bekkalokk/mediawiki: re-enable DeleteBatch extension

bekkalokk/mediawiki: leave togglable debug flags for future use
packages/mediawiki-extensions: use fetchgit
2026-01-10 09:28:24 +01:00 · 2024-07-08 19:56:43 +02:00 · 2024-07-08 19:55:52 +02:00 · 2024-07-08 19:54:42 +02:00 · 2024-07-08 16:55:01 +02:00 · 2024-07-04 20:41:46 +02:00
15 changed files with 136 additions and 95 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -107,15 +107,16 @@
        ]
      },
      "locked": {
-        "lastModified": 1710311999,
+        "lastModified": 1717234745,
-        "narHash": "sha256-s0pT1NyrMgeolUojXXcnXQDymN7m80GTF7itCv0ZH20=",
+        "narHash": "sha256-MFyKRdw4WQD6V3vRGbP6MYbtJhZp712zwzjW6YiOBYM=",
        "owner": "dali99",
        "repo": "nixos-matrix-modules",
-        "rev": "6c9b67974b839740e2a738958512c7a704481157",
+        "rev": "d7dc42c9bbb155c5e4aa2f0985d0df75ce978456",
        "type": "github"
      },
      "original": {
        "owner": "dali99",
        "ref": "v0.6.0",
        "repo": "nixos-matrix-modules",
        "type": "github"
      }
@@ -142,16 +143,16 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1715410392,
+        "lastModified": 1719520878,
-        "narHash": "sha256-ltp1jQps9tym0uWNl/lTniHSQngCtNIyzlymu+ZSyts=",
+        "narHash": "sha256-5BXzNOl2RVHcfS/oxaZDKOi7gVuTyWPibQG0DHd5sSc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "9f8bf7503bd85d5208575f4bd81c8b1fc999a468",
+        "rev": "a44bedbb48c367f0476e6a3a27bf28f6330faf23",
        "type": "github"
      },
      "original": {
        "id": "nixpkgs",
-        "ref": "nixos-23.11-small",
+        "ref": "nixos-24.05-small",
        "type": "indirect"
      }
    },
@@ -213,11 +214,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1716150352,
+        "lastModified": 1718404592,
-        "narHash": "sha256-c13lzYbLmbrcbEdPTYZYtlX2Qsz1W+2sLsIMGShPgwo=",
+        "narHash": "sha256-Ud8pD0mxmbfvwBXKy2q3Yp8r1EofaTcodZtI3fbnfDY=",
        "ref": "refs/heads/master",
-        "rev": "2cab4df4b119e08a1f90ea1c944652cd78b4d478",
+        "rev": "6e4a79ed3ddae8dfc80eb8af1789985d07bcf297",
-        "revCount": 459,
+        "revCount": 463,
        "type": "git",
        "url": "https://git.pvv.ntnu.no/Projects/nettsiden.git"
      },
--- a/flake.nix
+++ b/flake.nix
@@ -2,7 +2,7 @@
  description = "PVV System flake";
  inputs = {
-    nixpkgs.url = "nixpkgs/nixos-23.11-small";
+    nixpkgs.url = "nixpkgs/nixos-24.05-small";
    nixpkgs-unstable.url = "nixpkgs/nixos-unstable-small";
    sops-nix.url = "github:Mic92/sops-nix";
@@ -17,7 +17,7 @@
    pvv-calendar-bot.url = "git+https://git.pvv.ntnu.no/Projects/calendar-bot.git";
    pvv-calendar-bot.inputs.nixpkgs.follows = "nixpkgs";
-    matrix-next.url = "github:dali99/nixos-matrix-modules";
+    matrix-next.url = "github:dali99/nixos-matrix-modules/v0.6.0";
    matrix-next.inputs.nixpkgs.follows = "nixpkgs";
    nix-gitea-themes.url = "git+https://git.pvv.ntnu.no/oysteikt/nix-gitea-themes.git";
--- a/hosts/bekkalokk/services/gitea/default.nix
+++ b/hosts/bekkalokk/services/gitea/default.nix
@@ -1,4 +1,4 @@
-{ config, values, pkgs, ... }:
+{ config, values, pkgs, lib, ... }:
 let
  cfg = config.services.gitea;
  domain = "git.pvv.ntnu.no";
@@ -22,19 +22,19 @@ in {
  services.gitea = {
    enable = true;
    stateDir = "/data/gitea";
    appName = "PVV Git";
    database = {
      type = "postgres";
      host = "postgres.pvv.ntnu.no";
-      port = config.services.postgresql.port;
+      port = config.services.postgresql.settings.port;
      passwordFile = config.sops.secrets."gitea/database".path;
      createDatabase = false;
    };
    mailerPasswordFile = config.sops.secrets."gitea/email-password".path;
    # https://docs.gitea.com/administration/config-cheat-sheet
    settings = {
      server = {
        DOMAIN   = domain;
@@ -42,6 +42,7 @@ in {
        PROTOCOL = "http+unix";
        SSH_PORT = sshPort;
        START_SSH_SERVER = true;
        START_LFS_SERVER = true;
      };
      mailer = {
        ENABLED = true;
@@ -50,11 +51,45 @@ in {
        SMTP_ADDR = "smtp.pvv.ntnu.no";
        SMTP_PORT = 587;
        USER = "gitea@pvv.ntnu.no";
        SUBJECT_PREFIX = "[pvv-git]";
      };
      indexer.REPO_INDEXER_ENABLED = true;
-      service.DISABLE_REGISTRATION = true;
+      service = {
        DISABLE_REGISTRATION = true;
        ENABLE_NOTIFY_MAIL = true;
      };
      session.COOKIE_SECURE = true;
      database.LOG_SQL = false;
      repository = {
        PREFERRED_LICENSES = lib.concatStringsSep "," [
          "AGPL-3.0-only"
          "AGPL-3.0-or-later"
          "Apache-2.0"
          "BSD-3-Clause"
          "CC-BY-4.0"
          "CC-BY-NC-4.0"
          "CC-BY-NC-ND-4.0"
          "CC-BY-NC-SA-4.0"
          "CC-BY-ND-4.0"
          "CC-BY-SA-4.0"
          "CC0-1.0"
          "GPL-2.0-only"
          "GPL-3.0-only"
          "GPL-3.0-or-later"
          "LGPL-3.0-linking-exception"
          "LGPL-3.0-only"
          "LGPL-3.0-or-later"
          "MIT"
          "MPL-2.0"
          "Unlicense"
        ];
        DEFAULT_REPO_UNITS = lib.concatStringsSep "," [
          "repo.code"
          "repo.issues"
          "repo.pulls"
          "repo.releases"
        ];
      };
      picture = {
        DISABLE_GRAVATAR = true;
        ENABLE_FEDERATED_AVATAR = false;
@@ -99,9 +134,9 @@ in {
      logo-svg = ../../../../assets/logo_blue_regular.svg;
      logo-png = ../../../../assets/logo_blue_regular.png;
    in ''
-      install -Dm444 ${logo-svg} ${cfg.customDir}/public/img/logo.svg
+      install -Dm444 ${logo-svg} ${cfg.customDir}/public/assets/img/logo.svg
-      install -Dm444 ${logo-png} ${cfg.customDir}/public/img/logo.png
+      install -Dm444 ${logo-png} ${cfg.customDir}/public/assets/img/logo.png
-      install -Dm444 ${./loading.apng} ${cfg.customDir}/public/img/loading.png
+      install -Dm444 ${./loading.apng} ${cfg.customDir}/public/assets/img/loading.png
    '';
  };
 }
--- a/hosts/bekkalokk/services/kerberos/default.nix
+++ b/hosts/bekkalokk/services/kerberos/default.nix
@@ -1,18 +1,5 @@
 { config, pkgs, lib, ... }:
 {
  #######################
  # TODO: remove these once nixos 24.05 gets released
  #######################
  imports = [
    ./krb5.nix
    ./pam.nix
  ];
  disabledModules = [
    "config/krb5/default.nix"
    "security/pam.nix"
  ];
  #######################
  security.krb5 = {
    enable = true;
    settings = {
--- a/hosts/bekkalokk/services/mediawiki/default.nix
+++ b/hosts/bekkalokk/services/mediawiki/default.nix
@@ -86,8 +86,7 @@ in {
    };
    extensions = {
-      #inherit (pkgs.mediawiki-extensions) DeleteBatch UserMerge PluggableAuth SimpleSAMLphp VisualEditor;
+      inherit (pkgs.mediawiki-extensions) DeleteBatch UserMerge PluggableAuth SimpleSAMLphp VisualEditor;
      inherit (pkgs.mediawiki-extensions) UserMerge PluggableAuth SimpleSAMLphp VisualEditor;
    };
    extraConfig = ''
@@ -121,7 +120,6 @@ in {
      # Misc
      $wgEmergencyContact = "${cfg.passwordSender}";
      $wgShowIPinHeader = false;
      $wgUseTeX = false;
      $wgLocalInterwiki = $wgSitename;
@@ -137,6 +135,10 @@ in {
        ]
      ];
      # Debugging
      $wgShowExceptionDetails = false;
      $wgShowIPinHeader = false;
      # Fix https://github.com/NixOS/nixpkgs/issues/183097
      $wgDBserver = "${toString cfg.database.host}";
    '';
--- a/hosts/buskerud/configuration.nix
+++ b/hosts/buskerud/configuration.nix
@@ -4,6 +4,8 @@
    ./hardware-configuration.nix
    ../../base.nix
    ../../misc/metrics-exporters.nix
    ./services/libvirt.nix
  ];
  # buskerud does not support efi?
--- a/hosts/buskerud/services/libvirt.nix
+++ b/hosts/buskerud/services/libvirt.nix
@@ -0,0 +1,10 @@
 { config, pkgs, lib, ... }:
 {
  virtualisation.libvirtd.enable = true;
  programs.dconf.enable = true;
  boot.kernelModules = [ "kvm-intel" ];
  # On a gui-enabled machine, connect with:
  # $ virt-manager --connect "qemu+ssh://buskerud/system?socket=/var/run/libvirt/libvirt-sock"
 }
--- a/hosts/ildkule/services/monitoring/loki.nix
+++ b/hosts/ildkule/services/monitoring/loki.nix
@@ -50,7 +50,6 @@ in {
        boltdb_shipper = {
          active_index_directory = "/var/lib/loki/boltdb-shipper-index";
          cache_location = "/var/lib/loki/boltdb-shipper-cache";
          shared_store = "filesystem";
          cache_ttl = "24h";
        };
        filesystem = {
@@ -59,14 +58,13 @@ in {
      };
      limits_config = {
-        enforce_metric_name = false;
+	allow_structured_metadata = false;
        reject_old_samples = true;
        reject_old_samples_max_age = "72h";
      };
      compactor = {
        working_directory = "/var/lib/loki/compactor";
        shared_store = "filesystem";
      };
      # ruler = {
--- a/packages/mediawiki-extensions/delete-batch/default.nix
+++ b/packages/mediawiki-extensions/delete-batch/default.nix
@@ -1,13 +1,14 @@
-{ fetchzip }:
+{ fetchgit }:
 let
-  commit = "a53af3b8269ed19ede3cf1fa811e7ec8cb00af92";
+  commit = "cad869fbd95637902673f744581b29e0f3e3f61a";
-  project-name = "UserMerge";
+  project-name = "DeleteBatch";
  tracking-branch = "REL1_41";
 in
-fetchzip {
+(fetchgit {
-  name = "mediawiki-delete-batch";
+  name = "mediawiki-delete-batch-source";
-  url = "https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions/${project-name}/+archive/${commit}.tar.gz";
+  url = "https://gerrit.wikimedia.org/r/mediawiki/extensions/${project-name}";
-  hash = "sha256-0ofCZhhv4aVTGq469Fdu7k0oVQu3kG3HFa8zaBbUr/M=";
+  rev = "refs/heads/${tracking-branch}";
-  stripRoot = false;
+  hash = "sha256-M1ek1WdO1/uTjeYlrk3Tz+nlb/fFZH+O0Ok7b10iKak=";
 }).overrideAttrs (_: {
  passthru = { inherit project-name tracking-branch; };
-}
+})
--- a/packages/mediawiki-extensions/pluggable-auth/default.nix
+++ b/packages/mediawiki-extensions/pluggable-auth/default.nix
@@ -1,13 +1,14 @@
-{ fetchzip }:
+{ fetchgit }:
 let
-  commit = "d5b3ad8f03b65d3746e025cdd7fe3254ad6e4026";
+  commit = "4111a57c34e25bde579cce5d14ea094021e450c8";
  project-name = "PluggableAuth";
  tracking-branch = "REL1_41";
 in
-fetchzip {
+(fetchgit {
  name = "mediawiki-pluggable-auth-source";
-  url = "https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions/${project-name}/+archive/${commit}.tar.gz";
+  url = "https://gerrit.wikimedia.org/r/mediawiki/extensions/${project-name}";
-  hash = "sha256-mLepavgeaNUGYxrrCKVpybGO2ecjc3B5IU8q+gZTx2U=";
+  rev = "refs/heads/${tracking-branch}";
-  stripRoot = false;
+  hash = "sha256-aPtN8A9gDxLlq2+EloRZBO0DfHtE0E5kbV/adk82jvM=";
 }).overrideAttrs (_: {
  passthru = { inherit project-name tracking-branch; };
-}
+})
--- a/packages/mediawiki-extensions/simple-saml-php/default.nix
+++ b/packages/mediawiki-extensions/simple-saml-php/default.nix
@@ -1,13 +1,14 @@
-{ fetchzip }:
+{ fetchgit }:
 let
-  commit = "9ae0678d77a9175285a1cfadd5adf28379dbdb3d";
+  commit = "ecb47191fecd1e0dc4c9d8b90a9118e393d82c23";
  project-name = "SimpleSAMLphp";
  tracking-branch = "REL1_41";
 in
-fetchzip {
+(fetchgit {
  name = "mediawiki-simple-saml-php-source";
-  url = "https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions/${project-name}/+archive/${commit}.tar.gz";
+  url = "https://gerrit.wikimedia.org/r/mediawiki/extensions/${project-name}";
-  hash = "sha256-s6Uw1fNzGBF0HEMl0LIRLhJkOHugrCE0aTnqawYi/pE=";
+  rev = "refs/heads/${tracking-branch}";
-  stripRoot = false;
+  hash = "sha256-gKu+O49XrAVt6hXdt36Ru7snjsKX6g2CYJ0kk/d+CI8=";
 }).overrideAttrs (_: {
  passthru = { inherit project-name tracking-branch; };
-}
+})
--- a/packages/mediawiki-extensions/update-mediawiki-extensions.py
+++ b/packages/mediawiki-extensions/update-mediawiki-extensions.py
@@ -1,5 +1,5 @@
 #!/usr/bin/env nix-shell
-#!nix-shell -i python3 -p "python3.withPackages(ps: with ps; [ beautifulsoup4 requests ])"
+#!nix-shell -i python3 -p "python3.withPackages(ps: with ps; [ beautifulsoup4 requests ])" nix-prefetch-git
 import os
 from pathlib import Path
@@ -8,11 +8,13 @@ import subprocess
 from collections import defaultdict
 from pprint import pprint
 from dataclasses import dataclass
 import json
 import bs4
 import requests
-BASE_URL = "https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions"
+BASE_WEB_URL = "https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions"
 BASE_GIT_URL = "https://gerrit.wikimedia.org/r/mediawiki/extensions/"
@dataclass
 class PluginMetadata:
@@ -45,26 +47,21 @@ def get_metadata(file_content: str) -> dict[str,str] | None:
 def get_newest_commit(project_name: str, tracking_branch: str) -> str:
-    content = requests.get(f"{BASE_URL}/{project_name}/+log/refs/heads/{tracking_branch}/").text
+    content = requests.get(f"{BASE_WEB_URL}/{project_name}/+log/refs/heads/{tracking_branch}/").text
    soup = bs4.BeautifulSoup(content, features="html.parser")
    a = soup.find('li').findChild('a')
    commit_sha = a['href'].split('/')[-1]
    return commit_sha
-def get_nix_hash(tar_gz_url: str) -> str:
+def get_nix_hash(url: str, commit: str) -> str:
    out, err = subprocess.Popen(
-        ["nix-prefetch-url", "--unpack", "--type", "sha256", tar_gz_url],
+        ["nix-prefetch-git", "--url", url, "--rev", commit, "--fetch-submodules", "--quiet"],
        stdout=subprocess.PIPE,
        stderr=subprocess.PIPE
    ).communicate()
    out, err = subprocess.Popen(
        ["nix", "hash", "to-sri", "--type", "sha256", out.decode().strip()],
        stdout=subprocess.PIPE,
        stderr=subprocess.PIPE
    ).communicate()
-    return out.decode().strip()
+    return json.loads(out.decode().strip())['hash']
 def set_commit_and_hash(file_content: str, commit: str, sha256: str) -> str:
@@ -79,16 +76,16 @@ def update(package_file: Path) -> None:
    metadata = get_metadata(file_content)
    if metadata is None:
        print(f"ERROR: could not find metadata for {package_file}")
        return
    if metadata.commit == "":
        metadata.commit = "<none>"
    new_commit = get_newest_commit(metadata.project_name, metadata.tracking_branch)
-    if new_commit == metadata.commit:
+    new_hash = get_nix_hash(f"{BASE_GIT_URL}/{metadata.project_name}", new_commit)
-        return
+    if new_hash is None or new_hash == "":
-
+        print(f"ERROR: could not fetch hash for {metadata.project_name}")
-    new_url = f"{BASE_URL}/{metadata.project_name}/+archive/{new_commit}.tar.gz"
+        exit(1)
    new_hash = get_nix_hash(new_url)
    print(f"Updating {metadata.project_name}: {metadata.commit} -> {new_commit}")
--- a/packages/mediawiki-extensions/user-merge/default.nix
+++ b/packages/mediawiki-extensions/user-merge/default.nix
@@ -1,13 +1,14 @@
-{ fetchzip }:
+{ fetchgit }:
 let
-  commit = "a53af3b8269ed19ede3cf1fa811e7ec8cb00af92";
+  commit = "c17c919bdb9b67bb69f80df43e9ee9d33b1ecf1b";
  project-name = "UserMerge";
  tracking-branch = "REL1_41";
 in
-fetchzip {
+(fetchgit {
  name = "mediawiki-user-merge-source";
-  url = "https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions/${project-name}/+archive/${commit}.tar.gz";
+  url = "https://gerrit.wikimedia.org/r/mediawiki/extensions/${project-name}";
-  hash = "sha256-0ofCZhhv4aVTGq469Fdu7k0oVQu3kG3HFa8zaBbUr/M=";
+  rev = "refs/heads/${tracking-branch}";
-  stripRoot = false;
+  hash = "sha256-+mkzTCo8RVlGoFyfCrSb5YMh4J6Pbi1PZLFu5ps8bWY=";
 }).overrideAttrs (_: {
  passthru = { inherit project-name tracking-branch; };
-}
+})
--- a/packages/mediawiki-extensions/visual-editor/default.nix
+++ b/packages/mediawiki-extensions/visual-editor/default.nix
@@ -1,13 +1,14 @@
-{ fetchzip }:
+{ fetchgit }:
 let
-  commit = "bb92d4b0bb81cebd73a3dbabfb497213dac349f2";
+  commit = "170d19aad1f28dc6bd3f98ee277680cabba9db0c";
  project-name = "VisualEditor";
-  tracking-branch = "REL1_40";
+  tracking-branch = "REL1_41";
 in
-fetchzip {
+(fetchgit {
  name = "mediawiki-visual-editor-source";
-  url = "https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/extensions/${project-name}/+archive/${commit}.tar.gz";
+  url = "https://gerrit.wikimedia.org/r/mediawiki/extensions/${project-name}";
-  hash = "sha256-lShpSoR+NLfdd5i7soM6J40pq+MzCMG0M1tSYsS+jAg=";
+  rev = "refs/heads/${tracking-branch}";
-  stripRoot = false;
+  hash = "sha256-5WVlO/OEk4eln5j/w4Tu/MXSmlvjIn7l6H+OTPaV+t4=";
 }).overrideAttrs (_: {
  passthru = { inherit project-name tracking-branch; };
-}
+})
--- a/users/felixalb.nix
+++ b/users/felixalb.nix
@@ -1,8 +1,12 @@
-{ pkgs, ... }:
+{ pkgs, lib, config, ... }:
 {
  users.users.felixalb = {
    isNormalUser = true;
-    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+    extraGroups = [
      "wheel"
    ] ++ lib.optionals ( config.users.groups ? "libvirtd" ) [
      "libvirtd"
    ];
    shell = pkgs.zsh;
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDKzPICGew7uN0cmvRmbwkwTCodTBUgEhkoftQnZuO4Q felixalbrigtsen@gmail.com"
Author	SHA1	Message	Date
Øystein Tveit	1591fdb7cc	bekkalokk/mediawiki: re-enable DeleteBatch extension	2024-07-08 19:56:43 +02:00
Øystein Tveit	ed28ba28f3	bekkalokk/mediawiki: leave togglable debug flags for future use	2024-07-08 19:55:52 +02:00
Øystein Tveit	52b46667b1	packages/mediawiki-extensions: use fetchgit	2024-07-08 19:54:42 +02:00
Øystein Tveit	d0f63b2fc8	packages/mediawiki-extensions: bump all	2024-07-08 16:55:01 +02:00
h7x4	0301691b1c	gitea: enable notification mails	2024-07-04 20:41:46 +02:00
h7x4	946555e408	gitea: add subject prefix to mail	2024-07-04 20:36:44 +02:00
h7x4	e02062417a	gitea: move state back to /var/lib	2024-07-04 20:31:51 +02:00
h7x4	b2806d78af	gitea: enable lfs	2024-07-04 20:30:55 +02:00
h7x4	de2c7ea6f1	gitea: install custom images to correct dir	2024-07-04 20:29:50 +02:00
Felix Albrigtsen	106081c967	Merge pull request 'all: Update to nixos-24.05' (!43 ) from 24.05-for-real into main Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/43	2024-06-30 01:55:41 +02:00
Felix Albrigtsen	ca2deed668	WIP: all: Update to nixos-24.05	2024-06-30 01:55:25 +02:00
Oystein Kristoffer Tveit	bb2f7899db	Merge pull request 'bekkalokk/gitea: set default licenses and repo units' (!44 ) from gitea-set-misc-repo-settings into main Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/44	2024-06-29 23:16:17 +02:00
h7x4	c2b35a7ae4	bekkalokk/gitea: set default licenses and repo units	2024-06-29 23:14:41 +02:00
Felix Albrigtsen	c88c3f87e0	buskerud: add libvirtd	2024-06-22 17:36:30 +02:00
Felix Albrigtsen	c5bad75edc	bekkalokk/nettsiden: Update nettsiden to disable recurring events	2024-06-19 22:15:36 +02:00