gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docuseal: init at 2.1.7 (#266880)

Browse Source
This commit is contained in:
Matthew Croughan
2025-10-12 16:16:15 +00:00
committed by GitHub
parent a81810ef34 cf594a3b83
commit 4f32864ef1
12 changed files with 10964 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/doc/manual/release-notes/rl-2511.section.md
View File

@@ -134,6 +134,8 @@
- [lemurs](https://github.com/coastalwhite/lemurs), a customizable TUI display/login manager. Available at [services.displayManager.lemurs](#opt-services.displayManager.lemurs.enable).
- [docuseal](https://github.com/docusealco/docuseal), a DocuSign alternative. Create, fill, and sign digital documents. Available at [services.docuseal](#opt-services.docuseal.enable).
- [paisa](https://github.com/ananthakumaran/paisa), a personal finance tracker and dashboard. Available as [services.paisa](#opt-services.paisa.enable).
- [conman](https://github.com/dun/conman), a serial console management program. Available as [services.conman](#opt-services.conman.enable).

1
nixos/modules/module-list.nix
View File

@@ -1571,6 +1571,7 @@
./services/web-apps/dex.nix
./services/web-apps/discourse.nix
./services/web-apps/documize.nix
./services/web-apps/docuseal.nix
./services/web-apps/dokuwiki.nix
./services/web-apps/dolibarr.nix
./services/web-apps/drupal.nix

196
nixos/modules/services/web-apps/docuseal.nix Normal file
View File

@@ -0,0 +1,196 @@
{
lib,
pkgs,
config,
...
}:
let
cfg = config.services.docuseal;
env = {
RAILS_ENV = "production";
NODE_ENV = "production";
WORKDIR = "/var/lib/docuseal";
PORT = toString (cfg.port);
HOST = cfg.host;
REDIS_URL = "redis://${cfg.redis.host}:${toString cfg.redis.port}";
}
// cfg.extraConfig;
in
{
options.services.docuseal = {
enable = lib.mkEnableOption "DocuSeal, open source document signing";
package = lib.mkPackageOption pkgs "docuseal" { };
secretKeyBaseFile = lib.mkOption {
description = ''
Path to file containing the secret key base.
A new secret key base can be generated by running:
`openssl rand -hex 64`
If this file does not exist, it will be created with a new secret key base.
'';
default = "/var/lib/docuseal/secrets/secret-key-base";
type = lib.types.path;
};
host = lib.mkOption {
description = "DocuSeal host.";
type = lib.types.str;
default = "127.0.0.1";
};
port = lib.mkOption {
description = "DocuSeal port.";
type = lib.types.port;
default = 3000;
};
extraConfig = lib.mkOption {
type = lib.types.attrs;
default = { };
description = ''
Extra environment variables to pass to DocuSeal services.
'';
};
extraEnvFiles = lib.mkOption {
type = with lib.types; listOf path;
default = [ ];
description = ''
Extra environment files to pass to DocuSeal services. Useful for passing down environmental secrets.
e.g. DATABASE_URL
'';
example = [ "/etc/docuseal/s3config.env" ];
};
redis = {
createLocally = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Whether to create a local redis automatically.";
};
name = lib.mkOption {
type = lib.types.str;
default = "docuseal";
description = ''
Name of the redis server. Only used if `createLocally` is set to true.
'';
};
host = lib.mkOption {
type = lib.types.str;
default = "localhost";
description = ''
Redis server address.
'';
};
port = lib.mkOption {
type = lib.types.port;
default = 6379;
description = "Port of the redis server.";
};
};
};
config = lib.mkIf cfg.enable {
assertions = [
{
assertion = cfg.redis.createLocally -> cfg.redis.host == "localhost";
message = "the redis host must be localhost if services.docuseal.redis.createLocally is set to true";
}
];
systemd.services.docuseal = {
description = "DocuSeal server";
wantedBy = [ "multi-user.target" ];
environment = env;
serviceConfig = {
Type = "simple";
ExecStartPre = pkgs.writeShellScript "docuseal-pre-script" ''
cat > /var/lib/docuseal/docuseal.env <<EOF
SECRET_KEY_BASE="$(cat ${cfg.secretKeyBaseFile})"
EOF
'';
ExecStart = "${cfg.package}/bin/rails server --pid=/var/lib/docuseal/docuseal.pids";
Restart = "always";
EnvironmentFile = [ "docuseal.env" ] ++ cfg.extraEnvFiles;
# Runtime directory and mode
RuntimeDirectory = "docuseal";
RuntimeDirectoryMode = "0750";
# System Call Filtering
SystemCallFilter = [
"@system-service"
"~@privileged"
];
# User and group
DynamicUser = true;
# Working directory
WorkingDirectory = "/var/lib/docuseal";
# State directory and mode
StateDirectory = "docuseal";
StateDirectoryMode = "0750";
# Logs directory and mode
LogsDirectory = "docuseal";
LogsDirectoryMode = "0750";
# Proc filesystem
ProcSubset = "pid";
ProtectProc = "invisible";
# Access write directories
UMask = "0027";
# Capabilities
CapabilityBoundingSet = "";
# Security
NoNewPrivileges = true;
# Sandboxing
ProtectSystem = "strict";
ProtectHome = true;
PrivateTmp = true;
PrivateDevices = true;
PrivateUsers = (cfg.port >= 1024);
ProtectClock = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectControlGroups = true;
RestrictAddressFamilies = [
"AF_UNIX"
"AF_INET"
"AF_INET6"
"AF_NETLINK"
];
RestrictNamespaces = true;
LockPersonality = true;
MemoryDenyWriteExecute = false;
RestrictRealtime = true;
RestrictSUIDSGID = true;
RemoveIPC = true;
PrivateMounts = true;
# System Call Filtering
SystemCallArchitectures = "native";
}
// lib.optionalAttrs (cfg.port < 1024) {
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ];
};
};
services.redis = lib.optionalAttrs cfg.redis.createLocally {
servers."${cfg.redis.name}" = {
enable = true;
port = cfg.redis.port;
};
};
};
meta.maintainers = with lib.maintainers; [ stunkymonkey ];
}

2
nixos/tests/all-tests.nix
View File

@@ -468,6 +468,8 @@ in
docling-serve = runTest ./docling-serve.nix;
documentation = pkgs.callPackage ../modules/misc/documentation/test.nix { inherit nixosLib; };
documize = runTest ./documize.nix;
docuseal-psql = runTest ./docuseal-postgres.nix;
docuseal-sqlite = runTest ./docuseal-sqlite.nix;
doh-proxy-rust = runTest ./doh-proxy-rust.nix;
dokuwiki = runTest ./dokuwiki.nix;
dolibarr = runTest ./dolibarr.nix;

46
nixos/tests/docuseal-postgres.nix Normal file
View File

@@ -0,0 +1,46 @@
{ lib, ... }:
{
name = "docuseal";
meta.maintainers = with lib.maintainers; [
etu
stunkymonkey
];
nodes.machine =
{ pkgs, ... }:
{
services.docuseal = {
enable = true;
port = 80;
secretKeyBaseFile = pkgs.writeText "secret" "23bec595a1658d136d532af1365b40024b662c0862e9cdf14fd22c0afaeb0dd6322b114fa35bd82e564bae44a896b5abef3a66afd61e1382b8ebd579e2c5c17f";
extraConfig.DATABASEURL = "postgresql://docuseal:db-secret@127.0.0.1:5432/docuseal";
};
services.postgresql = {
package = pkgs.postgresql;
enable = true;
ensureDatabases = [ "docuseal" ];
ensureUsers = [
{
name = "docuseal";
ensureDBOwnership = true;
}
];
initialScript = pkgs.writeText "postgresql-password" ''
CREATE ROLE docuseal WITH LOGIN PASSWORD 'db-secret' CREATEDB;
'';
};
systemd.services."docuseal-config" = {
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
};
};
testScript = ''
machine.wait_for_unit("multi-user.target")
machine.wait_for_unit("docuseal.service")
machine.wait_for_open_port(80)
response = machine.succeed("curl -vvv -s -H 'Host: docuseal' http://127.0.0.1:80/setup")
assert "<title>\n DocuSeal | Open Source Document Signing\n</title>" in response, "page didn't load successfully"
'';
}

26
nixos/tests/docuseal-sqlite.nix Normal file
View File

@@ -0,0 +1,26 @@
{ lib, ... }:
{
name = "docuseal";
meta.maintainers = with lib.maintainers; [
etu
stunkymonkey
];
nodes.machine =
{ pkgs, ... }:
{
services.docuseal = {
enable = true;
port = 80;
secretKeyBaseFile = pkgs.writeText "secret" "23bec595a1658d136d532af1365b40024b662c0862e9cdf14fd22c0afaeb0dd6322b114fa35bd82e564bae44a896b5abef3a66afd61e1382b8ebd579e2c5c17f";
};
};
testScript = ''
machine.wait_for_unit("multi-user.target")
machine.wait_for_unit("docuseal.service")
machine.wait_for_open_port(80)
response = machine.succeed("curl -vvv -s -H 'Host: docuseal' http://127.0.0.1:80/setup")
assert "<title>\n DocuSeal | Open Source Document Signing\n</title>" in response, "page didn't load successfully"
'';
}

77
pkgs/by-name/do/docuseal/Gemfile Normal file
View File

@@ -0,0 +1,77 @@
# frozen_string_literal: true
source 'https://rubygems.org'
gem 'arabic-letter-connector', require: 'arabic-letter-connector/logic'
gem 'aws-sdk-s3', require: false
gem 'aws-sdk-secretsmanager', require: false
gem 'azure-storage-blob', require: false
gem 'bootsnap', require: false
gem 'cancancan'
gem 'csv'
gem 'csv-safe'
gem 'devise'
gem 'devise-two-factor'
gem 'dotenv', require: false
gem 'email_typo'
gem 'faraday'
gem 'faraday-follow_redirects'
gem 'google-cloud-storage', require: false
gem 'hexapdf'
gem 'image_processing'
gem 'jwt'
gem 'lograge'
gem 'mysql2', require: false
gem 'oj'
gem 'pagy'
gem 'pg', require: false
gem 'premailer-rails'
gem 'pretender'
gem 'puma', require: false
gem 'rack'
gem 'rails'
gem 'rails_autolink'
gem 'rails-i18n'
gem 'rotp'
gem 'rouge', require: false
gem 'rqrcode'
gem 'ruby-vips'
gem 'rubyXL'
gem 'shakapacker'
gem 'sidekiq'
gem 'sqlite3', require: false
gem 'strip_attributes'
gem 'turbo-rails'
gem 'twitter_cldr', require: false
gem 'tzinfo-data'
group :development, :test do
gem 'better_html'
gem 'bullet'
gem 'debug'
gem 'erb_lint', require: false
gem 'factory_bot_rails'
gem 'faker'
gem 'pry-rails'
gem 'rspec-rails'
gem 'rubocop', require: false
gem 'rubocop-performance', require: false
gem 'rubocop-rails', require: false
gem 'rubocop-rspec', require: false
gem 'simplecov', require: false
end
group :development do
gem 'annotaterb'
gem 'brakeman', require: false
gem 'foreman', require: false
gem 'letter_opener_web'
gem 'web-console'
end
group :test do
gem 'capybara'
gem 'cuprite'
gem 'webmock'
end

660
pkgs/by-name/do/docuseal/Gemfile.lock Normal file
View File

@@ -0,0 +1,660 @@
GEM
remote: https://rubygems.org/
specs:
actioncable (8.0.2.1)
actionpack (= 8.0.2.1)
activesupport (= 8.0.2.1)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
zeitwerk (~> 2.6)
actionmailbox (8.0.2.1)
actionpack (= 8.0.2.1)
activejob (= 8.0.2.1)
activerecord (= 8.0.2.1)
activestorage (= 8.0.2.1)
activesupport (= 8.0.2.1)
mail (>= 2.8.0)
actionmailer (8.0.2.1)
actionpack (= 8.0.2.1)
actionview (= 8.0.2.1)
activejob (= 8.0.2.1)
activesupport (= 8.0.2.1)
mail (>= 2.8.0)
rails-dom-testing (~> 2.2)
actionpack (8.0.2.1)
actionview (= 8.0.2.1)
activesupport (= 8.0.2.1)
nokogiri (>= 1.8.5)
rack (>= 2.2.4)
rack-session (>= 1.0.1)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.2)
rails-html-sanitizer (~> 1.6)
useragent (~> 0.16)
actiontext (8.0.2.1)
actionpack (= 8.0.2.1)
activerecord (= 8.0.2.1)
activestorage (= 8.0.2.1)
activesupport (= 8.0.2.1)
globalid (>= 0.6.0)
nokogiri (>= 1.8.5)
actionview (8.0.2.1)
activesupport (= 8.0.2.1)
builder (~> 3.1)
erubi (~> 1.11)
rails-dom-testing (~> 2.2)
rails-html-sanitizer (~> 1.6)
activejob (8.0.2.1)
activesupport (= 8.0.2.1)
globalid (>= 0.3.6)
activemodel (8.0.2.1)
activesupport (= 8.0.2.1)
activerecord (8.0.2.1)
activemodel (= 8.0.2.1)
activesupport (= 8.0.2.1)
timeout (>= 0.4.0)
activestorage (8.0.2.1)
actionpack (= 8.0.2.1)
activejob (= 8.0.2.1)
activerecord (= 8.0.2.1)
activesupport (= 8.0.2.1)
marcel (~> 1.0)
activesupport (8.0.2.1)
base64
benchmark (>= 0.3)
bigdecimal
concurrent-ruby (~> 1.0, >= 1.3.1)
connection_pool (>= 2.2.5)
drb
i18n (>= 1.6, < 2)
logger (>= 1.4.2)
minitest (>= 5.1)
securerandom (>= 0.3)
tzinfo (~> 2.0, >= 2.0.5)
uri (>= 0.13.1)
addressable (2.8.7)
public_suffix (>= 2.0.2, < 7.0)
annotaterb (4.14.0)
arabic-letter-connector (0.1.1)
ast (2.4.2)
aws-eventstream (1.3.0)
aws-partitions (1.1027.0)
aws-sdk-core (3.214.0)
aws-eventstream (~> 1, >= 1.3.0)
aws-partitions (~> 1, >= 1.992.0)
aws-sigv4 (~> 1.9)
jmespath (~> 1, >= 1.6.1)
aws-sdk-kms (1.96.0)
aws-sdk-core (~> 3, >= 3.210.0)
aws-sigv4 (~> 1.5)
aws-sdk-s3 (1.176.1)
aws-sdk-core (~> 3, >= 3.210.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.5)
aws-sdk-secretsmanager (1.110.0)
aws-sdk-core (~> 3, >= 3.210.0)
aws-sigv4 (~> 1.5)
aws-sigv4 (1.10.1)
aws-eventstream (~> 1, >= 1.0.2)
azure-storage-blob (2.0.3)
azure-storage-common (~> 2.0)
nokogiri (~> 1, >= 1.10.8)
azure-storage-common (2.0.4)
faraday (~> 1.0)
faraday_middleware (~> 1.0, >= 1.0.0.rc1)
net-http-persistent (~> 4.0)
nokogiri (~> 1, >= 1.10.8)
base64 (0.3.0)
bcrypt (3.1.20)
benchmark (0.4.1)
better_html (2.1.1)
actionview (>= 6.0)
activesupport (>= 6.0)
ast (~> 2.0)
erubi (~> 1.4)
parser (>= 2.4)
smart_properties
bigdecimal (3.2.2)
bindex (0.8.1)
bootsnap (1.18.4)
msgpack (~> 1.2)
brakeman (7.0.0)
racc
builder (3.3.0)
bullet (8.0.0)
activesupport (>= 3.0.0)
uniform_notifier (~> 1.11)
camertron-eprun (1.1.1)
cancancan (3.6.1)
capybara (3.40.0)
addressable
matrix
mini_mime (>= 0.1.3)
nokogiri (~> 1.11)
rack (>= 1.6.0)
rack-test (>= 0.6.3)
regexp_parser (>= 1.5, < 3.0)
xpath (~> 3.2)
childprocess (5.1.0)
logger (~> 1.5)
chunky_png (1.4.0)
cldr-plurals-runtime-rb (1.1.0)
cmdparse (3.0.7)
coderay (1.1.3)
concurrent-ruby (1.3.5)
connection_pool (2.5.3)
crack (1.0.0)
bigdecimal
rexml
crass (1.0.6)
css_parser (1.21.0)
addressable
csv (3.3.2)
csv-safe (3.3.1)
csv (~> 3.0)
cuprite (0.15.1)
capybara (~> 3.0)
ferrum (~> 0.15.0)
date (3.4.1)
debug (1.10.0)
irb (~> 1.10)
reline (>= 0.3.8)
declarative (0.0.20)
devise (4.9.4)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
devise-two-factor (6.1.0)
activesupport (>= 7.0, < 8.1)
devise (~> 4.0)
railties (>= 7.0, < 8.1)
rotp (~> 6.0)
diff-lcs (1.5.1)
digest-crc (0.6.5)
rake (>= 12.0.0, < 14.0.0)
docile (1.4.1)
dotenv (3.1.7)
drb (2.2.3)
email_typo (0.2.3)
erb (5.0.2)
erb_lint (0.7.0)
activesupport
better_html (>= 2.0.1)
parser (>= 2.7.1.4)
rainbow
rubocop (>= 1)
smart_properties
erubi (1.13.1)
factory_bot (6.5.0)
activesupport (>= 5.0.0)
factory_bot_rails (6.4.4)
factory_bot (~> 6.5)
railties (>= 5.0.0)
faker (3.5.1)
i18n (>= 1.8.11, < 2)
faraday (1.10.4)
faraday-em_http (~> 1.0)
faraday-em_synchrony (~> 1.0)
faraday-excon (~> 1.1)
faraday-httpclient (~> 1.0)
faraday-multipart (~> 1.0)
faraday-net_http (~> 1.0)
faraday-net_http_persistent (~> 1.0)
faraday-patron (~> 1.0)
faraday-rack (~> 1.0)
faraday-retry (~> 1.0)
ruby2_keywords (>= 0.0.4)
faraday-em_http (1.0.0)
faraday-em_synchrony (1.0.0)
faraday-excon (1.1.0)
faraday-follow_redirects (0.3.0)
faraday (>= 1, < 3)
faraday-httpclient (1.0.1)
faraday-multipart (1.1.0)
multipart-post (~> 2.0)
faraday-net_http (1.0.2)
faraday-net_http_persistent (1.2.0)
faraday-patron (1.0.0)
faraday-rack (1.0.0)
faraday-retry (1.0.3)
faraday_middleware (1.2.1)
faraday (~> 1.0)
ferrum (0.15)
addressable (~> 2.5)
concurrent-ruby (~> 1.1)
webrick (~> 1.7)
websocket-driver (~> 0.7)
ffi (1.17.1)
ffi (1.17.1-aarch64-linux-musl)
ffi (1.17.1-arm64-darwin)
ffi (1.17.1-x86_64-linux-musl)
foreman (0.88.1)
geom2d (0.4.1)
globalid (1.2.1)
activesupport (>= 6.1)
google-apis-core (0.15.1)
addressable (~> 2.5, >= 2.5.1)
googleauth (~> 1.9)
httpclient (>= 2.8.3, < 3.a)
mini_mime (~> 1.0)
mutex_m
representable (~> 3.0)
retriable (>= 2.0, < 4.a)
google-apis-iamcredentials_v1 (0.22.0)
google-apis-core (>= 0.15.0, < 2.a)
google-apis-storage_v1 (0.49.0)
google-apis-core (>= 0.15.0, < 2.a)
google-cloud-core (1.7.1)
google-cloud-env (>= 1.0, < 3.a)
google-cloud-errors (~> 1.0)
google-cloud-env (2.2.1)
faraday (>= 1.0, < 3.a)
google-cloud-errors (1.4.0)
google-cloud-storage (1.54.0)
addressable (~> 2.8)
digest-crc (~> 0.4)
google-apis-core (~> 0.13)
google-apis-iamcredentials_v1 (~> 0.18)
google-apis-storage_v1 (~> 0.38)
google-cloud-core (~> 1.6)
googleauth (~> 1.9)
mini_mime (~> 1.0)
google-logging-utils (0.1.0)
googleauth (1.12.2)
faraday (>= 1.0, < 3.a)
google-cloud-env (~> 2.2)
google-logging-utils (~> 0.1)
jwt (>= 1.4, < 3.0)
multi_json (~> 1.11)
os (>= 0.9, < 2.0)
signet (>= 0.16, < 2.a)
hashdiff (1.1.2)
hexapdf (1.4.0)
cmdparse (~> 3.0, >= 3.0.3)
geom2d (~> 0.4, >= 0.4.1)
openssl (>= 2.2.1)
strscan (>= 3.1.2)
htmlentities (4.3.4)
httpclient (2.8.3)
i18n (1.14.7)
concurrent-ruby (~> 1.0)
image_processing (1.13.0)
mini_magick (>= 4.9.5, < 5)
ruby-vips (>= 2.0.17, < 3)
io-console (0.8.1)
irb (1.15.2)
pp (>= 0.6.0)
rdoc (>= 4.0.0)
reline (>= 0.4.2)
jmespath (1.6.2)
json (2.13.2)
jwt (2.9.3)
base64
language_server-protocol (3.17.0.3)
launchy (3.0.1)
addressable (~> 2.8)
childprocess (~> 5.0)
letter_opener (1.10.0)
launchy (>= 2.2, < 4)
letter_opener_web (3.0.0)
actionmailer (>= 6.1)
letter_opener (~> 1.9)
railties (>= 6.1)
rexml
logger (1.7.0)
lograge (0.14.0)
actionpack (>= 4)
activesupport (>= 4)
railties (>= 4)
request_store (~> 1.0)
loofah (2.24.1)
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
mail (2.8.1)
mini_mime (>= 0.1.1)
net-imap
net-pop
net-smtp
marcel (1.0.4)
matrix (0.4.2)
method_source (1.1.0)
mini_magick (4.13.2)
mini_mime (1.1.5)
mini_portile2 (2.8.9)
minitest (5.25.5)
msgpack (1.7.5)
multi_json (1.15.0)
multipart-post (2.4.1)
mutex_m (0.3.0)
mysql2 (0.5.6)
net-http-persistent (4.0.5)
connection_pool (~> 2.2)
net-imap (0.5.9)
date
net-protocol
net-pop (0.1.2)
net-protocol
net-protocol (0.2.2)
timeout
net-smtp (0.5.1)
net-protocol
nio4r (2.7.4)
nokogiri (1.18.9)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
nokogiri (1.18.9-aarch64-linux-musl)
racc (~> 1.4)
nokogiri (1.18.9-arm64-darwin)
racc (~> 1.4)
nokogiri (1.18.9-x86_64-linux-musl)
racc (~> 1.4)
oj (3.16.11)
bigdecimal (>= 3.0)
ostruct (>= 0.2)
openssl (3.3.0)
orm_adapter (0.5.0)
os (1.1.4)
ostruct (0.6.3)
package_json (0.1.0)
pagy (9.3.3)
parallel (1.26.3)
parser (3.3.6.0)
ast (~> 2.4.1)
racc
pg (1.5.9)
pp (0.6.2)
prettyprint
premailer (1.27.0)
addressable
css_parser (>= 1.19.0)
htmlentities (>= 4.0.0)
premailer-rails (1.12.0)
actionmailer (>= 3)
net-smtp
premailer (~> 1.7, >= 1.7.9)
pretender (0.5.0)
actionpack (>= 6.1)
prettyprint (0.2.0)
pry (0.15.0)
coderay (~> 1.1)
method_source (~> 1.0)
pry-rails (0.3.11)
pry (>= 0.13.0)
psych (5.2.6)
date
stringio
public_suffix (6.0.1)
puma (6.5.0)
nio4r (~> 2.0)
racc (1.8.1)
rack (3.2.0)
rack-proxy (0.7.7)
rack
rack-session (2.1.1)
base64 (>= 0.1.0)
rack (>= 3.0.0)
rack-test (2.2.0)
rack (>= 1.3)
rackup (2.2.1)
rack (>= 3)
rails (8.0.2.1)
actioncable (= 8.0.2.1)
actionmailbox (= 8.0.2.1)
actionmailer (= 8.0.2.1)
actionpack (= 8.0.2.1)
actiontext (= 8.0.2.1)
actionview (= 8.0.2.1)
activejob (= 8.0.2.1)
activemodel (= 8.0.2.1)
activerecord (= 8.0.2.1)
activestorage (= 8.0.2.1)
activesupport (= 8.0.2.1)
bundler (>= 1.15.0)
railties (= 8.0.2.1)
rails-dom-testing (2.3.0)
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
rails-html-sanitizer (1.6.2)
loofah (~> 2.21)
nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
rails-i18n (8.0.1)
i18n (>= 0.7, < 2)
railties (>= 8.0.0, < 9)
rails_autolink (1.1.8)
actionview (> 3.1)
activesupport (> 3.1)
railties (> 3.1)
railties (8.0.2.1)
actionpack (= 8.0.2.1)
activesupport (= 8.0.2.1)
irb (~> 1.13)
rackup (>= 1.0.0)
rake (>= 12.2)
thor (~> 1.0, >= 1.2.2)
zeitwerk (~> 2.6)
rainbow (3.1.1)
rake (13.3.0)
rdoc (6.14.2)
erb
psych (>= 4.0.0)
redis-client (0.23.0)
connection_pool
regexp_parser (2.9.3)
reline (0.6.2)
io-console (~> 0.5)
representable (3.2.0)
declarative (< 0.1.0)
trailblazer-option (>= 0.1.1, < 0.2.0)
uber (< 0.2.0)
request_store (1.7.0)
rack (>= 1.4)
responders (3.1.1)
actionpack (>= 5.2)
railties (>= 5.2)
retriable (3.1.2)
rexml (3.4.4)
rotp (6.3.0)
rouge (4.5.2)
rqrcode (2.2.0)
chunky_png (~> 1.0)
rqrcode_core (~> 1.0)
rqrcode_core (1.2.0)
rspec-core (3.13.2)
rspec-support (~> 3.13.0)
rspec-expectations (3.13.3)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.13.0)
rspec-mocks (3.13.2)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.13.0)
rspec-rails (7.1.0)
actionpack (>= 7.0)
activesupport (>= 7.0)
railties (>= 7.0)
rspec-core (~> 3.13)
rspec-expectations (~> 3.13)
rspec-mocks (~> 3.13)
rspec-support (~> 3.13)
rspec-support (3.13.2)
rubocop (1.69.2)
json (~> 2.3)
language_server-protocol (>= 3.17.0)
parallel (~> 1.10)
parser (>= 3.3.0.2)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 2.9.3, < 3.0)
rubocop-ast (>= 1.36.2, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 4.0)
rubocop-ast (1.37.0)
parser (>= 3.3.1.0)
rubocop-performance (1.23.0)
rubocop (>= 1.48.1, < 2.0)
rubocop-ast (>= 1.31.1, < 2.0)
rubocop-rails (2.27.0)
activesupport (>= 4.2.0)
rack (>= 1.1)
rubocop (>= 1.52.0, < 2.0)
rubocop-ast (>= 1.31.1, < 2.0)
rubocop-rspec (3.3.0)
rubocop (~> 1.61)
ruby-progressbar (1.13.0)
ruby-vips (2.2.2)
ffi (~> 1.12)
logger
ruby2_keywords (0.0.5)
rubyXL (3.4.33)
nokogiri (>= 1.10.8)
rubyzip (>= 1.3.0)
rubyzip (2.3.2)
securerandom (0.4.1)
semantic_range (3.1.0)
shakapacker (8.0.2)
activesupport (>= 5.2)
package_json
rack-proxy (>= 0.6.1)
railties (>= 5.2)
semantic_range (>= 2.3.0)
sidekiq (7.3.7)
connection_pool (>= 2.3.0)
logger
rack (>= 2.2.4)
redis-client (>= 0.22.2)
signet (0.19.0)
addressable (~> 2.8)
faraday (>= 0.17.5, < 3.a)
jwt (>= 1.5, < 3.0)
multi_json (~> 1.10)
simplecov (0.22.0)
docile (~> 1.1)
simplecov-html (~> 0.11)
simplecov_json_formatter (~> 0.1)
simplecov-html (0.13.1)
simplecov_json_formatter (0.1.4)
smart_properties (1.17.0)
sqlite3 (2.5.0)
mini_portile2 (~> 2.8.0)
sqlite3 (2.5.0-aarch64-linux-musl)
sqlite3 (2.5.0-arm64-darwin)
sqlite3 (2.5.0-x86_64-linux-musl)
stringio (3.1.7)
strip_attributes (1.14.1)
activemodel (>= 3.0, < 9.0)
strscan (3.1.5)
thor (1.4.0)
timeout (0.4.3)
trailblazer-option (0.1.2)
turbo-rails (2.0.11)
actionpack (>= 6.0.0)
railties (>= 6.0.0)
twitter_cldr (6.12.1)
camertron-eprun
cldr-plurals-runtime-rb (~> 1.1)
tzinfo
tzinfo (2.0.6)
concurrent-ruby (~> 1.0)
tzinfo-data (1.2024.2)
tzinfo (>= 1.0.0)
uber (0.1.0)
unicode-display_width (3.1.2)
unicode-emoji (~> 4.0, >= 4.0.4)
unicode-emoji (4.0.4)
uniform_notifier (1.16.0)
uri (1.0.3)
useragent (0.16.11)
warden (1.2.9)
rack (>= 2.0.9)
web-console (4.2.1)
actionview (>= 6.0.0)
activemodel (>= 6.0.0)
bindex (>= 0.4.0)
railties (>= 6.0.0)
webmock (3.24.0)
addressable (>= 2.8.0)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
webrick (1.9.1)
websocket-driver (0.8.0)
base64
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
xpath (3.2.0)
nokogiri (~> 1.8)
zeitwerk (2.7.3)
PLATFORMS
aarch64-linux-musl
arm64-darwin
ruby
x86_64-linux-musl
DEPENDENCIES
annotaterb
arabic-letter-connector
aws-sdk-s3
aws-sdk-secretsmanager
azure-storage-blob
better_html
bootsnap
brakeman
bullet
cancancan
capybara
csv
csv-safe
cuprite
debug
devise
devise-two-factor
dotenv
email_typo
erb_lint
factory_bot_rails
faker
faraday
faraday-follow_redirects
foreman
google-cloud-storage
hexapdf
image_processing
jwt
letter_opener_web
lograge
mysql2
oj
pagy
pg
premailer-rails
pretender
pry-rails
puma
rack
rails
rails-i18n
rails_autolink
rotp
rouge
rqrcode
rspec-rails
rubocop
rubocop-performance
rubocop-rails
rubocop-rspec
ruby-vips
rubyXL
shakapacker
sidekiq
simplecov
sqlite3
strip_attributes
turbo-rails
twitter_cldr
tzinfo-data
web-console
webmock
BUNDLED WITH
2.6.9

3169
pkgs/by-name/do/docuseal/gemset.nix Normal file
View File

File diff suppressed because it is too large Load Diff

134
pkgs/by-name/do/docuseal/package.nix Normal file
View File

@@ -0,0 +1,134 @@
{
stdenv,
lib,
fetchFromGitHub,
bundlerEnv,
nixosTests,
ruby_3_4,
pdfium-binaries,
makeWrapper,
bundler,
fetchYarnDeps,
yarn,
fixup-yarn-lock,
nodejs,
}:
stdenv.mkDerivation (finalAttrs: {
pname = "docuseal";
version = "2.1.7";
bundler = bundler.override { ruby = ruby_3_4; };
src = fetchFromGitHub {
owner = "docusealco";
repo = "docuseal";
tag = finalAttrs.version;
hash = "sha256-zNfxQPJjobYrx/YPGRn5QKwUd1VXetFqtBeII0wlmk4=";
# https://github.com/docusealco/docuseal/issues/505#issuecomment-3153802333
postFetch = "rm $out/db/schema.rb";
};
rubyEnv = bundlerEnv {
name = "docuseal-gems";
ruby = ruby_3_4;
inherit (finalAttrs) bundler;
gemdir = ./.;
};
docusealWeb = stdenv.mkDerivation {
pname = "docuseal-web";
inherit (finalAttrs)
version
src
meta
;
offlineCache = fetchYarnDeps {
yarnLock = ./yarn.lock;
hash = "sha256-IQOWLkVueuRs0CBv3lEdj6DOiumC4ZPuQRDxQHFh5fQ=";
};
nativeBuildInputs = [
yarn
fixup-yarn-lock
nodejs
finalAttrs.rubyEnv
];
RAILS_ENV = "production";
NODE_ENV = "production";
# no idea how to patch ./bin/shakapacker. instead we execute the two bundle exec commands manually
buildPhase = ''
runHook preBuild
export HOME=$(mktemp -d)
fixup-yarn-lock yarn.lock
yarn config --offline set yarn-offline-mirror $offlineCache
yarn install --offline --frozen-lockfile --ignore-engines --ignore-scripts --no-progress
patchShebangs node_modules
bundle exec rails assets:precompile
bundle exec rails shakapacker:compile
runHook postBuild
'';
installPhase = ''
runHook preInstall
cp -r public/packs $out
runHook postInstall
'';
};
buildInputs = [ finalAttrs.rubyEnv ];
propagatedBuildInputs = [ finalAttrs.rubyEnv.wrappedRuby ];
nativeBuildInputs = [ makeWrapper ];
RAILS_ENV = "production";
BUNDLE_WITHOUT = "development:test";
installPhase = ''
runHook preInstall
mkdir -p $out/public/packs
cp -r ${finalAttrs.src}/* $out
cp -r ${finalAttrs.docusealWeb}/* $out/public/packs
bundle exec bootsnap precompile --gemfile app/ lib/
runHook postInstall
'';
# create empty folder which are needed, but never used
postInstall = ''
chmod +w $out/tmp/
mkdir -p $out/tmp/{cache,sockets}
'';
postFixup = ''
wrapProgram $out/bin/rails \
--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ pdfium-binaries ]}"
'';
passthru = {
tests = {
inherit (nixosTests) docuseal-postgresql docuseal-sqlite;
};
updateScript = ./update.sh;
};
meta = {
description = "Open source tool for creating, filling and signing digital documents";
homepage = "https://www.docuseal.co/";
license = lib.licenses.agpl3Only;
maintainers = with lib.maintainers; [ stunkymonkey ];
platforms = lib.platforms.unix;
broken = stdenv.hostPlatform.isDarwin;
};
})

46
pkgs/by-name/do/docuseal/update.sh Executable file
View File

@@ -0,0 +1,46 @@
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p curl jq bundix ruby_3_4 prefetch-yarn-deps nix-update nixfmt
set -eu -o pipefail
dir="$(dirname "$(readlink -f "$0")")"
current=$(nix --extra-experimental-features nix-command eval --raw -f . docuseal.src.tag)
latest=$(curl ${GITHUB_TOKEN:+" -u \":$GITHUB_TOKEN\""} "https://api.github.com/repos/docusealco/docuseal/tags?per_page=1" | jq -r '.[0].name')
if [[ "$current" == "$latest" ]]; then
echo "'docuseal' is up-to-date ($current == $latest)"
exit 0
fi
echo "Updating docuseal to $latest"
repo=$(mktemp -d /tmp/docuseal-update.XXX)
rm -f "$dir/gemset.nix" "$dir/Gemfile" "$dir/Gemfile.lock" "$dir/yarn.lock"
docuseal_storepath=$(nix --extra-experimental-features "nix-command flakes" flake prefetch github:docusealco/docuseal/"$latest" --json | jq -r '.storePath')
cp -r --no-preserve=mode,ownership $docuseal_storepath/* $repo/
# patch ruby version
sed -i "/^ruby '[0-9]\+\.[0-9]\+\.[0-9]\+'$/d" "$repo/Gemfile"
# fix: https://github.com/nix-community/bundix/issues/88
BUNDLE_GEMFILE="$repo/Gemfile" bundler lock --remove-platform x86_64-linux --lockfile="$repo/Gemfile.lock"
BUNDLE_GEMFILE="$repo/Gemfile" bundler lock --remove-platform aarch64-linux --lockfile="$repo/Gemfile.lock"
# generate gemset.nix
bundix --lock --lockfile="$repo/Gemfile.lock" --gemfile="$repo/Gemfile" --gemset="$dir/gemset.nix"
# patch yarn.lock
sed -i 's$, "@hotwired/turbo@https://github.com/docusealco/turbo#main"$$g' "$repo/yarn.lock"
# calc yarn hash
YARN_HASH="$(prefetch-yarn-deps "$repo/yarn.lock")"
YARN_HASH="$(nix --extra-experimental-features nix-command hash to-sri --type sha256 "$YARN_HASH")"
# update
cp "$repo/Gemfile" "$repo/Gemfile.lock" "$repo/yarn.lock" "$dir/"
nix-update docuseal --version "$latest"
nix-update docuseal --subpackage "docusealWeb"
nixfmt "$dir/gemset.nix"

6605
pkgs/by-name/do/docuseal/yarn.lock Normal file
View File

File diff suppressed because it is too large Load Diff