summary refs log tree commit diff
path: root/pkgs/bluesky/pds/package.nix
diff options
context:
space:
mode:
authorMel <einebeere@gmail.com>2024-12-04 04:31:55 +0100
committerMel <einebeere@gmail.com>2024-12-04 04:31:55 +0100
commitc5364de431203671106fd7e66a27a4c1e932c1f3 (patch)
treee425cb12a307582a440611513c63635a2541a5b8 /pkgs/bluesky/pds/package.nix
parentfa964a8d1ab2dc83386f457b51b2de87b68cbe70 (diff)
downloadnetwork-c5364de431203671106fd7e66a27a4c1e932c1f3.tar.zst
network-c5364de431203671106fd7e66a27a4c1e932c1f3.zip
Host bare-bones Bluesky PDS service
Signed-off-by: Mel <einebeere@gmail.com>
Diffstat (limited to 'pkgs/bluesky/pds/package.nix')
-rw-r--r--pkgs/bluesky/pds/package.nix99
1 files changed, 99 insertions, 0 deletions
diff --git a/pkgs/bluesky/pds/package.nix b/pkgs/bluesky/pds/package.nix
new file mode 100644
index 0000000..673a74b
--- /dev/null
+++ b/pkgs/bluesky/pds/package.nix
@@ -0,0 +1,99 @@
+# See: https://github.com/NixOS/nixpkgs/pull/350645
+{
+  fetchFromGitHub,
+  nodejs,
+  buildNpmPackage,
+  vips,
+  pkg-config,
+  writeShellApplication,
+  bash,
+  xxd,
+  openssl,
+  nixosTests,
+  lib,
+}:
+
+let
+  generateSecrets = writeShellApplication {
+    name = "generate-pds-secrets";
+
+    runtimeInputs = [
+      xxd
+      openssl
+    ];
+
+    # Commands from https://github.com/bluesky-social/pds/blob/8b9fc24cec5f30066b0d0b86d2b0ba3d66c2b532/installer.sh
+    text = ''
+      echo "PDS_JWT_SECRET=$(openssl rand --hex 16)"
+      echo "PDS_ADMIN_PASSWORD=$(openssl rand --hex 16)"
+      echo "PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=$(openssl ecparam --name secp256k1 --genkey --noout --outform DER | tail --bytes=+8 | head --bytes=32 | xxd --plain --cols 32)"
+    '';
+  };
+in
+
+# NOTE: Package comes with `pnpm-lock.yaml` but we cannot use `pnpm.fetchDeps` here because it
+# does not work with `sharp` NPM dependency that needs `vips` and `pkg-config`
+# Regenerate `package-lock.json` with `npm i --package-lock-only`
+# Next release should have bumped `sharp` with pre-built binaries
+buildNpmPackage rec {
+  pname = "pds";
+  version = "0.4.67";
+
+  src = fetchFromGitHub {
+    owner = "bluesky-social";
+    repo = "pds";
+    rev = "v${version}";
+    hash = "sha256-dEB5u++Zx+F4TH5q44AF/tuwAhLEyYT+U5/18viT4sw=";
+  };
+
+  sourceRoot = "${src.name}/service";
+
+  npmDepsHash = "sha256-uQKhODaVHLj+JEq6LYiJ/zXuu7kDCLmpxOs/VCc0GqQ=";
+
+  postPatch = ''
+    cp ${./package-lock.json} package-lock.json
+  '';
+
+  # Required for `sharp` NPM dependency
+  nativeBuildInputs = [ pkg-config ];
+  buildInputs = [ vips ];
+
+  buildPhase = ''
+    runHook preBuild
+
+    makeWrapper "${lib.getExe nodejs}" "$out/bin/pds" \
+      --add-flags --enable-source-maps                \
+      --add-flags "$out/lib/pds/index.js"             \
+      --set-default NODE_ENV production
+
+    runHook postBuild
+  '';
+
+  installPhase = ''
+    runHook preInstall
+
+    mkdir -p $out/{bin,lib/pds}
+    mv node_modules $out/lib/pds
+    mv index.js $out/lib/pds
+
+    runHook postInstall
+  '';
+
+  passthru = {
+    inherit generateSecrets;
+    tests = {
+      inherit (nixosTests) pds;
+    };
+  };
+
+  meta = {
+    description = "Bluesky Personal Data Server (PDS)";
+    homepage = "https://bsky.social";
+    license = with lib.licenses; [
+      mit
+      asl20
+    ];
+    platforms = lib.platforms.unix;
+    mainProgram = "pds";
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-04-25 15:22:04 +0000