From 69247cdf75796c69372a17d09beb1466315b1839 Mon Sep 17 00:00:00 2001 From: stuebinm Date: Fri, 27 Jan 2023 20:37:46 +0100 Subject: working uffd on ilex for testing oauth2 (just keeping this in a seperate branch in case i ever need it again) --- ilex/configuration.nix | 18 ++++++++++++++++++ ilex/fix-setuppy.patch | 34 ++++++++++++++++++++++++++++++++++ ilex/uffd-service.nix | 24 ++++++++++++++++++++++++ ilex/uffd.nix | 34 ++++++++++++++++++++++++++++++++++ 4 files changed, 110 insertions(+) create mode 100644 ilex/fix-setuppy.patch create mode 100644 ilex/uffd-service.nix create mode 100644 ilex/uffd.nix diff --git a/ilex/configuration.nix b/ilex/configuration.nix index 866b1e3..b06a385 100644 --- a/ilex/configuration.nix +++ b/ilex/configuration.nix @@ -7,8 +7,26 @@ { imports = [ ./hardware-configuration.nix + ./uffd-service.nix ]; + + services.postgresql = { + enable = true; + + ensureDatabases = [ "tracktrain" ]; + ensureUsers = [ { + name = "stuebinm"; + ensurePermissions = { + "DATABASE tracktrain" = "ALL PRIVILEGES"; + }; + } ]; + authentication = '' + local all all trust + host all all 127.0.0.1/32 trust + ''; + }; + boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_0; # Use the systemd-boot EFI boot loader. diff --git a/ilex/fix-setuppy.patch b/ilex/fix-setuppy.patch new file mode 100644 index 0000000..64ccc10 --- /dev/null +++ b/ilex/fix-setuppy.patch @@ -0,0 +1,34 @@ +--- a/setup.py 2022-04-30 13:12:45.564651955 +0000 ++++ b/setup.py 2022-04-30 13:17:02.545809513 +0000 +@@ -41,31 +41,5 @@ + 'Flask-Babel==0.11.2', + 'alembic==1.0.0', + 'argon2-cffi==18.3.0', +- +- # The main dependencies on their own lead to version collisions and pip is +- # not very good at resolving them, so we pin the versions from Debian Buster +- # for all dependencies. +- 'certifi==2018.8.24', +- #cffi==1.12.2' +- 'cffi # v1.12.2 no longer works with python3.9. Newer versions seem to work fine.', +- 'chardet==3.0.4', +- 'click==7.0', +- 'cryptography==2.6.1', +- 'idna==2.6', +- 'itsdangerous==0.24', +- 'Jinja2==2.10', +- 'MarkupSafe==1.1.0', +- 'oauthlib==2.1.0', +- 'pyasn1==0.4.2', +- 'pycparser==2.19', +- 'requests==2.21.0', +- 'requests-oauthlib==1.0.0', +- 'six==1.12.0', +- 'SQLAlchemy==1.2.18', +- 'urllib3==1.24.1', +- 'Werkzeug==0.14.1', +- 'python-dateutil==2.7.3', +- #editor==1.0.3 +- 'Mako==1.0.7', + ], + ) diff --git a/ilex/uffd-service.nix b/ilex/uffd-service.nix new file mode 100644 index 0000000..000220f --- /dev/null +++ b/ilex/uffd-service.nix @@ -0,0 +1,24 @@ +{ config, lib, pkgs, ... }: + +let + uffd = pkgs.callPackage ./uffd.nix {}; +in +{ + + services.uwsgi = { + enable = true; + plugins = [ "python3" ]; + instance = { + type = "normal"; + pythonPackages = self: with self; [ uffd ]; + module = "uffd:create_app()"; + # socket = "${config.services.uwsgi.runDir}/uwsgi.sock"; + http = ":8080"; + env = [ + "CONFIG_PATH=/tmp/uffd.conf" + "FLASK_ENV=development" + ]; + hook-pre-app = "exec:FLASK_APP=${uffd}/lib/python3.10/site-packages/uffd flask db upgrade"; + }; + }; +} diff --git a/ilex/uffd.nix b/ilex/uffd.nix new file mode 100644 index 0000000..a616b64 --- /dev/null +++ b/ilex/uffd.nix @@ -0,0 +1,34 @@ +{ stdenv, lib, python3Packages, fetchzip }: + +python3Packages.buildPythonPackage rec { + pname = "uffd"; + version = "2.0.1"; + + src = fetchzip { + url = "https://git.cccv.de/uffd/uffd/-/archive/v${version}/uffd-v${version}.tar.gz"; + hash = "sha256-KP4J1bw5u7MklaPu2SBFRNyGgkKOBOpft5MMH+em5M4="; + }; + + patches = [ ./fix-setuppy.patch ]; # ./fix-userinfo.patch ]; + + propagatedBuildInputs = with python3Packages; [ + flask + flask_sqlalchemy + flask_migrate + qrcode + fido2 + oauthlib + flask-babel + argon2_cffi + itsdangerous + alembic + Mako + ]; + + postPatch = '' + sed -i -e 's/==[0-9.]\+//g' setup.py + ''; + + doCheck = false; + doInstallCheck = false; +} -- cgit v1.2.3