laser/nixos
0
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

initial commit

Browse source
This commit is contained in:
marble 2023-09-10 15:01:32 +02:00
commit 2762313824
19 changed files with 11541 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
COPYING Normal file
View file

@ -0,0 +1,20 @@
Copyright (c) 2003-2023 Eelco Dolstra and the Nixpkgs/NixOS contributors
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

74
README.md Normal file
View file

@ -0,0 +1,74 @@
# Laser NixOS
Nix expressions for building a NixOS image for the Raspberry Pi 3 controlling the laser cutter in CCCHH.
## TL;DR
```shell
export \
MACHINE=raspberry-pi-3 \
SD_CARD=/dev/sda \
NIXPKGS_REV=dba4149
nix-build -I nixpkgs="https://github.com/NixOS/nixpkgs/archive/${NIXPKGS_REV}.tar.gz" -I machine=machines/$MACHINE --out-link out-links/$MACHINE
```
## Building
The ISO must be built by emulation if you are not building on an aarch64 machine.
Build your host NixOS with the following in the configuration.
```nix
boot.binfmt.emulatedSystems = [
"aarch64-linux"
];
```
### Machines
Select one of the [machines](./machines/) and set the environment variable.
```shell
export MACHINE=raspberry-pi-3
```
### `nixpkgs` Versions
Select a [nixpkgs](https://github.com/NixOS/nixpkgs/) version and set the enviroment variable.
```shell
export NIXPKGS_REV=dba4149
```
It's recommended to set it to one of the revision hashes from the table below.
But you can also set it to a branch name like `nixos-24.05`.
| ref | rev | date |
|-------------|-----------|------------|
| nixos-24.05 | `dba4149` | 2024-11-07 |
### Build
```shell
nix-build -I nixpkgs="https://github.com/NixOS/nixpkgs/archive/${NIXPKGS_REV}.tar.gz" -I machine=machines/$MACHINE --out-link out-links/$MACHINE
```
## Flashing
Select the correct block device and set the environment variable.
```shell
export SD_CARD=/dev/sda
sudo sh -c "zstd -dcf out-links/$MACHINE/sd-image/*.img.zst | dd status=progress bs=64k iflag=fullblock oflag=direct of=$SD_CARD && sync && eject $SD_CARD"
```
## Deployment
For deploying new images without reflashing, you can use [NixOps](https://github.com/NixOS/nixops).
```shell
nix-shell -p nixops_unstable_minimal
```
Since stable NixOps reuqires Python2, we use the unstable version.
```shell
[nix-shell:~]$ nixops --version
NixOps 1.7-unstable-2024-02-28-pre-08feccb
```
### Create
```shell
nixops create -I nixpkgs="https://github.com/NixOS/nixpkgs/archive/${NIXPKGS_REV}.tar.gz" -I machine=machines/$MACHINE
```
### Deploy
```shell
nixops deploy -I nixpkgs="https://github.com/NixOS/nixpkgs/archive/${NIXPKGS_REV}.tar.gz" -I machine=machines/$MACHINE
```

8
default.nix Normal file
View file

@ -0,0 +1,8 @@
let
nixos = import <nixpkgs/nixos> {
configuration = import ./image.nix;
};
in
nixos.config.system.build.sdImage // {
inherit (nixos) pkgs system config pkgs_src;
}

7
image.nix Normal file
View file

@ -0,0 +1,7 @@
{ ... }: {
imports = [
<machine/sd-image.nix>
<machine/hardware-configuration.nix>
./nixos/configuration.nix
];
}

11
machines/raspberry-pi-3/hardware-configuration.nix Normal file
View file

@ -0,0 +1,11 @@
{ config, pkgs, lib, ... }:
{
boot.kernelParams = [
"console=ttyS1,115200n8"
];
environment.systemPackages = with pkgs; [
libraspberrypi
];
}

12
machines/raspberry-pi-3/sd-image.nix Normal file
View file

@ -0,0 +1,12 @@
{ config, pkgs, lib, ... }:
{
# # cross compile
# nixpkgs.crossSystem = lib.systems.elaborate lib.systems.examples.aarch64-multiplatform;
# # emulate
nixpkgs.system = "aarch64-linux";
imports = [
<nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
];
}

20
nixops.nix Normal file
View file

@ -0,0 +1,20 @@
let
targetUser = "nixos";
in
{
network.storage.legacy = {
databasefile = "~/.nixops/deployments.nixops";
};
network.description = "ARM SBC";
laser = { config, lib, pkgs, ... }: {
deployment = {
targetHost = "laser.z9.ccchh.net";
targetUser = targetUser;
};
users.extraUsers."${targetUser}".openssh.authorizedKeys.keys =
config.users.extraUsers.root.openssh.authorizedKeys.keys;
} // import ./image.nix { };
}

1
nixos/.gitignore vendored Normal file
View file

@ -0,0 +1 @@
custom.nix

57
nixos/configuration.nix Normal file
View file

@ -0,0 +1,57 @@
{ config, pkgs, lib, ... }:
{
imports = [
./laser-cutter
./minification.nix
]
++ lib.optionals (builtins.pathExists ./hardware-configuration.nix) [ ./hardware-configuration.nix ]
++ lib.optionals (builtins.pathExists ./custom.nix) [ ./custom.nix ];
boot.loader.grub.enable = false;
environment.systemPackages = with pkgs; [
screen
vim
htop
bottom
];
users = {
extraUsers.nixos = {
isNormalUser = true;
initialPassword = "nixos";
extraGroups = [ "wheel" "video" "input" "dialout" "gpio" "i2c" "plugdev" ];
};
};
# needed for nixops
security.sudo.wheelNeedsPassword = false;
nix.settings.trusted-users = [ "nixos" ];
networking.hostName = "laser";
networking.wireless = {
enable = true;
userControlled.enable = true;
};
services = {
# getty.autologinUser = "nixos";
openssh = {
enable = true;
# passwordAuthentication = if config.users.extraUsers.nixos.openssh.authorizedKeys.keys == [ ] then true else false;
settings.PasswordAuthentication = if config.users.extraUsers.nixos.openssh.authorizedKeys.keys == [ ] then true else false;
# forwardX11 = true;
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
};
};
system.stateVersion = "nixos-${lib.versions.major lib.version}.${lib.versions.minor lib.version}";
}

14
nixos/custom-template.nix Normal file
View file

@ -0,0 +1,14 @@
{ pkgs, ... }:
{
users.extraUsers.nixos.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAA..."
];
networking.wireless = {
networks = {
"ccchh-iot" = {
psk = "...";
};
};
};
}

66
nixos/laser-cutter/default.nix Normal file
View file

@ -0,0 +1,66 @@
{ config, ... }:
let
laserweb_pkgs = import (builtins.fetchTarball "https://github.com/NixOS/nixpkgs/archive/380be19.tar.gz") # 22.05
{
config.permittedInsecurePackages = [
"nodejs-12.22.12"
];
system = config.nixpkgs.system;
};
laserweb = laserweb_pkgs.callPackage ./laserweb { };
in
{
environment.systemPackages = [
laserweb
];
# networking.hostName = "laser";
# LaserWeb service
systemd.services.laserweb = {
description = "LaserWeb";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${laserweb}/bin/laserweb";
Restart = "always";
RestartSec = 10;
WorkingDirectory = "/var/lib/laserweb";
Environment = [
"NODE_ENV=production"
"PORT=8000"
];
DynamicUser = true;
SupplementaryGroups = "dialout";
StateDirectory = "laserweb";
};
};
# Reverse-proxy to expose LaseWeb UI
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts."laser" = {
default = true;
locations."/" = {
proxyPass = "http://127.0.0.2:8000/";
proxyWebsockets = true;
};
};
};
}

13
nixos/laser-cutter/laserweb/001-fix-default-ws.patch Normal file
View file

@ -0,0 +1,13 @@
diff --git a/src/reducers/settings.js b/src/reducers/settings.js
index 77171c1..33fbdb5 100644
--- a/src/reducers/settings.js
+++ b/src/reducers/settings.js
@@ -135,7 +135,7 @@ export const SETTINGS_INITIALSTATE = {
gcodeCurvePrecision: 0.1,
comServerVersion: 'not connected',
- comServerIP: 'localhost:8000',
+ comServerIP: window.location.host + ':' + window.location.port,
comServerConnect: false,
comInterfaces: [],
comPorts: [],

42
nixos/laser-cutter/laserweb/default.nix Normal file
View file

@ -0,0 +1,42 @@
{ stdenv
, fetchFromGitHub
, applyPatches
, lib
, callPackage
, nodejs-12_x
, makeWrapper
, ... }:
let
src = applyPatches {
src = fetchFromGitHub {
owner = "LaserWeb";
repo = "LaserWeb4";
rev = "v4.0.996";
sha256 = "02g82jbxxa6srvw9ygxvbyki07c09zzlvp56w1nbvzn4k4i93cvd";
};
patches = [
# Alter default call-back URL
./001-fix-default-ws.patch
];
};
deps = (callPackage ./node-composition.nix {
nodejs = nodejs-12_x;
inherit (stdenv.hostPlatform) system;
});
in
deps.package.override (old: {
inherit src;
nativeBuildInputs = [ makeWrapper ];
dontNpmInstall = true;
postInstall = ''
makeWrapper '${nodejs-12_x}/bin/node' "$out/bin/laserweb" \
--add-flags "$out/lib/node_modules/laserweb/node_modules/lw.comm-server/server.js"
'';
})

17
nixos/laser-cutter/laserweb/node-composition.nix Normal file
View file

@ -0,0 +1,17 @@
# This file has been generated by node2nix 1.10.0. Do not edit!
{pkgs ? import <nixpkgs> {
inherit system;
}, system ? builtins.currentSystem, nodejs ? pkgs."nodejs-10_x"}:
let
nodeEnv = import ./node-env.nix {
inherit (pkgs) stdenv lib python2 runCommand writeTextFile writeShellScript;
inherit pkgs nodejs;
libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null;
};
in
import ./node-packages.nix {
inherit (pkgs) fetchurl nix-gitignore stdenv lib fetchgit;
inherit nodeEnv;
}

597
nixos/laser-cutter/laserweb/node-env.nix Normal file
View file

@ -0,0 +1,597 @@
# This file originates from node2nix
{lib, stdenv, nodejs, python2, pkgs, libtool, runCommand, writeTextFile, writeShellScript}:
let
# Workaround to cope with utillinux in Nixpkgs 20.09 and util-linux in Nixpkgs master
utillinux = if pkgs ? utillinux then pkgs.utillinux else pkgs.util-linux;
python = if nodejs ? python then nodejs.python else python2;
# Create a tar wrapper that filters all the 'Ignoring unknown extended header keyword' noise
tarWrapper = runCommand "tarWrapper" {} ''
mkdir -p $out/bin
cat > $out/bin/tar <<EOF
#! ${stdenv.shell} -e
$(type -p tar) "\$@" --warning=no-unknown-keyword --delay-directory-restore
EOF
chmod +x $out/bin/tar
'';
# Function that generates a TGZ file from a NPM project
buildNodeSourceDist =
{ name, version, src, ... }:
stdenv.mkDerivation {
name = "node-tarball-${name}-${version}";
inherit src;
buildInputs = [ nodejs ];
buildPhase = ''
export HOME=$TMPDIR
tgzFile=$(npm pack | tail -n 1) # Hooks to the pack command will add output (https://docs.npmjs.com/misc/scripts)
'';
installPhase = ''
mkdir -p $out/tarballs
mv $tgzFile $out/tarballs
mkdir -p $out/nix-support
echo "file source-dist $out/tarballs/$tgzFile" >> $out/nix-support/hydra-build-products
'';
};
# Common shell logic
installPackage = writeShellScript "install-package" ''
installPackage() {
local packageName=$1 src=$2
local strippedName
local DIR=$PWD
cd $TMPDIR
unpackFile $src
# Make the base dir in which the target dependency resides first
mkdir -p "$(dirname "$DIR/$packageName")"
if [ -f "$src" ]
then
# Figure out what directory has been unpacked
packageDir="$(find . -maxdepth 1 -type d | tail -1)"
# Restore write permissions to make building work
find "$packageDir" -type d -exec chmod u+x {} \;
chmod -R u+w "$packageDir"
# Move the extracted tarball into the output folder
mv "$packageDir" "$DIR/$packageName"
elif [ -d "$src" ]
then
# Get a stripped name (without hash) of the source directory.
# On old nixpkgs it's already set internally.
if [ -z "$strippedName" ]
then
strippedName="$(stripHash $src)"
fi
# Restore write permissions to make building work
chmod -R u+w "$strippedName"
# Move the extracted directory into the output folder
mv "$strippedName" "$DIR/$packageName"
fi
# Change to the package directory to install dependencies
cd "$DIR/$packageName"
}
'';
# Bundle the dependencies of the package
#
# Only include dependencies if they don't exist. They may also be bundled in the package.
includeDependencies = {dependencies}:
lib.optionalString (dependencies != []) (
''
mkdir -p node_modules
cd node_modules
''
+ (lib.concatMapStrings (dependency:
''
if [ ! -e "${dependency.packageName}" ]; then
${composePackage dependency}
fi
''
) dependencies)
+ ''
cd ..
''
);
# Recursively composes the dependencies of a package
composePackage = { name, packageName, src, dependencies ? [], ... }@args:
builtins.addErrorContext "while evaluating node package '${packageName}'" ''
installPackage "${packageName}" "${src}"
${includeDependencies { inherit dependencies; }}
cd ..
${lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
'';
pinpointDependencies = {dependencies, production}:
let
pinpointDependenciesFromPackageJSON = writeTextFile {
name = "pinpointDependencies.js";
text = ''
var fs = require('fs');
var path = require('path');
function resolveDependencyVersion(location, name) {
if(location == process.env['NIX_STORE']) {
return null;
} else {
var dependencyPackageJSON = path.join(location, "node_modules", name, "package.json");
if(fs.existsSync(dependencyPackageJSON)) {
var dependencyPackageObj = JSON.parse(fs.readFileSync(dependencyPackageJSON));
if(dependencyPackageObj.name == name) {
return dependencyPackageObj.version;
}
} else {
return resolveDependencyVersion(path.resolve(location, ".."), name);
}
}
}
function replaceDependencies(dependencies) {
if(typeof dependencies == "object" && dependencies !== null) {
for(var dependency in dependencies) {
var resolvedVersion = resolveDependencyVersion(process.cwd(), dependency);
if(resolvedVersion === null) {
process.stderr.write("WARNING: cannot pinpoint dependency: "+dependency+", context: "+process.cwd()+"\n");
} else {
dependencies[dependency] = resolvedVersion;
}
}
}
}
/* Read the package.json configuration */
var packageObj = JSON.parse(fs.readFileSync('./package.json'));
/* Pinpoint all dependencies */
replaceDependencies(packageObj.dependencies);
if(process.argv[2] == "development") {
replaceDependencies(packageObj.devDependencies);
}
replaceDependencies(packageObj.optionalDependencies);
/* Write the fixed package.json file */
fs.writeFileSync("package.json", JSON.stringify(packageObj, null, 2));
'';
};
in
''
node ${pinpointDependenciesFromPackageJSON} ${if production then "production" else "development"}
${lib.optionalString (dependencies != [])
''
if [ -d node_modules ]
then
cd node_modules
${lib.concatMapStrings (dependency: pinpointDependenciesOfPackage dependency) dependencies}
cd ..
fi
''}
'';
# Recursively traverses all dependencies of a package and pinpoints all
# dependencies in the package.json file to the versions that are actually
# being used.
pinpointDependenciesOfPackage = { packageName, dependencies ? [], production ? true, ... }@args:
''
if [ -d "${packageName}" ]
then
cd "${packageName}"
${pinpointDependencies { inherit dependencies production; }}
cd ..
${lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
fi
'';
# Extract the Node.js source code which is used to compile packages with
# native bindings
nodeSources = runCommand "node-sources" {} ''
tar --no-same-owner --no-same-permissions -xf ${nodejs.src}
mv node-* $out
'';
# Script that adds _integrity fields to all package.json files to prevent NPM from consulting the cache (that is empty)
addIntegrityFieldsScript = writeTextFile {
name = "addintegrityfields.js";
text = ''
var fs = require('fs');
var path = require('path');
function augmentDependencies(baseDir, dependencies) {
for(var dependencyName in dependencies) {
var dependency = dependencies[dependencyName];
// Open package.json and augment metadata fields
var packageJSONDir = path.join(baseDir, "node_modules", dependencyName);
var packageJSONPath = path.join(packageJSONDir, "package.json");
if(fs.existsSync(packageJSONPath)) { // Only augment packages that exist. Sometimes we may have production installs in which development dependencies can be ignored
console.log("Adding metadata fields to: "+packageJSONPath);
var packageObj = JSON.parse(fs.readFileSync(packageJSONPath));
if(dependency.integrity) {
packageObj["_integrity"] = dependency.integrity;
} else {
packageObj["_integrity"] = "sha1-000000000000000000000000000="; // When no _integrity string has been provided (e.g. by Git dependencies), add a dummy one. It does not seem to harm and it bypasses downloads.
}
if(dependency.resolved) {
packageObj["_resolved"] = dependency.resolved; // Adopt the resolved property if one has been provided
} else {
packageObj["_resolved"] = dependency.version; // Set the resolved version to the version identifier. This prevents NPM from cloning Git repositories.
}
if(dependency.from !== undefined) { // Adopt from property if one has been provided
packageObj["_from"] = dependency.from;
}
fs.writeFileSync(packageJSONPath, JSON.stringify(packageObj, null, 2));
}
// Augment transitive dependencies
if(dependency.dependencies !== undefined) {
augmentDependencies(packageJSONDir, dependency.dependencies);
}
}
}
if(fs.existsSync("./package-lock.json")) {
var packageLock = JSON.parse(fs.readFileSync("./package-lock.json"));
if(![1, 2].includes(packageLock.lockfileVersion)) {
process.stderr.write("Sorry, I only understand lock file versions 1 and 2!\n");
process.exit(1);
}
if(packageLock.dependencies !== undefined) {
augmentDependencies(".", packageLock.dependencies);
}
}
'';
};
# Reconstructs a package-lock file from the node_modules/ folder structure and package.json files with dummy sha1 hashes
reconstructPackageLock = writeTextFile {
name = "addintegrityfields.js";
text = ''
var fs = require('fs');
var path = require('path');
var packageObj = JSON.parse(fs.readFileSync("package.json"));
var lockObj = {
name: packageObj.name,
version: packageObj.version,
lockfileVersion: 1,
requires: true,
dependencies: {}
};
function augmentPackageJSON(filePath, dependencies) {
var packageJSON = path.join(filePath, "package.json");
if(fs.existsSync(packageJSON)) {
var packageObj = JSON.parse(fs.readFileSync(packageJSON));
dependencies[packageObj.name] = {
version: packageObj.version,
integrity: "sha1-000000000000000000000000000=",
dependencies: {}
};
processDependencies(path.join(filePath, "node_modules"), dependencies[packageObj.name].dependencies);
}
}
function processDependencies(dir, dependencies) {
if(fs.existsSync(dir)) {
var files = fs.readdirSync(dir);
files.forEach(function(entry) {
var filePath = path.join(dir, entry);
var stats = fs.statSync(filePath);
if(stats.isDirectory()) {
if(entry.substr(0, 1) == "@") {
// When we encounter a namespace folder, augment all packages belonging to the scope
var pkgFiles = fs.readdirSync(filePath);
pkgFiles.forEach(function(entry) {
if(stats.isDirectory()) {
var pkgFilePath = path.join(filePath, entry);
augmentPackageJSON(pkgFilePath, dependencies);
}
});
} else {
augmentPackageJSON(filePath, dependencies);
}
}
});
}
}
processDependencies("node_modules", lockObj.dependencies);
fs.writeFileSync("package-lock.json", JSON.stringify(lockObj, null, 2));
'';
};
prepareAndInvokeNPM = {packageName, bypassCache, reconstructLock, npmFlags, production}:
let
forceOfflineFlag = if bypassCache then "--offline" else "--registry http://www.example.com";
in
''
# Pinpoint the versions of all dependencies to the ones that are actually being used
echo "pinpointing versions of dependencies..."
source $pinpointDependenciesScriptPath
# Patch the shebangs of the bundled modules to prevent them from
# calling executables outside the Nix store as much as possible
patchShebangs .
# Deploy the Node.js package by running npm install. Since the
# dependencies have been provided already by ourselves, it should not
# attempt to install them again, which is good, because we want to make
# it Nix's responsibility. If it needs to install any dependencies
# anyway (e.g. because the dependency parameters are
# incomplete/incorrect), it fails.
#
# The other responsibilities of NPM are kept -- version checks, build
# steps, postprocessing etc.
export HOME=$TMPDIR
cd "${packageName}"
runHook preRebuild
${lib.optionalString bypassCache ''
${lib.optionalString reconstructLock ''
if [ -f package-lock.json ]
then
echo "WARNING: Reconstruct lock option enabled, but a lock file already exists!"
echo "This will most likely result in version mismatches! We will remove the lock file and regenerate it!"
rm package-lock.json
else
echo "No package-lock.json file found, reconstructing..."
fi
node ${reconstructPackageLock}
''}
node ${addIntegrityFieldsScript}
''}
npm ${forceOfflineFlag} --nodedir=${nodeSources} ${npmFlags} ${lib.optionalString production "--production"} rebuild
if [ "''${dontNpmInstall-}" != "1" ]
then
# NPM tries to download packages even when they already exist if npm-shrinkwrap is used.
rm -f npm-shrinkwrap.json
npm ${forceOfflineFlag} --nodedir=${nodeSources} ${npmFlags} ${lib.optionalString production "--production"} install
fi
'';
# Builds and composes an NPM package including all its dependencies
buildNodePackage =
{ name
, packageName
, version ? null
, dependencies ? []
, buildInputs ? []
, production ? true
, npmFlags ? ""
, dontNpmInstall ? false
, bypassCache ? false
, reconstructLock ? false
, preRebuild ? ""
, dontStrip ? true
, unpackPhase ? "true"
, buildPhase ? "true"
, meta ? {}
, ... }@args:
let
extraArgs = removeAttrs args [ "name" "dependencies" "buildInputs" "dontStrip" "dontNpmInstall" "preRebuild" "unpackPhase" "buildPhase" "meta" ];
in
stdenv.mkDerivation ({
name = "${name}${if version == null then "" else "-${version}"}";
buildInputs = [ tarWrapper python nodejs ]
++ lib.optional (stdenv.isLinux) utillinux
++ lib.optional (stdenv.isDarwin) libtool
++ buildInputs;
inherit nodejs;
inherit dontStrip; # Stripping may fail a build for some package deployments
inherit dontNpmInstall preRebuild unpackPhase buildPhase;
compositionScript = composePackage args;
pinpointDependenciesScript = pinpointDependenciesOfPackage args;
passAsFile = [ "compositionScript" "pinpointDependenciesScript" ];
installPhase = ''
source ${installPackage}
# Create and enter a root node_modules/ folder
mkdir -p $out/lib/node_modules
cd $out/lib/node_modules
# Compose the package and all its dependencies
source $compositionScriptPath
${prepareAndInvokeNPM { inherit packageName bypassCache reconstructLock npmFlags production; }}
# Create symlink to the deployed executable folder, if applicable
if [ -d "$out/lib/node_modules/.bin" ]
then
ln -s $out/lib/node_modules/.bin $out/bin
# Patch the shebang lines of all the executables
ls $out/bin/* | while read i
do
file="$(readlink -f "$i")"
chmod u+rwx "$file"
patchShebangs "$file"
done
fi
# Create symlinks to the deployed manual page folders, if applicable
if [ -d "$out/lib/node_modules/${packageName}/man" ]
then
mkdir -p $out/share
for dir in "$out/lib/node_modules/${packageName}/man/"*
do
mkdir -p $out/share/man/$(basename "$dir")
for page in "$dir"/*
do
ln -s $page $out/share/man/$(basename "$dir")
done
done
fi
# Run post install hook, if provided
runHook postInstall
'';
meta = {
# default to Node.js' platforms
platforms = nodejs.meta.platforms;
} // meta;
} // extraArgs);
# Builds a node environment (a node_modules folder and a set of binaries)
buildNodeDependencies =
{ name
, packageName
, version ? null
, src
, dependencies ? []
, buildInputs ? []
, production ? true
, npmFlags ? ""
, dontNpmInstall ? false
, bypassCache ? false
, reconstructLock ? false
, dontStrip ? true
, unpackPhase ? "true"
, buildPhase ? "true"
, ... }@args:
let
extraArgs = removeAttrs args [ "name" "dependencies" "buildInputs" ];
in
stdenv.mkDerivation ({
name = "node-dependencies-${name}${if version == null then "" else "-${version}"}";
buildInputs = [ tarWrapper python nodejs ]
++ lib.optional (stdenv.isLinux) utillinux
++ lib.optional (stdenv.isDarwin) libtool
++ buildInputs;
inherit dontStrip; # Stripping may fail a build for some package deployments
inherit dontNpmInstall unpackPhase buildPhase;
includeScript = includeDependencies { inherit dependencies; };
pinpointDependenciesScript = pinpointDependenciesOfPackage args;
passAsFile = [ "includeScript" "pinpointDependenciesScript" ];
installPhase = ''
source ${installPackage}
mkdir -p $out/${packageName}
cd $out/${packageName}
source $includeScriptPath
# Create fake package.json to make the npm commands work properly
cp ${src}/package.json .
chmod 644 package.json
${lib.optionalString bypassCache ''
if [ -f ${src}/package-lock.json ]
then
cp ${src}/package-lock.json .
fi
''}
# Go to the parent folder to make sure that all packages are pinpointed
cd ..
${lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
${prepareAndInvokeNPM { inherit packageName bypassCache reconstructLock npmFlags production; }}
# Expose the executables that were installed
cd ..
${lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
mv ${packageName} lib
ln -s $out/lib/node_modules/.bin $out/bin
'';
} // extraArgs);
# Builds a development shell
buildNodeShell =
{ name
, packageName
, version ? null
, src
, dependencies ? []
, buildInputs ? []
, production ? true
, npmFlags ? ""
, dontNpmInstall ? false
, bypassCache ? false
, reconstructLock ? false
, dontStrip ? true
, unpackPhase ? "true"
, buildPhase ? "true"
, ... }@args:
let
nodeDependencies = buildNodeDependencies args;
extraArgs = removeAttrs args [ "name" "dependencies" "buildInputs" "dontStrip" "dontNpmInstall" "unpackPhase" "buildPhase" ];
in
stdenv.mkDerivation ({
name = "node-shell-${name}${if version == null then "" else "-${version}"}";
buildInputs = [ python nodejs ] ++ lib.optional (stdenv.isLinux) utillinux ++ buildInputs;
buildCommand = ''
mkdir -p $out/bin
cat > $out/bin/shell <<EOF
#! ${stdenv.shell} -e
$shellHook
exec ${stdenv.shell}
EOF
chmod +x $out/bin/shell
'';
# Provide the dependencies in a development shell through the NODE_PATH environment variable
inherit nodeDependencies;
shellHook = lib.optionalString (dependencies != []) ''
export NODE_PATH=${nodeDependencies}/lib/node_modules
export PATH="${nodeDependencies}/bin:$PATH"
'';
} // extraArgs);
in
{
buildNodeSourceDist = lib.makeOverridable buildNodeSourceDist;
buildNodePackage = lib.makeOverridable buildNodePackage;
buildNodeDependencies = lib.makeOverridable buildNodeDependencies;
buildNodeShell = lib.makeOverridable buildNodeShell;
}

10542
nixos/laser-cutter/laserweb/node-packages.nix Normal file
View file

File diff suppressed because it is too large Load diff

4
nixos/laser-cutter/laserweb/readme.md Normal file
View file

@ -0,0 +1,4 @@
## Updating
```
./node_modules/.bin/node2nix --development -l package-lock.json -10 --no-bypass-cache
```

34
nixos/minification.nix Normal file
View file

@ -0,0 +1,34 @@
{ config, pkgs, lib, ... }:
with lib;
{
# don't build documentation
documentation.info.enable = mkDefault false;
documentation.man.enable = mkDefault false;
documentation.nixos.enable = mkDefault false;
# don't include a 'command not found' helper
programs.command-not-found.enable = mkDefault false;
# disable firewall (needs iptables)
networking.firewall.enable = mkDefault false;
# disable polkit
security.polkit.enable = mkDefault false;
# disable audit
security.audit.enable = mkDefault false;
# disable udisks
services.udisks2.enable = mkDefault false;
# disable containers
boot.enableContainers = mkDefault false;
# build less locales
# This isn't perfect, but let's expect the user specifies an UTF-8 defaultLocale
i18n.supportedLocales = [ (config.i18n.defaultLocale + "/UTF-8") ];
# Out Of Memory daemon not recommended for rpi
systemd.oomd.enable = mkDefault false;
}

2
out-links/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
*
!.gitignore