fix relative path computation

README.md

@@ -1,2 +1,29 @@
-# Fediversity
+# The Fediversity project
 
+This repository contains all the code and code-related files having to do with
+[the Fediversity project](https://fediversity.eu/), with the notable exception
+of [NixOps4 that is hosted on GitHub](https://github.com/nixops4/nixops4).
+
+## Content of this repository
+
+Most of the directories in this repository have their own README going into more
+details as to what they are for. As an overview:
+
+- [`deployment/`](./deployment) contains bits and pieces having to do with
+  auto-deployment of test VMs on a private Proxmox.
+
+- [`infra/`](./infra) contains the configurations for the various VMs that are
+  in production for the project, for instance the Git instances or the Wiki.
+
+- [`matrix/`](./matrix) contains everything having to do with setting up a
+  fully-featured Matrix server.
+
+- [`server/`](./server) contains the configuration of the VM hosting the
+  website. This should be integrated into `infra/` shortly in the future, as
+  tracked in https://git.fediversity.eu/Fediversity/Fediversity/issues/31.
+
+- [`services/`](./services) contains our effort to make Fediverse applications
+  work seemlessly together in our specific setting.
+
+- [`website/`](./website) contains the framework and the content of [the
+  Fediversity website](https://fediversity.eu/)

flake.lock

@@ -703,16 +703,16 @@
     },
     "nixpkgs_5": {
       "locked": {
-        "lastModified": 1727672256,
+        "lastModified": 1732350895,
-        "narHash": "sha256-9/79hjQc9+xyH+QxeMcRsA6hDyw6Z9Eo1/oxjvwirLk=",
+        "narHash": "sha256-GcOQbOgmwlsRhpLGSwZJwLbo3pu9ochMETuRSS1xpz4=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "1719f27dd95fd4206afb9cec9f415b539978827e",
+        "rev": "0c582677378f2d9ffcb01490af2f2c678dcb29d3",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-24.05",
+        "ref": "nixos-24.11",
         "repo": "nixpkgs",
         "type": "github"
       }

flake.nix

@@ -1,6 +1,6 @@
 {
   inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
     flake-parts.url = "github:hercules-ci/flake-parts";
     git-hooks.url = "github:cachix/git-hooks.nix";
 

infra/common/users.nix

@@ -33,7 +33,7 @@
 
   ## FIXME: Remove direct root authentication once NixOps4 supports users with
   ## password-less sudo.
-  users.root.openssh.authorizedKeys.keys = [
+  users.users.root.openssh.authorizedKeys.keys = [
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEElREJN0AC7lbp+5X204pQ5r030IbgCllsIxyU3iiKY"
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJg5TlS1NGCRZwMjDgBkXeFUXqooqRlM8fJdBAQ4buPg"
   ];

infra/flake-part.nix

@@ -67,10 +67,7 @@
           };
           nixpkgs = inputs.nixpkgs;
           nixos.module = {
-            imports = [
+            imports = [ ./vm02187 ];
-              ./vm02187/configuration.nix
-              ./vm02187/hardware-configuration.nix
-            ];
           };
         };
       };

infra/vm02116/forgejo.nix

@@ -5,6 +5,7 @@ in
 {
   services.forgejo = {
     enable = true;
+    lfs.enable = true;
     settings = {
       service = {
         DISABLE_REGISTRATION = true;

infra/vm02187/default.nix

@@ -1,4 +1,15 @@
 {
+  imports = [
+    ../common
+    ./wiki.nix
+  ];
+
+  procolix.vm = {
+    name = "vm02187";
+    ip4 = "185.206.232.187";
+    ip6 = "2a00:51c0:12:1201::187";
+  };
+
   fileSystems."/" = {
     device = "/dev/disk/by-uuid/a46a9c46-e32b-4216-a4aa-8819b2cd0d49";
     fsType = "ext4";

infra/vm02187/wiki.nix

@@ -1,14 +1,6 @@
 { pkgs, ... }:
 
 {
-  imports = [ ../common ];
-
-  procolix.vm = {
-    name = "vm02187";
-    ip4 = "185.206.232.187";
-    ip6 = "2a00:51c0:12:1201::187";
-  };
-
   services.phpfpm.pools.mediawiki.phpOptions = ''
     upload_max_filesize = 1024M;
     post_max_size = 1024M;

website/README.md

@@ -30,6 +30,26 @@ Structured content is managed through Nix expressions, and copy is written in [C
 
 - Edit any of the files, see [repository layout](#repository-layout) for guidance
 
+# Testing
+
+As a derivation, e.g. for CI:
+
+```bash
+nix-build -A tests
+```
+
+In the development shell:
+
+```bash
+run-tests
+```
+
+Running tests in a loop on source code changes:
+
+```bash
+test-loop
+```
+
 # Repository layout
 
 - [content](./content)

website/default.nix

@@ -14,16 +14,11 @@ let
     in
     new // { types = prev.recursiveUpdate prev.types new.types; };
   lib'' = lib.extend lib';
-  # TODO: update when the PR to expose `pkgs.devmode` is merged
+
-  #       https://github.com/NixOS/nixpkgs/pull/354556
-  devmode = pkgs.callPackage "${sources.devmode-reusable}/pkgs/by-name/de/devmode/package.nix" {
-    buildArgs = "${toString ./.} -A build --show-trace";
-    open = "/index.html";
-  };
 in
 rec {
-  lib = import ./lib.nix { inherit lib; };
+  lib = lib'';
-  result = lib''.evalModules {
+  result = lib.evalModules {
     modules = [
       ./structure
       ./content
@@ -38,11 +33,36 @@ rec {
 
   inherit (result.config) build;
 
-  shell = pkgs.mkShellNoCC {
+  shell =
-    packages = with pkgs; [
+    let
-      cmark
+      run-tests = pkgs.writeShellApplication {
-      npins
+        name = "run-tests";
-      devmode
+        text = with pkgs; with lib; ''
-    ];
+          ${getExe nix-unit} ${toString ./tests.nix} "$@"
-  };
+        '';
+      };
+      test-loop = pkgs.writeShellApplication {
+        name = "test-loop";
+        text = with pkgs; with lib; ''
+          ${getExe watchexec} -w ${toString ./.} -- ${getExe nix-unit} ${toString ./tests.nix}
+        '';
+      };
+      devmode = pkgs.devmode.override {
+        buildArgs = "${toString ./.} -A build --show-trace";
+        open = "/index.html";
+      };
+    in
+    pkgs.mkShellNoCC {
+      packages = [
+        pkgs.npins
+        run-tests
+        test-loop
+        devmode
+      ];
+    };
+
+  tests = with pkgs; with lib; runCommand "run-tests" { } ''
+    touch $out
+    ${getExe nix-unit} ${./tests.nix} "$@"
+  '';
 }

website/lib.nix

@@ -99,22 +99,22 @@ rec {
   relativePath = path1': path2':
     let
       inherit (lib.path) subpath;
-      inherit (lib) lists;
+      inherit (lib) lists length take drop min max;
+      inherit (lists) replicate findFirstIndex zipLists;
 
       path1 = subpath.components path1';
-      prefix1 = with lib; take (length path1 - 1) path1;
       path2 = subpath.components path2';
-      prefix2 = with lib; take (length path1 - 1) path2;
+      prefix1 = take (length path1 - 1) path1;
 
-      commonPrefixLength = with lists;
+      common-prefix-length = findFirstIndex (i: i.fst != i.snd)
-        findFirstIndex (i: i.fst != i.snd)
+        (min (length prefix1) (length path2 - 1))
-          (length prefix1)
+        (zipLists prefix1 path2);
-          (zipLists prefix1 prefix2);
+      parent-levels = max 0 (length prefix1 - common-prefix-length);
-
+      relative-components = [ "." ] ++
-      relativeComponents = with lists;
+        (replicate parent-levels "..") ++
-        [ "." ] ++ (replicate (length prefix1 - commonPrefixLength) "..") ++ (drop commonPrefixLength path2);
+        (drop common-prefix-length path2);
     in
-    join "/" relativeComponents;
+    join "/" relative-components;
 
   /**
     Recursively list all Nix files from a directory, except the top-level `default.nix`

website/npins/sources.json

@@ -1,22 +1,22 @@
 {
   "pins": {
-    "devmode-reusable": {
+    "nix-unit": {
       "type": "Git",
       "repository": {
         "type": "GitHub",
-        "owner": "fricklerhandwerk",
+        "owner": "nix-community",
-        "repo": "nixpkgs"
+        "repo": "nix-unit"
       },
-      "branch": "refactor-devmode",
+      "branch": "main",
-      "revision": "f0746a6690939987734d6519a2e3daf28ed36d87",
+      "revision": "2071bbb765681ac3d8194ec560c8b27ff2a3b541",
-      "url": "https://github.com/fricklerhandwerk/nixpkgs/archive/f0746a6690939987734d6519a2e3daf28ed36d87.tar.gz",
+      "url": "https://github.com/nix-community/nix-unit/archive/2071bbb765681ac3d8194ec560c8b27ff2a3b541.tar.gz",
-      "hash": "011kg3c2mfy7y808llpmq3hf6vv6rlazx8m11w41pnym4kwr3ivz"
+      "hash": "0blz1kcmn9vnr9q3iqp2mv13hv3pdccljmmc54f8j7ybf5v0wgmp"
     },
     "nixpkgs": {
       "type": "Channel",
       "name": "nixpkgs-unstable",
-      "url": "https://releases.nixos.org/nixpkgs/nixpkgs-24.11pre691017.b69de56fac8c/nixexprs.tar.xz",
+      "url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.05pre711046.8edf06bea5bc/nixexprs.tar.xz",
-      "hash": "0z32pj0lh5ng2a6cn0qfmka8cynnygckn5615mkaxq2aplkvgzx3"
+      "hash": "1mwsn0rvfm603svrq3pca4c51zlix5gkyr4gl6pxhhq3q6xs5s8y"
     }
   },
   "version": 3

website/tests.nix

@@ -0,0 +1,21 @@
+# tests written for running with `nix-unit`
+# https://github.com/nix-community/nix-unit
+let
+  inherit (import ./. { }) lib;
+in
+{
+  test-relativePath = with lib;
+    let
+      testData = [
+        { from = "bar"; to = "baz"; expected = "./baz"; }
+        { from = "foo/bar"; to = "foo/baz"; expected = "./baz"; }
+        { from = "foo"; to = "bar/baz"; expected = "./bar/baz"; }
+        { from = "foo/bar"; to = "baz"; expected = "./../baz"; }
+        { from = "foo/bar/baz"; to = "foo"; expected = "./../../foo"; }
+      ];
+    in
+    {
+      expr = map (case: relativePath case.from case.to) testData;
+      expected = map (case: case.expected) testData;
+    };
+}