pyrox.dev / nixpkgs
lol
fork atom

nixos/libretranslate: init (#243050)

Sandro 9e7a4f4d fbdfedc3

options
unified split
Changed files
+261 -1
nixos
doc
manual
release-notes
rl-2511.section.md
modules
module-list.nix
services
web-apps
libretranslate.nix
pkgs
development
python-modules
libretranslate
default.nix
+3 -1
nixos/doc/manual/release-notes/rl-2511.section.md 
···

       
34

       
34

       
 

       



     

       
35

       
35

       
 

       
- Auto-scrub support for Bcachefs filesystems can now be enabled through [services.bcachefs.autoScrub.enable](#opt-services.bcachefs.autoScrub.enable) to periodically check for data corruption. If there's a correct copy available, it will automatically repair corrupted blocks.


     

       
36

       
36

       
 

       



     

       
37

       

       
-

       
- [tlsrpt-reporter], an application suite to generate and deliver TLSRPT reports. Available as [services.tlsrpt](#opt-services.tlsrpt.enable).


     

       

       
37

       
+

       
- [LibreTranslate](https://libretranslate.com), a free and open source machine translation API. Available as [services.libretranslate](#opt-services.libretranslate.enable).


     

       

       
38

       
+

       



     

       

       
39

       
+

       
- [tlsrpt-reporter](https://github.com/sys4/tlsrpt-reporter), an application suite to generate and deliver TLSRPT reports. Available as [services.tlsrpt](#opt-services.tlsrpt.enable).


     

       
38

       
40

       
 

       



     

       
39

       
41

       
 

       
- [Chhoto URL](https://github.com/SinTan1729/chhoto-url), a simple, blazingly fast, selfhosted URL shortener with no unnecessary features, written in Rust. Available as [services.chhoto-url](#opt-services.chhoto-url.enable).


     

       
40

       
42
+1
nixos/modules/module-list.nix 
···

       
1611

       
1611

       
 

       
  ./services/web-apps/lasuite-docs.nix


     

       
1612

       
1612

       
 

       
  ./services/web-apps/lasuite-meet.nix


     

       
1613

       
1613

       
 

       
  ./services/web-apps/lemmy.nix


     

       

       
1614

       
+

       
  ./services/web-apps/libretranslate.nix


     

       
1614

       
1615

       
 

       
  ./services/web-apps/limesurvey.nix


     

       
1615

       
1616

       
 

       
  ./services/web-apps/mainsail.nix


     

       
1616

       
1617

       
 

       
  ./services/web-apps/mastodon.nix
+233
nixos/modules/services/web-apps/libretranslate.nix 
···

       

       
1

       
+

       
{


     

       

       
2

       
+

       
  config,


     

       

       
3

       
+

       
  lib,


     

       

       
4

       
+

       
  pkgs,


     

       

       
5

       
+

       
  ...


     

       

       
6

       
+

       
}:


     

       

       
7

       
+

       



     

       

       
8

       
+

       
let


     

       

       
9

       
+

       
  cfg = config.services.libretranslate;


     

       

       
10

       
+

       
  ltmanageKeysCli = pkgs.writeShellScriptBin "ltmanage-keys" ''


     

       

       
11

       
+

       
    set -a


     

       

       
12

       
+

       
    export HOME="/var/lib/libretranslate"


     

       

       
13

       
+

       
    sudo=exec


     

       

       
14

       
+

       
    if [[ "$USER" != ${cfg.user} ]]; then


     

       

       
15

       
+

       
      sudo='exec /run/wrappers/bin/sudo -u ${cfg.user} --preserve-env'


     

       

       
16

       
+

       
    fi


     

       

       
17

       
+

       
    $sudo ${cfg.package}/bin/ltmanage keys --api-keys-db-path ${cfg.dataDir}/db/api_keys.db "$@"


     

       

       
18

       
+

       
  '';


     

       

       
19

       
+

       



     

       

       
20

       
+

       
in


     

       

       
21

       
+

       
{


     

       

       
22

       
+

       
  options = {


     

       

       
23

       
+

       
    services.libretranslate = {


     

       

       
24

       
+

       
      enable = lib.mkEnableOption "LibreTranslate service";


     

       

       
25

       
+

       



     

       

       
26

       
+

       
      package = lib.mkPackageOption pkgs "libretranslate" { };


     

       

       
27

       
+

       



     

       

       
28

       
+

       
      user = lib.mkOption {


     

       

       
29

       
+

       
        type = lib.types.str;


     

       

       
30

       
+

       
        default = "libretranslate";


     

       

       
31

       
+

       
        description = "User account under which libretranslate runs.";


     

       

       
32

       
+

       
      };


     

       

       
33

       
+

       



     

       

       
34

       
+

       
      group = lib.mkOption {


     

       

       
35

       
+

       
        type = lib.types.str;


     

       

       
36

       
+

       
        default = "libretranslate";


     

       

       
37

       
+

       
        description = "Group account under which libretranslate runs.";


     

       

       
38

       
+

       
      };


     

       

       
39

       
+

       



     

       

       
40

       
+

       
      host = lib.mkOption {


     

       

       
41

       
+

       
        description = "The address the application should listen on.";


     

       

       
42

       
+

       
        type = lib.types.str;


     

       

       
43

       
+

       
        default = "127.0.0.1";


     

       

       
44

       
+

       
      };


     

       

       
45

       
+

       



     

       

       
46

       
+

       
      port = lib.mkOption {


     

       

       
47

       
+

       
        type = lib.types.port;


     

       

       
48

       
+

       
        default = 5000;


     

       

       
49

       
+

       
        description = "The the application should listen on.";


     

       

       
50

       
+

       
      };


     

       

       
51

       
+

       



     

       

       
52

       
+

       
      dataDir = lib.mkOption {


     

       

       
53

       
+

       
        type = lib.types.path;


     

       

       
54

       
+

       
        default = "/var/lib/libretranslate";


     

       

       
55

       
+

       
        example = "/srv/data/libretranslate";


     

       

       
56

       
+

       
        description = "The data directory.";


     

       

       
57

       
+

       
      };


     

       

       
58

       
+

       



     

       

       
59

       
+

       
      threads = lib.mkOption {


     

       

       
60

       
+

       
        type = lib.types.nullOr lib.types.ints.positive;


     

       

       
61

       
+

       
        default = null;


     

       

       
62

       
+

       
        example = 8;


     

       

       
63

       
+

       
        description = "Set number of threads.";


     

       

       
64

       
+

       
      };


     

       

       
65

       
+

       



     

       

       
66

       
+

       
      enableApiKeys = lib.mkOption {


     

       

       
67

       
+

       
        type = lib.types.bool;


     

       

       
68

       
+

       
        default = false;


     

       

       
69

       
+

       
        example = true;


     

       

       
70

       
+

       
        description = "Whether to enable the API keys database.";


     

       

       
71

       
+

       
      };


     

       

       
72

       
+

       



     

       

       
73

       
+

       
      disableWebUI = lib.mkOption {


     

       

       
74

       
+

       
        type = lib.types.bool;


     

       

       
75

       
+

       
        default = false;


     

       

       
76

       
+

       
        example = true;


     

       

       
77

       
+

       
        description = "Whether to disable the Web UI.";


     

       

       
78

       
+

       
      };


     

       

       
79

       
+

       



     

       

       
80

       
+

       
      updateModels = lib.mkOption {


     

       

       
81

       
+

       
        type = lib.types.bool;


     

       

       
82

       
+

       
        default = false;


     

       

       
83

       
+

       
        example = true;


     

       

       
84

       
+

       
        description = "Update language models at startup";


     

       

       
85

       
+

       
      };


     

       

       
86

       
+

       



     

       

       
87

       
+

       
      domain = lib.mkOption {


     

       

       
88

       
+

       
        type = lib.types.str;


     

       

       
89

       
+

       
        default = "";


     

       

       
90

       
+

       
        example = "libretranslate.example.com";


     

       

       
91

       
+

       
        description = ''


     

       

       
92

       
+

       
          The domain serving your LibreTranslate instance.


     

       

       
93

       
+

       
          Required for configure nginx as a reverse proxy.


     

       

       
94

       
+

       
        '';


     

       

       
95

       
+

       
      };


     

       

       
96

       
+

       



     

       

       
97

       
+

       
      configureNginx = lib.mkOption {


     

       

       
98

       
+

       
        type = lib.types.bool;


     

       

       
99

       
+

       
        default = false;


     

       

       
100

       
+

       
        description = "Configure nginx as a reverse proxy for LibreTranslate.";


     

       

       
101

       
+

       
      };


     

       

       
102

       
+

       



     

       

       
103

       
+

       
      extraArgs = lib.mkOption {


     

       

       
104

       
+

       
        type =


     

       

       
105

       
+

       
          with lib.types;


     

       

       
106

       
+

       
          attrsOf (


     

       

       
107

       
+

       
            nullOr (oneOf [


     

       

       
108

       
+

       
              bool


     

       

       
109

       
+

       
              str


     

       

       
110

       
+

       
              int


     

       

       
111

       
+

       
              (listOf (oneOf [


     

       

       
112

       
+

       
                bool


     

       

       
113

       
+

       
                str


     

       

       
114

       
+

       
                int


     

       

       
115

       
+

       
              ]))


     

       

       
116

       
+

       
            ])


     

       

       
117

       
+

       
          );


     

       

       
118

       
+

       
        default = { };


     

       

       
119

       
+

       
        example = {


     

       

       
120

       
+

       
          debug = true;


     

       

       
121

       
+

       
          disable-files-translation = true;


     

       

       
122

       
+

       
          url-prefix = "translate";


     

       

       
123

       
+

       
        };


     

       

       
124

       
+

       
        description = "Extra arguments passed to the LibreTranslate.";


     

       

       
125

       
+

       
      };


     

       

       
126

       
+

       
    };


     

       

       
127

       
+

       
  };


     

       

       
128

       
+

       



     

       

       
129

       
+

       
  config = lib.mkIf cfg.enable {


     

       

       
130

       
+

       
    environment.systemPackages = lib.mkIf cfg.enableApiKeys [ ltmanageKeysCli ];


     

       

       
131

       
+

       



     

       

       
132

       
+

       
    systemd.tmpfiles.rules = lib.mkIf (cfg.dataDir != "/var/lib/libretranslate") [


     

       

       
133

       
+

       
      "d '${cfg.dataDir}' 0750 ${cfg.user} ${cfg.group} - -"


     

       

       
134

       
+

       
      "z '${cfg.dataDir}' 0750 ${cfg.user} ${cfg.group} - -"


     

       

       
135

       
+

       
    ];


     

       

       
136

       
+

       



     

       

       
137

       
+

       
    systemd.services.libretranslate = {


     

       

       
138

       
+

       
      description = "LibreTranslate service";


     

       

       
139

       
+

       
      after = [ "network.target" ];


     

       

       
140

       
+

       
      wantedBy = [ "multi-user.target" ];


     

       

       
141

       
+

       
      environment = {


     

       

       
142

       
+

       
        HOME = cfg.dataDir;


     

       

       
143

       
+

       
      };


     

       

       
144

       
+

       
      serviceConfig = lib.mkMerge [


     

       

       
145

       
+

       
        {


     

       

       
146

       
+

       
          Type = "simple";


     

       

       
147

       
+

       
          ExecStart = ''


     

       

       
148

       
+

       
            ${cfg.package}/bin/libretranslate ${


     

       

       
149

       
+

       
              lib.cli.toGNUCommandLineShell { } (


     

       

       
150

       
+

       
                cfg.extraArgs


     

       

       
151

       
+

       
                // {


     

       

       
152

       
+

       
                  inherit (cfg) host port threads;


     

       

       
153

       
+

       
                  api-keys = cfg.enableApiKeys;


     

       

       
154

       
+

       
                  disable-web-ui = cfg.disableWebUI;


     

       

       
155

       
+

       
                  update-models = cfg.updateModels;


     

       

       
156

       
+

       
                }


     

       

       
157

       
+

       
              )


     

       

       
158

       
+

       
            }


     

       

       
159

       
+

       
          '';


     

       

       
160

       
+

       
          WorkingDirectory = cfg.dataDir;


     

       

       
161

       
+

       
          User = cfg.user;


     

       

       
162

       
+

       
          Group = cfg.group;


     

       

       
163

       
+

       
          ProcSubset = "all";


     

       

       
164

       
+

       
          ProtectProc = "invisible";


     

       

       
165

       
+

       
          UMask = "0027";


     

       

       
166

       
+

       
          CapabilityBoundingSet = "";


     

       

       
167

       
+

       
          NoNewPrivileges = true;


     

       

       
168

       
+

       
          ProtectSystem = "strict";


     

       

       
169

       
+

       
          ProtectHome = true;


     

       

       
170

       
+

       
          PrivateTmp = true;


     

       

       
171

       
+

       
          PrivateDevices = true;


     

       

       
172

       
+

       
          PrivateUsers = true;


     

       

       
173

       
+

       
          ProtectHostname = true;


     

       

       
174

       
+

       
          ProtectClock = true;


     

       

       
175

       
+

       
          ProtectKernelTunables = true;


     

       

       
176

       
+

       
          ProtectKernelModules = true;


     

       

       
177

       
+

       
          ProtectKernelLogs = true;


     

       

       
178

       
+

       
          ProtectControlGroups = true;


     

       

       
179

       
+

       
          RestrictAddressFamilies = [


     

       

       
180

       
+

       
            "AF_INET"


     

       

       
181

       
+

       
            "AF_INET6"


     

       

       
182

       
+

       
          ];


     

       

       
183

       
+

       
          RestrictNamespaces = true;


     

       

       
184

       
+

       
          LockPersonality = true;


     

       

       
185

       
+

       
          MemoryDenyWriteExecute = false;


     

       

       
186

       
+

       
          RestrictRealtime = true;


     

       

       
187

       
+

       
          RestrictSUIDSGID = true;


     

       

       
188

       
+

       
          RemoveIPC = true;


     

       

       
189

       
+

       
          PrivateMounts = true;


     

       

       
190

       
+

       
          SystemCallArchitectures = "native";


     

       

       
191

       
+

       
          SystemCallFilter = [ "~@cpu-emulation @debug @keyring @mount @obsolete @privileged @setuid" ];


     

       

       
192

       
+

       
        }


     

       

       
193

       
+

       
        (lib.mkIf (cfg.dataDir == "/var/lib/libretranslate") {


     

       

       
194

       
+

       
          StateDirectory = "libretranslate";


     

       

       
195

       
+

       
          StateDirectoryMode = "0750";


     

       

       
196

       
+

       
        })


     

       

       
197

       
+

       
        (lib.mkIf (cfg.dataDir != "/var/lib/libretranslate") {


     

       

       
198

       
+

       
          ReadWritePaths = cfg.dataDir;


     

       

       
199

       
+

       
        })


     

       

       
200

       
+

       
      ];


     

       

       
201

       
+

       
    };


     

       

       
202

       
+

       



     

       

       
203

       
+

       
    services.nginx = lib.mkIf cfg.configureNginx {


     

       

       
204

       
+

       
      enable = true;


     

       

       
205

       
+

       
      virtualHosts."${cfg.domain}" = {


     

       

       
206

       
+

       
        root = "/var/empty";


     

       

       
207

       
+

       



     

       

       
208

       
+

       
        locations."/" = {


     

       

       
209

       
+

       
          proxyPass = "http://127.0.0.1:${toString cfg.port}";


     

       

       
210

       
+

       
        };


     

       

       
211

       
+

       



     

       

       
212

       
+

       
        locations."= /favicon.ico" = {


     

       

       
213

       
+

       
          alias = "${cfg.package.static-compressed}/share/libretranslate/static/favicon.ico";


     

       

       
214

       
+

       
        };


     

       

       
215

       
+

       



     

       

       
216

       
+

       
        locations."^~ /static/" = {


     

       

       
217

       
+

       
          alias = "${cfg.package.static-compressed}/share/libretranslate/static/";


     

       

       
218

       
+

       
        };


     

       

       
219

       
+

       
      };


     

       

       
220

       
+

       
    };


     

       

       
221

       
+

       



     

       

       
222

       
+

       
    users.users = lib.optionalAttrs (cfg.user == "libretranslate") {


     

       

       
223

       
+

       
      libretranslate = {


     

       

       
224

       
+

       
        group = cfg.group;


     

       

       
225

       
+

       
        isSystemUser = true;


     

       

       
226

       
+

       
      };


     

       

       
227

       
+

       
    };


     

       

       
228

       
+

       



     

       

       
229

       
+

       
    users.groups = lib.optionalAttrs (cfg.group == "libretranslate") {


     

       

       
230

       
+

       
      libretranslate = { };


     

       

       
231

       
+

       
    };


     

       

       
232

       
+

       
  };


     

       

       
233

       
+

       
}
+24
pkgs/development/python-modules/libretranslate/default.nix 
···

       
1

       
1

       
 

       
{


     

       
2

       
2

       
 

       
  lib,


     

       

       
3

       
+

       
  pkgs,


     

       
3

       
4

       
 

       
  buildPythonPackage,


     

       
4

       
5

       
 

       
  fetchFromGitHub,


     

       
5

       
6

       
 

       
  pytestCheckHook,


     

       

       
7

       
+

       
  runCommand,


     

       
6

       
8

       
 

       
  hatchling,


     

       
7

       
9

       
 

       
  argostranslate,


     

       
8

       
10

       
 

       
  flask,


     
···

       
15

       
17

       
 

       
  expiringdict,


     

       
16

       
18

       
 

       
  langdetect,


     

       
17

       
19

       
 

       
  lexilang,


     

       

       
20

       
+

       
  libretranslate,


     

       
18

       
21

       
 

       
  ltpycld2,


     

       
19

       
22

       
 

       
  morfessor,


     

       
20

       
23

       
 

       
  appdirs,


     
···

       
26

       
29

       
 

       
  prometheus-client,


     

       
27

       
30

       
 

       
  polib,


     

       
28

       
31

       
 

       
  python,


     

       

       
32

       
+

       
  xorg,


     

       
29

       
33

       
 

       
}:


     

       
30

       
34

       
 

       



     

       
31

       
35

       
 

       
buildPythonPackage rec {


     
···

       
84

       
88

       
 

       
  env.HOME = "/tmp";


     

       
85

       
89

       
 

       



     

       
86

       
90

       
 

       
  pythonImportsCheck = [ "libretranslate" ];


     

       

       
91

       
+

       



     

       

       
92

       
+

       
  passthru = {


     

       

       
93

       
+

       
    static-compressed =


     

       

       
94

       
+

       
      runCommand "libretranslate-data-compressed"


     

       

       
95

       
+

       
        {


     

       

       
96

       
+

       
          nativeBuildInputs = [


     

       

       
97

       
+

       
            pkgs.brotli


     

       

       
98

       
+

       
            xorg.lndir


     

       

       
99

       
+

       
          ];


     

       

       
100

       
+

       
        }


     

       

       
101

       
+

       
        ''


     

       

       
102

       
+

       
          mkdir -p $out/share/libretranslate/static


     

       

       
103

       
+

       
          lndir ${libretranslate}/share/libretranslate/static $out/share/libretranslate/static


     

       

       
104

       
+

       



     

       

       
105

       
+

       
          # Create static gzip and brotli files


     

       

       
106

       
+

       
          find -L $out -type f -regextype posix-extended -iregex '.*\.(css|ico|js|svg|ttf)' \


     

       

       
107

       
+

       
            -exec gzip --best --keep --force {} ';' \


     

       

       
108

       
+

       
            -exec brotli --best --keep --no-copy-stat {} ';'


     

       

       
109

       
+

       
        '';


     

       

       
110

       
+

       
  };


     

       
87

       
111

       
 

       



     

       
88

       
112

       
 

       
  meta = with lib; {


     

       
89

       
113

       
 

       
    description = "Free and Open Source Machine Translation API. Self-hosted, no limits, no ties to proprietary services";