diff options
author | Raghav Sood <r@raghavsood.com> | 2023-12-21 14:03:35 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-12-21 14:03:35 +0800 |
commit | 7d97d9ebd1992cad1a91d6988198dcc9d9ecb21c (patch) | |
tree | a63772dacf99dd5ca4c777f81462644c1ba9549b | |
parent | d6863cbcbbb80e71cecfc03356db1cda38919523 (diff) | |
parent | d380604c446487eaadd71284c7ceaec83eff4d8a (diff) |
Merge pull request #275439 from RaghavSood/nitter/guest-accounts
nitter: unstable-2023-10-31 -> unstable-2023-12-03 (guest accounts support)
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2405.section.md | 2 | ||||
-rw-r--r-- | nixos/modules/services/misc/nitter.nix | 23 | ||||
-rw-r--r-- | nixos/tests/nitter.nix | 21 | ||||
-rw-r--r-- | pkgs/by-name/ni/nitter/lock.json | 39 | ||||
-rw-r--r-- | pkgs/by-name/ni/nitter/package.nix | 6 |
5 files changed, 76 insertions, 15 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index ddaf116649c15..b036f40f4dc80 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -39,6 +39,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - `k9s` was updated to v0.29. There have been breaking changes in the config file format, check out the [changelog](https://github.com/derailed/k9s/releases/tag/v0.29.0) for details. +- `nitter` requires a `guest_accounts.jsonl` to be provided as a path or loaded into the default location at `/var/lib/nitter/guest_accounts.jsonl`. See [Guest Account Branch Deployment](https://github.com/zedeus/nitter/wiki/Guest-Account-Branch-Deployment) for details. + - Invidious has changed its default database username from `kemal` to `invidious`. Setups involving an externally provisioned database (i.e. `services.invidious.database.createLocally == false`) should adjust their configuration accordingly. The old `kemal` user will not be removed automatically even when the database is provisioned automatically.(https://github.com/NixOS/nixpkgs/pull/265857) - `mkosi` was updated to v19. Parts of the user interface have changed. Consult the diff --git a/nixos/modules/services/misc/nitter.nix b/nixos/modules/services/misc/nitter.nix index c2c462d46bb5b..d2cf7c0de2b77 100644 --- a/nixos/modules/services/misc/nitter.nix +++ b/nixos/modules/services/misc/nitter.nix @@ -304,6 +304,23 @@ in ''; }; + guestAccounts = mkOption { + type = types.path; + default = "/var/lib/nitter/guest_accounts.jsonl"; + description = lib.mdDoc '' + Path to the guest accounts file. + + This file contains a list of guest accounts that can be used to + access the instance without logging in. The file is in JSONL format, + where each line is a JSON object with the following fields: + + {"oauth_token":"some_token","oauth_token_secret":"some_secret_key"} + + See https://github.com/zedeus/nitter/wiki/Guest-Account-Branch-Deployment + for more information on guest accounts and how to generate them. + ''; + }; + redisCreateLocally = mkOption { type = types.bool; default = true; @@ -333,8 +350,12 @@ in after = [ "network-online.target" ]; serviceConfig = { DynamicUser = true; + LoadCredential="guestAccountsFile:${cfg.guestAccounts}"; StateDirectory = "nitter"; - Environment = [ "NITTER_CONF_FILE=/var/lib/nitter/nitter.conf" ]; + Environment = [ + "NITTER_CONF_FILE=/var/lib/nitter/nitter.conf" + "NITTER_ACCOUNTS_FILE=%d/guestAccountsFile" + ]; # Some parts of Nitter expect `public` folder in working directory, # see https://github.com/zedeus/nitter/issues/414 WorkingDirectory = "${cfg.package}/share/nitter"; diff --git a/nixos/tests/nitter.nix b/nixos/tests/nitter.nix index 8bc55ba8c69fc..114f1aac7c7af 100644 --- a/nixos/tests/nitter.nix +++ b/nixos/tests/nitter.nix @@ -1,13 +1,28 @@ import ./make-test-python.nix ({ pkgs, ... }: +let + # In a real deployment this should naturally not common from the nix store + # and be seeded via agenix or as a non-nix managed file. + # + # These credentials are from the nitter wiki and are expired. We must provide + # credentials in the correct format, otherwise nitter fails to start. They + # must not be valid, as unauthorized errors are handled gracefully. + guestAccountFile = pkgs.writeText "guest_accounts.jsonl" '' + {"oauth_token":"1719213587296620928-BsXY2RIJEw7fjxoNwbBemgjJhueK0m","oauth_token_secret":"N0WB0xhL4ng6WTN44aZO82SUJjz7ssI3hHez2CUhTiYqy"} + ''; +in { name = "nitter"; meta.maintainers = with pkgs.lib.maintainers; [ erdnaxe ]; nodes.machine = { - services.nitter.enable = true; - # Test CAP_NET_BIND_SERVICE - services.nitter.server.port = 80; + services.nitter = { + enable = true; + # Test CAP_NET_BIND_SERVICE + server.port = 80; + # Provide dummy guest accounts + guestAccounts = guestAccountFile; + }; }; testScript = '' diff --git a/pkgs/by-name/ni/nitter/lock.json b/pkgs/by-name/ni/nitter/lock.json index 5e059f869af09..2a9106dc9ff42 100644 --- a/pkgs/by-name/ni/nitter/lock.json +++ b/pkgs/by-name/ni/nitter/lock.json @@ -62,11 +62,11 @@ "packages": [ "jsony" ], - "path": "/nix/store/bzcq8q439rdsqhhihikzv3rsx4l4ybdm-source", - "rev": "ea811be", - "sha256": "1720iqsxjhqmhw1zhhs7d2ncdz25r8fqadls1p1iry1wfikjlnba", + "path": "/nix/store/l84av0wdc0s4r4alsvkaxcxhpd6j4bzg-source", + "rev": "1de1f08", + "sha256": "0rj205cs3v6g80h8ys9flbdq4wyd1csmkwdxv0lz21972zcsrcfh", "srcDir": "src", - "url": "https://github.com/treeform/jsony/archive/ea811be.tar.gz" + "url": "https://github.com/treeform/jsony/archive/1de1f08.tar.gz" }, { "method": "fetchzip", @@ -95,11 +95,22 @@ "packages": [ "nimcrypto" ], - "path": "/nix/store/dnj20qh97ylf57nka9wbxs735wbw7yxv-source", - "rev": "4014ef9", - "sha256": "1kgqr2lqaffglc1fgbanwcvhkqcbbd20d5b6w4lf0nksfl9c357a", + "path": "/nix/store/zyr8zwh7vaiycn1s4r8cxwc71f2k5l0h-source", + "rev": "a079df9", + "sha256": "1dmdmgb6b9m5f8dyxk781nnd61dsk3hdxqks7idk9ncnpj9fng65", "srcDir": "", - "url": "https://github.com/cheatfate/nimcrypto/archive/4014ef9.tar.gz" + "url": "https://github.com/cheatfate/nimcrypto/archive/a079df9.tar.gz" + }, + { + "method": "fetchzip", + "packages": [ + "oauth" + ], + "path": "/nix/store/bwmrrzs6xpwizmww35461x3lqpgd0942-source", + "rev": "b8c163b", + "sha256": "0k5slyzjngbdr6g0b0dykhqmaf8r8n2klbkg2gpid4ckm8hg62v5", + "srcDir": "src", + "url": "https://github.com/CORDEA/oauth/archive/b8c163b.tar.gz" }, { "method": "fetchzip", @@ -159,6 +170,18 @@ { "method": "fetchzip", "packages": [ + "sha1" + ], + "path": "/nix/store/a6a0ycxsaxpqks42aq9wicj8ars7z7ai-source", + "ref": "master", + "rev": "92ccc5800bb0ac4865b275a2ce3c1544e98b48bc", + "sha256": "00zvvd8ssy22srg74xzapknmgmi82v534npjdrk5805shswfhqdm", + "srcDir": "", + "url": "https://github.com/onionhammer/sha1/archive/92ccc5800bb0ac4865b275a2ce3c1544e98b48bc.tar.gz" + }, + { + "method": "fetchzip", + "packages": [ "supersnappy" ], "path": "/nix/store/kibhdjpd3mvn9adsp67amj35a7zrnk6y-source", diff --git a/pkgs/by-name/ni/nitter/package.nix b/pkgs/by-name/ni/nitter/package.nix index 6b63037e103d4..d3fc03b25acea 100644 --- a/pkgs/by-name/ni/nitter/package.nix +++ b/pkgs/by-name/ni/nitter/package.nix @@ -8,13 +8,13 @@ buildNimPackage (finalAttrs: prevAttrs: { pname = "nitter"; - version = "unstable-2023-10-31"; + version = "unstable-2023-12-03"; src = fetchFromGitHub { owner = "zedeus"; repo = "nitter"; - rev = "b62d73dbd373f08af07c7a79efcd790d3bc1a49c"; - hash = "sha256-yCD7FbqWZMY0fyFf9Q3Ka06nw5Ha7jYLpmPONAhEVIM="; + rev = "583c858cdf3486451ed6a0627640844f27009dbe"; + hash = "sha256-3E6nfmOFhQ2bjwGMWdTmZ38Fg/SE36s6fxYDXwSJaTw="; }; lockFile = ./lock.json; |