From e382dbff53e6be19a7c8ab7248518ded1f370327 Mon Sep 17 00:00:00 2001 From: Jean Lucas Date: Fri, 10 Jan 2025 12:47:47 -0500 Subject: [PATCH 1/6] Add Nix flake For developers wishing to develop identity-idp using a Nix environment. --- flake.lock | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ flake.nix | 38 ++++++++++++++++++++++++++++++++++ 2 files changed, 99 insertions(+) create mode 100644 flake.lock create mode 100644 flake.nix diff --git a/flake.lock b/flake.lock new file mode 100644 index 00000000000..96ab7db62b7 --- /dev/null +++ b/flake.lock @@ -0,0 +1,61 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1736344531, + "narHash": "sha256-8YVQ9ZbSfuUk2bUf2KRj60NRraLPKPS0Q4QFTbc+c2c=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "bffc22eb12172e6db3c5dde9e3e5628f8e3e7912", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 00000000000..bdbd82d3f16 --- /dev/null +++ b/flake.nix @@ -0,0 +1,38 @@ +{ + description = "DevShell for identity-idp"; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + flake-utils.url = "github:numtide/flake-utils"; + }; + + outputs = + { nixpkgs, flake-utils, ... }: + + flake-utils.lib.eachDefaultSystem ( + system: + + let + pkgs = import nixpkgs { + inherit system; + }; + in + { + devShell = + with pkgs; + + mkShell { + buildInputs = [ + openssl.dev + postgresql.dev + libyaml.dev + zlib.dev + ]; + + shellHook = '' + export PKG_CONFIG_PATH="${pkgs.openssl.dev}/lib/pkgconfig:${pkgs.postgresql.dev}/lib/pkgconfig:${pkgs.libyaml.dev}/lib/pkgconfig:${pkgs.zlib.dev}/lib/pkgconfig:$PKG_CONFIG_PATH"; + ''; + }; + } + ); +} From d2362294cab4b75f9c4e50063378ff0c6836698c Mon Sep 17 00:00:00 2001 From: Jean Lucas Date: Sun, 12 Jan 2025 00:05:05 -0500 Subject: [PATCH 2/6] Update flake dependencies --- flake.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index bdbd82d3f16..a5596b6bd12 100644 --- a/flake.nix +++ b/flake.nix @@ -23,11 +23,14 @@ mkShell { buildInputs = [ + ruby + yarn openssl.dev postgresql.dev libyaml.dev zlib.dev - ]; + goreman # Use goreman since nginx launch will fail gracefully and launch Puma, as opposed to when using foreman + ]; shellHook = '' export PKG_CONFIG_PATH="${pkgs.openssl.dev}/lib/pkgconfig:${pkgs.postgresql.dev}/lib/pkgconfig:${pkgs.libyaml.dev}/lib/pkgconfig:${pkgs.zlib.dev}/lib/pkgconfig:$PKG_CONFIG_PATH"; From b594a5d4f2090bff948b545dc3969a2c15036806 Mon Sep 17 00:00:00 2001 From: Jean Lucas Date: Sun, 12 Jan 2025 00:05:54 -0500 Subject: [PATCH 3/6] Add NixOS/Redis note to setup --- bin/setup | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/bin/setup b/bin/setup index 6dc884c26c4..edb0a6bf0c2 100755 --- a/bin/setup +++ b/bin/setup @@ -50,17 +50,22 @@ Dir.chdir APP_ROOT do run "cp pwned_passwords/pwned_passwords.txt.sample pwned_passwords/pwned_passwords.txt" puts "\n== Installing dependencies ==" - brew_installed = system "brew -v 2>&1" + brew_installed = system "brew -v >/dev/null 2>&1" run "brew bundle" if brew_installed run "gem install bundler --conservative" run 'gem install foreman --conservative && gem update foreman' run "bundle check || bundle install --without deploy production" run "yarn install" + is_nixos = system "grep -q NixOS /etc/os-release && echo true" + puts "\n== NixOS detected ==" if is_nixos + puts "Please add Redis to your NixOS configuration" if is_nixos + puts " services.redis.enable = true;" if is_nixos + puts "\n== Stopping running services to ensure clean start ==" run "brew services stop --all" if brew_installed - puts "\n== Starting services ==" + puts "\n== Starting services ==" if brew_installed run "brew services start redis" if brew_installed run "brew services start postgresql@14" if brew_installed From 506f1fb2ae7a14a651f8b9d8fdfeb35f78072f78 Mon Sep 17 00:00:00 2001 From: Jean Lucas Date: Sun, 12 Jan 2025 00:06:33 -0500 Subject: [PATCH 4/6] Use goreman if on NixOS Generic Linux (non-NixOS) should be able to use foreman. --- Makefile | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/Makefile b/Makefile index a2aba78f2db..c4ef54312f0 100644 --- a/Makefile +++ b/Makefile @@ -9,6 +9,8 @@ HOST ?= localhost PORT ?= 3000 GZIP_COMMAND ?= gzip ARTIFACT_DESTINATION_FILE ?= ./tmp/idp.tar.gz +OS := $(shell uname) +IS_NIXOS := $(shell grep -q NixOS /etc/os-release && echo true) .PHONY: \ analytics_events \ @@ -219,8 +221,18 @@ tmp/$(HOST)-$(PORT).key tmp/$(HOST)-$(PORT).crt: ## Self-signed cert for local H -keyout tmp/$(HOST)-$(PORT).key \ -out tmp/$(HOST)-$(PORT).crt +ifeq ($(OS), Darwin) run: browsers.json ## Runs the development server foreman start -p $(PORT) +else ifeq ($(OS), Linux) +ifeq ($(IS_NIXOS), true) +run: browsers.json + goreman start +else +run: browsers.json + foreman start -p $(PORT) +endif +endif urn: @echo "⚱️" From ffde1a863d5dacc8d8c28fd4bba3f54bec34be6c Mon Sep 17 00:00:00 2001 From: Jean Lucas Date: Mon, 13 Jan 2025 10:30:33 -0500 Subject: [PATCH 5/6] Set port for goreman --- Makefile | 2 +- flake.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index c4ef54312f0..2956d5de18d 100644 --- a/Makefile +++ b/Makefile @@ -227,7 +227,7 @@ run: browsers.json ## Runs the development server else ifeq ($(OS), Linux) ifeq ($(IS_NIXOS), true) run: browsers.json - goreman start + goreman -b $(PORT) start else run: browsers.json foreman start -p $(PORT) diff --git a/flake.nix b/flake.nix index a5596b6bd12..1979f7bf1b9 100644 --- a/flake.nix +++ b/flake.nix @@ -30,7 +30,7 @@ libyaml.dev zlib.dev goreman # Use goreman since nginx launch will fail gracefully and launch Puma, as opposed to when using foreman - ]; + ]; shellHook = '' export PKG_CONFIG_PATH="${pkgs.openssl.dev}/lib/pkgconfig:${pkgs.postgresql.dev}/lib/pkgconfig:${pkgs.libyaml.dev}/lib/pkgconfig:${pkgs.zlib.dev}/lib/pkgconfig:$PKG_CONFIG_PATH"; From ff89b857a5d49c73b87b6c4a5f34392ab6a443a3 Mon Sep 17 00:00:00 2001 From: Jean Lucas Date: Mon, 13 Jan 2025 13:27:01 -0500 Subject: [PATCH 6/6] Update NixOS Redis setting services.redis.enable changed to services.redis.servers."".enable. --- bin/setup | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/setup b/bin/setup index edb0a6bf0c2..43a4be4fa8a 100755 --- a/bin/setup +++ b/bin/setup @@ -60,7 +60,7 @@ Dir.chdir APP_ROOT do is_nixos = system "grep -q NixOS /etc/os-release && echo true" puts "\n== NixOS detected ==" if is_nixos puts "Please add Redis to your NixOS configuration" if is_nixos - puts " services.redis.enable = true;" if is_nixos + puts " services.redis.servers.\"\".enable = true;" if is_nixos puts "\n== Stopping running services to ensure clean start ==" run "brew services stop --all" if brew_installed