New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP: Add discourse package & nixos module #59981
Conversation
c5dde84
to
5875601
Compare
FYI, here is the packaging of I've just checked that it builds against a more recent commit I happen to have locally: ju1m@ec3e81b (01/2019) but it was originally written for Hope this helps. |
#!${runtimeShell} | ||
PATH=${binPath} | ||
c | ||
touch o |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what is this for?
I spent some time trying to finish this PR but am currently blocked on building mini_racer. mini_racer depends on the libv8 gem to get the source code. the libv8 gem downloads the source at build time so we inject our own version of v8 which doesn't match the one libv8 wants to provide. This results in mini_racer not getting the right v8 API and failing at compilation time. A side-note is that v8 has a custom method of fetching dependencies. They use a tool called "depot_tools" which is a git repo, with zero releases, that contains a bunch of python and bash scripts to do v8 development. I contacted the libv8 guys to ask them if they could bundle the source code with their gem release as a way to side-step the depot_tools: rubyjs/libv8#279 |
rubyjs/libv8#279 (comment) makes a good point. Even if we did implement a depot_tools fetcher, the sha256 would change for every architecture because the tool doesn't download the same dependency set :/ |
I guess it could be |
yes that could work indeed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I hope you don't mind me doing a review of the NixOS module already
}; | ||
|
||
port = mkOption { | ||
type = types.int; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
types.port
exists, can also be used for database.port
stateDir = mkOption { | ||
type = types.str; | ||
default = "/var/lib/discourse"; | ||
description = "The state directory, logs and plugins are stored here."; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unless there's a good reason this should be configurable, I'd rather have it not be. Then we can use systemd's StateDirectory
to manage permissions and such.
|
||
host = mkOption { | ||
type = types.str; | ||
default = (if cfg.database.socket != null then "localhost" else "127.0.0.1"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need for these parens
}; | ||
|
||
passwordFile = mkOption { | ||
type = types.nullOr types.path; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should be nullOr str
to avoid the file ending up in the nix store if users set services.discourse.database.passwordFile = /run/keys/discourse-dbpassword
config = mkIf cfg.enable { | ||
|
||
systemd.services.discourse = { | ||
after = [ "network.target" "postgresql.service" ]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably you want network-online.target
instead
environment.RAILS_CACHE = "${cfg.stateDir}/cache"; | ||
|
||
serviceConfig = { | ||
Type = "simple"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"simple"
is the default, so no need to set it
serviceConfig = { | ||
Type = "simple"; | ||
# User = cfg.user; | ||
# Group = cfg.group; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe DynamicUser
works here. How it is now the service is running as root.
Any update on this? What's the recommended way to install and manage Discourse on NixOS? |
Hello, I'm a bot and I thank you in the name of the community for your contributions. Nixpkgs is a busy repository, and unfortunately sometimes PRs get left behind for too long. Nevertheless, we'd like to help committers reach the PRs that are still important. This PR has had no activity for 180 days, and so I marked it as stale, but you can rest assured it will never be closed by a non-human. If this is still important to you and you'd like to remove the stale label, we ask that you leave a comment. Your comment can be as simple as "still important to me". But there's a bit more you can do: If you received an approval by an unprivileged maintainer and you are just waiting for a merge, you can @ mention someone with merge permissions and ask them to help. You might be able to find someone relevant by using Git blame on the relevant files, or via GitHub's web interface. You can see if someone's a member of the nixpkgs-committers team, by hovering with the mouse over their username on the web interface, or by searching them directly on the list. If your PR wasn't reviewed at all, it might help to find someone who's perhaps a user of the package or module you are changing, or alternatively, ask once more for a review by the maintainer of the package/module this is about. If you don't know any, you can use Git blame on the relevant files, or GitHub's web interface to find someone who touched the relevant files in the past. If your PR has had reviews and nevertheless got stale, make sure you've responded to all of the reviewer's requests / questions. Usually when PR authors show responsibility and dedication, reviewers (privileged or not) show dedication as well. If you've pushed a change, it's possible the reviewer wasn't notified about your push via email, so you can always officially request them for a review, or just @ mention them and say you've addressed their comments. Lastly, you can always ask for help at our Discourse Forum, or more specifically, at this thread or at #nixos' IRC channel. |
Any update on this? Any efforts to merge with #83438 ? |
I marked this as stale due to inactivity. → More info |
Motivation for this change
I'd like us to have a fallback story for https://discourse.nixos.org hosting.
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)This whole thing is very much a WIP at the moment.
I'm mainly opening this PR to get some help fixing the https://github.com/discourse/mini_racer/ build.Build output: https://gist.github.com/adisbladis/a8f073f9a00b51eead6849dea299f236edit:
mini_racer
is fixed, thanks @ju1mThings to do:
execjs
gem fails at runtime, cannot find suitable implementation