Merge pull request #130954 from mayflower/meshcentral

meshcentral: init package and module
This commit is contained in:
Robin Gloster 2021-08-02 17:40:30 +02:00 committed by GitHub
commit 947c6589c5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 15632 additions and 0 deletions

View file

@ -140,6 +140,15 @@
<link linkend="opt-services.mx-puppet-discord.enable">services.mx-puppet-discord</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://www.meshcommander.com/meshcentral2/overview">MeshCentral</link>,
a remote administration service (<quote>TeamViewer but
self-hosted and with more features</quote>) is now available
with a package and a module:
<link linkend="opt-services.meshcentral.enable">services.meshcentral.enable</link>
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-21.11-incompatibilities">

View file

@ -43,6 +43,8 @@ pt-services.clipcat.enable).
- [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord), a discord puppeting bridge for matrix. Available as [services.mx-puppet-discord](#opt-services.mx-puppet-discord.enable).
- [MeshCentral](https://www.meshcommander.com/meshcentral2/overview), a remote administration service ("TeamViewer but self-hosted and with more features") is now available with a package and a module: [services.meshcentral.enable](#opt-services.meshcentral.enable)
## Backward Incompatibilities {#sec-release-21.11-incompatibilities}
- The `staticjinja` package has been upgraded from 1.0.4 to 3.0.1

View file

@ -236,6 +236,7 @@
./security/doas.nix
./security/systemd-confinement.nix
./security/tpm2.nix
./services/admin/meshcentral.nix
./services/admin/oxidized.nix
./services/admin/salt/master.nix
./services/admin/salt/minion.nix

View file

@ -0,0 +1,53 @@
{ config, pkgs, lib, ... }:
let
cfg = config.services.meshcentral;
configFormat = pkgs.formats.json {};
configFile = configFormat.generate "meshcentral-config.json" cfg.settings;
in with lib; {
options.services.meshcentral = with types; {
enable = mkEnableOption "MeshCentral computer management server";
package = mkOption {
description = "MeshCentral package to use. Replacing this may be necessary to add dependencies for extra functionality.";
type = types.package;
default = pkgs.meshcentral;
defaultText = "pkgs.meshcentral";
};
settings = mkOption {
description = ''
Settings for MeshCentral. Refer to upstream documentation for details:
<itemizedlist>
<listitem><para><link xlink:href="https://github.com/Ylianst/MeshCentral/blob/master/meshcentral-config-schema.json">JSON Schema definition</link></para></listitem>
<listitem><para><link xlink:href="https://github.com/Ylianst/MeshCentral/blob/master/sample-config.json">simple sample configuration</link></para></listitem>
<listitem><para><link xlink:href="https://github.com/Ylianst/MeshCentral/blob/master/sample-config-advanced.json">complex sample configuration</link></para></listitem>
<listitem><para><link xlink:href="https://www.meshcommander.com/meshcentral2">Old homepage) with documentation link</link></para></listitem>
</itemizedlist>
'';
type = types.submodule {
freeformType = configFormat.type;
};
example = {
settings = {
WANonly = true;
Cert = "meshcentral.example.com";
TlsOffload = "10.0.0.2,fd42::2";
Port = 4430;
};
domains."".certUrl = "https://meshcentral.example.com/";
};
};
};
config = mkIf cfg.enable {
services.meshcentral.settings.settings.autoBackup.backupPath = lib.mkDefault "/var/lib/meshcentral/backups";
systemd.services.meshcentral = {
wantedBy = ["multi-user.target"];
serviceConfig = {
ExecStart = "${cfg.package}/bin/meshcentral --datapath /var/lib/meshcentral --configfile ${configFile}";
DynamicUser = true;
StateDirectory = "meshcentral";
CacheDirectory = "meshcentral";
};
};
};
meta.maintainers = [ maintainers.lheckemann ];
}

View file

@ -0,0 +1,36 @@
{ lib, fetchpatch, fetchzip, yarn2nix-moretea, nodejs, jq, dos2unix }:
yarn2nix-moretea.mkYarnPackage rec {
version = "0.8.87";
src = fetchzip {
url = "https://registry.npmjs.org/meshcentral/-/meshcentral-0.8.87.tgz";
sha256 = "1jb65pvbld83mdjdb4f4z2brqsdh3b1mvnjdhbllcsn35m705cp5";
};
packageJSON = ./package.json;
yarnLock = ./yarn.lock;
yarnNix = ./yarn.nix;
# Tarball has CRLF line endings. This makes patching difficult, so let's convert them.
nativeBuildInputs = [ dos2unix ];
prePatch = ''
find . -name '*.js' -exec dos2unix {} +
ln -snf meshcentral.js bin/meshcentral
'';
preFixup = ''
mkdir -p $out/bin
chmod a+x $out/libexec/meshcentral/deps/meshcentral/meshcentral.js
sed -i '1i#!${nodejs}/bin/node' $out/libexec/meshcentral/deps/meshcentral/meshcentral.js
ln -s $out/libexec/meshcentral/deps/meshcentral/meshcentral.js $out/bin/meshcentral
'';
publishBinsFor = [ ];
meta = with lib; {
description = "Computer management web app";
homepage = "https://meshcentral.com/info/";
maintainers = [ maintainers.lheckemann ];
license = licenses.asl20;
};
}

View file

@ -0,0 +1,123 @@
{
"name": "meshcentral",
"version": "0.8.87",
"keywords": [
"Remote Device Management",
"Remote Device Monitoring",
"Remote Desktop",
"Remote Terminal",
"Remote File Access",
"KVM",
"2FA",
"Two-Factor Authentication",
"Intel Active Management Technology",
"Intel AMT"
],
"homepage": "https://meshcentral.com",
"description": "Web based remote computer management server",
"author": "Ylian Saint-Hilaire <ylianst@gmail.com>",
"main": "meshcentral.js",
"bin": {
"meshcentral": "bin/meshcentral"
},
"license": "Apache-2.0",
"files": [
"*.js",
"amt",
"bin",
"views",
"emails",
"agents",
"public",
"translate",
"readme.txt",
"license.txt",
"sample-config.json",
"sample-config-advanced.json"
],
"dependencies": {
"body-parser": "^1.19.0",
"cbor": "~5.2.0",
"compression": "^1.7.4",
"cookie-session": "^2.0.0-beta.3",
"express": "^4.17.0",
"express-handlebars": "^3.1.0",
"express-ws": "^4.0.0",
"ipcheck": "^0.1.0",
"minimist": "^1.2.0",
"multiparty": "^4.2.1",
"nedb": "^1.8.0",
"node-forge": "^0.10.0",
"ws": "^5.2.3",
"xmldom": "^0.5.0",
"yauzl": "^2.10.0"
},
"repository": {
"type": "git",
"url": "https://github.com/Ylianst/MeshCentral.git"
},
"readme": "readme.txt",
"optionalDependencies": {
"passport": "*",
"passport-twitter": "*",
"passport-google-oauth20": "*",
"passport-github2": "*",
"passport-reddit": "*",
"passport-azure-oauth2": "*",
"jwt-simple": "*",
"passport-saml": "*",
"ws": "5.2.3",
"cbor": "5.2.0",
"nedb": "*",
"https": "*",
"yauzl": "*",
"xmldom": "*",
"ipcheck": "*",
"express": "*",
"archiver": "4.0.2",
"multiparty": "*",
"node-forge": "*",
"express-ws": "4.0.0",
"compression": "*",
"body-parser": "*",
"cookie-session": "*",
"express-handlebars": "*",
"node-windows": "*",
"loadavg-windows": "*",
"node-sspi": "*",
"ldapauth-fork": "*",
"node-rdpjs-2": "*",
"ssh2": "*",
"image-size": "*",
"acme-client": "*",
"aedes": "0.39.0",
"mysql": "*",
"@mysql/xdevapi": "*",
"mongodb": "*",
"saslprep": "*",
"mariadb": "*",
"node-vault": "*",
"semver": "*",
"https-proxy-agent": "*",
"mongojs": "*",
"nodemailer": "*",
"@sendgrid/mail": "*",
"jsdom": "*",
"esprima": "*",
"minify-js": "*",
"html-minifier": "*",
"archiver-zip-encrypted": "*",
"googleapis": "*",
"webdav": "*",
"wildleek": "2.0.0",
"yubikeyotp": "*",
"otplib": "10.2.3",
"twilio": "*",
"plivo": "*",
"web-push": "*",
"node-xcs": "*",
"modern-syslog": "*",
"syslog": "*",
"heapdump": "*"
}
}

View file

@ -0,0 +1,50 @@
#!/usr/bin/env nix-shell
#! nix-shell -i bash -p nodejs yarn yarn2nix jq rsync common-updater-scripts moreutils
set -exuo pipefail
expr_dir=$(cd "$(dirname "$0")"; pwd)
tmp=$(mktemp -dt update-meshcentral.XXXXXX)
npm show --json meshcentral > "$tmp/npm.json"
version=$(<"$tmp/npm.json" jq -r .version)
tarball=$(<"$tmp/npm.json" jq -r .dist.tarball)
prefetch=$(nix-prefetch-url --unpack --print-path "$tarball" | tr '\n' ' ')
read -r hash storePath <<<"$prefetch"
cd "$tmp"
rsync -r --chmod=u=rwX "$storePath/" package/
cd package
# Very crude way of discovering optional dependencies. These are
# fetched at runtime by stock upstream, but we don't allow that kind
# of thing in nix :)
awk <meshcentral.js "
BEGIN { RS=\"[\n;]\" }
match(\$0, /(modules|passport) = (\[.*\])$/, a) { print a[2] }
match(\$0, /(modules|passport).push\(('[^']+')\)/, a) { print a[2] }
" |
tr \' \" |
jq --slurp '[if type == "array" then .[] else . end] | flatten' |
# And an equally crude way of adding them to package.json. We
# can't use yarn add here, because that will blow up on
# dependencies which don't support the current platform. Even with
# --optional.
jq --slurpfile package package.json \
'(. | map(. | capture("(?<name>@?[^@]+)(@(?<version>.+))?") | { key: .name, value: (.version // "*")}) | from_entries) as $optionalDependencies | $package | .[] | .optionalDependencies |= . + $optionalDependencies' |
sponge package.json
# Fetch all the optional dependencies, so we have them available in
# yarn.lock/yarn.nix
yarn install --ignore-scripts
cp package.json "$expr_dir"
cp yarn.lock "$expr_dir/yarn.lock"
yarn2nix > "$expr_dir/yarn.nix"
cd "$expr_dir/../../../.."
update-source-version meshcentral "$version" "$hash" "$tarball"
# Only clean up if everything worked
cd /
rm -rf "$tmp"

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -25740,6 +25740,8 @@ in
merkaartor = libsForQt5.callPackage ../applications/misc/merkaartor { };
meshcentral = callPackage ../tools/admin/meshcentral { };
meshlab = libsForQt5.callPackage ../applications/graphics/meshlab { };
metadata-cleaner = callPackage ../applications/misc/metadata-cleaner { };