tamipes/authentik-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
authentik-nix/components/docs.nix
Maximilian Bosch 6dc84faaec
update: 2025.6.4 -> 2025.8.1 
See https://next.goauthentik.io/releases/2025.8/
ChangeLog: https://next.goauthentik.io/releases/2025.8/#fixed-in-202581

The following things changed:

* We're blocked on going to NodeJS 24.x (which is the version upstream
  uses) because it breaks with napalm[1].

* The worker has been switched from celery to dramatiq. An automatic
  migration of the tasks doesn't exist, the operator must make sure to
  stop the server and let the queue drain[2].

  While this eliminates the need of Redis for Celery, the tests fails
  without Redis. After inspecting the code, it looks like it's still
  needed for e.g. session management.

[1] https://github.com/npm/cli/issues/8541
[2] https://next.goauthentik.io/releases/2025.8/#fixed-in-202581
2025-08-30 12:34:10 +02:00

78 lines
3 KiB
Nix
Raw Blame History

{
authentik-src,
authentik-version,
buildNapalmPackage,
nodejs_22,
}:
buildNapalmPackage "${authentik-src}/website" {
version = authentik-version; # 0.0.0 specified upstream in package.json
NODE_ENV = "production";
nodejs = nodejs_22;
npmCommands = [
"cp -v ${authentik-src}/SECURITY.md ../SECURITY.md"
"cp -vr ${authentik-src}/blueprints ../blueprints"
"cp -v ${authentik-src}/schema.yml ../schema.yml"
"cp -v ${authentik-src}/docker-compose.yml ../docker-compose.yml"
"npm config set loglevel verbose"
"npm ci --workspaces --include-workspace-root --no-audit"
"npm run build"
];
installPhase = ''
rm -f ../website/static/blueprints
mv -v ../website $out
cp -vr ../blueprints $out/static/blueprints
'';
# These are lockfiles with extra deps that are required to successfully build
# the module `paloaltonetworks/postman-code-generators`, that is getting
# pulled in by `docusaurus-theme-openapi-doc`.
#
# (see the repo at https://github.com/PaloAltoNetworks/postman-code-generators)
#
# The vendored $name-package-lock.json files here are just the package-lock or
# npm-shrinkwrap files of each subdirectory in the `/codegens` directory of
# the above repo at npm version "1.1.15-patch.2".
#
# Note that the dependency on that postman-code-generators repo is no longer
# present on authentik's main, but unfortunately still included in the
# 2024.6 releases.
#
# (╯°□°)╯︵ ┻━┻)
#
# ---
# update 2024.8.0:
#
# The issue remains. However, now another package source is used, namely
# https://github.com/postmanlabs/postman-code-generators at version v1.10.1
#
# Note:
# Alternatively it would be possible to drop this problematic dependency
# entirely, as is done in nixpkgs for the authentik build:
# https://github.com/NixOS/nixpkgs/blob/0037d6fe7143674afdfb35d1aad315605d883973/pkgs/by-name/au/authentik/package.nix#L53
# But this would differ from the upstream build and it's unclear what the impact is:
# https://github.com/goauthentik/authentik/blob/version/2024.8.1/Dockerfile#L20
#
# How to update:
# These instructions may need some adjustment and are only a best effort bash
# translation of the nushell operations. Please correct or better create
# a script to automate this.
#
# - remove everything from the docs-extra-package-locks folder
# - get the postman-code-generators version from the website/package-lock.json
# $ git clone https://github.com/postmanlabs/postman-code-generators
# $ cd postman-code-generators
# $ git checkout v[version-from-lockfile]
# $ cd codegens/
# $ for f in **/npm-shrinkfile.json; do cp "$f" "[this projects root]/comonents/docs-extra-package-locks/${f//\//-}"
#
#
additionalPackageLocks =
let
files = builtins.readDir ./docs-extra-package-locks;
in
builtins.concatMap (
f: if files.${f} == "regular" then [ (./docs-extra-package-locks + "/${f}") ] else [ ]
) (builtins.attrNames files);
}
Reference in a new issue View git blame Copy permalink