pleroma: 2.6.3 -> 2.7.0

Upstream Changelog: https://git.pleroma.social/pleroma/pleroma/-/releases/v2.7.0

Nixpkgs package changelog:
- build with elixir 1.17.
- update dependencies hashes.
- remove prometheus_phoenix as it's apparently unused.
- fix git deps.
- update OTP permission restriction patch.
- modify test to work (adapt from akkoma test).

Co-authored-by: Leona Maroni <dev@leona.is>

nixos/tests/pleroma.nix

@@ -32,18 +32,18 @@ import ./make-test-python.nix ({ pkgs, ... }:
     # system one. Overriding this pretty bad default behaviour.
     export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
 
-    toot --debug login_cli -i "pleroma.nixos.test" -e "jamy@nixos.test" -p "jamy-password"
+    toot login_cli -i "pleroma.nixos.test" -e "jamy@nixos.test" -p 'jamy-password'
     echo "Login OK"
 
     # Send a toot then verify it's part of the public timeline
-    echo "y" | toot post "hello world Jamy here"
+    toot post "hello world Jamy here"
     echo "Send toot OK"
-    echo "y" | toot timeline | grep -c "hello world Jamy here"
+    toot timeline -1 | grep -F -q "hello world Jamy here"
     echo "Get toot from timeline OK"
 
     # Test file upload
-    echo "y" | toot upload ${db-seed} | grep -c "https://pleroma.nixos.test/media"
-    echo "File upload OK"
+    echo "y" | ${pkgs.toot}/bin/toot upload <(dd if=/dev/zero bs=1024 count=1024 status=none) \
+      | grep -F -q "https://pleroma.nixos.test/media"
 
     echo "====================================================="
     echo "=                   SUCCESS                         ="
@@ -244,6 +244,7 @@ import ./make-test-python.nix ({ pkgs, ... }:
 
   testScript = { nodes, ... }: ''
     pleroma.wait_for_unit("postgresql.service")
+    pleroma.wait_until_succeeds("ls /var/lib/pleroma")
     pleroma.succeed("provision-db")
     pleroma.wait_for_file("/var/lib/pleroma")
     pleroma.succeed("provision-secrets")

pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch

@@ -3,7 +3,8 @@ From: Yaya <yaya@uwu.is>
 Date: Sun, 6 Aug 2023 00:02:40 +0000
 Subject: [PATCH] Revert "Config: Restrict permissions of OTP config file"
 
-This reverts commit 4befb3b1d02f32eb2c56f12e4684a7bb3167b0ee.
+This reverts commit 4befb3b1d02f32eb2c56f12e4684a7bb3167b0ee
+and 3b82864bccee1af625dd19faed511d5b76f66f9d.
 
 The Nix store is world readable by design.
 ---
@@ -19,7 +20,7 @@ index 9ec0f975e..91e5f1a54 100644
      with_runtime_config =
        if File.exists?(config_path) do
 -        # <https://git.pleroma.social/pleroma/pleroma/-/issues/3135>
--        %File.Stat{mode: mode} = File.lstat!(config_path)
+-        %File.Stat{mode: mode} = File.stat!(config_path)
 -
 -        if Bitwise.band(mode, 0o007) > 0 do
 -          raise "Configuration at #{config_path} has world-permissions, execute the following: chmod o= #{config_path}"

pkgs/servers/pleroma/default.nix

@@ -1,32 +1,52 @@
-{ lib, beamPackages
-, fetchFromGitHub, fetchFromGitLab, fetchHex
-, file, cmake
-, nixosTests, writeText
-, ...
+{
+  lib,
+  beamPackages,
+  fetchFromGitHub,
+  fetchFromGitLab,
+  fetchHex,
+  file,
+  cmake,
+  nixosTests,
+  writeText,
+  vips,
+  pkg-config,
+  glib,
+  ...
 }:
 
 beamPackages.mixRelease rec {
   pname = "pleroma";
-  version = "2.6.3";
+  version = "2.7.0";
 
   src = fetchFromGitLab {
     domain = "git.pleroma.social";
     owner = "pleroma";
     repo = "pleroma";
     rev = "v${version}";
-    sha256 = "sha256-ZiupcCu6ES/G9rsdNo5+JXOIPhb4CHT2YhKThWiLisw=";
+    sha256 = "sha256-2uKVwjxMLC8jyZWW+ltBRNtOR7RaAb8SPO1iV2wyROc=";
   };
 
-  patches = [
-    ./Revert-Config-Restrict-permissions-of-OTP-config.patch
-  ];
+  patches = [ ./Revert-Config-Restrict-permissions-of-OTP-config.patch ];
 
   mixNixDeps = import ./mix.nix {
     inherit beamPackages lib;
     overrides = final: prev: {
       # mix2nix does not support git dependencies yet,
       # so we need to add them manually
-      prometheus_ex = beamPackages.buildMix rec {
+      captcha = beamPackages.buildMix {
+        name = "captcha";
+        version = "0.1.0";
+
+        src = fetchFromGitLab {
+          domain = "git.pleroma.social";
+          owner = "pleroma/elixir-libraries";
+          repo = "elixir-captcha";
+          rev = "90f6ce7672f70f56708792a98d98bd05176c9176";
+          sha256 = "sha256-s7EuAhmCsQA/4p2NJHJSWB/DZ5hA+7EelPsUOvKr2Po=";
+        };
+        beamDeps = [ ];
+      };
+      prometheus_ex = beamPackages.buildMix {
         name = "prometheus_ex";
         version = "3.0.5";
 
@@ -34,60 +54,28 @@ beamPackages.mixRelease rec {
           owner = "lanodan";
           repo = "prometheus.ex";
           rev = "31f7fbe4b71b79ba27efc2a5085746c4011ceb8f";
-          sha256 = "sha256-2PZP+YnwnHt69HtIAQvjMBqBbfdbkRSoMzb1AL2Zsyc=";
+          hash = "sha256-2PZP+YnwnHt69HtIAQvjMBqBbfdbkRSoMzb1AL2Zsyc=";
         };
         beamDeps = with final; [ prometheus ];
       };
-      captcha = beamPackages.buildMix rec {
-        name = "captcha";
-        version = "0.1.0";
-
-        src = fetchFromGitLab {
-          domain = "git.pleroma.social";
-          group = "pleroma";
-          owner = "elixir-libraries";
-          repo = "elixir-captcha";
-          rev = "90f6ce7672f70f56708792a98d98bd05176c9176";
-          hash = "sha256-s7EuAhmCsQA/4p2NJHJSWB/DZ5hA+7EelPsUOvKr2Po=";
-        };
-        beamDeps = with final; [ ];
-
-        postInstall = "mv priv/* $out/lib/erlang/lib/${name}-${version}/priv/";
-      };
-      remote_ip = beamPackages.buildMix rec {
+      remote_ip = beamPackages.buildMix {
         name = "remote_ip";
         version = "0.1.5";
 
         src = fetchFromGitLab {
           domain = "git.pleroma.social";
-          group = "pleroma";
-          owner = "elixir-libraries";
+          owner = "pleroma/elixir-libraries";
           repo = "remote_ip";
           rev = "b647d0deecaa3acb140854fe4bda5b7e1dc6d1c8";
-          sha256 = "0c7vmakcxlcs3j040018i7bfd6z0yq6fjfig02g5fgakx398s0x6";
+          hash = "sha256-pgON0uhTPVeeAC866Qz24Jvm1okoAECAHJrRzqaq+zA=";
         };
-        beamDeps = with final; [ combine plug inet_cidr ];
-      };
-      prometheus_phx = beamPackages.buildMix rec {
-        name = "prometheus_phx";
-        version = "0.1.1";
-
-        preBuild = ''
-          touch config/prod.exs
-       '';
-        src = fetchFromGitLab {
-          domain = "git.pleroma.social";
-          group = "pleroma";
-          owner = "elixir-libraries";
-          repo = "prometheus-phx";
-          rev = "9cd8f248c9381ffedc799905050abce194a97514";
-          sha256 = "0211z4bxb0bc0zcrhnph9kbbvvi1f2v95madpr96pqzr60y21cam";
-        };
-        beamDeps = with final; [ prometheus_ex ];
-      };
-      majic = prev.majic.override {
-        buildInputs = [ file ];
+        beamDeps = with final; [
+          combine
+          plug
+          inet_cidr
+        ];
       };
+      majic = prev.majic.override { buildInputs = [ file ]; };
       # Some additional build inputs and build fixes
       http_signatures = prev.http_signatures.override {
         patchPhase = ''
@@ -98,8 +86,16 @@ beamPackages.mixRelease rec {
         nativeBuildInputs = [ cmake ];
         dontUseCmakeConfigure = true;
       };
-      syslog = prev.syslog.override {
-        buildPlugins = with beamPackages; [ pc ];
+
+      syslog = prev.syslog.override { buildPlugins = with beamPackages; [ pc ]; };
+
+      vix = prev.vix.override {
+        nativeBuildInputs = [ pkg-config ];
+        buildInputs = [
+          vips
+          glib.dev
+        ];
+        VIX_COMPILATION_MODE = "PLATFORM_PROVIDED_LIBVIPS";
       };
 
       # This needs a different version (1.0.14 -> 1.0.18) to build properly with
@@ -132,25 +128,27 @@ beamPackages.mixRelease rec {
           sha256 = "120znzz0yw1994nk6v28zql9plgapqpv51n9g6qm6md1f4x7gj0z";
         };
 
-        beamDeps = [];
+        beamDeps = [ ];
       };
 
       mime = prev.mime.override {
-        patchPhase = let
-          cfgFile = writeText "config.exs" ''
-            use Mix.Config
-            config :mime, :types, %{
-              "application/activity+json" => ["activity+json"],
-              "application/jrd+json" => ["jrd+json"],
-              "application/ld+json" => ["activity+json"],
-              "application/xml" => ["xml"],
-              "application/xrd+xml" => ["xrd+xml"]
-            }
+        patchPhase =
+          let
+            cfgFile = writeText "config.exs" ''
+              use Mix.Config
+              config :mime, :types, %{
+                "application/activity+json" => ["activity+json"],
+                "application/jrd+json" => ["jrd+json"],
+                "application/ld+json" => ["activity+json"],
+                "application/xml" => ["xml"],
+                "application/xrd+xml" => ["xrd+xml"]
+              }
+            '';
+          in
+          ''
+            mkdir config
+            cp ${cfgFile} config/config.exs
           '';
-        in ''
-          mkdir config
-          cp ${cfgFile} config/config.exs
-        '';
       };
     };
   };
@@ -164,7 +162,11 @@ beamPackages.mixRelease rec {
     description = "ActivityPub microblogging server";
     homepage = "https://git.pleroma.social/pleroma/pleroma";
     license = licenses.agpl3Only;
-    maintainers = with maintainers; [ picnoir kloenk yayayayaka ];
+    maintainers = with maintainers; [
+      picnoir
+      kloenk
+      yayayayaka
+    ];
     platforms = platforms.unix;
   };
 }

pkgs/top-level/all-packages.nix

@@ -11351,8 +11351,8 @@ with pkgs;
   tautulli = python3Packages.callPackage ../servers/tautulli { };
 
   pleroma = callPackage ../servers/pleroma {
-    elixir = elixir_1_14;
-    beamPackages = beamPackages.extend (self: super: { elixir = elixir_1_14; });
+    elixir = elixir_1_17;
+    beamPackages = beamPackages.extend (self: super: { elixir = elixir_1_17; });
   };
 
   plfit = callPackage ../tools/misc/plfit {