175 lines
8.4 KiB
Nix
175 lines
8.4 KiB
Nix
{ depot, src, pkgs, lib, ... }:
|
|
|
|
let
|
|
inherit (depot.third_party) poetry2nix;
|
|
pyproject = pkgs.runCommand "authentik-pyproject" { src = "${src}/pyproject.toml"; } ''
|
|
sed 's/extras = \["standard"\],//' $src > $out
|
|
'';
|
|
poetrylock = pkgs.runCommand "authentik-poetrylock" { src = "${src}/poetry.lock"; } ''
|
|
sed -e 's/, markers = "extra == \\\"standard\\\""//' \
|
|
-e 's/and extra == \\\"standard\\\"//' \
|
|
$src > $out
|
|
'';
|
|
fixedSrc = pkgs.runCommand "authentik-src" { inherit src; } ''
|
|
cp -R $src $out
|
|
chmod -R u+w $out
|
|
cp ${pyproject} $out/pyproject.toml
|
|
cp ${poetrylock} $out/poetry.lock
|
|
'';
|
|
maturin = pkgs.python311.pkgs.buildPythonPackage rec {
|
|
inherit (pkgs.maturin) pname version meta src cargoDeps;
|
|
format = "pyproject";
|
|
nativeBuildInputs = [
|
|
pkgs.python311.pkgs.setuptools-rust
|
|
pkgs.rustPlatform.cargoSetupHook
|
|
pkgs.cargo
|
|
pkgs.rustc
|
|
];
|
|
};
|
|
app = poetry2nix.mkPoetryApplication rec {
|
|
projectDir = fixedSrc;
|
|
python = pkgs.python311;
|
|
overrides = let
|
|
assertVersion = pkg: wantVersion: lib.assertMsg (pkg.version == wantVersion) "${pkg.pname} (${pkg.version}) is different to what I expected (${wantVersion}); maybe remove the override?";
|
|
in poetry2nix.overrides.withDefaults (self: super: {
|
|
cython = super.cython.overridePythonAttrs (oldAttrs: rec {
|
|
version = "0.29.33";
|
|
src = self.fetchPypi {
|
|
pname = "Cython";
|
|
inherit version;
|
|
sha256 = "0si8f96kyk7ljrmjrffsjm4i8n5fs7q29nlmldjfjb2d9967ch2h";
|
|
};
|
|
patches = [ ./cython-trashcan.patch ./cython-disable-trashcan.patch ];
|
|
});
|
|
dumb-init = super.dumb-init.overridePythonAttrs (old: {
|
|
nativeBuildInputs = old.nativeBuildInputs ++ [ self.setuptools ];
|
|
});
|
|
click-didyoumean = super.click-didyoumean.overridePythonAttrs (old: {
|
|
nativeBuildInputs = old.nativeBuildInputs ++ [ self.poetry ];
|
|
});
|
|
bump2version = super.bump2version.overridePythonAttrs (old: {
|
|
nativeBuildInputs = old.nativeBuildInputs ++ [ self.setuptools ];
|
|
});
|
|
opencontainers = super.opencontainers.overridePythonAttrs (old: {
|
|
nativeBuildInputs = old.nativeBuildInputs ++ [ self.setuptools self.pytest-runner ];
|
|
});
|
|
xmlsec = super.xmlsec.overridePythonAttrs (old: {
|
|
nativeBuildInputs = (old.nativeBuildInputs or []) ++ [ self.pkgconfig ];
|
|
buildInputs = (old.buildInputs or []) ++ [ pkgs.xmlsec pkgs.libxslt pkgs.libxml2 pkgs.libtool ];
|
|
});
|
|
mistune = super.mistune.overridePythonAttrs (old: rec {
|
|
version = "0.8.4";
|
|
src = self.fetchPypi {
|
|
inherit (old) pname;
|
|
inherit version;
|
|
sha256 = "59a3429db53c50b5c6bcc8a07f8848cb00d7dc8bdb431a4ab41920d201d4756e";
|
|
};
|
|
});
|
|
urllib3-secure-extra = super.urllib3-secure-extra.overridePythonAttrs (old: {
|
|
nativeBuildInputs = old.nativeBuildInputs ++ [ self.flit-core ];
|
|
});
|
|
#watchfiles = self.callPackage ../../../../third_party/nixpkgs/pkgs/development/python-modules/watchfiles/default.nix { CoreServices = null; };
|
|
|
|
#kombu = assert assertVersion super.kombu "5.2.4"; super.kombu.overridePythonAttrs (old: {
|
|
# buildInputs = (old.buildInputs or []) ++ [ self.setuptools ];
|
|
# postPatch = ''
|
|
# ${old.postPatch or ""}
|
|
# substituteInPlace requirements/test.txt --replace "pytz>dev" "pytz"
|
|
# '';
|
|
#});
|
|
#isort = assert assertVersion super.isort "5.10.1"; super.isort.overridePythonAttrs (old: {
|
|
# postPatch = ''
|
|
# ${old.postPatch or ""}
|
|
# substituteInPlace pyproject.toml --replace "pip-shims<=0.3.4" "pip-shims"
|
|
# '';
|
|
#});
|
|
asyncio = null;
|
|
pyrad = assert assertVersion super.pyrad "2.4"; super.pyrad.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.poetry ];
|
|
});
|
|
pydantic-scim = assert assertVersion super.pydantic-scim "0.0.7"; super.pydantic-scim.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.setuptools self.setuptools-scm ];
|
|
});
|
|
sqlparse = assert assertVersion super.sqlparse "0.4.4"; super.sqlparse.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.flit-core ];
|
|
});
|
|
ruff = null;
|
|
pytest-github-actions-annotate-failures = null;
|
|
drf-jsonschema-serializer = assert assertVersion super.drf-jsonschema-serializer "2.0.0"; super.drf-jsonschema-serializer.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.setuptools ];
|
|
});
|
|
django-otp = assert assertVersion super.django-otp "1.2.2"; super.django-otp.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.hatchling ];
|
|
});
|
|
gunicorn = assert assertVersion super.gunicorn "21.2.0"; super.gunicorn.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.packaging ];
|
|
});
|
|
psycopg-c = assert assertVersion super.psycopg-c "3.1.10"; super.psycopg-c.overridePythonAttrs (old: {
|
|
propagatedBuildInputs = (old.propagatedBuildInputs or []) ++ [ self.tomli ];
|
|
nativeBuildInputs = (old.nativeBuildInputs or []) ++ [ pkgs.postgresql ];
|
|
buildInputs = (old.buildInputs or []) ++ [ self.setuptools ];
|
|
});
|
|
pydantic-core = assert assertVersion super.pydantic-core "2.6.3"; super.pydantic-core.overridePythonAttrs (old: {
|
|
cargoDeps = pkgs.rustPlatform.importCargoLock {
|
|
lockFile = ./Cargo.pydantic-core.lock;
|
|
};
|
|
nativeBuildInputs = (old.nativeBuildInputs or []) ++ [
|
|
pkgs.cargo
|
|
pkgs.rustPlatform.cargoSetupHook
|
|
pkgs.rustPlatform.maturinBuildHook
|
|
pkgs.rustc
|
|
self.typing-extensions
|
|
];
|
|
propagatedBuildInputs = (old.propagatedBuildInputs or []) ++ [ self.typing-extensions ];
|
|
});
|
|
rpds-py = assert assertVersion super.rpds-py "0.10.0"; super.rpds-py.overridePythonAttrs (old: {
|
|
cargoDeps = pkgs.rustPlatform.importCargoLock {
|
|
lockFile = ./Cargo.rpds-py.lock;
|
|
};
|
|
nativeBuildInputs = (old.nativeBuildInputs or []) ++ [
|
|
pkgs.cargo
|
|
pkgs.rustPlatform.cargoSetupHook
|
|
pkgs.rustPlatform.maturinBuildHook
|
|
pkgs.rustc
|
|
];
|
|
});
|
|
#annotated-types = assert assertVersion super.annotated-types "0.5.0"; super.annotated-types.overridePythonAttrs (old: {
|
|
# nativeBuildInputs = (old.nativeBuildInputs or []) ++ [ pkgs.cargo pkgs.rustc pkgs.maturin ];
|
|
#});
|
|
annotated-types = assert assertVersion super.annotated-types "0.5.0"; super.annotated-types.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.hatchling ];
|
|
});
|
|
service-identity = assert assertVersion super.service-identity "23.1.0"; super.service-identity.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.hatchling self.hatch-vcs self.hatch-fancy-pypi-readme ];
|
|
});
|
|
twisted = assert assertVersion super.twisted "23.8.0"; super.twisted.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.hatchling self.hatch-fancy-pypi-readme self.incremental ];
|
|
});
|
|
argon2-cffi = assert assertVersion super.argon2-cffi "23.1.0"; super.argon2-cffi.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.hatchling self.hatch-vcs self.hatch-fancy-pypi-readme ];
|
|
});
|
|
referencing = assert assertVersion super.referencing "0.30.2"; super.referencing.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.hatchling self.hatch-vcs ];
|
|
});
|
|
pydantic = assert assertVersion super.pydantic "2.3.0"; super.pydantic.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.hatchling self.hatch-fancy-pypi-readme ];
|
|
});
|
|
jsonschema-specifications = assert assertVersion super.jsonschema-specifications "2023.7.1"; super.jsonschema-specifications.overridePythonAttrs (old: {
|
|
buildInputs = (old.buildInputs or []) ++ [ self.hatchling self.hatch-vcs ];
|
|
});
|
|
});
|
|
|
|
buildInputs = [ pkgs.bash ];
|
|
|
|
postInstall = ''
|
|
mkdir -p $out/share/authentik
|
|
touch $out/share/authentik/__init__.py
|
|
cp -r ${src}/schemas $out/share/authentik/schemas
|
|
cp -r ${src}/lifecycle $out/share/authentik/lifecycle
|
|
|
|
wrapProgram $out/bin/ak \
|
|
--prefix PYTHONPATH ':' "$out/share/authentik"
|
|
'';
|
|
};
|
|
in
|
|
app.dependencyEnv
|