Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nixos/cryptpad: allow config with attrset #89384

Closed
wants to merge 1 commit into from
Closed

nixos/cryptpad: allow config with attrset #89384

wants to merge 1 commit into from

Conversation

eadwu
Copy link
Member

@eadwu eadwu commented Jun 3, 2020
edited by tomberek

Compared generated config.js with the original config.example.js.

Motivation for this change
Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@eadwu eadwu force-pushed the cryptpad/attrset-settings branch from b51da53 to 2a8b795 Compare June 3, 2020 05:08
@symphorien symphorien self-requested a review June 3, 2020 06:24
@eadwu eadwu force-pushed the cryptpad/attrset-settings branch from 2a8b795 to c9704c6 Compare June 12, 2020 18:12
@symphorien
Copy link
Member

While reviewing this I got bit by the fact that

services.cryptpad = {
enable = true;
settings = { /* foo */ };
}

ignores the specified settings.

I wonder if we should do the following:

  • make the default value of configFile null (the example config file can be an example)
  • add an assertion that exactly one of configFile and settings is set to a non default value.

Otherwise I tested it and it works.

@symphorien
Copy link
Member

I noticed while reviewing that I had the following warning:

juin 16 21:46:22 blitiri cryptpad[23293]: FRESH MODE ENABLED
juin 16 21:46:22 blitiri cryptpad[23293]:     m     m   mm   mmmmm  mm   m mmmmm  mm   m   mmm    m
juin 16 21:46:22 blitiri cryptpad[23293]:     #  #  #   ##   #   "# #"m  #   #    #"m  # m"   "   #
juin 16 21:46:22 blitiri cryptpad[23293]:     " #"# #  #  #  #mmmm" # #m #   #    # #m # #   mm   #
juin 16 21:46:22 blitiri cryptpad[23293]:      ## ##"  #mm#  #   "m #  # #   #    #  # # #    #
juin 16 21:46:22 blitiri cryptpad[23293]:      #   #  #    # #    " #   ## mm#mm  #   ##  "mmm"   #
juin 16 21:46:22 blitiri cryptpad[23293]: No 'httpSafeOrigin' provided.
juin 16 21:46:22 blitiri cryptpad[23293]: Your configuration probably isn't taking advantage of all of CryptPad's security features!
juin 16 21:46:22 blitiri cryptpad[23293]: This is acceptable for development, otherwise your users may be at risk.
juin 16 21:46:22 blitiri cryptpad[23293]: Serving sandboxed content via port 3001.
juin 16 21:46:22 blitiri cryptpad[23293]: This is probably not what you want for a production instance!
juin 16 21:46:22 blitiri cryptpad[23293]: Cryptpad is customizable, see customize.dist/readme.md for details

and yet I did provide 'httpSafeOrigin'.
i think this is fixed by cryptpad/cryptpad@9b30132
It looks like the warning is harmless.

It looks like cryptpad should be updated. (but not in this PR, I just mention this for potential reviewers).

@eadwu
Copy link
Member Author

eadwu commented Jun 17, 2020

The only problem with using null by default is that the [new] defaults have to pulled in manually each release (if there are any new options).

@symphorien
Copy link
Member

We would have to do this as well for the default value of the settings option...

@eadwu
Copy link
Member Author

eadwu commented Jun 18, 2020

I see settings being used when the user probably knows exactly what options to set/enable. Ideally settings would pull in the new defaults if there were any, which should probably happen but not guaranteed, so using the bundled config file is probably still better.

@symphorien
Copy link
Member

This distinction does not strike me as obvious, but ok.

@nixos-discourse
Copy link

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/cryptpad-is-this-a-bug-or-must-i-configure-something/9100/2

@taku0
Copy link
Contributor

taku0 commented Feb 13, 2021

How about making settings nullable rather than configFile, and use settings if it is not null.

@tomberek
Copy link
Contributor

Functions as expected, but does require a significant nginx config get full function. See http://cgit.notk.org/asmadeus/nixos-config.git/tree/machines/jormungand

@tomberek
Copy link
Contributor

@eadwu is there still interest in this? Or would want to use an RFC42-style approach?

@eadwu
Copy link
Member Author

eadwu commented Feb 24, 2021

Well I can fix it up, but it probably doesn't matter since there doesn't seem to much interest anyway.

@Pamplemousse
Copy link
Member

@eadwu Oh, thanks for starting this! I am very much interested!

@Pamplemousse
Copy link
Member

@eadwu @tomberek
I have tried it out, and it works as expected (although setting up nginx is quite a pain).

I have made some minor adjustments, that could be integrated to this PR:
https://github.com/Pamplemousse/nixpkgs/commits/PR_89384

@Pamplemousse Pamplemousse mentioned this pull request Aug 12, 2021
Closed
2 tasks
@stale
Copy link

stale bot commented Nov 9, 2021

I marked this as stale due to inactivity. → More info

@stale stale bot added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Nov 9, 2021
@McSinyx
Copy link
Member

McSinyx commented Jun 14, 2022

I am also interested, since this would allow more programmatic nginx configuration.

@stale stale bot removed the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jun 14, 2022
@stale stale bot added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jan 8, 2023
@drupol
Copy link
Contributor

drupol commented Jun 6, 2023

For some reason that I can't find, cryptpad has been removed from nixpkgs.

Therefore, closing this PR.

@drupol drupol closed this Jun 6, 2023
@McSinyx
Copy link
Member

McSinyx commented Jun 6, 2023 via email

@drupol
Copy link
Contributor

drupol commented Jun 6, 2023

We could restore it if we want to, cryptpad is now using NodeJS 16... but NodeJS 16 is EOL in 3 months. Maybe we should revisit this as soon as they switched to NodeJS 18.

@Pamplemousse
Copy link
Member

We could restore it if we want to, cryptpad is now using NodeJS 16

I remember that the main painpoint in packaging cryptpad was that they use bower to bundle their front-end dependencies. As far as I can remember, bower was introducing the dependency on node 12...

And so far, no hints on their part in getting rid of it: cryptpad/cryptpad#295 (comment) .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@symphorien symphorien symphorien left review comments

Assignees
No one assigned
Labels
2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md 6.topic: nixos 8.has: module (update) 10.rebuild-darwin: 0 10.rebuild-linux: 1-10 10.rebuild-linux: 1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
8 participants
@eadwu @symphorien @nixos-discourse @taku0 @tomberek @Pamplemousse @McSinyx @drupol