+3

nixos/doc/manual/release-notes/rl-2311.section.md

··· 50 50 51 51 - [eris-server](https://codeberg.org/eris/eris-go). [ERIS](https://eris.codeberg.page/) is an encoding for immutable storage and this server provides block exchange as well as content decoding over HTTP and through a FUSE file-system. Available as [services.eris-server](#opt-services.eris-server.enable). 52 52 53 53 + - [Honk](https://humungus.tedunangst.com/r/honk), a complete ActivityPub server with minimal setup and support costs. 54 54 + Available as [services.honk](#opt-services.honk.enable). 55 55 + 53 56 ## Backward Incompatibilities {#sec-release-23.11-incompatibilities} 54 57 55 58 - The `boot.loader.raspberryPi` options have been marked deprecated, with intent for removal for NixOS 24.11. They had a limited use-case, and do not work like people expect. They required either very old installs ([before mid-2019](https://github.com/NixOS/nixpkgs/pull/62462)) or customized builds out of scope of the standard and generic AArch64 support. That option set never supported the Raspberry Pi 4 family of devices.

+1

nixos/modules/module-list.nix

··· 1227 1227 ./services/web-apps/healthchecks.nix 1228 1228 ./services/web-apps/hedgedoc.nix 1229 1229 ./services/web-apps/hledger-web.nix 1230 1230 + ./services/web-apps/honk.nix 1230 1231 ./services/web-apps/icingaweb2/icingaweb2.nix 1231 1232 ./services/web-apps/icingaweb2/module-monitoring.nix 1232 1233 ./services/web-apps/invidious.nix

+23

nixos/modules/services/web-apps/honk.md

··· 1 1 + # Honk {#module-services-honk} 2 2 + 3 3 + With Honk on NixOS you can quickly configure a complete ActivityPub server with 4 4 + minimal setup and support costs. 5 5 + 6 6 + ## Basic usage {#module-services-honk-basic-usage} 7 7 + 8 8 + A minimal configuration looks like this: 9 9 + 10 10 + ```nix 11 11 + { 12 12 + services.honk = { 13 13 + enable = true; 14 14 + host = "0.0.0.0"; 15 15 + port = 8080; 16 16 + username = "username"; 17 17 + passwordFile = "/etc/honk/password.txt"; 18 18 + servername = "honk.example.com"; 19 19 + }; 20 20 + 21 21 + networking.firewall.allowedTCPPorts = [ 8080 ]; 22 22 + } 23 23 + ```

+153

nixos/modules/services/web-apps/honk.nix

··· 1 1 + { config 2 2 + , lib 3 3 + , pkgs 4 4 + , ... 5 5 + }: 6 6 + let 7 7 + cfg = config.services.honk; 8 8 + 9 9 + honk-initdb-script = cfg: pkgs.writeShellApplication { 10 10 + name = "honk-initdb-script"; 11 11 + 12 12 + runtimeInputs = with pkgs; [ coreutils ]; 13 13 + 14 14 + text = '' 15 15 + PW=$(cat "$CREDENTIALS_DIRECTORY/honk_passwordFile") 16 16 + 17 17 + echo -e "${cfg.username}\n''$PW\n${cfg.host}:${toString cfg.port}\n${cfg.servername}" | ${lib.getExe cfg.package} -datadir "$STATE_DIRECTORY" init 18 18 + ''; 19 19 + }; 20 20 + in 21 21 + { 22 22 + options = { 23 23 + services.honk = { 24 24 + enable = lib.mkEnableOption (lib.mdDoc "the Honk server"); 25 25 + package = lib.mkPackageOptionMD pkgs "honk" { }; 26 26 + 27 27 + host = lib.mkOption { 28 28 + default = "127.0.0.1"; 29 29 + description = lib.mdDoc '' 30 30 + The host name or IP address the server should listen to. 31 31 + ''; 32 32 + type = lib.types.str; 33 33 + }; 34 34 + 35 35 + port = lib.mkOption { 36 36 + default = 8080; 37 37 + description = lib.mdDoc '' 38 38 + The port the server should listen to. 39 39 + ''; 40 40 + type = lib.types.port; 41 41 + }; 42 42 + 43 43 + username = lib.mkOption { 44 44 + description = lib.mdDoc '' 45 45 + The admin account username. 46 46 + ''; 47 47 + type = lib.types.str; 48 48 + }; 49 49 + 50 50 + passwordFile = lib.mkOption { 51 51 + description = lib.mdDoc '' 52 52 + Password for admin account. 53 53 + NOTE: Should be string not a store path, to prevent the password from being world readable 54 54 + ''; 55 55 + type = lib.types.path; 56 56 + }; 57 57 + 58 58 + servername = lib.mkOption { 59 59 + description = lib.mdDoc '' 60 60 + The server name. 61 61 + ''; 62 62 + type = lib.types.str; 63 63 + }; 64 64 + 65 65 + extraJS = lib.mkOption { 66 66 + default = null; 67 67 + description = lib.mdDoc '' 68 68 + An extra JavaScript file to be loaded by the client. 69 69 + ''; 70 70 + type = lib.types.nullOr lib.types.path; 71 71 + }; 72 72 + 73 73 + extraCSS = lib.mkOption { 74 74 + default = null; 75 75 + description = lib.mdDoc '' 76 76 + An extra CSS file to be loaded by the client. 77 77 + ''; 78 78 + type = lib.types.nullOr lib.types.path; 79 79 + }; 80 80 + }; 81 81 + }; 82 82 + 83 83 + config = lib.mkIf cfg.enable { 84 84 + assertions = [ 85 85 + { 86 86 + assertion = cfg.username or "" != ""; 87 87 + message = '' 88 88 + You have to define a username for Honk (`services.honk.username`). 89 89 + ''; 90 90 + } 91 91 + { 92 92 + assertion = cfg.servername or "" != ""; 93 93 + message = '' 94 94 + You have to define a servername for Honk (`services.honk.servername`). 95 95 + ''; 96 96 + } 97 97 + ]; 98 98 + 99 99 + systemd.services.honk-initdb = { 100 100 + description = "Honk server database setup"; 101 101 + requiredBy = [ "honk.service" ]; 102 102 + before = [ "honk.service" ]; 103 103 + 104 104 + serviceConfig = { 105 105 + LoadCredential = [ 106 106 + "honk_passwordFile:${cfg.passwordFile}" 107 107 + ]; 108 108 + Type = "oneshot"; 109 109 + StateDirectory = "honk"; 110 110 + DynamicUser = true; 111 111 + RemainAfterExit = true; 112 112 + ExecStart = lib.getExe (honk-initdb-script cfg); 113 113 + PrivateTmp = true; 114 114 + }; 115 115 + 116 116 + unitConfig = { 117 117 + ConditionPathExists = [ 118 118 + # Skip this service if the database already exists 119 119 + "!$STATE_DIRECTORY/honk.db" 120 120 + ]; 121 121 + }; 122 122 + }; 123 123 + 124 124 + systemd.services.honk = { 125 125 + description = "Honk server"; 126 126 + wantedBy = [ "multi-user.target" ]; 127 127 + after = [ "network.target" ]; 128 128 + bindsTo = [ "honk-initdb.service" ]; 129 129 + preStart = '' 130 130 + mkdir -p $STATE_DIRECTORY/views 131 131 + ${lib.optionalString (cfg.extraJS != null) "ln -fs ${cfg.extraJS} $STATE_DIRECTORY/views/local.js"} 132 132 + ${lib.optionalString (cfg.extraCSS != null) "ln -fs ${cfg.extraCSS} $STATE_DIRECTORY/views/local.css"} 133 133 + ${lib.getExe cfg.package} -datadir $STATE_DIRECTORY -viewdir ${cfg.package}/share/honk backup $STATE_DIRECTORY/backup 134 134 + ${lib.getExe cfg.package} -datadir $STATE_DIRECTORY -viewdir ${cfg.package}/share/honk upgrade 135 135 + ${lib.getExe cfg.package} -datadir $STATE_DIRECTORY -viewdir ${cfg.package}/share/honk cleanup 136 136 + ''; 137 137 + serviceConfig = { 138 138 + ExecStart = '' 139 139 + ${lib.getExe cfg.package} -datadir $STATE_DIRECTORY -viewdir ${cfg.package}/share/honk 140 140 + ''; 141 141 + StateDirectory = "honk"; 142 142 + DynamicUser = true; 143 143 + PrivateTmp = "yes"; 144 144 + Restart = "on-failure"; 145 145 + }; 146 146 + }; 147 147 + }; 148 148 + 149 149 + meta = { 150 150 + maintainers = with lib.maintainers; [ drupol ]; 151 151 + doc = ./honk.md; 152 152 + }; 153 153 + }

+1

nixos/tests/all-tests.nix

··· 345 345 hedgedoc = handleTest ./hedgedoc.nix {}; 346 346 herbstluftwm = handleTest ./herbstluftwm.nix {}; 347 347 homepage-dashboard = handleTest ./homepage-dashboard.nix {}; 348 348 + honk = runTest ./honk.nix; 348 349 installed-tests = pkgs.recurseIntoAttrs (handleTest ./installed-tests {}); 349 350 invidious = handleTest ./invidious.nix {}; 350 351 oci-containers = handleTestOn ["aarch64-linux" "x86_64-linux"] ./oci-containers.nix {};

+32

nixos/tests/honk.nix

··· 1 1 + { lib, ... }: 2 2 + 3 3 + { 4 4 + name = "honk-server"; 5 5 + 6 6 + nodes = { 7 7 + machine = { pkgs, ... }: { 8 8 + services.honk = { 9 9 + enable = true; 10 10 + host = "0.0.0.0"; 11 11 + port = 8080; 12 12 + username = "username"; 13 13 + passwordFile = "${pkgs.writeText "honk-password" "secure"}"; 14 14 + servername = "servername"; 15 15 + }; 16 16 + }; 17 17 + }; 18 18 + 19 19 + testScript = '' 20 20 + machine.start() 21 21 + machine.wait_for_unit("honk.service") 22 22 + machine.wait_for_open_port(8080) 23 23 + 24 24 + machine.stop_job("honk") 25 25 + machine.wait_for_closed_port(8080) 26 26 + 27 27 + machine.start_job("honk") 28 28 + machine.wait_for_open_port(8080) 29 29 + ''; 30 30 + 31 31 + meta.maintainers = [ lib.maintainers.drupol ]; 32 32 + }

+5

pkgs/servers/honk/default.nix

··· 3 3 , fetchurl 4 4 , sqlite 5 5 , installShellFiles 6 6 + , nixosTests 6 7 }: 7 8 8 9 buildGoModule rec { ··· 48 49 mv docs/{*.html,*.txt,*.jpg,*.png} $out/share/doc/${pname} 49 50 mv views $out/share/${pname} 50 51 ''; 52 52 + 53 53 + passthru.tests = { 54 54 + inherit (nixosTests) honk; 55 55 + }; 51 56 52 57 meta = { 53 58 changelog = "https://humungus.tedunangst.com/r/honk/v/v${version}/f/docs/changelog.txt";