pyrox.dev / nixpkgs
lol
fork atom

privacyidea: fix build

The previous changes for the 3.8 update are ready, but staging got
merged into master, so there are a few more challenges to tackle:

* Use python 3.10 now since it's actually supported and less effort to
build (3.9 isn't recursed into anymore).
* sphinx doesn't build with these overrides, so patch it out entirely
(i.e. drop `sphinxHook` where it's causing problems).
* backport a few jinja2 fixes for python 3.10 that were fixed in later
versions, but break because this env is stuck to 2.11.

Maximilian Bosch 918c22bd ffd4bf73

options
unified split
Changed files
+68 -3
nixos
modules
services
security
privacyidea.nix
pkgs
applications
misc
privacyidea
default.nix
+1 -1
nixos/modules/services/security/privacyidea.nix 
···

       
6

       
6

       
 

       
  cfg = config.services.privacyidea;


     

       
7

       
7

       
 

       
  opt = options.services.privacyidea;


     

       
8

       
8

       
 

       



     

       
9

       

       
-

       
  uwsgi = pkgs.uwsgi.override { plugins = [ "python3" ]; python3 = pkgs.python39; };


     

       

       
9

       
+

       
  uwsgi = pkgs.uwsgi.override { plugins = [ "python3" ]; python3 = pkgs.python310; };


     

       
10

       
10

       
 

       
  python = uwsgi.python3;


     

       
11

       
11

       
 

       
  penv = python.withPackages (const [ pkgs.privacyidea ]);


     

       
12

       
12

       
 

       
  logCfg = pkgs.writeText "privacyidea-log.cfg" ''
+67 -2
pkgs/applications/misc/privacyidea/default.nix 
···

       
1

       
1

       
 

       
{ lib, fetchFromGitHub, cacert, openssl, nixosTests


     

       
2

       

       
-

       
, python39


     

       

       
2

       
+

       
, python310, fetchpatch


     

       
3

       
3

       
 

       
}:


     

       
4

       
4

       
 

       



     

       
5

       
5

       
 

       
let


     

       
6

       

       
-

       
  python3' = python39.override {


     

       

       
6

       
+

       
  dropDevOutput = { outputs, ... }: {


     

       

       
7

       
+

       
    outputs = lib.filter (x: x != "doc") outputs;


     

       

       
8

       
+

       
  };


     

       

       
9

       
+

       



     

       

       
10

       
+

       
  python3' = python310.override {


     

       
7

       
11

       
 

       
    packageOverrides = self: super: {


     

       
8

       
12

       
 

       
      sqlalchemy = super.sqlalchemy.overridePythonAttrs (oldAttrs: rec {


     

       
9

       
13

       
 

       
        version = "1.3.24";


     
···

       
25

       
29

       
 

       
          sha256 = "ae2f05671588762dd83a21d8b18c51fe355e86783e24594995ff8d7380dffe38";


     

       
26

       
30

       
 

       
        };


     

       
27

       
31

       
 

       
      });


     

       

       
32

       
+

       
      flask-sqlalchemy = super.flask-sqlalchemy.overridePythonAttrs (old: rec {


     

       

       
33

       
+

       
        version = "2.5.1";


     

       

       
34

       
+

       
        format = "setuptools";


     

       

       
35

       
+

       
        src = self.fetchPypi {


     

       

       
36

       
+

       
          pname = "Flask-SQLAlchemy";


     

       

       
37

       
+

       
          inherit version;


     

       

       
38

       
+

       
          hash = "sha256:2bda44b43e7cacb15d4e05ff3cc1f8bc97936cc464623424102bfc2c35e95912";


     

       

       
39

       
+

       
        };


     

       

       
40

       
+

       
      });


     

       
28

       
41

       
 

       
      # Taken from by https://github.com/NixOS/nixpkgs/pull/173090/commits/d2c0c7eb4cc91beb0a1adbaf13abc0a526a21708


     

       
29

       
42

       
 

       
      werkzeug = super.werkzeug.overridePythonAttrs (old: rec {


     

       
30

       
43

       
 

       
        version = "1.0.1";


     
···

       
44

       
57

       
 

       
          inherit version;


     

       
45

       
58

       
 

       
          sha256 = "sha256-ptWEM94K6AA0fKsfowQ867q+i6qdKeZo8cdoy4ejM8Y=";


     

       
46

       
59

       
 

       
        };


     

       

       
60

       
+

       
        patches = [


     

       

       
61

       
+

       
          # python 3.10 compat fixes. In later upstream releases, but these


     

       

       
62

       
+

       
          # are not compatible with flask 1 which we need here :(


     

       

       
63

       
+

       
          (fetchpatch {


     

       

       
64

       
+

       
            url = "https://github.com/thmo/jinja/commit/1efb4cc918b4f3d097c376596da101de9f76585a.patch";


     

       

       
65

       
+

       
            sha256 = "sha256-GFaSvYxgzOEFmnnDIfcf0ImScNTh1lR4lxt2Uz1DYdU=";


     

       

       
66

       
+

       
          })


     

       

       
67

       
+

       
          (fetchpatch {


     

       

       
68

       
+

       
            url = "https://github.com/mkrizek/jinja/commit/bd8bad37d1c0e2d8995a44fd88e234f5340afec5.patch";


     

       

       
69

       
+

       
            sha256 = "sha256-Uow+gaO+/dH6zavC0X/SsuMAfhTLRWpamVlL87DXDRA=";


     

       

       
70

       
+

       
            excludes = [ "CHANGES.rst" ];


     

       

       
71

       
+

       
          })


     

       

       
72

       
+

       
        ];


     

       
47

       
73

       
 

       
      });


     

       
48

       
74

       
 

       
      # Required by jinja2-2.11.3


     

       
49

       
75

       
 

       
      markupsafe = super.markupsafe.overridePythonAttrs (old: rec {


     
···

       
87

       
113

       
 

       
      # Requires pytest-httpserver as checkInput now which requires Werkzeug>=2 which is not


     

       
88

       
114

       
 

       
      # supported by current privacyIDEA.


     

       
89

       
115

       
 

       
      responses = super.responses.overridePythonAttrs (lib.const {


     

       

       
116

       
+

       
        doCheck = false;


     

       

       
117

       
+

       
      });


     

       

       
118

       
+

       
      flask-babel = (super.flask-babel.override {


     

       

       
119

       
+

       
        sphinxHook = null;


     

       

       
120

       
+

       
        furo = null;


     

       

       
121

       
+

       
      }).overridePythonAttrs (old: (dropDevOutput old) // rec {


     

       

       
122

       
+

       
        pname = "Flask-Babel";


     

       

       
123

       
+

       
        version = "2.0.0";


     

       

       
124

       
+

       
        format = "setuptools";


     

       

       
125

       
+

       
        src = self.fetchPypi {


     

       

       
126

       
+

       
          inherit pname;


     

       

       
127

       
+

       
          inherit version;


     

       

       
128

       
+

       
          hash = "sha256:f9faf45cdb2e1a32ea2ec14403587d4295108f35017a7821a2b1acb8cfd9257d";


     

       

       
129

       
+

       
        };


     

       

       
130

       
+

       
      });


     

       

       
131

       
+

       
      psycopg2 = (super.psycopg2.override {


     

       

       
132

       
+

       
        sphinxHook = null;


     

       

       
133

       
+

       
        sphinx-better-theme = null;


     

       

       
134

       
+

       
      }).overridePythonAttrs dropDevOutput;


     

       

       
135

       
+

       
      hypothesis = super.hypothesis.override {


     

       

       
136

       
+

       
        enableDocumentation = false;


     

       

       
137

       
+

       
      };


     

       

       
138

       
+

       
      pyjwt = (super.pyjwt.override {


     

       

       
139

       
+

       
        sphinxHook = null;


     

       

       
140

       
+

       
        sphinx-rtd-theme = null;


     

       

       
141

       
+

       
      }).overridePythonAttrs (old: (dropDevOutput old) // { format = "setuptools"; });


     

       

       
142

       
+

       
      beautifulsoup4 = (super.beautifulsoup4.override {


     

       

       
143

       
+

       
        sphinxHook = null;


     

       

       
144

       
+

       
      }).overridePythonAttrs dropDevOutput;


     

       

       
145

       
+

       
      pydash = (super.pydash.override {


     

       

       
146

       
+

       
        sphinx-rtd-theme = null;


     

       

       
147

       
+

       
      }).overridePythonAttrs (old: rec {


     

       

       
148

       
+

       
        version = "5.1.0";


     

       

       
149

       
+

       
        src = self.fetchPypi {


     

       

       
150

       
+

       
          inherit (old) pname;


     

       

       
151

       
+

       
          inherit version;


     

       

       
152

       
+

       
          hash = "sha256-GysFCsG64EnNB/WSCxT6u+UmOPSF2a2h6xFanuv/aDU=";


     

       

       
153

       
+

       
        };


     

       

       
154

       
+

       
        format = "setuptools";


     

       
90

       
155

       
 

       
        doCheck = false;


     

       
91

       
156

       
 

       
      });


     

       
92

       
157

       
 

       
    };