Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

paperless: add package and service #44086

Merged
merged 9 commits into from May 8, 2019
Merged

paperless: add package and service #44086

merged 9 commits into from May 8, 2019

Conversation

erikarvstedt
Copy link
Member

@erikarvstedt erikarvstedt commented Jul 25, 2018
edited

Notes for reviewers

Paperless has no setup.py, the main way to use it is to call manage.py in a properly setup
Python environment. That's what ${paperless}/bin/paperless does.

Paperless requires some Python packages that are missing from nixpkgs. Currently, they are defined in extra-python-packages.nix. Should I add them all to python-packages.nix? Do we need an extra git commit for each package?

Here's a sample script for testing:

dataDir=/tmp/paperless-data
rm -rf $dataDir

nix-build --out-link ./paperless - <<EOF
(import <nixpkgs> {}).paperless.withConfig {
  dataDir = $dataDir;
  config = {
    PAPERLESS_DISABLE_LOGIN = "true";
  };
}
EOF

# Setup DB
./paperless migrate

# Create a test document
$(nix-build --no-out-link '<nixpkgs>' -A imagemagick)/bin/convert \
  -size 400x40 xc:white -font "DejaVu-Sans" -pointsize 20 -fill black -annotate +5+20 \
  "hello world 16-10-2005" $dataDir/consume/doc.png

# Consume document
./paperless document_consumer --oneshot

# Start webinterface
./paperless runserver --noreload localhost:8000

# Cleanup
rm -rf $dataDir ./paperless
Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Fits CONTRIBUTING.md.

@erikarvstedt erikarvstedt force-pushed the paperless branch 2 times, most recently from a64d1e1 to 0e2ebd9 Compare July 25, 2018 12:44
@jfrankenau
Copy link
Member

Python packages should be globally available. Nowadays each package gets one directory/file. One commit per package would be nice but it may be ok to put them all in one.

Have you thought about creating a matching NixOS module?

dotlambda
dotlambda requested changes Jul 31, 2018
View reviewed changes
Copy link
Member

@dotlambda dotlambda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please create the packages besides paperless itself inside the pythonPackages package set. Some of them might already be packaged.

@erikarvstedt
Copy link
Member Author

erikarvstedt commented Aug 20, 2018
edited

Back from vacation, please excuse the delay!

@dotlambda, done.

@jfrankenau, I've added a service module, but there are a few open issues:

  • The web interface (paperless-server) runs on the Django dev server. Should I use a proper web server like nginx or Apache?
  • By default, the services run with user nobody. Should I add a dedicated paperless user (via ids.nix)?
  • In a service preStart script im using ${pkgs.libuuid}/bin/runuser to run a cmd as the unprivileged user. Is there better, canonical way to do this? su is unavailable in the script env.

I'm using this script for testing the service.
Run this for a quick demo.

@erikarvstedt erikarvstedt changed the title paperless: init at 2.1.0 paperless: add package and service Aug 20, 2018
@jfrankenau
Copy link
Member

@erikarvstedt, I guess for now using Django is OK.

/var/lib/paperless should be owned by a real user, so adding a new user to ids.nix is necessary.

What about adding another ExecStart line to run the unprivileged migration process? Or even extract it to another systemd oneshot service?

jfrankenau
jfrankenau reviewed Aug 21, 2018
View reviewed changes
nixos/modules/services/misc/paperless.nix Outdated

consumptionDir = mkOption {
type = with types; nullOr str;
default = null;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Set it to the default value mentioned in the description and remove the if-clause below.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch! Fixed.

@erikarvstedt
Copy link
Member Author

erikarvstedt commented Aug 21, 2018
edited

The migration has to run in a preStart script so that the server, which is only active when the consumer is active, is disabled during migrations.
I've also thought about a helper oneshot service, but I think that's even more complicated.

A dedicated paperless user would be no more 'real' than the nobody user.
The only advantage would be isolation from other processes that might be running as the nobody user. But is this worth the extra effort? Is there relevant NixOS documentation?

@jfrankenau
Copy link
Member

Adding a new user is as you say for isolation purposes. Especially as /var/lib/paperless shouldn't be accessible to other users.

@erikarvstedt
Copy link
Member Author

Ok, done.

@erikarvstedt erikarvstedt force-pushed the paperless branch 2 times, most recently from f9f6874 to 07373c2 Compare August 22, 2018 14:37
globin
globin requested changes Aug 28, 2018
View reviewed changes
pkgs/top-level/python-packages.nix Outdated
@@ -284,7 +284,9 @@ in {

fire = callPackage ../development/python-modules/fire { };

globus-sdk = callPackage ../development/python-modules/globus-sdk { };
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You apparently accidentally deleted this line which causes the CI to fail during evaluation:
https://gist.github.com/GrahamcOfBorg/14241c580774a606e627f780e1809db9

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done. Thanks for digging into this, I thought that error came from upstream.

@erikarvstedt
Copy link
Member Author

78bb5bc: Rebased to master, squashed fixup commits.

@worldofpeace
Copy link
Contributor

@dotlambda Do you feel this is suitable?

Don't think it's fair to @erikarvstedt to leave this unmerged any longer.

@erikarvstedt
Copy link
Member Author

I can understand if the review and maintanence burden of this feature seems unreasonable to you. I'd be fine with moving it to NUR then.

@worldofpeace
Copy link
Contributor

I can understand if the review and maintanence burden of this feature seems unreasonable to you. I'd be fine with moving it to NUR then.

Oh no, I think this is perfectly suitable to have in nixpkgs.

dotlambda
dotlambda approved these changes Apr 26, 2019
View reviewed changes
Copy link
Member

@dotlambda dotlambda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only some really minor stuff. And yes, this should definitely be merged.

nixos/modules/services/misc/paperless.nix Outdated Show resolved Hide resolved
pkgs/applications/office/paperless/default.nix Outdated Show resolved Hide resolved
pkgs/applications/office/paperless/default.nix
django_2_0 = pyPkgs: pyPkgs.django_2_1.overrideDerivation (_: rec {
pname = "Django";
version = "2.0.12";
name = "${pname}-${version}";
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
name = "${pname}-${version}";

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For overrideDerivation , we have to update name manually.

pkgs/applications/office/paperless/withConfig.nix
set -e
${setupEnv}
${extraCmds}
exec python $paperlessSrc/manage.py "$@"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
exec python $paperlessSrc/manage.py "$@"
exec ${paperless.python.interpreter} $paperlessSrc/manage.py "$@"

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The correct form would be paperless.pythonEnv.interpreter.
setupEnv already handles all these details, so I'd rather not repeat them to keep it DRY.

@erikarvstedt
Copy link
Member Author

b5651b3: Rebased to master

  • Updated djangoql to the latest release
  • Provide django-filter, django-crispy-forms as private implementations, because
    we use unreleased versions and patches to make them compatible with the current nixpkgs
    python package env.

@worldofpeace
Copy link
Contributor

@erikarvstedt If you can rebase/squash this I can merge this.

@worldofpeace worldofpeace merged commit bb7e556 into NixOS:master May 8, 2019
@worldofpeace
Copy link
Contributor

Thank you @erikarvstedt for your patience (also very organized summary of changes which helps with reviews) and of course your contributions ✨

Likewise thanks to our reviewers 👍

@FRidh
Copy link
Member

FRidh commented May 9, 2019

The attribute name is the attribute in the package set, and not the pname or name attribute in the expression.

@c0bw3b c0bw3b mentioned this pull request May 9, 2019
Closed
10 tasks
@erikarvstedt
Copy link
Member Author

Huge thanks for your help and feedback, @dotlambda, @worldofpeace!

@FRidh, you meant to post that in another thread, right?

@tjni tjni mentioned this pull request Nov 19, 2022
Merged
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jfrankenau jfrankenau jfrankenau left review comments

@worldofpeace worldofpeace worldofpeace left review comments

@globin globin globin requested changes

@FRidh FRidh FRidh requested changes

@dotlambda dotlambda dotlambda approved these changes

@infinisil infinisil Awaiting requested review from infinisil

Assignees
No one assigned
Labels
6.topic: nixos 6.topic: python 8.has: module (update) 8.has: package (new) 10.rebuild-darwin: 11-100 10.rebuild-linux: 11-100 11.by: package-maintainer
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@erikarvstedt @jfrankenau @GrahamcOfBorg @dotlambda @FRidh @worldofpeace @globin