+2

nixos/doc/manual/release-notes/rl-2311.section.md

··· 42 42 43 43 - [systemd-sysupdate](https://www.freedesktop.org/software/systemd/man/systemd-sysupdate.html), atomically updates the host OS, container images, portable service images or other sources. Available as [systemd.sysupdate](opt-systemd.sysupdate). 44 44 45 45 + - [eris-server](https://codeberg.org/eris/eris-go). [ERIS](https://eris.codeberg.page/) is an encoding for immutable storage and this server provides block exchange as well as content decoding over HTTP and through a FUSE file-system. Available as [services.eris-server](#opt-services.eris-server.enable). 46 46 + 45 47 ## Backward Incompatibilities {#sec-release-23.11-incompatibilities} 46 48 47 49 - The `boot.loader.raspberryPi` options have been marked deprecated, with intent for removal for NixOS 24.11. They had a limited use-case, and do not work like people expect. They required either very old installs ([before mid-2019](https://github.com/NixOS/nixpkgs/pull/62462)) or customized builds out of scope of the standard and generic AArch64 support. That option set never supported the Raspberry Pi 4 family of devices.

+1

nixos/modules/module-list.nix

··· 807 807 ./services/network-filesystems/davfs2.nix 808 808 ./services/network-filesystems/diod.nix 809 809 ./services/network-filesystems/drbd.nix 810 810 + ./services/network-filesystems/eris-server.nix 810 811 ./services/network-filesystems/glusterfs.nix 811 812 ./services/network-filesystems/kbfs.nix 812 813 ./services/network-filesystems/kubo.nix

+103

nixos/modules/services/network-filesystems/eris-server.nix

··· 1 1 + { config, lib, pkgs, ... }: 2 2 + 3 3 + let 4 4 + cfg = config.services.eris-server; 5 5 + stateDirectoryPath = "\${STATE_DIRECTORY}"; 6 6 + in { 7 7 + 8 8 + options.services.eris-server = { 9 9 + 10 10 + enable = lib.mkEnableOption "an ERIS server"; 11 11 + 12 12 + package = lib.mkOption { 13 13 + type = lib.types.package; 14 14 + default = pkgs.eris-go; 15 15 + defaultText = lib.literalExpression "pkgs.eris-go"; 16 16 + description = "Package to use for the ERIS server."; 17 17 + }; 18 18 + 19 19 + decode = lib.mkOption { 20 20 + type = lib.types.bool; 21 21 + default = false; 22 22 + description = '' 23 23 + Whether the HTTP service (when enabled) will decode ERIS content at /uri-res/N2R?urn:eris:. 24 24 + Enabling this is recommended only for private or local-only servers. 25 25 + ''; 26 26 + }; 27 27 + 28 28 + listenCoap = lib.mkOption { 29 29 + type = lib.types.str; 30 30 + default = ":5683"; 31 31 + example = "[::1]:5683"; 32 32 + description = '' 33 33 + Server CoAP listen address. Listen on all IP addresses at port 5683 by default. 34 34 + Please note that the server can service client requests for ERIS-blocks by 35 35 + querying other clients connected to the server. Whether or not blocks are 36 36 + relayed back to the server depends on client configuration but be aware this 37 37 + may leak sensitive metadata and trigger network activity. 38 38 + ''; 39 39 + }; 40 40 + 41 41 + listenHttp = lib.mkOption { 42 42 + type = lib.types.str; 43 43 + default = ""; 44 44 + example = "[::1]:8080"; 45 45 + description = "Server HTTP listen address. Do not listen by default."; 46 46 + }; 47 47 + 48 48 + backends = lib.mkOption { 49 49 + type = with lib.types; listOf str; 50 50 + description = '' 51 51 + List of backend URLs. 52 52 + Add "get" and "put" as query elements to enable those operations. 53 53 + ''; 54 54 + example = [ 55 55 + "bolt+file:///srv/eris.bolt?get&put" 56 56 + "coap+tcp://eris.example.com:5683?get" 57 57 + ]; 58 58 + }; 59 59 + 60 60 + mountpoint = lib.mkOption { 61 61 + type = lib.types.str; 62 62 + default = ""; 63 63 + example = "/eris"; 64 64 + description = '' 65 65 + Mountpoint for FUSE namespace that exposes "urn:eris:…" files. 66 66 + ''; 67 67 + }; 68 68 + 69 69 + }; 70 70 + 71 71 + config = lib.mkIf cfg.enable { 72 72 + systemd.services.eris-server = let 73 73 + cmd = 74 74 + "${cfg.package}/bin/eris-go server --coap '${cfg.listenCoap}' --http '${cfg.listenHttp}' ${ 75 75 + lib.optionalString cfg.decode "--decode " 76 76 + }${ 77 77 + lib.optionalString (cfg.mountpoint != "") 78 78 + ''--mountpoint "${cfg.mountpoint}" '' 79 79 + }${lib.strings.escapeShellArgs cfg.backends}"; 80 80 + in { 81 81 + description = "ERIS block server"; 82 82 + after = [ "network.target" ]; 83 83 + wantedBy = [ "multi-user.target" ]; 84 84 + script = lib.mkIf (cfg.mountpoint != "") '' 85 85 + export PATH=${config.security.wrapperDir}:$PATH 86 86 + ${cmd} 87 87 + ''; 88 88 + serviceConfig = let 89 89 + umounter = lib.mkIf (cfg.mountpoint != "") 90 90 + "-${config.security.wrapperDir}/fusermount -uz ${cfg.mountpoint}"; 91 91 + in { 92 92 + ExecStartPre = umounter; 93 93 + ExecStart = lib.mkIf (cfg.mountpoint == "") cmd; 94 94 + ExecStopPost = umounter; 95 95 + Restart = "always"; 96 96 + RestartSec = 20; 97 97 + AmbientCapabilities = "CAP_NET_BIND_SERVICE"; 98 98 + }; 99 99 + }; 100 100 + }; 101 101 + 102 102 + meta.maintainers = with lib.maintainers; [ ehmry ]; 103 103 + }

+1

nixos/tests/all-tests.nix

··· 252 252 envoy = handleTest ./envoy.nix {}; 253 253 ergo = handleTest ./ergo.nix {}; 254 254 ergochat = handleTest ./ergochat.nix {}; 255 255 + eris-server = handleTest ./eris-server.nix {}; 255 256 esphome = handleTest ./esphome.nix {}; 256 257 etc = pkgs.callPackage ../modules/system/etc/test.nix { inherit evalMinimalConfig; }; 257 258 activation = pkgs.callPackage ../modules/system/activation/test.nix { };

+23

nixos/tests/eris-server.nix

··· 1 1 + import ./make-test-python.nix ({ pkgs, lib, ... }: { 2 2 + name = "eris-server"; 3 3 + meta.maintainers = with lib.maintainers; [ ehmry ]; 4 4 + 5 5 + nodes.server = { 6 6 + environment.systemPackages = [ pkgs.eris-go pkgs.nim.pkgs.eris ]; 7 7 + services.eris-server = { 8 8 + enable = true; 9 9 + decode = true; 10 10 + listenHttp = "[::1]:80"; 11 11 + backends = [ "badger+file:///var/cache/eris.badger?get&put" ]; 12 12 + mountpoint = "/eris"; 13 13 + }; 14 14 + }; 15 15 + 16 16 + testScript = '' 17 17 + start_all() 18 18 + server.wait_for_unit("eris-server.service") 19 19 + server.wait_for_open_port(5683) 20 20 + server.wait_for_open_port(80) 21 21 + server.succeed("eriscmd get http://[::1] $(echo 'Hail ERIS!' | eriscmd put coap+tcp://[::1]:5683)") 22 22 + ''; 23 23 + })

+7 -8

pkgs/servers/eris-go/default.nix

··· 1 1 - { lib, stdenv, buildGoModule, fetchFromGitea }: 1 1 + { lib, stdenv, buildGoModule, fetchFromGitea, nixosTests }: 2 2 3 3 buildGoModule rec { 4 4 pname = "eris-go"; 5 5 - version = "20230202"; 5 5 + version = "20230729"; 6 6 7 7 src = fetchFromGitea { 8 8 domain = "codeberg.org"; 9 9 owner = "eris"; 10 10 - repo = pname; 10 10 + repo = "eris-go"; 11 11 rev = version; 12 12 - hash = "sha256-o9FRlUtMk1h8sR+am2gNEQOMgAceRTdRusI4a6ikHUM="; 12 12 + hash = "sha256-yFWmfWmlGL4fC36XsjO/ao/v8FVI20EpXSblZ0EcosI="; 13 13 }; 14 14 15 15 - vendorHash = "sha256-ZDJm7ZlDBVWLnuC90pOwa608GnuEgy0N/I96vvesZPY="; 15 15 + vendorHash = "sha256-Z6rirsiiBzH0herQAkxZp1Xr++489qNoiD4fqoLt9/A="; 16 16 17 17 - postInstall = "ln -s $out/bin/eris-get $out/bin/eris-put"; 18 18 - # eris-get is a multicall binary 17 17 + passthru.tests = { inherit (nixosTests) eris-server; }; 19 18 20 19 meta = src.meta // { 21 20 description = "Implementation of ERIS for Go"; 21 21 + homepage = "https://codeberg.org/eris/eris-go"; 22 22 license = lib.licenses.bsd3; 23 23 maintainers = with lib.maintainers; [ ehmry ]; 24 24 - mainProgram = "eris-get"; 25 24 broken = stdenv.isDarwin; 26 25 }; 27 26 }