Fixes for Linux.

This commit is contained in:
Gaelan Steele 2023-07-13 23:47:11 +00:00
parent 8c56a5d784
commit d40fa59204
3 changed files with 25 additions and 4 deletions

View file

@ -4,7 +4,7 @@
flake-utils.lib.eachDefaultSystem (system:
let pkgs = nixpkgs.legacyPackages.${system};
in {
apps.default = let
apps.start = let
s6 = (import ./nix/s6.nix {
inherit pkgs;
services = pkgs.lib.attrsets.mapAttrs (_: v: v.service)
@ -15,6 +15,7 @@
type = "app";
program = let
script = pkgs.writeShellScript "minifedi" ''
oldpath=$PATH
export PATH=${pkgs.gnugrep}/bin:${pkgs.gnused}/bin:${pkgs.coreutils}/bin
if ! [[ -e .is-minifedi ]]; then
@ -25,10 +26,16 @@
mkdir -p cert
rm -rf data/run
mkdir data/run
${if pkgs.stdenv.isLinux then "export LOCALE_ARCHIVE=${pkgs.glibcLocales}/lib/locale/locale-archive" else ""}
export MINIFEDI_CERT=$(pwd)/cert
export MINIFEDI_DATA=$(pwd)/data
export MINIFEDI_RUN=$(pwd)/data/run
exec ${s6.start}
${if pkgs.stdenv.isLinux then ''
echo "=> You'll probably get prompted for a sudo password now. This is just so we can bind to port 80/443; we literally acquire cap_net_bind_service then switch back to being $USER."
exec $(PATH=$oldpath which sudo) -E ${pkgs.libcap}/bin/capsh --keep=1 --user="$USER" --inh='cap_net_bind_service' --addamb='cap_net_bind_service' -- -c ${s6.start}
'' else ''
exec ${s6.start}
''}
'';
in "${script}";
};

13
minifedi Executable file
View file

@ -0,0 +1,13 @@
#!/usr/bin/env sh
if ! type "nix" > /dev/null; then
echo "Minifedi requires Nix. Please install it from your package manager, or following the instructions at https://nixos.org/download.html."
exit 1
fi
if [ "x$1" = x ]; then
echo "subcommand required: start, install-cert, mastodon-mk-version"
exit 1
fi
nix --extra-experimental-features "flakes nix-command" run .#$1

View file

@ -32,6 +32,7 @@ in buildGoModule rec {
mv web $out/share/gotosocial/
'';
# tests are working only on x86_64-linux
doCheck = stdenv.isLinux && stdenv.isx86_64;
# minifedi: tests push us over 4GB build space; not reasonable to expect more
# than that
doCheck = false;
}