let common = import ./common.nix; pkgs = import common.pkgsSrc {}; nodejs = pkgs.${common.nodejs}; bower = (pkgs.buildBowerComponents { name = "cryptpad-${common.cryptpadVersion}-bower"; generated = ./nix.lock/bower.nix; src = common.cryptpadSrc; }).overrideAttrs (old: { bowerPackages = old.bowerPackages.override (old_: { # add missing dependencies: # Those dependencies are EOL and they are not installed by buildBowerComponents, # but they are required, otherwise the resolver crashes. # * add the second jquery ~2.1.0 entry # * add the second bootstrap ~3.1.1 entry paths = old_.paths ++ [ (pkgs.fetchbower "jquery" "2.1.0" "~2.1.0" "02kwvz93vzpv10qnp7s0dz3al0jh77awwrizb6wadsvgifxssnlr") (pkgs.fetchbower "bootstrap" "3.1.1" "~3.1.1" "06bhjwa8p7mzbpr3jkgydd804z1nwrkdql66h7jkfml99psv9811") ]; }); }); npm = import ./nix.lock/npm.nix { inherit pkgs; }; in pkgs.stdenv.mkDerivation { name = "cryptpad-${common.cryptpadVersion}"; src = common.cryptpadSrc; buildPhase = '' cp -r ${npm.nodeDependencies}/lib/node_modules node_modules chmod +w -R node_modules # clear executable files inside the node_modules folder to reduce dependencies # and attack surface find node_modules -type f ! -path 'node_modules/gar/*' -executable -print | tee >(xargs -n 20 rm) # Remove only office that IS BIG # COMMENTED as it is not as easy as planned. # rm -rf www/common/onlyoffice ''; installPhase = '' mkdir -p $out/{bin,opt} out_cryptpad=$out/opt/ # copy the source code cp -r .bowerrc bower.json package.json package-lock.json customize.dist lib server.js www $out_cryptpad # mount node_modules cp -r node_modules $out_cryptpad/node_modules # patch substituteInPlace $out_cryptpad/lib/workers/index.js --replace "lib/workers/db-worker" "$out_cryptpad/lib/workers/db-worker" # mount bower, based on the .bowerrc file at the git repo root cp -r ${bower}/bower_components $out_cryptpad/www/ # cryptpad is bugged with absolute path, this is a workaround to use absolute path as relative path ln -s / $out_cryptpad/root # start script, cryptpad is lost if its working directory is not its source directory cat > $out/bin/cryptpad <<EOF #!${pkgs.stdenv.shell} cd $out_cryptpad exec ${nodejs}/bin/node server.js EOF chmod +x $out/bin/cryptpad ''; dontFixup = true; }