Switch to alternative custom caddy Method

Might as well use the to-be-upstreamed alternative build: https://github.com/NixOS/nixpkgs/pull/259275 As a bonus, this doesn't require the sandbox any more.
2024-01-10 02:09:49 +08:00 · 2024-01-10 02:09:49 +08:00 · a8364e89e3
parent cec949007c
commit a8364e89e3
3 changed files with 99 additions and 31 deletions
--- a/README.org
+++ b/README.org
@ -46,6 +46,6 @@ Deploying is simply a matter of entering the deploy nix shell =nix develop= and
 =deploy .#golgi.system=.

 In order for this image to be built, the sandbox will need to be set to =false= or
-=relaxed= (for the custom zsh and Caddy builds). This can  be done by adding the
-line ~sandbox = relaxed~ to =/etc/nix/nix.conf=. Just note that the nix-daemon will
-need to be restarted for this new setting to take full effect.
+=relaxed= (for the custom zsh build). This can be done by adding the line ~sandbox = relaxed~
+to =/etc/nix/nix.conf=. Just note that the nix-daemon will need to be restarted
+for this new setting to take full effect.
--- a/modules/caddy.nix
+++ b/modules/caddy.nix
@ -10,8 +10,9 @@ with lib;
    {
      enable = true;
      package = pkgs.callPackage ../packages/caddy.nix {
-        plugins = [
-          "github.com/tecosaur/caddy-fs-git@3e897ed"
+        externalPlugins = [
+          {name = "caddy-fs-git"; repo = "github.com/tecosaur/caddy-fs-git";
+           version = "ef9d0ab232f4fe5d7e86312cbba45ff8afea98a1";}
        ];
      };
      virtualHosts."tecosaur.net".extraConfig = ''
--- a/packages/caddy.nix
+++ b/packages/caddy.nix
@ -1,37 +1,104 @@
-{ config, pkgs, plugins, ... }:
+{ lib
+, buildGoModule
+, fetchFromGitHub
+, gnused
+, nixosTests
+, caddy
+, testers
+, installShellFiles
+, externalPlugins ? []
+, vendorHash ? "sha256-O0j6LwUQGa+NnotR2QpSIbNH+RI9y8mRrNoxbJqTw8k="
+}:

-with pkgs;
-
-stdenv.mkDerivation rec {
-  # Disable the Nix build sandbox for this specific build.
-  # This means the build can freely talk to the Internet.
-  # Requires the sandbox to be set to false/"relaxed".
-  __noChroot = true;
+let
+  attrsToModules = attrs:
+    builtins.map ({name, repo, version}: "${repo}") attrs;
+  attrsToSources = attrs:
+    builtins.map ({name, repo, version}: "${repo}@${version}") attrs;
+in buildGoModule rec {
  pname = "caddy";
-  # https://github.com/NixOS/nixpkgs/issues/113520
-  version = "latest";
-  dontUnpack = true;
+  version = "2.7.6";

-  nativeBuildInputs = [ git go xcaddy ];
+  dist = fetchFromGitHub {
+    owner = "caddyserver";
+    repo = "dist";
+    rev = "v${version}";
+    hash = "sha256-uY6MU8iXfGK6+HP2Lc+3iPE5wY35NbGp8pMZWpNVPSg=";
+  };

-  configurePhase = ''
-    export GOCACHE=$TMPDIR/go-cache
-    export GOPATH="$TMPDIR/go"
+  src = fetchFromGitHub {
+    owner = "caddyserver";
+    repo = "caddy";
+    rev = "v${version}";
+    hash = "sha256-th0R3Q1nGT0q5PGOygtD1/CpJmrT5TYagrwQR4t/Fvg=";
+  };
+
+  inherit vendorHash;
+
+  subPackages = [ "cmd/caddy" ];
+
+  ldflags = [
+    "-s" "-w"
+    "-X github.com/caddyserver/caddy/v2.CustomVersion=${version}"
+  ];
+
+  nativeBuildInputs = [ gnused installShellFiles ];
+
+  modBuildPhase = ''
+    for module in ${builtins.toString (attrsToModules externalPlugins)}; do
+      sed -i "/standard/a _ \"$module\"" ./cmd/caddy/main.go
+    done
+    for plugin in ${builtins.toString (attrsToSources externalPlugins)}; do
+      go get $plugin
+    done
+
+    go generate
+    go mod vendor
  '';

-  buildPhase = let
-    pluginArgs = lib.concatMapStringsSep " " (plugin: "--with ${plugin}") plugins;
-  in ''
-    runHook preBuild
-    ${xcaddy}/bin/xcaddy build latest ${pluginArgs}
-    runHook postBuild
+  modInstallPhase = ''
+    mv -t vendor go.mod go.sum
+    cp -r --reflink=auto vendor "$out"
  '';

+  preBuild = ''
+    chmod -R u+w vendor
+    [ -f vendor/go.mod ] && mv -t . vendor/go.{mod,sum}
+    go generate

-  installPhase = ''
-    runHook preInstall
-    mkdir -p $out/bin
-    mv caddy $out/bin
-    runHook postInstall
+    for module in ${builtins.toString (attrsToModules externalPlugins)}; do
+      sed -i "/standard/a _ \"$module\"" ./cmd/caddy/main.go
+    done
  '';
+
+  postInstall = ''
+    install -Dm644 ${dist}/init/caddy.service ${dist}/init/caddy-api.service -t $out/lib/systemd/system
+
+    substituteInPlace $out/lib/systemd/system/caddy.service --replace "/usr/bin/caddy" "$out/bin/caddy"
+    substituteInPlace $out/lib/systemd/system/caddy-api.service --replace "/usr/bin/caddy" "$out/bin/caddy"
+
+    $out/bin/caddy manpage --directory manpages
+    installManPage manpages/*
+
+    installShellCompletion --cmd caddy \
+      --bash <($out/bin/caddy completion bash) \
+      --fish <($out/bin/caddy completion fish) \
+      --zsh <($out/bin/caddy completion zsh)
+  '';
+
+  passthru.tests = {
+    inherit (nixosTests) caddy;
+    version = testers.testVersion {
+      command = "${caddy}/bin/caddy version";
+      package = caddy;
+    };
+  };
+
+  meta = with lib; {
+    homepage = "https://caddyserver.com";
+    description = "Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS";
+    license = licenses.asl20;
+    mainProgram = "caddy";
+    maintainers = with maintainers; [ Br1ght0ne emilylange techknowlogick ];
+  };
 }