Open aanderse opened 11 months ago
it is still missing quite a bit
@aanderse Do we know what these things are?
i got motivated and ended up writing the rest of the code required! i am running this code as of a few minor changes ago on my server and it looks to be fine
so what work remains?
prosody
deploy by someone other than myselfjitsi
modulewho can contribute to the above list?
Is there an easy way to test out NixOS modules without building the entire branch? I know they don’t overlay. -- toastal ไข่ดาว | https://toast.al PGP: 7944 74b7 d236 dab9 c9ef e7f9 5cce 6f14 66d4 7c9e
Is there an easy way to test out NixOS modules without building the entire branch? I know they don’t overlay.
please see https://github.com/NixOS/nixpkgs/blob/master/nixos/README.md
FYI #260551
also pinging @astro @oxapentane
Is there an easy way to test out NixOS modules without building the entire branch? I know they don’t overlay.
please see
master
/nixos/README.md
Hmm, "testing changes" there seems to suggest rebuilding with a local nixpkgs tree so presumably "building the entire branch", is there another way I missed?
I generally copy the service file to test in my /etc/nixos tree, update services.foo to anything else that doesn't conflict with something in nixpkgs and use that (adding the file to imports
somewhere); but I'd also be curious to know if there's a better way of doing it; in this particular case there's a lot to rename so it wasn't exactly practical, see: https://cgit.notk.org/asmadeus/nixos-config.git/commit/?id=cff13c93469de890843b1245d3946f25c12dba19
Probably best to just use a nixpkgs fork at this point...
i think we're getting close to feature freeze which means a new release is around the corner! has anybody had a chance to test this yet? it worked fine on my server so as long as you have backups i feel like anyone should be fine to test i ask because if this is all tested and approved we can merge right after the next NixOS release
btw... anyone willing to write release notes?
@aanderse, it would be great to allow the new http_file_share module to replace http_upload in the xmppComplianceSuite
checks. Below is a suggestion of how it could be done. Should you prefer to leave it for another PR, I could also later rebase https://github.com/NixOS/nixpkgs/pull/171855 once this PR has been merged.
diff --git a/nixos/modules/services/networking/prosody.nix b/nixos/modules/services/networking/prosody.nix
index 2d1baab7fad4..9a3c782ac908 100644
--- a/nixos/modules/services/networking/prosody.nix
+++ b/nixos/modules/services/networking/prosody.nix
@@ -2,7 +2,7 @@
let
inherit (lib) isAttrs isBool isList isInt isString;
inherit (lib) mkChangedOptionModule mkDefault mkEnableOption mkForce mkIf mkMerge mkOption mkRenamedOptionModule;
- inherit (lib) all any attrValues boolToString concatStringsSep filterAttrs genAttrs hasPrefix listToAttrs literalExpression mapAttrsToList mdDoc optionals optionalAttrs optionalString types unique;
+ inherit (lib) all any attrValues boolToString concatStringsSep elem filterAttrs genAttrs hasPrefix listToAttrs literalExpression mapAttrsToList mdDoc optionals optionalAttrs optionalString types unique;
config' = config;
cfg = config.services.prosody;
@@ -514,12 +514,12 @@ in
assertions =
let
- checkForModule = mod: b: any (e: e.module == mod) (attrValues b.components);
+ checkForModule = mods: b: any (e: elem e.module mods) (attrValues b.components);
virtualHosts = filterAttrs (_: v: v.settings.enabled) cfg.virtualHosts;
# ensure a given module (e.g. muc or http_upload) is applied or available to every virtual host
- mkAssertion = module: message: {
- assertion = cfg.xmppComplianceSuite -> checkForModule module cfg || all (checkForModule module) (attrValues virtualHosts);
+ mkAssertion = modules: message: {
+ assertion = cfg.xmppComplianceSuite -> checkForModule modules cfg || all (checkForModule modules) (attrValues virtualHosts);
message = message + ''
Having a server not XEP-0423-compliant might make your XMPP
@ju1m that sounds great! we will merge this PR in the next few weeks after branch off for 23.11 and then right after that can you make a PR to do this?
@aanderse ok, I'll update https://github.com/NixOS/nixpkgs/pull/171855 to use the above patch once this PR has been merged.
i will try to find some motivation to rebase this over the break is anyone keen to test? write release notes? it would be nice to get this merged soon
@aanderse I’d be interested in testing it out so long as it’s easy to test (it’s normally a pain since you can’t just drop in a overlay)
This pull request has been mentioned on NixOS Discourse. There might be relevant details there:
hey all - looks like some merge conflicts have popped up and they probably require more mental energy than i can give at this point. unfortunately the longer this PR sits the more likely additional merge conflicts are... if someone wants to chip in and either take over this PR, or resolve merge conflicts, i would appreciate it. i'm not sure if i have enough motivation to continue this and might just publish as a flake otherwise.
so if anyone wants to contribute to getting this merged please say so. sorry for the hassle.
I modified the jitsi-meet.nix
to work with your rewritten prosody module, with reference to https://github.com/jitsi/jitsi-meet/blob/master/doc/debian/jitsi-meet-prosody/prosody.cfg.lua-jvb.example and https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/services/web-apps/jitsi-meet.nix.
It should be working just fine with your module, but I do not know if it is the correct way to set it. Please take a look. https://github.com/amalgame21/jitsimeet-nixos-module/blob/main/jitsi-meet-aanderse-custom.nix
I still cannot get the environmentFile
for turnserver secret to work, because it conflicts with the jitsi-meet.nix
module which have environmentFile
hardcoded. Now I just set the secret directly, but the secret is present in /nix/store and it may have some security risk.
@aanderse
The environmentFile
can be changed to environmentFiles
and type
can be changed from nullOf path
to listOf path
to solve the conflict with jitsi-meet.nix
https://github.com/amalgame21/jitsimeet-nixos-module/blob/main/prosody-environmentFiles.nix
Sorry I don't know how to use github :-(
Wrote some logic for JWT (Shared Secret Validation only) in jitsi-meet.nix
.
https://github.com/amalgame21/jitsimeet-nixos-module/blob/main/jitsi-meet-aanderse-JWT-custom.nix
@amalgame21 Those files looked pretty good to me. Do you plan to take over this merge request? I would love to see this be moved forward before the Nix hackathon next month to work on some tangential XMPP stuff.
@amalgame21 Those files looked pretty good to me. Do you plan to take over this merge request? I would love to see this be moved forward before the Nix hackathon next month to work on some tangential XMPP stuff.
As a newcomer of Nix (about 2 months), actually I cannot understand a lot of code in the module and I was just editing some basic things. I think I am not capable of this task. Just feel free to use my code in jitsi-meet if someone are interested, I hope this can merge too.
Hi, for the feature of ENV_
for secrets in environmentFile
I think it is great idea to add those sercets without hardcode them in nix store.
However I cannot get it insert into /etc/prosody/prosody.cfg
(it becomes literally turn_external_secret = ENV_TURN_EXTERNAL_SECRET
), and turned out my TURN relay is misconfigured but I did not noticed it because somehow XMPP calls still works.
I tested import the environment file as a normal file and also tested combined the environmentFile
option with sops-nix
, neither of it seems to work.
Now I just hardcoded it in nix store as a work around, but not ideal.
entirely unrelated to this a friend asked me if i knew anything about self hosting video platforms
this resulted in me firing up a jitsi instance which was a pleasant experience thanks to the wonderful authors of that module
immediately after the next nixos release which is upcoming would be a good time to fix-up this PR and merge... maybe i can find the time and motivation
anyone still interested in this getting merged?
entirely unrelated to this a friend asked me if i knew anything about self hosting video platforms
this resulted in me firing up a jitsi instance which was a pleasant experience thanks to the wonderful authors of that module
immediately after the next nixos release which is upcoming would be a good time to fix-up this PR and merge... maybe i can find the time and motivation
anyone still interested in this getting merged?
Yes of course! This rewrite have a lot of great changes, It is great for all XMPP and jitsi NixOS user if it can be merged!
It would be amazing if this PR could be pushed forward.
Description of changes
this branch/PR is a starting point for a
prosody
module rewrite i don't have the energy/motivation to push this PR through all by myself and it is still missing quite a bit... but my hope is that others would be interested in contributing so we could eventually get this mergedThings done
sandbox = true
set innix.conf
? (See Nix manual)nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"
. Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/
)cc @toastal @ju1m @martinetd