93a746aaaa
So here is what has been keeping me up at night: At some point I
realized that nix actually made a somewhat passable language for CGI
programming:
* That `builtins.getEnv` exists as one of the impurities of Nix is
perfect as environment variables are the main way of communication
from the web server to the CGI application.
* We can actually read from the filesystem via builtins.readDir and
builtins.readFile with bearable overhead if we avoid importing the
used paths into the nix store.
* Templating and routing are convenient to implement via indented strings
and attribute sets respectively.
Of course there are obvious limitation:
* The overhead of derivations is probably much to great for them to be
useful via IfD.
* Even without derivations, nix evaluation is very slow to the point
were a trivial application takes between 100ms and 400ms to produce a
response.
* We can't really cause effects other than producing a response which
makes it not viable for a lot of applications. There are some ways
around this:
* With a custom interpreter we could have streaming and multiplexed
I/O (using lazy lists emulated via attrsets) to cause such effects,
but it would probably perform terribly.
* We can use builtins.fetchurl to call other HTTP-based microservices,
but only in very limited constraints, i. e. only GET, no headers,
and only if the tarball ttl is set to 0 in the global nix.conf.
* Terrible error handling capabilities because builtins.tryEval actually
doesn't catch a lot of errors.
To prove that it actually works, there are some demo applications,
which I invite you to run and potentially break horribly:
nix-build -A web.bubblegum.examples && ./result
# navigate to http://localhost:9000
The setup uses thttpd and executes the nix CGI scripts using
users.sterni.nint which automatically passed `depot`, so they can
import the cgi library.
Change-Id: I3a22a749612211627e5f8301c31ec2e7a872812c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2746
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
61 lines
1.4 KiB
Nix
61 lines
1.4 KiB
Nix
{ depot, pkgs, lib, ... }:
|
|
|
|
let
|
|
|
|
scripts = [
|
|
./hello.nix
|
|
./derivation-svg.nix
|
|
(substituteAll {
|
|
src = ./blog.nix;
|
|
# by making this a plain string this
|
|
# can be something outside the nix store!
|
|
blogdir = ./posts;
|
|
})
|
|
];
|
|
|
|
inherit (depot.nix)
|
|
writeExecline
|
|
runExecline
|
|
getBins
|
|
;
|
|
|
|
inherit (depot.web.bubblegum)
|
|
writeCGI
|
|
;
|
|
|
|
inherit (pkgs)
|
|
runCommandLocal
|
|
substituteAll
|
|
;
|
|
|
|
bins = (getBins pkgs.thttpd [ "thttpd" ])
|
|
// (getBins pkgs.coreutils [ "printf" "cp" "mkdir" ]);
|
|
|
|
webRoot =
|
|
let
|
|
copyScripts = lib.concatMap
|
|
(path: let
|
|
cgi = writeCGI {
|
|
# assume we are on NixOS since thttpd doesn't set PATH.
|
|
# using third_party.nix is tricky because not everyone
|
|
# has a tvix daemon running.
|
|
binPath = "/run/current-system/sw/bin";
|
|
} path;
|
|
in [
|
|
"if" [ bins.cp cgi "\${out}/${cgi.name}" ]
|
|
]) scripts;
|
|
in runExecline.local "webroot" {} ([
|
|
"importas" "out" "out"
|
|
"if" [ bins.mkdir "-p" "$out" ]
|
|
] ++ copyScripts);
|
|
|
|
port = 9000;
|
|
|
|
in
|
|
writeExecline "serve-examples" {} [
|
|
"foreground" [
|
|
bins.printf "%s\n" "Running on http://localhost:${toString port}"
|
|
]
|
|
"${bins.thttpd}" "-D" "-p" (toString port) "-l" "/dev/stderr"
|
|
"-c" "*.nix" "-d" webRoot
|
|
]
|