privatebin: init at 1.5.2; nixos/privatebin: init, nixosTests.privatebin: init, pbincli: init at 0.3.5 #234287
+470
−0
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
6.topic: nixos
ofborg
bot
added
8.has: package (new)
|
Result of 3 packages marked as broken and skipped:
2 packages blacklisted:
3 packages built:
|
|
As this is a new module, my understanding is that it is backportable. May we do so when this is merged? |
Minion3665
suggested changes
Jul 30, 2023
Minion3665
suggested changes
Aug 6, 2023
Minion3665
approved these changes
Aug 6, 2023
Minion3665
added
the
12.approvals: 1
ofborg
bot
added
the
2.status: merge conflict
wegank
removed
the
12.approvals: 1
h7x4
added
8.has: module (new)
|
Can you rebase to fix the merge conflict? |
Comment on lines
+28
to
+29
| binaryWorks = runCommand "${pname}-binary-test" {} '' | ||
| export PATH=${pbincli}/bin:$PATH |
There was a problem hiding this comment.
Suggested change
| binaryWorks = runCommand "${pname}-binary-test" {} '' | |
| export PATH=${pbincli}/bin:$PATH | |
| binaryWorks = runCommand "${pname}-binary-test" { | |
| nativeBuildInputs = [ pbincli ]; | |
| } '' |
Comment on lines
+9
to
+14
| pname = "PBinCLI"; | ||
| version = "0.3.5"; | ||
| format = "setuptools"; | ||
|
|
||
| src = fetchPypi { | ||
| inherit pname version; |
There was a problem hiding this comment.
Suggested change
| pname = "PBinCLI"; | |
| version = "0.3.5"; | |
| format = "setuptools"; | |
| src = fetchPypi { | |
| inherit pname version; | |
| pname = "pbincli"; | |
| version = "0.3.5"; | |
| format = "setuptools"; | |
| src = fetchPypi { | |
| pname = "PBinCLI"; | |
| inherit version; |
see python language docs
| virtualHosts.privatebin = mkMerge [ | ||
| cfg.nginx | ||
| { | ||
| root = mkForce "${pkgs.privatebin}/share/privatebin"; |
There was a problem hiding this comment.
Suggested change
| root = mkForce "${pkgs.privatebin}/share/privatebin"; | |
| root = mkForce pkgs.privatebin; |
we could also just place it here like other php web things
| cfg.nginx | ||
| { | ||
| root = mkForce "${pkgs.privatebin}/share/privatebin"; | ||
| extraConfig = optionalString (cfg.nginx.addSSL || cfg.nginx.forceSSL || cfg.nginx.onlySSL || cfg.nginx.enableACME) "fastcgi_param HTTPS on;"; |
There was a problem hiding this comment.
Suggested change
| extraConfig = optionalString (cfg.nginx.addSSL || cfg.nginx.forceSSL || cfg.nginx.onlySSL || cfg.nginx.enableACME) "fastcgi_param HTTPS on;"; | |
| extraConfig = optionalString (cfg.nginx.addSSL || cfg.nginx.forceSSL || cfg.nginx.onlySSL) "fastcgi_param HTTPS on;"; |
acme is not required for https
Comment on lines
+260
to
+262
| "/" = { | ||
| index = "index.php"; | ||
| }; |
There was a problem hiding this comment.
Suggested change
| "/" = { | |
| index = "index.php"; | |
| }; | |
| "/".index = "index.php"; |
|
|
||
| phpPackage = mkOption { | ||
| type = types.package; | ||
| relatedPackages = [ "php80" "php81" "php82" ]; |
There was a problem hiding this comment.
Suggested change
| relatedPackages = [ "php80" "php81" "php82" ]; | |
| relatedPackages = [ "php81" "php82" ]; |
that's EOL
|
|
||
| databaseSetup = { | ||
| enable = mkEnableOption (lib.mdDoc "Automatic database setup and configuration"); | ||
| kind = mkOption { |
There was a problem hiding this comment.
How about we default this to sqlite so that things just work?
| info = "This instance of PrivateBin is hosted on NixOS!"; | ||
| languageselection = true; | ||
| icon = "none"; | ||
| cspheader = "default-src 'none'; base-uri 'self'; form-action 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'unsafe-eval'; style-src 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads"; |
There was a problem hiding this comment.
There is no upstream value we can just copy and enable?
| } else if autoDb == "sqlite" then { | ||
| model.class = "Database"; | ||
| model_options.dsn = "sqlite:/var/lib/privatebin/data/db.sqlite3"; | ||
| } else {} |
There was a problem hiding this comment.
Suggested change
| } else {} | |
| }; |
there is no other option
| isEnv = v: isAttrs v && v ? _env && isString v._env; | ||
| format = | ||
| let | ||
| iniAtom = (pkgs.formats.ini {}).type/*attrsOf*/.functor.wrapped/*attrsOf*/.functor.wrapped; |
There was a problem hiding this comment.
What are the comments here supposed to mean?
fsnkty
suggested changes
Feb 11, 2024
| , config | ||
| , ... | ||
| }: | ||
| with lib; |
| meta.maintainers = with lib.maintainers; [ e1mo ]; | ||
|
|
||
| options.services.privatebin = { | ||
| enable = mkEnableOption (mdDoc "PrivateBin web application"); |
wegank
added
the
2.status: stale
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes
PrivateBin is an end to end encrypted, zero knoweledge, pastebin service. This PR also adds a module and tests. PBinCLI is a third party client to work with PrivateBin, which is used in tests (I am not motivated to implement the clientside crypto by hand in the tests).
Things done
sandbox = trueset innix.conf? (See Nix manual)nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)