ghostfox/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

push sheeet
Some checks failed
Periodic Merges (6h) / master → staging-nixos (push) Failing after 12m50s
Details
Periodic Merges (6h) / master → staging-next (push) Failing after 12m54s
Details
Periodic Merges (24h) / merge-base(master,staging) → haskell-updates (push) Failing after 11m54s
Details
Periodic Merges (6h) / staging-next → staging (push) Failing after 12m13s
Details
Periodic Merges (24h) / staging-next-25.05 → staging-25.05 (push) Failing after 13m24s
Details
Periodic Merges (24h) / release-25.05 → staging-next-25.05 (push) Failing after 14m28s
Details

Browse Source
This commit is contained in:
Dark Steveneq
2025-10-09 14:15:47 +02:00
commit 646b892680
49168 changed files with 5897842 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
pkgs/by-name/cr/cryptpad/0001-env.js-fix-httpSafePort-handling.patch Normal file
View File

@@ -0,0 +1,56 @@
From 4bf0be64fe51a9c9fd9e410ada15251378b743bf Mon Sep 17 00:00:00 2001
From: Dominique Martinet <asmadeus@codewreck.org>
Date: Sat, 26 Aug 2023 09:28:59 +0900
Subject: [PATCH] env.js: fix httpSafePort handling
It has been clarified that this is only a dev option that should not be
used in production, but setting the value in config was still ignored,
so fix the init code to consider the config value and make it clear that
this port is not bound if safeOrigin is set.
---
config/config.example.js | 3 ++-
lib/env.js | 5 +++--
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/config/config.example.js b/config/config.example.js
index 7c8184c6c2f6..77263643c354 100644
--- a/config/config.example.js
+++ b/config/config.example.js
@@ -89,8 +89,9 @@ module.exports = {
/* httpSafePort purpose is to emulate another origin for the sandbox when
* you don't have two domains at hand (i.e. when httpSafeOrigin not defined).
- * It is meant to be used only in case where you are working on a local
+ * It is meant to be used only in case where you are working on a local
* development instance. The default value is your httpPort + 1.
+ * Setting this to 0 or setting httpSafeOrigin disables this listener.
*
*/
//httpSafePort: 3001,
diff --git a/lib/env.js b/lib/env.js
index d3748750f21e..f0660cba3e11 100644
--- a/lib/env.js
+++ b/lib/env.js
@@ -74,8 +74,9 @@ module.exports.create = function (config) {
if (typeof(config.httpSafeOrigin) !== 'string') {
NO_SANDBOX = true;
- if (typeof(config.httpSafePort) !== 'number') { httpSafePort = httpPort + 1; }
httpSafeOrigin = deriveSandboxOrigin(httpUnsafeOrigin, httpSafePort);
+ // only set if httpSafeOrigin isn't set.
+ httpSafePort = isValidPort(config.httpSafePort) ? config.httpSafePort : (httpPort + 1);
} else {
httpSafeOrigin = canonicalizeOrigin(config.httpSafeOrigin);
}
@@ -115,7 +116,7 @@ module.exports.create = function (config) {
permittedEmbedders: typeof(permittedEmbedders) === 'string' && permittedEmbedders? permittedEmbedders: httpSafeOrigin,
removeDonateButton: config.removeDonateButton,
- httpPort: isValidPort(config.httpPort)? config.httpPort: 3000,
+ httpPort: httpPort,
httpAddress: typeof(config.httpAddress) === 'string'? config.httpAddress: 'localhost',
websocketPath: config.externalWebsocketURL,
logIP: config.logIP,
--
2.45.2

160
pkgs/by-name/cr/cryptpad/package.nix Normal file
View File

@@ -0,0 +1,160 @@
{
bash,
buildNpmPackage,
coreutils,
fetchFromGitHub,
fetchpatch,
fetchurl,
lib,
makeBinaryWrapper,
nixosTests,
nodejs,
rdfind,
unzip,
}:
let
version = "2025.3.0";
# nix version of install-onlyoffice.sh
# a later version could rebuild from sdkjs/web-apps as per
# https://github.com/cryptpad/onlyoffice-builds/blob/main/build.sh
onlyoffice_build =
rev: hash:
fetchFromGitHub {
inherit rev hash;
owner = "cryptpad";
repo = "onlyoffice-builds";
};
onlyoffice_install = oo: ''
oo_dir="$out_cryptpad/www/common/onlyoffice/dist/${oo.subdir}"
cp -a "${onlyoffice_build oo.rev oo.hash}/." "$oo_dir"
chmod -R +w "$oo_dir"
echo "${oo.rev}" > "$oo_dir/.commit"
'';
onlyoffice_versions = [
{
subdir = "v1";
rev = "4f370beb";
hash = "sha256-TE/99qOx4wT2s0op9wi+SHwqTPYq/H+a9Uus9Zj4iSY=";
}
{
subdir = "v2b";
rev = "d9da72fd";
hash = "sha256-SiRDRc2vnLwCVnvtk+C8PKw7IeuSzHBaJmZHogRe3hQ=";
}
{
subdir = "v4";
rev = "6ebc6938";
hash = "sha256-eto1+8Tk/s3kbUCpbUh8qCS8EOq700FYG1/KiHyynaA=";
}
{
subdir = "v5";
rev = "88a356f0";
hash = "sha256-8j1rlAyHlKx6oAs2pIhjPKcGhJFj6ZzahOcgenyeOCc=";
}
{
subdir = "v6";
rev = "abd8a309";
hash = "sha256-BZdExj2q/bqUD3k9uluOot2dlrWKA+vpad49EdgXKww=";
}
{
subdir = "v7";
rev = "e1267803";
hash = "sha256-iIds0GnCHAyeIEdSD4aCCgDtnnwARh3NE470CywseS0=";
}
];
x2t_version = "v7.3+1";
x2t = fetchurl {
url = "https://github.com/cryptpad/onlyoffice-x2t-wasm/releases/download/${x2t_version}/x2t.zip";
hash = "sha256-hrbxrI8RC1pBatGZ76TAiVfUbZid7+eRuXk6lmz7OgQ=";
};
x2t_install = ''
local X2T_DIR=$out_cryptpad/www/common/onlyoffice/dist/x2t
unzip ${x2t} -d "$X2T_DIR"
echo "${x2t_version}" > "$X2T_DIR"/.version
'';
in
buildNpmPackage {
inherit version;
pname = "cryptpad";
src = fetchFromGitHub {
owner = "cryptpad";
repo = "cryptpad";
rev = version;
hash = "sha256-NxkVMsfLzdzifdn+f0C6mBJGd1oLwcMTAIXv+gBG7rI=";
};
npmDepsHash = "sha256-GWkyRlizPSA72WwoY+mRLwaMeD/SXdo6oUVwsd2gp7c=";
nativeBuildInputs = [
makeBinaryWrapper
rdfind
unzip
bash
];
patches = [
# fix httpSafePort setting
# https://github.com/cryptpad/cryptpad/pull/1571
./0001-env.js-fix-httpSafePort-handling.patch
];
# cryptpad build tries to write in cache dir
makeCacheWritable = true;
# 'npm build run' (scripts/build.js) generates a customize directory, but:
# - that is not installed by npm install
# - it embeds values from config into the directory, so needs to be
# run before starting the server (it's just a few quick replaces)
# Skip it here.
dontNpmBuild = true;
postInstall = ''
out_cryptpad="$out/lib/node_modules/cryptpad"
# 'npm run install:components' (scripts/copy-component.js) copies
# required node modules to www/component in the build tree...
# Move to install directory manually.
npm run install:components
mv www/components "$out_cryptpad/www/"
# and fix absolute symlink to /build...
ln -Tfs ../../src/tweetnacl "$out_cryptpad/www/components/tweetnacl"
# install OnlyOffice (install-onlyoffice.sh without network)
mkdir -p "$out_cryptpad/www/common/onlyoffice/dist"
${lib.concatMapStringsSep "\n" onlyoffice_install onlyoffice_versions}
${x2t_install}
# Run upstream's `install-onlyoffice.sh` script in `--check` mode to
# verify that we've installed the correct versions of the various
# OnlyOffice components.
patchShebangs --build $out_cryptpad/install-onlyoffice.sh
$out_cryptpad/install-onlyoffice.sh --accept-license --check --rdfind
# cryptpad assumes it runs in the source directory and also outputs
# its state files there, which is not exactly great for us.
# There are relative paths everywhere so just substituing source paths
# is difficult and will likely break on a future update, instead we
# make links to the required source directories before running.
# The build.js step populates 'customize' from customize.dist and config;
# one would normally want to re-run it after modifying config but since it
# would overwrite user modifications only run it if there is no customize
# directory.
makeWrapper "${lib.getExe nodejs}" "$out/bin/cryptpad" \
--add-flags "$out_cryptpad/server.js" \
--run "for d in customize.dist lib www scripts; do ${coreutils}/bin/ln -sf \"$out_cryptpad/\$d\" .; done" \
--run "if ! [ -d customize ]; then \"${lib.getExe nodejs}\" \"$out_cryptpad/scripts/build.js\"; fi"
'';
passthru.tests.cryptpad = nixosTests.cryptpad;
meta = {
description = "Collaborative office suite, end-to-end encrypted and open-source";
homepage = "https://cryptpad.org/";
license = lib.licenses.agpl3Plus;
mainProgram = "cryptpad";
maintainers = with lib.maintainers; [ martinetd ];
};
}