working uffd on ilex for testing oauth2uffd-on-ilex

(just keeping this in a seperate branch in case i ever need it again)

4 files changed, 110 insertions, 0 deletions

diff --git a/ilex/configuration.nix b/ilex/configuration.nix
index 866b1e3..b06a385 100644
--- a/ilex/configuration.nix
+++ b/ilex/configuration.nix
@@ -7,8 +7,26 @@
 {
   imports = [
     ./hardware-configuration.nix
+    ./uffd-service.nix
   ];
 
+
+  services.postgresql = {
+    enable = true;
+
+    ensureDatabases = [ "tracktrain" ];
+    ensureUsers = [ {
+      name = "stuebinm";
+      ensurePermissions = {
+        "DATABASE tracktrain" = "ALL PRIVILEGES";
+      };
+    } ];
+    authentication = ''
+      local   all   all                              trust
+      host    all   all        127.0.0.1/32          trust
+    '';
+  };
+
   boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_0;
 
   # Use the systemd-boot EFI boot loader.
diff --git a/ilex/fix-setuppy.patch b/ilex/fix-setuppy.patch
new file mode 100644
index 0000000..64ccc10
--- /dev/null
+++ b/ilex/fix-setuppy.patch
@@ -0,0 +1,34 @@
+--- a/setup.py	2022-04-30 13:12:45.564651955 +0000
++++ b/setup.py	2022-04-30 13:17:02.545809513 +0000
+@@ -41,31 +41,5 @@
+ 		'Flask-Babel==0.11.2',
+ 		'alembic==1.0.0',
+ 		'argon2-cffi==18.3.0',
+-
+-		# The main dependencies on their own lead to version collisions and pip is
+-		# not very good at resolving them, so we pin the versions from Debian Buster
+-		# for all dependencies.
+-		'certifi==2018.8.24',
+-		#cffi==1.12.2'
+-		'cffi # v1.12.2 no longer works with python3.9. Newer versions seem to work fine.',
+-		'chardet==3.0.4',
+-		'click==7.0',
+-		'cryptography==2.6.1',
+-		'idna==2.6',
+-		'itsdangerous==0.24',
+-		'Jinja2==2.10',
+-		'MarkupSafe==1.1.0',
+-		'oauthlib==2.1.0',
+-		'pyasn1==0.4.2',
+-		'pycparser==2.19',
+-		'requests==2.21.0',
+-		'requests-oauthlib==1.0.0',
+-		'six==1.12.0',
+-		'SQLAlchemy==1.2.18',
+-		'urllib3==1.24.1',
+-		'Werkzeug==0.14.1',
+-		'python-dateutil==2.7.3',
+-		#editor==1.0.3
+-		'Mako==1.0.7',
+ 	],
+ )
diff --git a/ilex/uffd-service.nix b/ilex/uffd-service.nix
new file mode 100644
index 0000000..000220f
--- /dev/null
+++ b/ilex/uffd-service.nix
@@ -0,0 +1,24 @@
+{ config, lib, pkgs, ... }:
+
+let
+  uffd = pkgs.callPackage ./uffd.nix {};
+in
+{
+
+  services.uwsgi = {
+    enable = true;
+    plugins = [ "python3" ];
+    instance = {
+      type = "normal";
+      pythonPackages = self: with self; [ uffd ];
+      module = "uffd:create_app()";
+      # socket = "${config.services.uwsgi.runDir}/uwsgi.sock";
+      http = ":8080";
+      env = [
+        "CONFIG_PATH=/tmp/uffd.conf"
+        "FLASK_ENV=development"
+      ];
+      hook-pre-app = "exec:FLASK_APP=${uffd}/lib/python3.10/site-packages/uffd flask db upgrade";
+    };
+  };
+}
diff --git a/ilex/uffd.nix b/ilex/uffd.nix
new file mode 100644
index 0000000..a616b64
--- /dev/null
+++ b/ilex/uffd.nix
@@ -0,0 +1,34 @@
+{ stdenv, lib, python3Packages, fetchzip }:
+
+python3Packages.buildPythonPackage rec {
+  pname = "uffd";
+  version = "2.0.1";
+
+  src = fetchzip {
+    url = "https://git.cccv.de/uffd/uffd/-/archive/v${version}/uffd-v${version}.tar.gz";
+    hash = "sha256-KP4J1bw5u7MklaPu2SBFRNyGgkKOBOpft5MMH+em5M4=";
+  };
+
+  patches = [ ./fix-setuppy.patch ]; # ./fix-userinfo.patch ];
+
+  propagatedBuildInputs = with python3Packages; [
+    flask
+    flask_sqlalchemy
+    flask_migrate
+    qrcode
+    fido2
+    oauthlib
+    flask-babel
+    argon2_cffi
+    itsdangerous
+    alembic
+    Mako
+  ];
+
+  postPatch = ''
+    sed -i -e 's/==[0-9.]\+//g' setup.py
+  '';
+
+  doCheck = false;
+  doInstallCheck = false;
+}