }
);
default = {};
default = { };
example = literalExpression ''
{
serverAliases = [
@ -217,10 +239,11 @@ in {
};
config = mkOption {
type = with types;
attrsOf
(nullOr
(either
type =
with types;
attrsOf (
nullOr (
either
(oneOf [
bool
int
@ -239,8 +262,10 @@ in {
'';
};
};
})));
default = {};
})
)
);
default = { };
example = literalExpression ''
{
ALLOWED_IFRAME_HOSTS = "https://example.com";
@ -277,10 +302,12 @@ in {
config = mkIf cfg.enable {
assertions = [
{ assertion = db.createLocally -> db.user == user;
{
assertion = db.createLocally -> db.user == user;
message = "services.bookstack.database.user must be set to ${user} if services.bookstack.database.createLocally is set true.";
}
{ assertion = db.createLocally -> db.passwordFile == null;
{
assertion = db.createLocally -> db.passwordFile == null;
message = "services.bookstack.database.passwordFile cannot be specified if services.bookstack.database.createLocally is set to true.";
}
];
@ -316,8 +343,11 @@ in {
package = mkDefault pkgs.mariadb;
ensureDatabases = [ db.name ];
ensureUsers = [
{ name = db.user;
ensurePermissions = { "${db.name}.*" = "ALL PRIVILEGES"; };
{
name = db.user;
ensurePermissions = {
"${db.name}.*" = "ALL PRIVILEGES";
};
}
];
};
@ -342,21 +372,24 @@ in {
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts.${cfg.hostname} = mkMerge [ cfg.nginx {
root = mkForce "${bookstack}/public";
locations = {
"/" = {
index = "index.php";
tryFiles = "$uri $uri/ /index.php?$query_string";
virtualHosts.${cfg.hostname} = mkMerge [
cfg.nginx
{
root = mkForce "${bookstack}/public";
locations = {
"/" = {
index = "index.php";
tryFiles = "$uri $uri/ /index.php?$query_string";
};
"~ \\.php$".extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools."bookstack".socket};
'';
"~ \\.(js|css|gif|png|ico|jpg|jpeg)$" = {
extraConfig = "expires 365d;";
};
};
"~ \\.php$".extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools."bookstack".socket};
'';
"~ \\.(js|css|gif|png|ico|jpg|jpeg)$" = {
extraConfig = "expires 365d;";
};
};
}];
}
];
};
systemd.services.bookstack-setup = {
@ -378,60 +411,89 @@ in {
isSecret = v: isAttrs v && v ? _secret && isString v._secret;
bookstackEnvVars = lib.generators.toKeyValue {
mkKeyValue = lib.flip lib.generators.mkKeyValueDefault "=" {
mkValueString = v: with builtins;
if isInt v then toString v
else if isString v then v
else if true == v then "true"
else if false == v then "false"
else if isSecret v then hashString "sha256" v._secret
else throw "unsupported type ${typeOf v}: ${(lib.generators.toPretty {}) v}";
mkValueString =
v:
with builtins;
if isInt v then
toString v
else if isString v then
v
else if true == v then
"true"
else if false == v then
"false"
else if isSecret v then
hashString "sha256" v._secret
else
throw "unsupported type ${typeOf v}: ${(lib.generators.toPretty { }) v}";
};
};
secretPaths = lib.mapAttrsToList (_: v: v._secret) (lib.filterAttrs (_: isSecret) cfg.config);
mkSecretReplacement = file: ''
replace-secret ${escapeShellArgs [ (builtins.hashString "sha256" file) file "${cfg.dataDir}/.env" ]}
replace-secret ${
escapeShellArgs [
(builtins.hashString "sha256" file)
file
"${cfg.dataDir}/.env"
]
}
'';
secretReplacements = lib.concatMapStrings mkSecretReplacement secretPaths;
filteredConfig = lib.converge (lib.filterAttrsRecursive (_: v: ! elem v [ {} null ])) cfg.config;
filteredConfig = lib.converge (lib.filterAttrsRecursive (
_: v:
!elem v [
{ }
null
]
)) cfg.config;
bookstackEnv = pkgs.writeText "bookstack.env" (bookstackEnvVars filteredConfig);
in ''
# error handling
set -euo pipefail
in
''
# error handling
set -euo pipefail
# set permissions
umask 077
# set permissions
umask 077
# create .env file
install -T -m 0600 -o ${user} ${bookstackEnv} "${cfg.dataDir}/.env"
${secretReplacements}
if ! grep 'APP_KEY=base64:' "${cfg.dataDir}/.env" >/dev/null; then
sed -i 's/APP_KEY=/APP_KEY=base64:/' "${cfg.dataDir}/.env"
fi
# create .env file
install -T -m 0600 -o ${user} ${bookstackEnv} "${cfg.dataDir}/.env"
${secretReplacements}
if ! grep 'APP_KEY=base64:' "${cfg.dataDir}/.env" >/dev/null; then
sed -i 's/APP_KEY=/APP_KEY=base64:/' "${cfg.dataDir}/.env"
fi
# migrate db
${pkgs.php}/bin/php artisan migrate --force
'';
# migrate db
${pkgs.php}/bin/php artisan migrate --force
'';
};
systemd.tmpfiles.settings."10-bookstack" = let
defaultConfig = {
inherit user group;
mode = "0700";
systemd.tmpfiles.settings."10-bookstack" =
let
defaultConfig = {
inherit user group;
mode = "0700";
};
in
{
"${cfg.dataDir}".d = defaultConfig // {
mode = "0710";
};
"${cfg.dataDir}/public".d = defaultConfig // {
mode = "0750";
};
"${cfg.dataDir}/public/uploads".d = defaultConfig // {
mode = "0750";
};
"${cfg.dataDir}/storage".d = defaultConfig;
"${cfg.dataDir}/storage/app".d = defaultConfig;
"${cfg.dataDir}/storage/fonts".d = defaultConfig;
"${cfg.dataDir}/storage/framework".d = defaultConfig;
"${cfg.dataDir}/storage/framework/cache".d = defaultConfig;
"${cfg.dataDir}/storage/framework/sessions".d = defaultConfig;
"${cfg.dataDir}/storage/framework/views".d = defaultConfig;
"${cfg.dataDir}/storage/logs".d = defaultConfig;
"${cfg.dataDir}/storage/uploads".d = defaultConfig;
};
in {
"${cfg.dataDir}".d = defaultConfig // { mode = "0710"; };
"${cfg.dataDir}/public".d = defaultConfig // { mode = "0750"; };
"${cfg.dataDir}/public/uploads".d = defaultConfig // { mode = "0750"; };
"${cfg.dataDir}/storage".d = defaultConfig;
"${cfg.dataDir}/storage/app".d = defaultConfig;
"${cfg.dataDir}/storage/fonts".d = defaultConfig;
"${cfg.dataDir}/storage/framework".d = defaultConfig;
"${cfg.dataDir}/storage/framework/cache".d = defaultConfig;
"${cfg.dataDir}/storage/framework/sessions".d = defaultConfig;
"${cfg.dataDir}/storage/framework/views".d = defaultConfig;
"${cfg.dataDir}/storage/logs".d = defaultConfig;
"${cfg.dataDir}/storage/uploads".d = defaultConfig;
};
users = {
users = mkIf (user == "bookstack") {
@ -442,7 +504,7 @@ in {
"${config.services.nginx.user}".extraGroups = [ group ];
};
groups = mkIf (group == "bookstack") {
bookstack = {};
bookstack = { };
};
};