diff --git a/pkgs/servers/invidious/default.nix b/pkgs/servers/invidious/default.nix new file mode 100644 index 000000000000..183770a94f41 --- /dev/null +++ b/pkgs/servers/invidious/default.nix @@ -0,0 +1,99 @@ +{ lib, crystal, fetchFromGitHub, librsvg, pkg-config, libxml2, openssl, sqlite, lsquic, nixosTests }: +let + # When updating, always update the following: + # * the git revision + # * the version attribute + # * the source hash (sha256) + # If the shards.lock file changed, also the following: + # * shards.nix (by running `crystal2nix` in invidious’ source tree) + # * If the lsquic.cr dependency changed: lsquic in lsquic.nix (version, sha256) + # * If the lsquic version changed: boringssl' in lsquic.nix (version, sha256) + rev = "21b96a31599e890fe063e3e24cf5f3a995779a69"; +in +crystal.buildCrystalPackage rec { + pname = "invidious"; + version = "unstable-2021-10-15"; + + src = fetchFromGitHub { + owner = "iv-org"; + repo = pname; + inherit rev; + sha256 = "sha256-Rp3YqjHbP6szohlaEpgopFNdLK31yrcHtyKCeVz76CA="; + }; + + postPatch = + let + # Replacing by the value (templates) of the variables ensures that building + # fails if upstream changes the way the metadata is formatted. + branchTemplate = ''{{ "#{`git branch | sed -n '/* /s///p'`.strip}" }}''; + commitTemplate = ''{{ "#{`git rev-list HEAD --max-count=1 --abbrev-commit`.strip}" }}''; + versionTemplate = ''{{ "#{`git log -1 --format=%ci | awk '{print $1}' | sed s/-/./g`.strip}" }}''; + # This always uses the latest commit which invalidates the cache even if + # the assets were not changed + assetCommitTemplate = ''{{ "#{`git rev-list HEAD --max-count=1 --abbrev-commit -- assets`.strip}" }}''; + in + '' + # Use the version metadata from the derivation instead of using git at + # build-time + substituteInPlace src/invidious.cr \ + --replace ${lib.escapeShellArg branchTemplate} '"master"' \ + --replace ${lib.escapeShellArg commitTemplate} '"${lib.substring 0 7 rev}"' \ + --replace ${lib.escapeShellArg versionTemplate} '"${lib.replaceChars ["-"] ["."] (lib.substring 9 10 version)}"' \ + --replace ${lib.escapeShellArg assetCommitTemplate} '"${lib.substring 0 7 rev}"' + + # Patch the assets and locales paths to be absolute + substituteInPlace src/invidious.cr \ + --replace 'public_folder "assets"' 'public_folder "${placeholder "out"}/share/invidious/assets"' + substituteInPlace src/invidious/helpers/i18n.cr \ + --replace 'File.read("locales/' 'File.read("${placeholder "out"}/share/invidious/locales/' + + # Reference sql initialisation/migration scripts by absolute path + substituteInPlace src/invidious/helpers/helpers.cr \ + --replace 'config/sql' '${placeholder "out"}/share/invidious/config/sql' + + substituteInPlace src/invidious/users.cr \ + --replace 'Process.run(%(rsvg-convert' 'Process.run(%(${lib.getBin librsvg}/bin/rsvg-convert' + ''; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ libxml2 openssl sqlite ]; + + format = "crystal"; + shardsFile = ./shards.nix; + crystalBinaries.invidious.src = "src/invidious.cr"; + + postConfigure = '' + # lib includes nix store paths which can’t be patched, so the links have to + # be dereferenced first. + cp -rL lib lib2 + rm -r lib + mv lib2 lib + chmod +w -R lib + cp ${lsquic}/lib/liblsquic.a lib/lsquic/src/lsquic/ext + ''; + + postInstall = '' + mkdir -p $out/share/invidious/config + + # Copy static parts + cp -r assets locales $out/share/invidious + cp -r config/sql $out/share/invidious/config + ''; + + # Invidious tries to open config/config.yml and connect to the database, even + # when running --help. This specifies a minimal configuration in an + # environment variable. Even though the database is bogus, --help still + # works. + installCheckPhase = '' + INVIDIOUS_CONFIG="database_url: sqlite3:///dev/null" $out/bin/invidious --help + ''; + + passthru.tests = { inherit (nixosTests) invidious; }; + + meta = with lib; { + description = "An open source alternative front-end to YouTube"; + homepage = "https://invidious.io/"; + license = licenses.agpl3; + maintainers = with maintainers; [ infinisil sbruder ]; + }; +} diff --git a/pkgs/servers/invidious/lsquic.nix b/pkgs/servers/invidious/lsquic.nix new file mode 100644 index 000000000000..35b93e4249f2 --- /dev/null +++ b/pkgs/servers/invidious/lsquic.nix @@ -0,0 +1,58 @@ +{ lib, boringssl, stdenv, fetchgit, fetchFromGitHub, cmake, zlib, perl, libevent }: +let + # lsquic requires a specific boringssl version (noted in its README) + boringssl' = boringssl.overrideAttrs (old: rec { + version = "251b5169fd44345f455438312ec4e18ae07fd58c"; + src = fetchgit { + url = "https://boringssl.googlesource.com/boringssl"; + rev = version; + sha256 = "sha256-EU6T9yQCdOLx98Io8o01rEsgxDFF/Xoy42LgPopD2/A="; + }; + }); +in +stdenv.mkDerivation rec { + pname = "lsquic"; + version = "2.18.1"; + + src = fetchFromGitHub { + owner = "litespeedtech"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-hG8cUvhbCNeMOsKkaJlgGpzUrIx47E/WhmPIdI5F3qM="; + fetchSubmodules = true; + }; + + nativeBuildInputs = [ cmake perl ]; + buildInputs = [ boringssl' libevent zlib ]; + + cmakeFlags = [ + "-DBORINGSSL_DIR=${boringssl'}" + "-DBORINGSSL_LIB_crypto=${boringssl'}/lib/libcrypto.a" + "-DBORINGSSL_LIB_ssl=${boringssl'}/lib/libssl.a" + "-DZLIB_LIB=${zlib}/lib/libz.so" + ]; + + # adapted from lsquic.cr’s Dockerfile + # (https://github.com/iv-org/lsquic.cr/blob/master/docker/Dockerfile) + installPhase = '' + runHook preInstall + + mkdir combinedlib + cd combinedlib + ar -x ${boringssl'}/lib/libssl.a + ar -x ${boringssl'}/lib/libcrypto.a + ar -x ../src/liblsquic/liblsquic.a + ar rc liblsquic.a *.o + ranlib liblsquic.a + install -D liblsquic.a $out/lib/liblsquic.a + + runHook postInstall + ''; + + meta = with lib; { + description = "A library for QUIC and HTTP/3 (version for Invidious)"; + homepage = "https://github.com/litespeedtech/lsquic"; + maintainers = with maintainers; [ infinisil sbruder ]; + license = with licenses; [ openssl isc mit bsd3 ]; # statically links against boringssl, so has to include its licenses + }; +} diff --git a/pkgs/servers/invidious/shards.nix b/pkgs/servers/invidious/shards.nix new file mode 100644 index 000000000000..778b34496a62 --- /dev/null +++ b/pkgs/servers/invidious/shards.nix @@ -0,0 +1,68 @@ +{ + athena-negotiation = { + owner = "athena-framework"; + repo = "negotiation"; + rev = "v0.1.1"; + sha256 = "1vkk59lqrxb0l8kyzs114i3c18zb2bdiah2xhazkk8q7x6fz4yzk"; + }; + backtracer = { + owner = "sija"; + repo = "backtracer.cr"; + rev = "v1.2.1"; + sha256 = "02r1l7rn2wsljkx495s5s7j04zgn73m2kx0hkzs7620camvlwbqq"; + }; + db = { + owner = "crystal-lang"; + repo = "crystal-db"; + rev = "v0.10.1"; + sha256 = "03c5h14z6h2mxnx949lihnyqjd19hcj38iasdwq9fp95h8cld376"; + }; + exception_page = { + owner = "crystal-loot"; + repo = "exception_page"; + rev = "v0.2.0"; + sha256 = "0nlgnh5iykbr1v2132342k2mz6s2laws6nkgqsqlwhhcr4gb4jcx"; + }; + kemal = { + owner = "kemalcr"; + repo = "kemal"; + rev = "v1.1.0"; + sha256 = "07vlvddy4mba9li2bvskzqzywwq55cyvlgkz13q6dsl4zfgc96ca"; + }; + kilt = { + owner = "jeromegn"; + repo = "kilt"; + rev = "v0.6.1"; + sha256 = "0dpc15y9m8c5l9zdfif6jlf7zmkrlm9w4m2igi5xa22fdjwamwfp"; + }; + lsquic = { + owner = "iv-org"; + repo = "lsquic.cr"; + rev = "v2.18.1-2"; + sha256 = "0bljk0pwbjb813dfwrhgi00w2ai09k868xvak4hfzdkbmpc7id6y"; + }; + pg = { + owner = "will"; + repo = "crystal-pg"; + rev = "v0.24.0"; + sha256 = "07i5bqkv5j6y6f8v5cpqdxc5wzzrvgv3ds24znv4mzv6nc84csn4"; + }; + protodec = { + owner = "iv-org"; + repo = "protodec"; + rev = "v0.1.4"; + sha256 = "15azh9izxqgwpgkpicmivfdz31wkibnwy09rwhxsg0lyc4wf8xj9"; + }; + radix = { + owner = "luislavena"; + repo = "radix"; + rev = "v0.4.1"; + sha256 = "1l08cydkdidq9yyil1wl240hvk41iycv04jrg6nx5mkvzw4z1bzg"; + }; + sqlite3 = { + owner = "crystal-lang"; + repo = "crystal-sqlite3"; + rev = "v0.18.0"; + sha256 = "03nnvpchhq9f9ywsm3pk2rrj4a3figw7xs96zdziwgr5znkz6x93"; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b6ef8590684f..fe53386974cb 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6401,6 +6401,11 @@ with pkgs; intermodal = callPackage ../tools/misc/intermodal { }; + invidious = callPackage ../servers/invidious { + # needs a specific version of lsquic + lsquic = callPackage ../servers/invidious/lsquic.nix { }; + }; + invoice2data = callPackage ../tools/text/invoice2data { }; inxi = callPackage ../tools/system/inxi { };