From 65adfc5c9a8274f9a678d1d1f11733bce7ca1c3c Mon Sep 17 00:00:00 2001 From: Alexander Braverman Masis Date: Thu, 8 May 2025 14:40:04 -0400 Subject: [PATCH] flake.nix Package Sourcebot with Nix, NixOS module for deployment, integration test and microvm. --- docs/docs/deployment-guide.mdx | 209 ++++++++++++++++++++++++++++ flake.lock | 133 ++++++++++++++++++ flake.nix | 89 ++++++++++++ nix/microvm.nix | 64 +++++++++ nix/missing-hashes.json | 205 ++++++++++++++++++++++++++++ nix/nixosModule.nix | 241 +++++++++++++++++++++++++++++++++ nix/nixosTest.nix | 31 +++++ nix/overlay.nix | 12 ++ nix/sourcebot.nix | 148 ++++++++++++++++++++ 9 files changed, 1132 insertions(+) create mode 100644 docs/docs/deployment-guide.mdx create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 nix/microvm.nix create mode 100644 nix/missing-hashes.json create mode 100644 nix/nixosModule.nix create mode 100644 nix/nixosTest.nix create mode 100644 nix/overlay.nix create mode 100644 nix/sourcebot.nix diff --git a/docs/docs/deployment-guide.mdx b/docs/docs/deployment-guide.mdx new file mode 100644 index 000000000..bd1c10f83 --- /dev/null +++ b/docs/docs/deployment-guide.mdx @@ -0,0 +1,209 @@ +--- +title: "Deployment guide" +--- + +import SupportedPlatforms from '/snippets/platform-support.mdx' + +## Container deployment + +The following guide will walk you through the steps to deploy Sourcebot on your own infrastructure. Sourcebot is distributed as a [single docker container](/docs/overview#architecture) that can be deployed to a k8s cluster, a VM, or any platform that supports docker. + + +Hit an issue? Please let us know on [GitHub](https://github.com/sourcebot-dev/sourcebot/issues/new/choose) or by [emailing us](mailto:team@sourcebot.dev). + + + + - Docker -> use [Docker Desktop](https://www.docker.com/products/docker-desktop/) on Mac or Windows. + + + Create a `config.json` file that tells Sourcebot which repositories to sync and index: + + ```bash wrap icon="terminal" Create example config + touch config.json + echo '{ + "$schema": "https://raw.githubusercontent.com/sourcebot-dev/sourcebot/main/schemas/v3/index.json", + "connections": { + // comments are supported + "starter-connection": { + "type": "github", + "repos": [ + "sourcebot-dev/sourcebot" + ] + } + } + }' > config.json + ``` + + This config creates a single GitHub connection named `starter-connection` that specifies [Sourcebot](https://github.com/sourcebot-dev/sourcebot) as a repo to sync. [Learn more about the config file](/docs/configuration/config-file). + + + + If you're deploying Sourcebot behind a domain, you must set the [AUTH_URL](/docs/configuration/environment-variables) environment variable. + + + In the same directory as `config.json`, run the following command to start your instance: + + ``` bash icon="terminal" Start the Sourcebot container + docker run \ + -p 3000:3000 \ + --pull=always \ + --rm \ + -v $(pwd):/data \ + -e CONFIG_PATH=/data/config.json \ + --name sourcebot \ + ghcr.io/sourcebot-dev/sourcebot:latest + ``` + + + **This command**: + - pulls the latest version of the `sourcebot` docker image. + - mounts the working directory to `/data` in the container to allow Sourcebot to persist data across restarts, and to access the `config.json`. In your local directory, you should see a `.sourcebot` folder created that contains all persistent data. + - runs any pending database migrations. + - starts up all services, including the webserver exposed on port 3000. + - reads `config.json` and starts syncing. + + + + + + Navigate to `http://localhost:3000` and complete the onboarding flow. + + + + You're all set! If you'd like to setup [Ask Sourcebot](/docs/features/ask/overview), configure a language model [provider](/docs/configuration/language-model-providers). + + + + +## NixOS deployment + +Hit an issue? Please let us know on [GitHub discussions](https://github.com/sourcebot-dev/sourcebot/discussions/categories/support) or by [emailing us](mailto:team@sourcebot.dev). + + + + Add the Sourcebot flake as an input to your NixOS configuration. This will allow you to use the Sourcebot container in your NixOS deployment. + + ```nix wrap icon="code" Add flake input + inputs.sourcebot.url = "github:sourcebot-dev/sourcebot"; + ``` + + Add sourcebot module to your NixOS configuration: + + ```nix wrap icon="code" Add module to configuration + nixosConfigurations.mysystem = nixpkgs.lib.nixosSystem { + modules = [ + inputs.sourcebot.nixosModules.sourcebot + ]; + } + ``` + [Learn more about NixOS flakes](https://nixos.wiki/wiki/Flakes). + + + Sourcebot requires a few secrets to be set up before it can run, and code host credentials can be managed using NixOS module too: + + - [sops-nix](https://github.com/Mic92/sops-nix) example: + + ```nix wrap icon="code" sops-nix configuration + sops = { + secrets = { + sourcebot-auth-secret.owner = "sourcebot"; + sourcebot-encryption-key.owner = "sourcebot"; + sourcebot-gitlab-token.owner = "sourcebot"; + }; + templates = { + sourcebot-env = { + content = '' + AUTH_SECRET=${config.sops.placeholder.sourcebot-auth-secret} + SOURCEBOT_ENCRYPTION_KEY=${config.sops.placeholder.sourcebot-encryption-key} + GITLAB_EXAMPLE_TOKEN=${config.sops.placeholder.sourcebot-gitlab-token} + ''; + }; + }; + }; + ``` + + - [agenix](https://github.com/ryantm/agenix) example: + + ```nix wrap icon="code" agenix configuration + age.secrets.sourcebot-env.file = ../secrets/sourcebot.age; + ``` + + `sourcebot.age` file should be an environment file in the format: + + ```bash wrap icon="terminal" Environment file format + AUTH_SECRET=your-auth-secret + SOURCEBOT_ENCRYPTION_KEY=your-encryption-key + GITLAB_EXAMPLE_TOKEN=your-gitlab-token + ``` + + + The following NixOS configuration will enable Sourcebot and set it up to run with the provided configuration. + Additional options could be found in the [source file](https://github.com/sourcebot-dev/sourcebot/blob/main/nix/nixosModule.nix). + + ```nix wrap icon="code" Enable Sourcebot service + services.sourcebot = { + enable = true; + # envFile = config.sops.templates.sourcebot-env.path; # Uncomment if using sops-nix + # envFile = config.age.secrets.sourcebot-env.path; # Uncomment if using agenix + package = pkgs.sourcebot; + logLevel = "info"; + dataDir = "/data/sourcebot"; + dataCacheDir = "/data/sourcebot/cache"; + configPath = "${pkgs.writeText "config" (builtins.toJSON { + "$schema" = "https://raw.githubusercontent.com/sourcebot-dev/sourcebot/main/schemas/v3/index.json"; + connections = { + github-public = { + type = "github"; + repos = [ + "sourcebot-dev/sourcebot" + ]; + }; + gitlab-private = { + type = "gitlab"; + url = "https://gitlab.example.com"; + all = true; + token = { + env = "GITLAB_EXAMPLE_TOKEN"; + }; + exclude = { + forks = true; + }; + }; + }; + settings = { + resyncConnectionIntervalMs = 1000 * 60 * 60 * 24 * 7; # 1 week + reindexIntervalMs = 1000 * 60 * 60 * 24 * 7; # 1 week + maxRepoIndexingJobConcurrency = 1000; # 8 default + maxConnectionSyncJobConcurrency = 1000; # 8 default + maxRepoGarbageCollectionJobConcurrency = 1000; # 8 default + }; + })}"; + }; + ``` + + + + Navigate to `http://localhost:7734` and complete the onboarding flow. + + + + You're all set! If you'd like to setup [Ask Sourcebot](/docs/features/ask/overview), configure a language model [provider](/docs/configuration/language-model-providers). + + + + + +## Next steps +--- + + + + Learn how to index your code using Sourcebot + + + Learn how to configure language model providers to start using [Ask Sourcebot](/docs/features/ask/overview) + + + Learn more about how to setup SSO, email codes, and other authentication providers. + + \ No newline at end of file diff --git a/flake.lock b/flake.lock new file mode 100644 index 000000000..279259c40 --- /dev/null +++ b/flake.lock @@ -0,0 +1,133 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "microvm": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "nixpkgs" + ], + "spectrum": "spectrum" + }, + "locked": { + "lastModified": 1747859546, + "narHash": "sha256-tDu6JFzM86y5L2eLAkkw5Aklzz0DwfohtcxRXw+fCHA=", + "owner": "astro", + "repo": "microvm.nix", + "rev": "91ba136db1a3dd73168639c185fa802eb1157ec1", + "type": "github" + }, + "original": { + "owner": "astro", + "repo": "microvm.nix", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1747179050, + "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "microvm": "microvm", + "nixpkgs": "nixpkgs" + } + }, + "spectrum": { + "flake": false, + "locked": { + "lastModified": 1746869549, + "narHash": "sha256-BKZ/yZO/qeLKh9YqVkKB6wJiDQJAZNN5rk5NsMImsWs=", + "ref": "refs/heads/main", + "rev": "d927e78530892ec8ed389e8fae5f38abee00ad87", + "revCount": 862, + "type": "git", + "url": "https://spectrum-os.org/git/spectrum" + }, + "original": { + "type": "git", + "url": "https://spectrum-os.org/git/spectrum" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 000000000..569c3d2d4 --- /dev/null +++ b/flake.nix @@ -0,0 +1,89 @@ +{ + description = "SourceBot - Code search and navigation tool"; + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + flake-utils.url = "github:numtide/flake-utils"; + microvm.url = "github:astro/microvm.nix"; + microvm.inputs.nixpkgs.follows = "nixpkgs"; + }; + outputs = { + self, + nixpkgs, + flake-utils, + microvm, + }: + flake-utils.lib.eachSystemPassThrough ["x86_64-linux"] (system: { + nixosModules = rec { + default = sourcebot; + sourcebot = import ./nix/nixosModule.nix self; + }; + + nixosConfigurations.testing = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + ({ + pkgs, + lib, + ... + }: { + imports = [ + self.nixosModules.sourcebot + ]; + system.stateVersion = "25.05"; + boot.isContainer = true; # stop nix flake check complaining about missing root fs + documentation.nixos.enable = false; # skip generating nixos docs + virtualisation.vmVariant = { + boot.isContainer = lib.mkForce false; # let vm variant create a virtual disk + virtualisation.graphics = false; # connect serial console to terminal + }; + }) + ]; + }; + + overlays.default = import ./nix/overlay.nix; + }) + // flake-utils.lib.eachSystem ["x86_64-linux"] ( + system: let + pkgs = import nixpkgs { + inherit system; + overlays = [self.overlays.default]; + }; + sourcebotSystem = nixpkgs.lib.nixosSystem { + inherit system pkgs; + modules = [ + microvm.nixosModules.microvm + self.nixosModules.sourcebot + ./nix/microvm.nix + ]; + }; + in { + packages = rec { + default = sourcebot; + sourcebot = pkgs.callPackage ./nix/sourcebot.nix {}; + microvm = sourcebotSystem.config.microvm.declaredRunner; + }; + + checks.default = pkgs.callPackage ./nix/nixosTest.nix {inherit self;}; + + devShells.default = pkgs.mkShell { + packages = with pkgs; [ + yarn-berry + yarn-berry.yarn-berry-fetcher + openssl + yarn + bun + redis + jq + ]; + buildInputs = with pkgs; [ + nodePackages.prisma + ]; + YARN_ENABLE_SCRIPTS = "false"; + PRISMA_SCHEMA_ENGINE_BINARY = "${pkgs.prisma-engines}/bin/schema-engine"; + PRISMA_QUERY_ENGINE_BINARY = "${pkgs.prisma-engines}/bin/query-engine"; + PRISMA_QUERY_ENGINE_LIBRARY = "${pkgs.prisma-engines}/lib/libquery_engine.node"; + PRISMA_FMT_BINARY = "${pkgs.prisma-engines}/bin/prisma-fmt"; + }; + } + ); +} diff --git a/nix/microvm.nix b/nix/microvm.nix new file mode 100644 index 000000000..4dfc01f35 --- /dev/null +++ b/nix/microvm.nix @@ -0,0 +1,64 @@ +{ + pkgs, + lib, + ... +}: { + microvm = { + mem = 1024; + + interfaces = [ + { + type = "user"; + id = "sourcebot"; + mac = "02:00:00:00:00:10"; + } + ]; + forwardPorts = [ + { + from = "host"; + host.port = 47734; + guest.port = 7734; + } + ]; + + shares = [ + { + tag = "ro-store"; + source = "${builtins.storeDir}"; + mountPoint = "/nix/.ro-store"; + } + ]; + volumes = [ + { + mountPoint = "/var"; + image = "sourcebot-var.img"; + size = 1 * 1024; # 1GB + } + ]; + }; + + system.stateVersion = lib.trivial.release; + + users.users.root.password = ""; + + # Enable autologin for root user + services.getty.autologinUser = "root"; + + services.sourcebot = { + enable = true; + logLevel = "debug"; + configPath = "${pkgs.writeText "config" (builtins.toJSON { + "$schema" = "https://raw.githubusercontent.com/sourcebot-dev/sourcebot/main/schemas/v3/index.json"; + connections = { + starter-connection = { + type = "github"; + repos = [ + "sourcebot-dev/sourcebot" + ]; + }; + }; + })}"; + }; + + networking.firewall.enable = false; +} diff --git a/nix/missing-hashes.json b/nix/missing-hashes.json new file mode 100644 index 000000000..b3117bdc5 --- /dev/null +++ b/nix/missing-hashes.json @@ -0,0 +1,205 @@ +{ + "@esbuild/aix-ppc64@npm:0.21.5": "1f48fea96ab4fbc2921756361bc8a0c4d0690f14dc2298a357aa3d436bcd1cd646d490e5d71c4e0fb46b9e04401bc93153d6886456dd0665b6758be643c95a16", + "@esbuild/aix-ppc64@npm:0.25.1": "6de3a364b7f79f21f66d606d4d29c72ef81c741d71ab4bb941c4eabe7b6a809b1340f4dd5c943827005e421912880741320b9617d17fce762d204cfb94175223", + "@esbuild/aix-ppc64@npm:0.25.12": "deeef1c11ce6d3dde3fc87368cf600218de18cff4cefe9888a09c39cc81177305c51c2dbccf6513c1b07795c67a11297c12014366fdeb9e51f34896020dd0210", + "@esbuild/android-arm64@npm:0.21.5": "7a4831b0886c165ed671f0094dcd491235fe503364a261379c84e2225a3c3230a06bce1d3a02316fa8a040b0ffede56c617746dc3b5550549ae3fb07095bb20d", + "@esbuild/android-arm64@npm:0.25.1": "716c98ad3220c71cbaedcfa34aa7c877a3fae911938c3776a66600d7f65980e384799a6832a1b9aea96c6d5a8880610f54744bd0813e743c511d44056ef528d6", + "@esbuild/android-arm64@npm:0.25.12": "7364b62583e0b0e0c3997d38815f462b11b85997efad33099715ede94a3bac29a80a98709e6ba902e9ced207242308d5923b249da7af2fb83b50efab4bd693fd", + "@esbuild/android-arm@npm:0.21.5": "9fa871018a9f2198f40fde2c672fcb1b9d3ab5ee602644ea4cf68c548ee2c0b6c60ad851ce85219f84886fd29757d8c49bac28ea48a2a16708a088e32dfe673a", + "@esbuild/android-arm@npm:0.25.1": "d2c9e95dd2027f6e14250a90a11136d9ce73a2157a8d104df4a9dd199d3c50cd91f25813536b4776630acb78596bd5a025976962c6d624df7594c32f2d9c1395", + "@esbuild/android-arm@npm:0.25.12": "04c9b60e0447331d7005745a7e9750987db465fd94717df62276b5dd7e13a3789db95b029f6e9f735e583b95f2f50b18f2aba1a381c8b5645156bb9d21ecacf0", + "@esbuild/android-x64@npm:0.21.5": "24e477ccdaf1437cabe8710bc052a13b975a53617094a225e39823a1c562a71ef975d860ab895c129a813302495d85387143e27068e62fc897a2ac0335e4a2f6", + "@esbuild/android-x64@npm:0.25.1": "92f1bec801b414ecdc4b73adfbb4482f4f2cfba423d33296914fa59ffdafb81facc445a7f65d1eea813c078220a0606f4be02252843bb9039ceb2755f643387c", + "@esbuild/android-x64@npm:0.25.12": "a22c5c03c55c3a12693b67f1a5de8dff7b853f79261ad1562a55b25bf91d327fd8c8899444c069a3fb68175c7df6dd0f2824ba5051927a4711f5841793cc58f2", + "@esbuild/darwin-arm64@npm:0.21.5": "67b0e4ebc870d0babb6721328f02b0e75eca5ee8f176220fa194ac5897ce76a27aa4f6d724389a74e1517670f70e766fe03c30875fdebeee5b1f7b22e99c5a1f", + "@esbuild/darwin-arm64@npm:0.25.1": "9c4cd09c0bd8479e27e04e2397edccebae928184c463684490137d2b7ea3171051b66596db229af2ad3e6a911c1c8a9d10b8aed30d11d0aa155ac0d309fd5dd6", + "@esbuild/darwin-arm64@npm:0.25.12": "5a66f6d44f2dac62341cc73956d8a1ea346e2e66f8cbdfcda9349a0b6ad01024d6c9c2ded05a9ba720c7541575c0b4be4c4ed6f62c529c13df141bb2a247f461", + "@esbuild/darwin-x64@npm:0.21.5": "a4b6df47edf4b1e91eeca9d7af18f538e25615e00763709a4cc24a8918e7ac93b9bfc2ef9f44086f16257d05ad99e23c1213a7a1397475d1a78f0a1e773af89a", + "@esbuild/darwin-x64@npm:0.25.1": "31b64c02be9438e175e8b343c52e0bbc7964f08a1b44e0adbfa2a1b229ccd0ad0184cdb8313272b4590298833ea0b197d82a909466caffe90105f8acb30402d0", + "@esbuild/darwin-x64@npm:0.25.12": "181a933b603253a3eab9173a97e619b59fb953c70309fd3e005e58ed32654c866f752edde7250e63f788bb857e13b28c710d87496479b2de894226bf5779661e", + "@esbuild/freebsd-arm64@npm:0.21.5": "a4cf357807f2ea445b5191b8e5488070b567e2b534dba24ce6f8f1a332598ee0b9ffa41b3b0e55cd0cf57e2b56f0f1d84413faba182b81cb43bf19edf58a7654", + "@esbuild/freebsd-arm64@npm:0.25.1": "e04018ffd760dd101a5931e0248751bdfca98e3f29be9b41051d55278907f52a3e5ab80c32168e208c2ff287510d6d5b765d3adc841bfd621af7930c10a547e6", + "@esbuild/freebsd-arm64@npm:0.25.12": "7a7bd7f62d7e5e4a162bea901365bef5996ac15b3b0af361ce6adb77431f95cc9b831e8f764056f2395fc09a4117fdc7d14a583af4344770ae13dc1dc030dcb4", + "@esbuild/freebsd-x64@npm:0.21.5": "8957c1345196e5dabd7d9f290b5292161f5d9955f269051fa7873118cfb5a20c31d70771ea3560b513f879d0948ba32fba915fb1b387571c4fbbb1fbeaf2dd87", + "@esbuild/freebsd-x64@npm:0.25.1": "438215bea2dc716d2c9ffe9b921bbde06e77d96ec0c837fd79f46bc6e195aa50e5f55490228f7433df7aa47810eec5c602a9d9cf956c1794778018632b196f34", + "@esbuild/freebsd-x64@npm:0.25.12": "ca5c61ab87dadadff1cd72c62c32b3dbff6e5242ee6f7f53c579e3e11aae263bd009e18a2cbd36a065d42e7b7c43e7186832584f7436646bfc25dc637fac819d", + "@esbuild/linux-arm64@npm:0.21.5": "1b95b17ed94eb977e38ea9130e677551b7cf0ccccdb3f23a9f8b59b5d67400817c2a417e4f043295bd3f67796853da2a1b1a8ca201ffe745efb40a144dfdc99c", + "@esbuild/linux-arm64@npm:0.25.1": "c839788b6db471f144bc2627a117083c9a50402c76cde2f0e5411faaeb3a5cde4972bb7336b87de67cd0a65d4d5b00759668407a03b5d4ed3130d4984837429a", + "@esbuild/linux-arm64@npm:0.25.12": "b66f73867351e0666fe00f9281bb7d8dd089d221a5cef6311826b169271b8451f5e265fb41625161a0af142641d5db1e02999aaba98dc1b8a52f4c099db07cb7", + "@esbuild/linux-arm@npm:0.21.5": "6bfcd098ada5e6117d028777e5cc58456c2f570157fa0a0dce30c9d05b8389b86f74bf6b862534bf6994d342946c98b6774e1820880fd289765864b668e94c17", + "@esbuild/linux-arm@npm:0.25.1": "ecf9fd9028d2166619b9a45161a987eebb6ef3dcb0159a2607ab164c58c26a15cf274e0b1088834c07ef9166349276d595fdad5c42bce8d03a55cb213d947efa", + "@esbuild/linux-arm@npm:0.25.12": "1ea6f003abec0177f27ee6954fcce15cecffd94aa57781e712936b6eed64d9579267bcd7612645d3b41cc7591ae411d6491c4517e3bc0de936f101e278510644", + "@esbuild/linux-ia32@npm:0.21.5": "73c249c9918f0c9a9268ffe14fe745f5e7564b309dcea213da08a5e4367ffdfc8df4b004c70f80269dce0f653a3280cfdd8bf9a7a616b5b60649e4faea6e69b5", + "@esbuild/linux-ia32@npm:0.25.1": "36f208e10a4b778a28a9002338872e52d24dfc18e25d3b41dc53892279c3ee842d76c7b608a30620f128d85344acac0dc86f203f5de7082a21fa2e908c96b68c", + "@esbuild/linux-ia32@npm:0.25.12": "df3d5ceb61b7cf4471cdba740a8ca46ae6c5a9dc6dce60440d2a62a25c36144e38b6bf301937117bb183a7b5517ee87a9735d543c785a13b1de56715e34cc7e6", + "@esbuild/linux-loong64@npm:0.21.5": "60977efe24b3b6e1461d49da07dd57c1234992b9d2e6ac7d0dedfee538321d42be25e496ffb193121d3a6c6ca6ea6722b880e95695824dcc6643a3d9426b2296", + "@esbuild/linux-loong64@npm:0.25.1": "75d95e6ee995c9f2abb202ca430685e5d58fbe9b0b5b01a69b498c9b360d309026d15bae7831de9c0c4f02e45028a92ffb169117c3b56dd1ac7ea8c6ef50628d", + "@esbuild/linux-loong64@npm:0.25.12": "b38ba56880536b6bd46467673d81a49ed41661cd217065d440a384d0b4dd1bd59dbc79d6bc81c4948959116a7bc339c1f9749412705ff2a2f7a5c1bef69e2205", + "@esbuild/linux-mips64el@npm:0.21.5": "20fb6c8f6e58f66cd4351034858b2ad85bda4144576b180979305cfabed43780a71934e9f176e476c719f14e37253b231a43d46638ad232989d5f4dd72ec6b75", + "@esbuild/linux-mips64el@npm:0.25.1": "7fc22eb8a7dc9ee743113cb327eef3591bced4753f416f8dd722794a198a053ab6e120b3b13c1bb6cc89cbd02ea502187b1a3c9ebe8187407665c78995153740", + "@esbuild/linux-mips64el@npm:0.25.12": "a8694250193ecf430fb541d1371226a922c462cafac6be65e051f13efbbdf62aa94316fc5a0805f010f60da4051517aca3bfac121b352c443803aac874024d85", + "@esbuild/linux-ppc64@npm:0.21.5": "69f2ef1d127f48bc14cec479ae1a96dbf5fea651e0a3f148486f73495d2acb91acdaa164cd80648844916f05e7f9f9665a1864dd394e7f9acf96bea70937e6b5", + "@esbuild/linux-ppc64@npm:0.25.1": "84f914a776774bf209c5f96a3708e52477e1966b689a880c0256530063bc581125b5cc04b9700f4aa892e7770ba47c5a950a4be9f1bb3ccbe60a500383602156", + "@esbuild/linux-ppc64@npm:0.25.12": "f9c2ca2a75aefa5495ce3cb4e0a4086816b083dfe7d0642afc22c2eac4ea50f1ca4d3a353b6a603fffc689f57bd17e6cc3c0fe8d5727cb2d429bbdc1db1fdd38", + "@esbuild/linux-riscv64@npm:0.21.5": "60c749d87c0f67cc67c5cc0d82aa597b7a807bc52510a16960337433bdbc8fa9f3c46eba98080106c0971e404e2250ca11c441bb4ae5b7a7d78b4095e3a70363", + "@esbuild/linux-riscv64@npm:0.25.1": "97f47cd5695686254b58f950ca973df1fcecfebf3bd585629121a65323ffaa7f95cf821392011ee069da492b46fdff771be332c699a438cf123351610e12d621", + "@esbuild/linux-riscv64@npm:0.25.12": "29bc64137de629f8210e4788cef6cc021d8b432c0b28b9df05ccca6e60b772e7d23c3c9faa5da4037c7dd1574f66fdcb71775ee14298f86a571a2556beeb11d9", + "@esbuild/linux-s390x@npm:0.21.5": "a14ff0484b962b374fd1e4662a53f8dd8999ba39fcf891f15631dfb2802c8d18893d6e366c42d28d55885e5804b7d6252c0e3cee038c241285c9b537ef12b4ae", + "@esbuild/linux-s390x@npm:0.25.1": "10760a999d432d092a8ebe5f09752ee7e8ea77a1afa5f1adfe7f9ccb5bbf77d6e0da6dce5d1a4a7cd731d89b6075723c2bc0328f446ed129c4b63c6441ba22ae", + "@esbuild/linux-s390x@npm:0.25.12": "cb32577ea8441277525a2acf888d32ef8d9ebbd7563d5d4ec9b5b387b11e9aa7d8a3f7cc3faea4524dc068a767300537aca4e127ac524030207d9745a785f30b", + "@esbuild/linux-x64@npm:0.21.5": "9e5663fcace9c8456e9934a9ed6e7428db4080024eef3bfeaf82d476120bd881382c958be2785463d6b44467b3d3f870d6cce09a9cb37bcef19afeb97814d674", + "@esbuild/linux-x64@npm:0.25.1": "4cdb1625726580eb42432878912d5480a0321559ef2c6425c1db55f89f3fe1c35fb03b3adec92c3f52a4db751d7535f23086b80ed7b219d1edbb254ffbe96e68", + "@esbuild/linux-x64@npm:0.25.12": "5364064fc64864df2ad963d21430b7dbeb1918a829e3d82f9c7cc87ffbca551e312338dc8016e3008288f85a9f181986056bbc782a52ee547d2435dd50738593", + "@esbuild/netbsd-arm64@npm:0.25.1": "f2427b094e072d2db7944b1d2a988dd9f17627976a395b941f225aec2d0565da2ea110a845eafae960af08e3eea74eb327e5eb9dbe06dc1e14f4439596c3b47c", + "@esbuild/netbsd-arm64@npm:0.25.12": "9c9e0b87fd7385604fa4a118e88ba88b36ce846174016d7c71939ba2be2de57e720e3c684ec7de52eaae17edf4f6df88442c8eb1db7e4675870b357b15bc1bd2", + "@esbuild/netbsd-x64@npm:0.21.5": "3cb6115c4557d653c7ad6d2be5b4ed7a688b14d85b7b7108a1a57dda0b2cca3f8ed13560fa6639da8788f860b75eb714a17cfb7ba8f967e93bdf40c9b3a1cde1", + "@esbuild/netbsd-x64@npm:0.25.1": "c8347ecc18b175923a3cbdaef61b64815ffe0cf2cc285f4034337c2df83e78a118ebfdf2ac3a46a8d8a19ce6a0e0605d27d11570d1758ab90074c99047b82fc0", + "@esbuild/netbsd-x64@npm:0.25.12": "148e7a91557ad0084af1478921bbb88ce3cb78a213e5b16250b34a28057d5ff5dd14483bec73edd959fdbd6daf617e2a56137596530de07592180c5777ac491b", + "@esbuild/openbsd-arm64@npm:0.25.1": "719812786b4f3ab4471a306c930ab1bf31e9d92f933ea2a34566f07d6269df5058e7d48408127daa197e6fdb21e30697303127d259b76b18936d534619a3eb15", + "@esbuild/openbsd-arm64@npm:0.25.12": "87b6070d4c63615802709e5f7c2de23d0c201186e18777200a023a1d84da1ba39bab3b0b444a468f93d4039147c333499589e9f00717d1e4a7eeb764e01082af", + "@esbuild/openbsd-x64@npm:0.21.5": "1caf0b502d6e2612ffd3e62589de2b9cd48cd742818746011d437e2d5787df4984f7c17b7a536aa20f12d04e519c859d755a7b57e6db0ed277054bd9c1036e85", + "@esbuild/openbsd-x64@npm:0.25.1": "21590cbeda028e9b9f8131c54c36bab65a5d5bd5dd4e6bd9f80438045a655e9ac634bb3535a8650b694db267fe23bd2318a59cdec2fae1ba389ed1a00cc0bbe7", + "@esbuild/openbsd-x64@npm:0.25.12": "664bfe0fc286b1850147797d7a625b33614eba656da0fa589d93956f040559a9211ebf7b68c9e90b49b898ba330f2f81daab763c596f5c84ae4183ffa8bc0c69", + "@esbuild/openharmony-arm64@npm:0.25.12": "422e2d50f8948b45342301ee4c08ea988619bd025830c1a195eb41cafb1dedb35b8441a66c679a7a82fb920e56f89fb6bff85b4c4f10d09584f437be125d8745", + "@esbuild/sunos-x64@npm:0.21.5": "676da7301c7c600bb7de2523ecf5d877128da3c125fd8136533f5be38ca15d9f800b2fbbd396ca37d44c5daa51b8124d8a4728bb18245cd2becb3191b897c45a", + "@esbuild/sunos-x64@npm:0.25.1": "e20ce3891d8717fe2cb885d92d16e9409802316eaa91071be5c7d75164d23dbc5a502be3691039051843d94192e8cf43ade61014a8bce298cfc13a8d3ddd85b0", + "@esbuild/sunos-x64@npm:0.25.12": "ea9f6d4d1fe803063075ffa20b3a4ae11a92a933e56d437bfa9de13bdcd2320b8057aa3e971c12fb04f1388f55185d885a2a86a96be914a42808bc636575164c", + "@esbuild/win32-arm64@npm:0.21.5": "9b2ab87429efd3c2697dc5c7948ea57b57757b6e4709469e773b73cd5fe4b7fda5912073f4c3bdf9d0346b8f3ae443367a63bcd51de24fb81b9f592712eb3366", + "@esbuild/win32-arm64@npm:0.25.1": "749a211eae6a47e5ceb71898df668d083bdec2ed762116fea7772824281f793aceb0487946e20ff604d7e102d1fc8538a73f15b476ca36e07f7ddfb601f6dfa1", + "@esbuild/win32-arm64@npm:0.25.12": "f61e582d7a3fa474cf764573dd9b54a48bd4f0bb0684f4a588a79a1ba0fe37447bc8bc5d2d8809d1f27022ad0c95a5728ce7d2b5941dac78607c1e50ca14c6d7", + "@esbuild/win32-ia32@npm:0.21.5": "c1fe3276507d82202c464cd4809e67e6f151e29ed9de05c32d086dfe30207db15e646911ebc7f50df659891bfee292a25062792c589c2ff769be238c6b5fb8be", + "@esbuild/win32-ia32@npm:0.25.1": "bb45fd889d858678ec68114bfc398965ed8d44e46a9517fcd9f7b397101c2cf94d78938a2640f6f2a1fe65de4ae8830fd426cd21a28302bb92333913b3c16c85", + "@esbuild/win32-ia32@npm:0.25.12": "4c135f8face7b6e5682efc5972367b579f06656487d1859c3e3165d5e10a95c455bb0aa69339fc3db215084f3229ffb954d87b2780645993f70dee883cb9ba73", + "@esbuild/win32-x64@npm:0.21.5": "5d7b28baa9c22684d35ec0515f6d36f8f583f26733c8e84c7f78edf17b8a7d133819267486f2fd66f20ca3a810896f11c3c81106d745040c2f07ade314846bf1", + "@esbuild/win32-x64@npm:0.25.1": "e33291b9834095e6460bd20bb15c49361758bf66d28ccffe0c06a1565211c91f668d9cfc0cbd5bd7a5def693fe7272dbe290b08d4eadba29e750c8a9c739f564", + "@esbuild/win32-x64@npm:0.25.12": "7db86204f566c4d1155458c6e383d5f560a3f7e00475c65e97549e30a222bac66bd64cfd422691a7dcead2e0518e50aab5caeb7f525dfea6875c3209d6352e8e", + "@img/sharp-darwin-arm64@npm:0.33.5": "bca72454845f361ae9e6464547fb1ca9353b1b9ed7bfe5bd116280d6cae8f49b5f941e760bd9f8fd4d5d5274e5e231af7ef42a645318f074a67e3c3de03d5576", + "@img/sharp-darwin-arm64@npm:0.34.5": "3298dfb02234e120d45476559f638b2843c13c1efe29559926ce91d7e2245fec4625e098b322a960b3c8cc8e682d4030934a12b3e21108be79c0e67b8e9cf688", + "@img/sharp-darwin-x64@npm:0.33.5": "b293e20e66e37180d1251906fcd13ce20c824b84476add53df3f2a1376cbaee1288b91665ea2058db31ec05ef19b85eee9b52fbe82a7603a6c1835007a75121a", + "@img/sharp-darwin-x64@npm:0.34.5": "fe4beb8013145491ed1f15eb58769d78c2cfaafcf76ee1acef25d27b27cad7dd1ea5f6cbd7dce2e55b9a4dd2d9cbc49cd02bf985e190c7b70406d40cc9807cbe", + "@img/sharp-libvips-darwin-arm64@npm:1.0.4": "1711bd98c5e6d5d381d2301152747fda3e769b5671d4b3a572b383ddbc3568483b591f65bdc7899d46ff1a511f63023e42703b4cb79b4d185e48d6e8e769a6e7", + "@img/sharp-libvips-darwin-arm64@npm:1.2.4": "7e2ad47b07dbf3966f706a2bc97f06422c0c07c8604cad25ea52426bc2f579cf9dffed90d5ef562f42dc48c5e8ba97cdc3ce7ce51c53e83a647222b7a2007b45", + "@img/sharp-libvips-darwin-x64@npm:1.0.4": "3f6ebbdf1b81c1b899ef1448bdfc7e380e5194036d6fdb8b41a136c586e866fd2031f27e5c41575c8126fa2290c061e4ac2e8d8551cdabd489c2f8b617dfd418", + "@img/sharp-libvips-darwin-x64@npm:1.2.4": "360d6c6b29aa07f0e74e45b7c748b0ab6cdb27eae67bb0d78b91824d724e3972709c98cc6189f6bbfa04b705d373ae3b3e53b4039dcf440bf8d8b62e4442abf3", + "@img/sharp-libvips-linux-arm64@npm:1.0.4": "0bef56e45f639cf521208dfeead61247a1ff5b968ed8d8687e346a9ff188cb3a34a90a81376d5557034bff32aaf4566d665a5a055888c2aec3e2a4a25b5060a0", + "@img/sharp-libvips-linux-arm64@npm:1.2.4": "ba975b5a40574829c7216fa788f8eb0f452d7d24477833363dd6208beffba7224d248d11d233a2264046259c65155c6194134918f490dc646de50197d34564d6", + "@img/sharp-libvips-linux-arm@npm:1.0.5": "bc68be221896ac177649f2efb98ac77c39150fb5adf5abd90094cec3229122c01058fbe1932aed42d19e8ac6260ba043c807806b946830db385d50887dcde906", + "@img/sharp-libvips-linux-arm@npm:1.2.4": "0f562aa9aed62766208dbb0a05b69962679e64c7f93e5d6ab18d309864d61d5c4f09246f4be2d4ab0b7543adcc26cc7047e752cdcce3990b07de7586b2b842a3", + "@img/sharp-libvips-linux-ppc64@npm:1.2.4": "e40a9b8a2b235d0c4d4ff83ceb5e4cef7595b37696df88c1db8c23e910b92f13c803759469f9ddc51d9f9ab1750c41f05d7ceb78fa2e55bcd4475aeb6d427f54", + "@img/sharp-libvips-linux-riscv64@npm:1.2.4": "f06bfc1f51e1c57cb62cfbba91689f76cb30216c18e3d576109cb64b2c11e3f1da916e5da56a39c40775d80e70b6101ed060cd3f5170aaa13e7e1f487b3795ce", + "@img/sharp-libvips-linux-s390x@npm:1.0.4": "4d0da56b04fc135694d8c92c8d5410cbe2ea0fc6dbce9aaadea02059a628b07231b2f4560e22e98636ce26897aea8eb48c4537b6010f07ced6754dc0b6bda382", + "@img/sharp-libvips-linux-s390x@npm:1.2.4": "b500ec4bfa86b4abfcdfd449c4da13b3f85ced89772705be1332879f4eac9d5f0814ded19069a775df514dcfdbfbd3a3710d4e7e9a1f9a8d4a626a53ff91ce27", + "@img/sharp-libvips-linux-x64@npm:1.0.4": "3c2c09d95b5916dff138390d6aba4c09ba6555a908d5b9eaa0576408d61eba299b013f3828e702c418d830b8f53a73e2e118619df7e5a6738c729ed7f78b6601", + "@img/sharp-libvips-linux-x64@npm:1.2.4": "ad9cbec6158b308893cd0fb38f6b5a7c74b8110c7e52ee7bf0f4442ffb05b9eb9c7e54e0f8ef1ee301b0b039a8937519845d2874b72916062309f15137b47d9a", + "@img/sharp-libvips-linuxmusl-arm64@npm:1.0.4": "952819ca53ba8d9911e8803674fb71b5854d0f2bff8e947b04a45e84915ffce29f04241359d0ce3ddff874d5ab1a61b3efdac36a5c5245732ca43250e172ff60", + "@img/sharp-libvips-linuxmusl-arm64@npm:1.2.4": "254717ab22312e86939d803d4785f0c5df3d77d1fa4b776489d9cad595d5765db9ea9d1bd09c7adf84bc495ccc0ccee2fb503138254c01ee3d75a2258318f4f5", + "@img/sharp-libvips-linuxmusl-x64@npm:1.0.4": "74c5f218ff390c67d9a95bab314b6d0bb8f2217dd55cbe2bcee2474a5fee4be9772d7924672c5e4d9dc6589f569a1d27e1562c4bb6ec1cee50f02b4799a64849", + "@img/sharp-libvips-linuxmusl-x64@npm:1.2.4": "71e80a6ffe4c8866e2e7265b1af210901d8a7c82c8fc55219c15ff9281a35785081e39f97fe5fca6b753c3ed430fe1f0554d91ba716455ea5831fcdc3773cb24", + "@img/sharp-linux-arm64@npm:0.33.5": "68bbcd09e6598aa480818d2c8a17317b8fe7709491eae4a2a68688c14ba2d39cde5b9f7b48d701f231909b4efd8038d2ad8fd7cfd8ea8fca9adbc2d42487da45", + "@img/sharp-linux-arm64@npm:0.34.5": "a7bf9b8127340ac9ae87a347a83643cfdb2302bb577e3a34aff952b3f9229432755921ea2262294385cdb6fef689711b58b11b77adc0be7de43f8e9d6ee7ea0e", + "@img/sharp-linux-arm@npm:0.33.5": "2d9a2c22e174fb4b4f832d98587076c7e24ce44ed1a6f1ff074335373dbd9ceaace539652a2109dfc2b4b87c95a9fa3ebb19dfec205a7962129deecfc48da818", + "@img/sharp-linux-arm@npm:0.34.5": "dff9a07d68f2203896fd038e2d20a1c5b21ee6939b51043f581e6929220abe65115acc8e7435f31e56fdbc097d0ff7f2160803630f341987697ebefa7306896c", + "@img/sharp-linux-ppc64@npm:0.34.5": "3b4989ad63f91b611169011bdf948a58c3ebb8c1e84b29a152bd72d40d7d080481897f46fa7b2c9fe2844f6040507fc1fd903573212a0667c20d8b156e044728", + "@img/sharp-linux-riscv64@npm:0.34.5": "88b8985bdd09a63ce440e24b75f56ce37292474f1a8788df95d673a61bb1ee55b02583ac87ba332b74cf89c448d174842a95922a3ad4109c7ae4d2a318f8f6f1", + "@img/sharp-linux-s390x@npm:0.33.5": "c1d363553c699cb97abe2107ab59abe16631cef2150c4bd5214902cf444a57d7dc5dd2919b8daa8f09d49671bb6633565df0895fda2b27e29ceb0121343dc689", + "@img/sharp-linux-s390x@npm:0.34.5": "78a6624a75a2d6a193b29b3d12425b54206c7f4834ca58f103ae05027cfcfd6619b4977513791ca95aba8e2696d42529049d8e7dbc0775a19441a6cf7f113156", + "@img/sharp-linux-x64@npm:0.33.5": "870e897b4eaae97140515ce6c2d87c010b015bf53e9cd7182465dc3b1c032cf4e5d4d9e00ec66996220cb924be4b748cdcbcc03f0fffb378338ed4ad81d8d672", + "@img/sharp-linux-x64@npm:0.34.5": "eaeb7a303c973fc8de9ff17bb00328725b348ccf7ba110f35ecd663f51c565bf8379c917496b9d48a866caf0bef075f84e84271145d87e9e3ee7e34ae438b302", + "@img/sharp-linuxmusl-arm64@npm:0.33.5": "1f4ef8055027962e3dcc8307e7b4ea070ae2f41ae9ef3442afd0d7515223bf66201bcbdf9097d353f4e64fd572c2ac26eec9e832597fb42da8f27fad6ec4a34d", + "@img/sharp-linuxmusl-arm64@npm:0.34.5": "c943af12e150353ed39bac2240a22b37db586dcae79e838f0619648a8f640e41c850b92dbe0ce63321ffa77139cd2eacc45216d0c839b785929bc90f75d50f31", + "@img/sharp-linuxmusl-x64@npm:0.33.5": "c82dd5576f1836947c81a2b573e1953d7b4fcdccb532473e2073024c02a999f8eb17ddb9c2fc5b0fd77a9a7a38edb9720dcfc9358e43a60e8f8eb0ea3f763bae", + "@img/sharp-linuxmusl-x64@npm:0.34.5": "86f8fcc84c6a7a4109a64b68690c6af0152c6227b0b47968761a939be2657e6f79f8d6f7a398c9eb891d874cfdb8adcb0a91f45a9e6a265d09904dcafb494a0c", + "@img/sharp-wasm32@npm:0.33.5": "050bab055f1345c12e2fb7cc9dd69b1da3094c3e4536556992c165063f42cd36c8a26ef86c7dbfb1e44534662864f32175e848b2c9f73fbf3623a5433ce77096", + "@img/sharp-wasm32@npm:0.34.5": "68056480229e8cbd4a85e853179928ff5eddcc9da44ea8f4994bdd11335442cba3f263c25dfc4e9073439b0ef282ffd984c5ea2d46eb7ef2834eb3ef2816b101", + "@img/sharp-win32-arm64@npm:0.34.5": "887f699f440e8474f4680913ee06e8c7f9fe8f5500e8ef8310fd29594a1539c567c111043f643934c09089e6024785c153c40ea3a1401a6e6659b23058af68f2", + "@img/sharp-win32-ia32@npm:0.33.5": "494e67275dcab551c8310a7d19175e9d8c5cd005546ff970a9fcb6c759fae3a8bf97e68f91e2e292d6c48805ea40ece96b75ba2a49e3feb62d30de25cd833539", + "@img/sharp-win32-ia32@npm:0.34.5": "1723fb245d946cb095e7337b17fef23d1f4903f2a4823a75d8eb489d738e18a19a2adfcefdb98a7d1b1b5ecc296c0b74858cd5d6f8af19895baa9b098b2bbd66", + "@img/sharp-win32-x64@npm:0.33.5": "df976250034aef085d37a52e975e22a6418459bc12e4d0a2ee4f2cd623275b9380a461ccd2cd8945e3b1d30a11b89afda31b5b14e58aaf308e20173f521c4ed4", + "@img/sharp-win32-x64@npm:0.34.5": "2cc1c74b6749d79155752cf689410b22a3506f78e53090f880daf5c638a0cfd0e56f32fb8676c7c2c3c9b1c2811a70f08d95337deee2ff03c0af9272488300c2", + "@msgpackr-extract/msgpackr-extract-darwin-arm64@npm:3.0.3": "f8d48613de17e5356d273745042bbc7c0d345e1e4e5e88ed1132a3ed9ca65db9f8b908a708383d7a58ede276c105e7c9a2887fad00d5e47892010466e5312b47", + "@msgpackr-extract/msgpackr-extract-darwin-x64@npm:3.0.3": "270f8831d7f6d61ff36e7118e09ec13baa633bb22dd57fa3a9e6af67f7036a3fd1beec4c8aad1c72639522300364cef98bc5ba2cddf67a3832f8a35b7fc45502", + "@msgpackr-extract/msgpackr-extract-linux-arm64@npm:3.0.3": "326c19865ead39017326dd8066cde30adaf87a62b968a22d5e5369691817086f681fc291be80b7c61c5496fe915f6df546f41e14ee18b896c54de5099cf147ac", + "@msgpackr-extract/msgpackr-extract-linux-arm@npm:3.0.3": "115f627bcd7c290ddfa1d16405cc1ce388be0b295a26adb1ee2d774133a77809aa0bae83775d3c11f220544e77d34c01d607037bf9dfc6aaac67329cb5fe2818", + "@msgpackr-extract/msgpackr-extract-linux-x64@npm:3.0.3": "ab74755aa2afd27ad8f5277c7cb7a0c721028ba63c3e3109458689340d76ed4c901aa2c71ae5950f3a2149ae9e835e711a12842db219864107cc0c5c1fbdc0da", + "@msgpackr-extract/msgpackr-extract-win32-x64@npm:3.0.3": "edfea4f5455f71f608c15163467b98245d46fbd6078019347418e193968431afe632a11e8729ec39755a54563d86940899e2fe8f3d124393f91855956bd1d745", + "@next/swc-darwin-arm64@npm:15.5.7": "b5f5ced583af847b6c28da843dbd507b34a207015b4cf86eba2241903a650f69fe58938e198ba70c8c7a9f3e861442e4f81b80e1ed641c0bb2ea39e1e444ea08", + "@next/swc-darwin-arm64@npm:16.0.10": "e897e1c2a2d8d25189ae7fb095c7b3042011ad8329b90fd58566af631ac73d396fc7b610df249929b725fbfe19c61bdb144ccd25a37e7b94cb5867b86b06d732", + "@next/swc-darwin-x64@npm:15.5.7": "3d7b1db0be2072e1cedd87776af0706924d9107f4e67c0b6b7c657b7ad9834a50761da789a416754faea63d1d4a8ff9131ee62e6d23385811f7ef308588f0eff", + "@next/swc-darwin-x64@npm:16.0.10": "a1b22cb6f34fa3305268e45a9e848a31fa60d1ad0d14779c13ac22c16023363073ce0d9c7e88c366805601fd1d173a3147c2e96c1c300f78f344bbbffc2c72ba", + "@next/swc-linux-arm64-gnu@npm:15.5.7": "b50cc28269e1df862453901d170553b44940f30258eabf11272fca77a31242efa2d669dae91086f16d350bcc3139c42ce539f8062f85b418ec01f7b9fe0183d4", + "@next/swc-linux-arm64-gnu@npm:16.0.10": "1f85cb3bb4fbd2e9fb800221f750c79f36d9019d945d051709ae5398cfa34ce1e0b7943839c7d8811ec40118f2aac608da8ee4da683efcaf2ee8490df6653d03", + "@next/swc-linux-arm64-musl@npm:15.5.7": "1c86e4521835885034e3eb0915ce1fbaf1d0cbc946f614f6c1f46ed5ba76e0a637ac1bbcd2e718e95fdde6e0d8139327cac5a527f4463171eced0b233c9916e2", + "@next/swc-linux-arm64-musl@npm:16.0.10": "8507a7c5fce25212f41e8cc4a0f70f8f549089f81f1ed52d734a018a93d379c32341ff0cb126de9bd868a6bda8ec8ced4747db17621d3a87d4c6f7326fe7465d", + "@next/swc-linux-x64-gnu@npm:15.5.7": "7784de95b55dab55f2a1ee7302f31dacdc6fb54f0cac014da4ec9387c5cae37b90b1ca5b7e170016da79ff243f8dcbb17b21cb3993d0c35686c58bdfccc2f8af", + "@next/swc-linux-x64-gnu@npm:16.0.10": "c7bbe23cd872d6d7394625a26b57bd0810c40ca972eaa2fe15436cc09108cda24f2e84eef81de83ea87f7b9d8f47351d0a7324924032d81d2b9dc4f950da345c", + "@next/swc-linux-x64-musl@npm:15.5.7": "d40e29eb25bab0fe0ec1357c9aa8fddce6647befd949a69e97ab567838cc4e4fa587a16e8f708225415138db1fa28765acb2e18f6ee93149ebdd418bd10cd912", + "@next/swc-linux-x64-musl@npm:16.0.10": "291d19f663c58c28b1189ebf59ee9ba3f212de99b5e4a7164d51a1c797b9c8c845a97a201b6e556930d33ceeb4a661409784dadd4c84e9383269806e839558d7", + "@next/swc-win32-arm64-msvc@npm:15.5.7": "4b9da02bc8e83399d80e41abedf8791fbcdf34ad5dc3391e9adea7ed4995a50f649ccd1ae4ea8894c14f040cb92f373d78fb4acf5650cef3b96174eae66cbe9f", + "@next/swc-win32-arm64-msvc@npm:16.0.10": "6fff0ca49aa7c763634f43e2464a7453d740cfbcb117a8a2a52c7ce1e19524906f378e43de0b1f318b4f5ad19b9bee1b7f07ede9da8fe90b703dc1210f8ef688", + "@next/swc-win32-x64-msvc@npm:15.5.7": "738ffaf0bec3f3f1d7d08ab648c2f6e703a0c5b5596399139865a6bdba9ebde74e7e37024860d13c10a9ea3faf88fa882c2ebbd89955dbf36d1b7df12739fdec", + "@next/swc-win32-x64-msvc@npm:16.0.10": "4fc4b5848cd92e37a481ed0cd85bede149e36b4cbeea4a168b0731bf9ca8d723ffdfebf1031b9da72a435cac782ba8eea0ad6bec5f7f9c55ad8bb9c6c47392ff", + "@rollup/rollup-android-arm-eabi@npm:4.35.0": "0d365880d060032a95e862d72ef9086de822087d2442d0c56b8e775b35c4bd512b8f5a9a992ef2ff27c60f38fb53084e65e50dbedc599fd560c070b4927c63d1", + "@rollup/rollup-android-arm-eabi@npm:4.37.0": "137cc44b5452772bc857f3a9b113dc89a95b0d529963e91a49ac1b336302f37931da052a5d07c294da6060d07251c0251c7d363fd2be1775b59afd84a4c2ec67", + "@rollup/rollup-android-arm64@npm:4.35.0": "72aa2d3d47f1f2e99952bc871d360797c79a8f41474e0cdd8e17ba839f94523d3c83fefa5b6e9ea5296578e92cd07573c2eb824c3bad1fa6ce0aa4312c954e60", + "@rollup/rollup-android-arm64@npm:4.37.0": "a6856efb422e0e9ab62f407e0e73908fe78d42fbb2730aeeba3d8b3f034449ef248a0fb596b5af3e87f7054e00328aa4322525a375508f492dbc7c2478aa0e49", + "@rollup/rollup-darwin-arm64@npm:4.35.0": "37bf58948774b446148c6705dd07cdbdb5fa7ec9467bca92021b1d0a061f052e7ca45ddf65f6c22de15acd73b365ab6b26e0b7a870ed012f8bc375bf9bec753d", + "@rollup/rollup-darwin-arm64@npm:4.37.0": "ac29a2a8eb0e40c54a1685c868436658682293cacde10b7cbf587845902e4e95ec4b84e4eefbf7ac6a4b6330b47fe4094dbeeb90f22c0ee130ff984b8d3a1cb9", + "@rollup/rollup-darwin-x64@npm:4.35.0": "70b41ae4f14eaff3658634e79531e5666a76cc0484f6f129fff21cc41aec372676622c88ccd2aa3ccb6fbc56580dd9985e93bc90b9e3e767f936b339bc989201", + "@rollup/rollup-darwin-x64@npm:4.37.0": "037115d7f3b9ceab60df8ea12a48762a6c4051da7008a6b5d47174d9980759c392d7c6e4e79e2989744f0a16d1fb78ae97a9abd309fb1c41b07b65fab1700338", + "@rollup/rollup-freebsd-arm64@npm:4.35.0": "adefc811863f9ff9e8528055506178a3695991fc3a1dd568f98677dd64ed9b003135fd8b064ddcfa11d1515affeb7bab6daace77f8220a8e6264e91108e319c9", + "@rollup/rollup-freebsd-arm64@npm:4.37.0": "8ac2a91f628962633cf33aa462e567b1fc09b4ea09bf7a882ebb7ebf7adf4530d5f9d1b2dfa50ef64ddfa4b820e1eea324041f4c847298ddbe48d7491a944016", + "@rollup/rollup-freebsd-x64@npm:4.35.0": "c4bbee2f451ca386ac3457adb0a4ff1f73e6ba1e02c7887472bf220dd4ea7cec225c86dcc4748073af2306f8738769a8ff90d2343fb96589bac254e91157db70", + "@rollup/rollup-freebsd-x64@npm:4.37.0": "855b528e935ad21de0297112b2b73ea4ca7db94278606811f2d61011cf8f8042e4b7127f7993859320876fba585a00c5e7e11c7b50ce23af4ccca3679a69754f", + "@rollup/rollup-linux-arm-gnueabihf@npm:4.35.0": "450123c65e4e40c250c9cd4b925f01ab34be651b66c544f083e36332efc867298a4d03c4e0de4cc49ef77dda5b72bfcf8815811a392632ca266f459ca2b7d31e", + "@rollup/rollup-linux-arm-gnueabihf@npm:4.37.0": "dc126fb662d1a645ab41680033a987908ed0565b4ea9d414a9a46a61c06e9b136c010d1f28b1c34ffb101375a5279f18ee70d0d9b4ff1f2db80a54a05af3071d", + "@rollup/rollup-linux-arm-musleabihf@npm:4.35.0": "8a9107834b546a8430d438f0a8ab5c016913ae3aeceef23c21e462a7738502c1a7b0cef15751602846fa0f530ffa676d1c3e821591fbcadd31983b9169415bd0", + "@rollup/rollup-linux-arm-musleabihf@npm:4.37.0": "206cf3b319948b5d2d5ada18c698f16350c4cb64b53ad754fad91c1fe403c5fc110b3d3d2436433c5fd9ed1e1cec3535ed184902a6986f8bc0ae9770360e3c0b", + "@rollup/rollup-linux-arm64-gnu@npm:4.35.0": "844c3b1aad40fe18a69b9f6bc4d31228e6497ba95ed8fa9ad1037eb18a472a55b31e9d3bdf7d19f2035213ce4e7e73127cfcadac6141fb975f0c41bacfb360b7", + "@rollup/rollup-linux-arm64-gnu@npm:4.37.0": "f96da93f09aad5145f6fcfd69eccb6a2d407754e13f168d161dd2280991b7e4a3a514009b8a796767e5bd85ca0e4f81e2aea19781bb027d3ec59cf01768e2e1c", + "@rollup/rollup-linux-arm64-musl@npm:4.35.0": "e89bf799436ecf71db90c40a0dcd40eef9813f32c993777676bf81a548eb7d5ec4c0959d33c9c3ee8ae448731655ede2649807601d4c714276ccb295c0ec5e35", + "@rollup/rollup-linux-arm64-musl@npm:4.37.0": "c31f0c0aeefd18b59212f845aacac5a5a614ce0101db27dcc53884ae4d4e766d399d816104a10f4ee8c4c28e2045abb2d6a778c00bd30a430b3f34be4445cb1c", + "@rollup/rollup-linux-loongarch64-gnu@npm:4.35.0": "70e331016745c7688c861ad49f54c444f37570171fbd810c4116cc5335b72802d540e0f6019a0b4475b5c570f51691f313548f9c5bececa37eb759b02802f6dd", + "@rollup/rollup-linux-loongarch64-gnu@npm:4.37.0": "d69b456caaa8c12c2936a6836dc2dd3b9169ebfc2d888c904d3407fb2c53ba99a3323bfd36d447c17ff0b9e31b4709defaf72cafb32c23c773fbffdee50bc7fc", + "@rollup/rollup-linux-powerpc64le-gnu@npm:4.35.0": "73419009942cf6d86815a0a47d7e21b1dcb0d029561cc76d53d2cd1b7b9281f2a532eda7c7bfb546cc997337c9a1c68a1aabfee0330a76d249c119567b9607f5", + "@rollup/rollup-linux-powerpc64le-gnu@npm:4.37.0": "abc5b4e7960965f01948dbf7e956695643cf6ab78ef1d14f2bc34b93cbb85a9ccb9c005dfbf948a80145cd808078a34d216c9d4e801570e2ca638a563ecd0ae2", + "@rollup/rollup-linux-riscv64-gnu@npm:4.35.0": "9c182d0055b6b93008ec8958eeb715e6083c733ec1cf146151572a3111c98e777fdcb0e159c0b9edf5760c1dfcb295f8cbaba4d6115e0a4800bb53828cab228f", + "@rollup/rollup-linux-riscv64-gnu@npm:4.37.0": "a9a5fe6a24955dae476c9ab5fb22d5f807e0ff916ff1ec289c8050e6688695e9c434dfdb130282712dd3657bf883af4544ed1ebc77b68530ccb8e33af484a41e", + "@rollup/rollup-linux-riscv64-musl@npm:4.37.0": "e6cd70f709a59037f496d1086f34148ef2ba92bbf1813e07ccd52b3643822486fa95671a6ed4a3397b9ef23e3a4dea20926f9e1a26b00a06173202627cf2f0ce", + "@rollup/rollup-linux-s390x-gnu@npm:4.35.0": "5d9b6fefcf02ded2487b5e71633c2c8aacd7b6b0a8ab36367fb672995155c0a3164716ef8df859793bb7f6e8d8d1e8435a9bb4f0814bc1135fc13276abec0f79", + "@rollup/rollup-linux-s390x-gnu@npm:4.37.0": "a6704bd605db0a99a60947a6a69ad6d1dbf712f57d4bcaba24a122cc062b2513319726e8211410d5d9d2bc1face3b153c45c4c9209ead6a25f87cf6e79828864", + "@rollup/rollup-linux-x64-gnu@npm:4.35.0": "1488b698bd314b6af0ee114d7cef40c480c6de5c3d7a429f376f5ab93e0c599c442b2fad9eceec95797b189522bb455ecedb3a3f8c2787239da712403b2b3105", + "@rollup/rollup-linux-x64-gnu@npm:4.37.0": "fb0ee05c300d73fb05e5584418c41cd616aca8ccb4c4397b56ada769b4e3655223cdea2ce136c3ff3ed3efb9f74800acbd4801135afc3fbd49b29fff092ebd8c", + "@rollup/rollup-linux-x64-musl@npm:4.35.0": "1d9ac6fd0b9293e86c581c9b2233128b79ddd43e62d982e98a09950fd1892ec4aca30ad9ef356ac9807aa185c3e5888e4eae018dd24409340c300a8c28fa4a14", + "@rollup/rollup-linux-x64-musl@npm:4.37.0": "c502057b9ef77bb43df6337eb02c5bbb8f7aabb2780f3de8256048ade427d319e4d5cca4e4238c3076ddddfd9749d9854e8fbc7f6e50cec84e778da6dafe90b7", + "@rollup/rollup-win32-arm64-msvc@npm:4.35.0": "7d4174cb4976d62df0186c6eb85e1d5e7837773b2faf8da5dc2238c5d08b15a27b098c187e78e425f235b84eda666dc5797ca5f672849842ce7c1a0de673c03f", + "@rollup/rollup-win32-arm64-msvc@npm:4.37.0": "4a6a5c2fb0c520edd3f67deb773ff600698a665ac5a4ba4ac8147836aa054be0f3fab54c841f3eef2b638224dd432a62b5f48b3704f5d3dd37ec7fcfc6a70591", + "@rollup/rollup-win32-ia32-msvc@npm:4.35.0": "dca1a8f3cd91f4c025612d7ec28d624dda0e02d13ae98fcafaa53139fc94e2a9df507635d847c79176ff37dd9bb5d272578c4cdfd9af05bc1cdb78e31296669f", + "@rollup/rollup-win32-ia32-msvc@npm:4.37.0": "439f4339c26c104333b3f55a34ef1a2280b22eec165362eee1816548a0b93f0440a6e3982af9263d1a4158d665a6ecba68c64bf12a786eae69db232399598321", + "@rollup/rollup-win32-x64-msvc@npm:4.35.0": "c6d7a0cbfb489d60ea6f74a2c77c6ae8f9c9b4dae4106da59b640718c4fe7b2273d59ac07fd6d83ac95bcaf172ea908e2eb09c4bab3e0dfbc957e572ab055482", + "@rollup/rollup-win32-x64-msvc@npm:4.37.0": "0c85f06fddfc73dd4457a6c6ec841e52d0fb81179fe63754bd3c02c4795ec338685bd14ff49672ddfb3767aecf4f01f4a5da5730b0cf62be318753390027de37", + "@sentry/cli-darwin@npm:2.42.2": "3df1b8774a2dffba2a413420b573d0ddb94a51ab530cfcf719736cac37fb9b6ff835516b4b783771f003659436a00d3ee5ea201fb2510c1ea517d7256c619b50", + "@sentry/cli-darwin@npm:2.42.4": "c1a2aee566a2d35f6c39f312dd6f4a30b6fa2edc973009fedefc4dc7e36fc26e42cbaf9269e40f6aed8fcc3ab5c106293248b09a1bbec0c3a3872810c949c2bc", + "@sentry/cli-linux-arm64@npm:2.42.2": "17ab90626910c137925aa307bfb4b2f5790a756eaec9bbfa1066b1c2265ec1981ae3d7c8b2014071da9dd3a604cf150ba9a8d93a16e0da155831c7c8a524f956", + "@sentry/cli-linux-arm64@npm:2.42.4": "a9ab66366473ec445cf2daacaa934b16d2b1376a9a7eb1240a35e970c5e93e098248cadc4c2b08a9ab8a97dc3eefb70ff1e70820f15f29227ed07ab165d31e91", + "@sentry/cli-linux-arm@npm:2.42.2": "2d31e7d2603f124e2a36626e91dd8c50a0eba27386b94a7076115022e50193140d7f613850adf64740ee46102cec99845750df05430dd16ea50f01607ead6d2d", + "@sentry/cli-linux-arm@npm:2.42.4": "47ca5bd7049983c863384a318e231aa0cb7ec5f9d5cc7ac6c11f86c4540e3ce4217545eeec2f526dfce3e9580c665ea61d17b40b9cc83e2887f2318b8f527923", + "@sentry/cli-linux-i686@npm:2.42.2": "e5c52d65f507393c786373aaff873d6522f9ab26ef3cea498268ef63d053dc9f4e806c3295c22b48c5dd1f7ecf0c47bfaa0f7545424ef81a3cd51914de2af2bc", + "@sentry/cli-linux-i686@npm:2.42.4": "cd201e1beb369028601fe5c11c6126529c63c08979f01a00ac2aed88979790600a52cd150259a8fd0d9acf15e52d3da2f6fea69b083abf2e09f2293caf968989", + "@sentry/cli-linux-x64@npm:2.42.2": "62ed35b355b7673c8cc1d1542c21d1fb908022c2cc951eda47ee4a55c3e53499c1eca08b93408b547adf9ffe7bcb6d43efa50f185f6fa66155a13373ea79d5f3", + "@sentry/cli-linux-x64@npm:2.42.4": "84c1758ddb2a4c0529d06e73cacfce707711e215c16ceb028e69abe62c1e9bc4b5d410295ac75bc4399b64d76b4516df58ecebe2b46f879eb781e189537f993c", + "@sentry/cli-win32-i686@npm:2.42.2": "3876d8d3f6139d984714ed5fed8ef124d32af8f5d7cd6968adc8e910727e12eb39d85dcc6304a5e249dce7d8e93e11f8bcfde83545835d959f260bf4b1914d00", + "@sentry/cli-win32-i686@npm:2.42.4": "14207ff600dde2406c9d20c794197628e80b71ecdb14e930db67c2f3d806ac0db66303c6284bae4f108e30e357cfa894510a479ed7bbb74ca89a627bbbd4ff1b", + "@sentry/cli-win32-x64@npm:2.42.2": "16e6deb7f0faaed1a88c121463b3ef727726351ec04afe3308ff3775d26e1d7b990a3fd65b216d7fc2ac4f6967c625f14e6dbc2dab99fcc9d7a625ec80422ab8", + "@sentry/cli-win32-x64@npm:2.42.4": "3e6f5fa0bde62824ebbe427a47cba538fd5b7e19ce10b6bb0743ac0f52fc1e677f9c68a84e22fe5b995d29ba00bd1370ed172e6e2ad1732b4c07f181cb1d7d83", + "@unrs/rspack-resolver-binding-darwin-arm64@npm:1.2.2": "8bd22eb6e552a6e205f559fd2a08ab5abba0845df88fa857472a1b5eda460ba890dec1f51d4ead8d1aa33c304378642aea363a1911ad781811ec59f61ace3fea", + "@unrs/rspack-resolver-binding-darwin-x64@npm:1.2.2": "9fbeb7d55fc163ba1a8b3f834e2acdc371145a805b96e46636ff95e76eb895e144b9002fbf1d14ce54a0386e07a7293e6e559f3943f5d0afa91e51370c3191da", + "@unrs/rspack-resolver-binding-freebsd-x64@npm:1.2.2": "6391109bcce6c9a82ea283a59c120fdcad4e0adfc3403096333c5ff2c11e526401aa03f69557a3b314083aaf1cc260b5cbbd945c1177ffcd27d001ab1e212bf5", + "@unrs/rspack-resolver-binding-linux-arm-gnueabihf@npm:1.2.2": "1a97e5a33e937861933c3e1eb100f419229b6e51046bdee1b10ca178c78f26017b6d1cda2dcd64aa65c868cbdd59797e914133d509fc291678beb4349f8717db", + "@unrs/rspack-resolver-binding-linux-arm64-gnu@npm:1.2.2": "30ea0931074f679fc416a8b90d249673fd9d27a89e0df4c0a936d0ee1329145e0bbf5ff9680e30cd5549eb261833dfaa0d8018b7ea7b6ae1ece86ea4cce9e440", + "@unrs/rspack-resolver-binding-linux-arm64-musl@npm:1.2.2": "bee718ba77407238445f2d1950b9287b52fed11f71ebaabd826059ab85cffd3d174e93e2cfbeff151057abd7fb2f4dcbb583aeefd92c9b5342b715ea0aa7cee9", + "@unrs/rspack-resolver-binding-linux-x64-gnu@npm:1.2.2": "d3f4577b88c2d53372144056f8340af9cabd3b48b751a619dd662f7df2e799dcfcd53547eebb6ca1e21e847e2de74d5c692f13be5080076d09e7190904f8d701", + "@unrs/rspack-resolver-binding-linux-x64-musl@npm:1.2.2": "a07c77a1b3f513b262bed00265186d336b07bb271f93ff1998212d66e236310ee53eb618d26bd49f4d021d7f3407e2aa115cf37b28616ba750a8c54065d4db04", + "@unrs/rspack-resolver-binding-wasm32-wasi@npm:1.2.2": "ffc4938bdb6163a789f308b7df55541871dfb5750d59b1a6ac709f76aaa19eb58c6d4ab8f509b4a0e994e97592c682120e78855ff57bfd0d7cf46c008b63a992", + "@unrs/rspack-resolver-binding-win32-arm64-msvc@npm:1.2.2": "1e45426dc0d2d4cdf68b4a331ef4ab3f51c2e60d939654d7db581b32c624636545f829753ee982fd9c5c505150a4ef725aeedb890a7d99f2b4f2c4b0a0e4b18d", + "@unrs/rspack-resolver-binding-win32-x64-msvc@npm:1.2.2": "06db4f536ffe00470cc68904cce08d0f6f8305ce250d2d3b21fbf4f0c53c69074633a82edcfba57a87121595986e6636f40f087ebdfca0e9320c7c8263cdb241" +} diff --git a/nix/nixosModule.nix b/nix/nixosModule.nix new file mode 100644 index 000000000..2e9b1157b --- /dev/null +++ b/nix/nixosModule.nix @@ -0,0 +1,241 @@ +self: { + config, + pkgs, + lib ? pkgs.lib, + ... +}: +with lib; let + cfg = config.services.sourcebot; +in { + options.services.sourcebot = { + enable = mkEnableOption "Enable SourceBot"; + dataDir = mkOption { + type = types.path; + default = "/var/lib/sourcebot"; + description = "Root data directory for SourceBot"; + }; + package = lib.mkOption { + type = types.package; + default = self.packages.${pkgs.system}.sourcebot; + description = "Package to use for sourcebot"; + }; + # Override default, based on DATA_DIR + dataCacheDir = mkOption { + type = types.path; + default = "/var/cache/sourcebot"; + description = "Directory for SourceBot data cache"; + }; + envFile = mkOption { + type = types.nullOr types.path; + default = null; + description = "Environment file for additional settings"; + }; + + logLevel = mkOption { + type = types.enum ["debug" "info" "warn" "error"]; + default = "info"; + description = "SourceBot logging level"; + }; + authEnabled = mkOption { + type = types.bool; + default = true; + description = "Enables authentication in SourceBot"; + }; + telemetryDisabled = mkOption { + type = types.bool; + default = true; + description = "Disables telemetry collection in SourceBot"; + }; + openFirewall = mkOption { + type = types.bool; + default = true; + description = "Open Firwall ports for SourceBot"; + }; + + configPath = mkOption { + type = types.str; + description = "Path to the SourceBot configuration file"; + }; + port = mkOption { + type = types.int; + default = 7734; + description = "TCP port for the SourceBot web server to listen on"; + }; + hostname = mkOption { + type = types.str; + default = "0.0.0.0"; + description = "Hostname or IP address for the SourceBot web server to bind to"; + }; + authUrl = mkOption { + type = types.str; + default = "http://${cfg.hostname}:${toString cfg.port}"; + description = "Hostname or IP address for the SourceBot web server to bind to"; + }; + redisPort = mkOption { + type = types.int; + default = 16379; + description = "TCP port for the SourceBot Redis server to listen on"; + }; + databaseUrl = mkOption { + type = types.nullOr types.str; + default = "postgresql://sourcebot@localhost:${toString config.services.postgresql.settings.port}/sourcebot"; + description = "PostgreSQL connection URL for SourceBot. If not set, a local PostgreSQL server will be configured and used."; + }; + }; + + config = mkIf cfg.enable { + # Create a dedicated system group for SourceBot + users.groups.sourcebot = {}; + # Create a dedicated system user for SourceBot + users.users.sourcebot = { + isSystemUser = true; + group = "sourcebot"; # primary group + description = "Service account for SourceBot"; + home = cfg.dataDir; + shell = "/run/current-system/sw/bin/false"; + }; + + networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [cfg.port]; + # Enable redis using the existing NixOS module + services.redis.servers.sourcebot = { + enable = true; + user = "sourcebot"; + port = cfg.redisPort; + }; + + # Enable Postgres for SourceBot with isolated data directory and database + services.postgresql = { + enable = true; + enableTCPIP = true; + ensureDatabases = ["sourcebot"]; + ensureUsers = [ + { + name = "sourcebot"; + ensureDBOwnership = true; + } + ]; + # Allow connections from any container IP addresses + authentication = mkBefore '' + local sourcebot sourcebot trust + host sourcebot sourcebot 127.0.0.1/32 trust + host sourcebot sourcebot ::1/128 trust + ''; + }; + + # Create and own data directories + systemd.tmpfiles.rules = [ + # ensure root data dir + "d ${cfg.dataDir} 0755 sourcebot sourcebot -" + # ensure cache dir + "d ${cfg.dataCacheDir} 0755 sourcebot sourcebot -" + ]; + + # Zoekt search service + systemd.services.sourcebot-zoekt = { + description = "SourceBot Zoekt Search Service"; + after = ["network.target" "redis.service"]; + wants = ["redis.service"]; + serviceConfig = { + # Run under the sourcebot user + User = "sourcebot"; + Group = "sourcebot"; + ExecStart = "${pkgs.zoekt}/bin/zoekt-webserver -index ${cfg.dataCacheDir}/index -rpc"; + Restart = "on-failure"; + RestartSec = "5s"; + Environment = [ + "DATA_DIR=${cfg.dataDir}" + "DATA_CACHE_DIR=${cfg.dataCacheDir}" + ]; + }; + }; + + systemd.services.sourcebot-db-setup = { + description = "SourceBot Database setup"; + after = ["network.target" "postgresql.service"]; + wants = ["postgresql.service"]; + serviceConfig = { + # Run under the sourcebot user + Type = "oneshot"; + User = "sourcebot"; + Group = "sourcebot"; + ExecStart = "${pkgs.prisma}/bin/prisma migrate deploy --schema ${cfg.package}/packages/db/prisma/schema.prisma"; + Environment = [ + "PATH=${makeBinPath (with pkgs; [prisma openssl])}" + "DATABASE_URL=${cfg.databaseUrl}" + ]; + Restart = "on-failure"; + RestartSec = "5s"; + }; + }; + # Web frontend service + systemd.services.sourcebot-web = { + description = "SourceBot Web Service"; + after = ["network.target" "sourcebot-zoekt.service" "sourcebot-db-setup.service"]; + wants = ["sourcebot-zoekt.service" "sourcebot-db-setup.service"]; + wantedBy = ["multi-user.target"]; + serviceConfig = { + # Run under the sourcebot user + User = "sourcebot"; + Group = "sourcebot"; + Environment = + [ + "DATA_DIR=${cfg.dataDir}" + "DATA_CACHE_DIR=${cfg.dataCacheDir}" + "PORT=${toString cfg.port}" + "HOSTNAME=${cfg.hostname}" + "DATABASE_URL=${cfg.databaseUrl}" + "REDIS_URL=redis://localhost:${toString cfg.redisPort}" + "CONFIG_PATH=${cfg.configPath}" + "SOURCEBOT_LOG_LEVEL=${cfg.logLevel}" + "SOURCEBOT_TENANCY_MODE=single" + "AUTH_CREDENTIALS_LOGIN_ENABLED=${boolToString cfg.authEnabled}" + "SOURCEBOT_TELEMETRY_DISABLED=${boolToString cfg.telemetryDisabled}" + "SOURCEBOT_PUBLIC_KEY_PATH=${cfg.package}/public.pem" + "AUTH_URL=http://${cfg.hostname}:${toString cfg.port}" + ] + ++ optional (cfg.envFile == null) [ + "AUTH_SECRET=00000000000000000000000000000000000000000000" + "SOURCEBOT_ENCRYPTION_KEY=00000000000000000000000000000000" + ]; + EnvironmentFile = cfg.envFile; + ExecStart = "${cfg.package}/bin/sourcebot-web"; + Restart = "always"; + }; + }; + + # Backend API service + systemd.services.sourcebot-backend = { + description = "SourceBot Backend Service"; + after = ["network.target" "sourcebot-zoekt.service" "sourcebot-db-setup.service"]; + wants = ["sourcebot-zoekt.service" "sourcebot-db-setup.service"]; + wantedBy = ["multi-user.target"]; + serviceConfig = { + # Run under the sourcebot user + User = "sourcebot"; + Group = "sourcebot"; + Environment = + [ + "DATA_DIR=${cfg.dataDir}" + "DATA_CACHE_DIR=${cfg.dataCacheDir}" + "DATABASE_URL=postgresql://sourcebot@localhost:${toString config.services.postgresql.settings.port}/sourcebot" + "REDIS_URL=redis://localhost:${toString cfg.redisPort}" + "CONFIG_PATH=${cfg.configPath}" + "SOURCEBOT_LOG_LEVEL=${cfg.logLevel}" + "SOURCEBOT_TENANCY_MODE=single" + "AUTH_CREDENTIALS_LOGIN_ENABLED=${boolToString cfg.authEnabled}" + "SOURCEBOT_TELEMETRY_DISABLED=${boolToString cfg.telemetryDisabled}" + "SOURCEBOT_PUBLIC_KEY_PATH=${cfg.package}/public.pem" + "AUTH_URL=http://${cfg.hostname}:${toString cfg.port}" + ] + ++ optional (cfg.envFile == null) [ + "AUTH_SECRET=00000000000000000000000000000000000000000000" + "SOURCEBOT_ENCRYPTION_KEY=00000000000000000000000000000000" + ]; + EnvironmentFile = cfg.envFile; + ExecStart = "${cfg.package}/bin/sourcebot-backend --cacheDir ${cfg.dataCacheDir}"; + Restart = "on-failure"; + RestartSec = "5s"; + }; + }; + }; +} diff --git a/nix/nixosTest.nix b/nix/nixosTest.nix new file mode 100644 index 000000000..a9e82bced --- /dev/null +++ b/nix/nixosTest.nix @@ -0,0 +1,31 @@ +{ + pkgs, + self, +}: +pkgs.testers.nixosTest { + name = "sourcebot-nixos-module-test"; + nodes.machine = {config, ...}: { + virtualisation.graphics = false; + documentation.enable = false; + imports = [self.nixosModules.sourcebot]; + # disables ForwardToConsole=yes: + # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/testing/test-instrumentation.nix#L207 + services.journald.extraConfig = pkgs.lib.mkForce ""; + services.sourcebot = { + enable = true; + configPath = "${pkgs.writeText "config" '' + { + } + ''}"; + }; + }; + testScript = '' + start_all() + machine.wait_for_unit("postgresql.service") + machine.wait_for_unit("sourcebot-zoekt.service") + machine.wait_for_unit("sourcebot-backend.service") + machine.wait_for_unit("sourcebot-web.service") + machine.wait_for_open_port(7734) + machine.succeed("${pkgs.curl}/bin/curl http://localhost:7734") + ''; +} diff --git a/nix/overlay.nix b/nix/overlay.nix new file mode 100644 index 000000000..f4c12d914 --- /dev/null +++ b/nix/overlay.nix @@ -0,0 +1,12 @@ +final: prev: { + sourcebot = final.callPackage ./sourcebot.nix {}; + zoekt = prev.zoekt.overrideAttrs (old: rec { + vendorHash = "sha256-laiBp+nMWEGofu7zOgfM2b8MIC+Dfw7eCLgb/5zf9oo="; + src = final.fetchFromGitHub { + owner = "sourcegraph"; + repo = "zoekt"; + rev = "07c64afd5c719b5c95aae21c71009aacadbc528e"; + hash = "sha256-y9HwzPdNfqw9JM8XaZ4RxyN4cAYQhiqKKqP2c4wvSH0="; + }; + }); +} diff --git a/nix/sourcebot.nix b/nix/sourcebot.nix new file mode 100644 index 000000000..33e85da95 --- /dev/null +++ b/nix/sourcebot.nix @@ -0,0 +1,148 @@ +{ + pkgs, + lib, +}: +pkgs.stdenv.mkDerivation (finalAttrs: { + name = "sourcebot"; + + # Use fileset API for cleaner source filtering + # Only include git-tracked files, excluding development/build/docs files + src = lib.fileset.toSource { + root = ../.; + fileset = + lib.fileset.difference + (lib.fileset.gitTracked ./..) + (lib.fileset.unions [ + ../nix/microvm.nix + ../nix/nixosModule.nix + ../nix/nixosTest.nix + ../nix/overlay.nix + ../nix/missing-hashes.json + ../flake.nix + ../flake.lock + ../.github + ../docs + ../README.md + ../CONTRIBUTING.md + ../CHANGELOG.md + ../LICENSE.md + ../.gitignore + ../docker-compose-dev.yml + ../Dockerfile + ../grafana.alloy + ../supervisord.conf + ../fly.toml + ../Makefile + ../_typos.toml + ]); + }; + + buildInputs = with pkgs; [ + nodejs + yarn + redis + openssl + ]; + buildPhase = '' + runHook preBuild + ${lib.getExe pkgs.yarn-berry} workspaces foreach -R --from '{@sourcebot/schemas,@sourcebot/error,@sourcebot/db}' run build + ${lib.getExe pkgs.yarn-berry} build:deps + ${lib.getExe pkgs.yarn-berry} build + runHook postBuild + ''; + missingHashes = ./missing-hashes.json; + offlineCache = pkgs.yarn-berry.fetchYarnBerryDeps { + inherit (finalAttrs) src missingHashes; + hash = "sha256-FpSmCMvHRDea+UOdVIp/c0ydF2zSWjbcU056oBrP0/Y="; + }; + + nativeBuildInputs = with pkgs; [ + yarn-berry.yarnBerryConfigHook + yarn-berry + nodejs + nodePackages.prisma + makeWrapper + ]; + + env = { + YARN_ENABLE_SCRIPTS = "false"; + PRISMA_SCHEMA_ENGINE_BINARY = "${pkgs.prisma-engines}/bin/schema-engine"; + PRISMA_QUERY_ENGINE_BINARY = "${pkgs.prisma-engines}/bin/query-engine"; + PRISMA_QUERY_ENGINE_LIBRARY = "${pkgs.prisma-engines}/lib/libquery_engine.node"; + PRISMA_FMT_BINARY = "${pkgs.prisma-engines}/bin/prisma-fmt"; + }; + + installPhase = '' + runHook preInstall + + + cp -r packages/web/.next/standalone $out + cp -r node_modules/* $out/node_modules + + mkdir -p $out/packages/web + cp -r packages/web/public $out/packages/web/public + mkdir -p $out/packages/web/.next + cp -r packages/web/.next/static $out/packages/web/.next/static + + mkdir -p $out/packages/backend + cp -r packages/backend/node_modules/* $out/node_modules + cp -r packages/backend/* $out/packages/backend + + cp -r packages/db/* $out/packages/db + cp -r packages/schemas/* $out/packages/schemas + # cp -r packages/crypto/* $out/packages/crypto + # cp -r packages/error $out/packages/error + cp -r packages/mcp $out/packages/mcp + # cp -r packages/logger/* $out/packages/logger + cp -r packages/shared/* $out/packages/shared + cp -r node_modules/* $out/node_modules + mkdir -p $out/vendor + cp -r ${pkgs.zoekt.src}/ $out/vendor/zoekt + + mkdir -p $out/bin + cp public.pem $out/ + + rm -rf $out/pacakages/web/.next/cache + ln -s /var/cache/sourcebot $out/packages/web/.next/cache + + # web + cat < $out/bin/sourcebot-web + #!${pkgs.runtimeShell} + export PATH=\$PATH:${pkgs.openssl}/bin + export NODE_ENV=production + export NODE_PATH=$out/node_modules + export PRISMA_SCHEMA_ENGINE_BINARY=${pkgs.prisma-engines}/bin/schema-engine + export PRISMA_QUERY_ENGINE_BINARY=${pkgs.prisma-engines}/bin/query-engine + export PRISMA_QUERY_ENGINE_LIBRARY=${pkgs.prisma-engines}/lib/libquery_engine.node + export PRISMA_FMT_BINARY=${pkgs.prisma-engines}/bin/prisma-fmt + + exec ${pkgs.nodejs}/bin/node $out/packages/web/server.js "\$@" + EOF + + # backend + cat < $out/bin/sourcebot-backend + #!${pkgs.runtimeShell} + export NODE_ENV=production + export NODE_PATH=$out/node_modules + export PRISMA_SCHEMA_ENGINE_BINARY=${pkgs.prisma-engines}/bin/schema-engine + export PRISMA_QUERY_ENGINE_BINARY=${pkgs.prisma-engines}/bin/query-engine + export PRISMA_QUERY_ENGINE_LIBRARY=${pkgs.prisma-engines}/lib/libquery_engine.node + export PRISMA_FMT_BINARY=${pkgs.prisma-engines}/bin/prisma-fmt + + export PATH=${pkgs.lib.makeBinPath (with pkgs; [prisma openssl git zoekt])} + exec ${pkgs.nodejs}/bin/node $out/packages/backend/dist/index.js "\$@" + EOF + + # mcp + cat < $out/bin/sourcebot-mcp + #!${pkgs.runtimeShell} + export NODE_ENV=production + export NODE_PATH=$out/node_modules + exec ${pkgs.nodejs}/bin/node $out/packages/mcp/dist/index.js "\$@" + EOF + chmod +x $out/bin/* + + + runHook postInstall + ''; +})