plausible: 1.3.0 -> 1.4.0

nixos/modules/services/web-apps/plausible.nix

@@ -5,19 +5,6 @@ with lib;
 let
   cfg = config.services.plausible;
 
-  # FIXME consider using LoadCredential as soon as it actually works.
-  envSecrets = ''
-    ADMIN_USER_PWD="$(<${cfg.adminUser.passwordFile})"
-    export ADMIN_USER_PWD # separate export to make `set -e` work
-
-    SECRET_KEY_BASE="$(<${cfg.server.secretKeybaseFile})"
-    export SECRET_KEY_BASE # separate export to make `set -e` work
-
-    ${optionalString (cfg.mail.smtp.passwordFile != null) ''
-      SMTP_USER_PWD="$(<${cfg.mail.smtp.passwordFile})"
-      export SMTP_USER_PWD # separate export to make `set -e` work
-    ''}
-  '';
 in {
   options.services.plausible = {
     enable = mkEnableOption "plausible";
@@ -184,13 +171,15 @@ in {
       enable = true;
     };
 
+    services.epmd.enable = true;
+
     systemd.services = mkMerge [
       {
         plausible = {
           inherit (pkgs.plausible.meta) description;
           documentation = [ "https://plausible.io/docs/self-hosting" ];
           wantedBy = [ "multi-user.target" ];
-          after = optional cfg.database.postgres.setup "plausible-postgres.service";
+          after = optionals cfg.database.postgres.setup [ "postgresql.service" "plausible-postgres.service" ];
           requires = optional cfg.database.clickhouse.setup "clickhouse.service"
             ++ optionals cfg.database.postgres.setup [
               "postgresql.service"
@@ -200,7 +189,7 @@ in {
           environment = {
             # NixOS specific option to avoid that it's trying to write into its store-path.
             # See also https://github.com/lau/tzdata#data-directory-and-releases
-            TZDATA_DIR = "/var/lib/plausible/elixir_tzdata";
+            STORAGE_DIR = "/var/lib/plausible/elixir_tzdata";
 
             # Configuration options from
             # https://plausible.io/docs/self-hosting-configuration
@@ -231,49 +220,52 @@ in {
 
           path = [ pkgs.plausible ]
             ++ optional cfg.database.postgres.setup config.services.postgresql.package;
+          script = ''
+            export CONFIG_DIR=$CREDENTIALS_DIRECTORY
+
+            # setup
+            ${pkgs.plausible}/createdb.sh
+            ${pkgs.plausible}/migrate.sh
+            ${optionalString cfg.adminUser.activate ''
+              if ! ${pkgs.plausible}/init-admin.sh | grep 'already exists'; then
+                psql -d plausible <<< "UPDATE users SET email_verified=true;"
+              fi
+            ''}
+            plausible start
+          '';
 
           serviceConfig = {
             DynamicUser = true;
             PrivateTmp = true;
             WorkingDirectory = "/var/lib/plausible";
             StateDirectory = "plausible";
-            ExecStartPre = "@${pkgs.writeShellScript "plausible-setup" ''
-              set -eu -o pipefail
-              ${envSecrets}
-              ${pkgs.plausible}/createdb.sh
-              ${pkgs.plausible}/migrate.sh
-              ${optionalString cfg.adminUser.activate ''
-                if ! ${pkgs.plausible}/init-admin.sh | grep 'already exists'; then
-                  psql -d plausible <<< "UPDATE users SET email_verified=true;"
-                fi
-              ''}
-            ''} plausible-setup";
-            ExecStart = "@${pkgs.writeShellScript "plausible" ''
-              set -eu -o pipefail
-              ${envSecrets}
-              plausible start
-            ''} plausible";
+            LoadCredential = [
+              "ADMIN_USER_PWD:${cfg.adminUser.passwordFile}"
+              "SECRET_KEY_BASE:${cfg.server.secretKeybaseFile}"
+            ] ++ lib.optionals (cfg.mail.smtp.passwordFile != null) [ "SMTP_USER_PWD:${cfg.mail.smtp.passwordFile}"];
           };
         };
       }
       (mkIf cfg.database.postgres.setup {
         # `plausible' requires the `citext'-extension.
         plausible-postgres = {
           after = [ "postgresql.service" ];
-          bindsTo = [ "postgresql.service" ];
-          requiredBy = [ "plausible.service" ];
           partOf = [ "plausible.service" ];
-          serviceConfig.Type = "oneshot";
-          unitConfig.ConditionPathExists = "!/var/lib/plausible/.db-setup";
-          script = ''
-            mkdir -p /var/lib/plausible/
+          serviceConfig = {
+            Type = "oneshot";
+            User = config.services.postgresql.superUser;
+            RemainAfterExit = true;
+          };
+          script = with cfg.database.postgres; ''
             PSQL() {
-              /run/wrappers/bin/sudo -Hu postgres ${config.services.postgresql.package}/bin/psql --port=5432 "$@"
+              ${config.services.postgresql.package}/bin/psql --port=5432 "$@"
             }
-            PSQL -tAc "CREATE ROLE plausible WITH LOGIN;"
-            PSQL -tAc "CREATE DATABASE plausible WITH OWNER plausible;"
-            PSQL -d plausible -tAc "CREATE EXTENSION IF NOT EXISTS citext;"
-            touch /var/lib/plausible/.db-setup
+            # check if the database already exists
+            if ! PSQL -lqt | ${pkgs.coreutils}/bin/cut -d \| -f 1 | ${pkgs.gnugrep}/bin/grep -qw ${dbname} ; then
+              PSQL -tAc "CREATE ROLE plausible WITH LOGIN;"
+              PSQL -tAc "CREATE DATABASE ${dbname} WITH OWNER plausible;"
+              PSQL -d ${dbname} -tAc "CREATE EXTENSION IF NOT EXISTS citext;"
+            fi
           '';
         };
       })

pkgs/servers/web-apps/plausible/default.nix

@@ -5,43 +5,35 @@
 , glibcLocales
 , cacert
 , mkYarnModules
+, fetchYarnDeps
 , nodejs
-, fetchpatch
 , nixosTests
 }:
 
 let
   pname = "plausible";
-  version = "1.3.0";
+  version = "1.4.0";
 
   src = fetchFromGitHub {
     owner = "plausible";
     repo = "analytics";
     rev = "v${version}";
-    sha256 = "03lm1f29gwwixnhgjish5bhi3m73qyp71ns2sczdnwnbhrw61zps";
+    sha256 = "1d31y7mwvml17w97dm5c4312n0ciq39kf4hz3g80hdzbbn72mi4q";
   };
 
   # TODO consider using `mix2nix` as soon as it supports git dependencies.
   mixFodDeps = beamPackages.fetchMixDeps {
     pname = "${pname}-deps";
     inherit src version;
-    sha256 = "1x0if0ifk272vcqjlgf097pxsw13bhwy8vs0b89l0bssx1bzygsi";
-
-    # We need ecto 3.6 as this version checks whether the database exists before
-    # trying to create it. The creation attempt would always require super-user privileges
-    # and since 3.6 this isn't the case anymore.
-    patches = [
-      ./ecto_sql-fix.patch
-      ./plausible-Bump-clickhouse_ecto-dependency-to-be-compatible-with-ecto-3.6.patch
-    ];
+    sha256 = "1ikcskp4gvvdprl65x1spijdc8dz6klnrnkvgy2jbk0b3d7yn1v5";
   };
 
   yarnDeps = mkYarnModules {
     pname = "${pname}-yarn-deps";
     inherit version;
     packageJSON = ./package.json;
-    yarnNix = ./yarn.nix;
     yarnLock = ./yarn.lock;
+    yarnNix = ./yarn.nix;
     preBuild = ''
       mkdir -p tmp/deps
       cp -r ${mixFodDeps}/phoenix tmp/deps/phoenix
@@ -57,19 +49,6 @@ beamPackages.mixRelease {
 
   nativeBuildInputs = [ nodejs ];
 
-  patches = [
-    # Allow socket-authentication against postgresql. Upstream PR is
-    # https://github.com/plausible/analytics/pull/1052
-    (fetchpatch {
-      url = "https://github.com/Ma27/analytics/commit/f2ee5892a6c3e1a861d69ed30cac43e05e9cd36f.patch";
-      sha256 = "sha256-JvJ7xlGw+tHtWje+jiQChVC4KTyqqdq2q+MIcOv/k1o=";
-    })
-
-    # Ensure that `tzdata` doesn't write into its store-path
-    # https://github.com/plausible/analytics/pull/1096, but rebased onto 1.3.0
-    ./tzdata-rebased.patch
-  ];
-
   passthru = {
     tests = { inherit (nixosTests) plausible; };
     updateScript = ./update.sh;

pkgs/servers/web-apps/plausible/package.json

@@ -3,45 +3,55 @@
   "license": "MIT",
   "scripts": {
     "deploy": "$(npm bin)/webpack --mode production",
-    "watch": "$(npm bin)/webpack --mode development --watch"
+    "watch": "$(npm bin)/webpack --mode development --watch",
+    "format": "$(npm bin)/prettier --write {css,js}/**",
+    "check-format": "$(npm bin)/prettier --check {css,js}/**",
+    "lint": "$(npm bin)/eslint js/**"
   },
   "dependencies": {
-    "@babel/core": "^7.11.1",
-    "@babel/preset-env": "^7.11.0",
-    "@babel/preset-react": "^7.10.4",
-    "@tailwindcss/aspect-ratio": "^0.2.0",
-    "@tailwindcss/forms": "^0.2.1",
-    "@tailwindcss/typography": "^0.3.1",
-    "abortcontroller-polyfill": "^1.5.0",
-    "alpinejs": "^2.7.3",
-    "autoprefixer": "^9.8.6",
-    "babel-loader": "^8.1.0",
-    "chart.js": "^2.9.3",
-    "copy-webpack-plugin": "^6.0.3",
-    "css-loader": "^3.6.0",
+    "@babel/core": "^7.14.3",
+    "@babel/preset-env": "^7.14.4",
+    "@babel/preset-react": "^7.13.13",
+    "@headlessui/react": "^1.3.0",
+    "@heroicons/react": "^1.0.1",
+    "@juggle/resize-observer": "^3.3.1",
+    "@kunukn/react-collapse": "^2.2.9",
+    "@tailwindcss/aspect-ratio": "^0.2.1",
+    "@tailwindcss/forms": "^0.3.2",
+    "@tailwindcss/typography": "^0.4.1",
+    "abortcontroller-polyfill": "^1.7.3",
+    "alpinejs": "^2.8.2",
+    "autoprefixer": "^10.2.6",
+    "babel-loader": "^8.2.2",
+    "chart.js": "^3.3.2",
+    "classnames": "^2.3.1",
+    "copy-webpack-plugin": "^9.0.0",
+    "css-loader": "^5.2.6",
+    "css-minimizer-webpack-plugin": "^3.0.1",
     "datamaps": "^0.5.9",
-    "iframe-resizer": "^4.3.1",
-    "mini-css-extract-plugin": "^0.8.2",
-    "optimize-css-assets-webpack-plugin": "^5.0.3",
+    "debounce-promise": "^3.1.2",
+    "downshift": "^6.1.3",
+    "iframe-resizer": "^4.3.2",
+    "mini-css-extract-plugin": "^1.6.0",
     "phoenix": "file:../../tmp/deps/phoenix",
     "phoenix_html": "file:../../tmp/deps/phoenix_html",
-    "postcss": "^7.0.35",
-    "postcss-loader": "^4.0.4",
+    "postcss": "^8.3.0",
+    "postcss-loader": "^6.1.1",
     "react": "^16.13.1",
     "react-dom": "^16.13.1",
-    "react-flatpickr": "^3.10.5",
+    "react-flatpickr": "3.10.5",
     "react-flip-move": "^3.0.4",
     "react-router-dom": "^5.2.0",
-    "react-transition-group": "^4.4.1",
-    "tailwindcss": "2.0.1-compat",
-    "terser-webpack-plugin": "^4.2.3",
-    "url-search-params-polyfill": "^8.0.0",
-    "webpack": "4.39.2",
-    "webpack-cli": "^3.3.12"
+    "react-transition-group": "^4.4.2",
+    "tailwindcss": "^2.1.2",
+    "terser-webpack-plugin": "^5.1.2",
+    "url-search-params-polyfill": "^8.1.1",
+    "webpack": "5.38.1",
+    "webpack-cli": "^4.7.0"
   },
   "devDependencies": {
+    "babel-eslint": "^10.1.0",
     "eslint": "^7.2.0",
-    "eslint-config-airbnb": "^18.2.0",
     "eslint-config-prettier": "^7.0.0",
     "eslint-plugin-import": "^2.22.1",
     "eslint-plugin-jsx-a11y": "^6.4.1",
@@ -50,8 +60,9 @@
     "eslint-plugin-react-hooks": "^4.2.0",
     "stylelint": "^13.8.0",
     "stylelint-config-prettier": "^8.0.2",
-    "stylelint-config-standard": "^20.0.0"
+    "stylelint-config-standard": "^20.0.0",
+    "webpack-bundle-analyzer": "^4.4.2"
   },
   "name": "plausible",
-  "version": "v1.3.0"
+  "version": "v1.4.0"
 }

pkgs/servers/web-apps/plausible/update.sh

@@ -6,9 +6,6 @@
 #
 # * Add correct `name`/`version` field to `package.json`, otherwise `yarn2nix` fails to
 #   find required dependencies.
-# * Keep `tailwindcss` on version 2.0.1-compat (on `yarn` it will be upgraded due to the `^`).
-#   This is needed to make sure the entire build still works with `postcss-7` (needed
-#   by plausible).
 # * Adjust `file:`-dependencies a bit for the structure inside a Nix build.
 # * Update hashes for the tarball & the fixed-output drv with all `mix`-dependencies.
 # * Generate `yarn.lock` & `yarn.nix` in a temporary directory.
@@ -29,10 +26,9 @@ fi
 SRC="https://raw.githubusercontent.com/plausible/analytics/${latest}"
 
 package_json="$(curl -qf "$SRC/assets/package.json")"
-export fixed_tailwind_version="$(jq '.dependencies.tailwindcss' -r <<< "$package_json" | sed -e 's,^^,,g')"
 
 echo "$package_json" \
-  | jq '. + {"name":"plausible","version": $ENV.latest} | .dependencies.tailwindcss = $ENV.fixed_tailwind_version' \
+  | jq '. + {"name":"plausible","version": $ENV.latest}' \
   | sed -e 's,../deps/,../../tmp/deps/,g' \
   > $dir/package.json
 
@@ -58,7 +54,6 @@ cp -r "$(nix-build -A plausible.mixFodDeps)" "$tmp_setup_dir/deps"
 chmod -R u+rwx "$tmp_setup_dir"
 
 pushd $tmp_setup_dir/assets
-jq < package.json '.dependencies.tailwindcss = "'"$fixed_tailwind_version"'"' | sponge package.json
 yarn
 yarn2nix > "$dir/yarn.nix"
 cp yarn.lock "$dir/yarn.lock"