Skip to content

Nix support #371

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Nix support #371

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
130 changes: 130 additions & 0 deletions docs/docs/deployment-guide.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,28 @@ title: "Deployment guide"

import SupportedPlatforms from '/snippets/platform-support.mdx'

## Container deployment

The following guide will walk you through the steps to deploy Sourcebot on your own infrastructure. Sourcebot is distributed as a [single docker container](/docs/overview#architecture) that can be deployed to a k8s cluster, a VM, or any platform that supports docker.


### Walkthrough video
---

Watch this 1:51 minute video to get a quick overview of how to deploy Sourcebot using Docker.

<iframe
src="https://www.youtube.com/embed/1_JCr05haWc"
title="YouTube video player"
frameborder="0"
allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
allowfullscreen
className="aspect-video w-full"
></iframe>

### Step-by-step guide
---

<Note>Hit an issue? Please let us know on [GitHub discussions](https://github.com/sourcebot-dev/sourcebot/discussions/categories/support) or by [emailing us](mailto:[email protected]).</Note>

<Steps>
Expand Down Expand Up @@ -72,6 +91,117 @@ The following guide will walk you through the steps to deploy Sourcebot on your
</Step>
</Steps>


## NixOS deployment

<Note>Hit an issue? Please let us know on [GitHub discussions](https://github.com/sourcebot-dev/sourcebot/discussions/categories/support) or by [emailing us](mailto:[email protected]).</Note>

<Steps>
<Step title="Flake.nix input">
Add the Sourcebot flake as an input to your NixOS configuration. This will allow you to use the Sourcebot container in your NixOS deployment.

```nix
inputs.sourcebot.url = "github:sourcebot-dev/sourcebot";
```

Add sourcebot module to your NixOS configuration:

```nix
nixosConfigurations.mysystem = nixpkgs.lib.nixosSystem {
modules = [
inputs.sourcebot.nixosModules.sourcebot
];
}
```
[Learn more about NixOS flakes](/docs/installation/nixos-flakes).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this meant to link to external docs? It seems this is broken since no nixos-flakes docs page exists

</Step>
<Step title="Setup Credentials">
Sourcebot requires a few secrets to be set up before it can run, and code host credentials can be managed using NixOS module too:

- [sops-nix](https://github.com/Mic92/sops-nix) example:

```nix
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: please add additional params to the code snippets to follow the styling of the rest of the document

For example:
bash wrap icon="terminal" Create example config

The icon can be any valid lucide icon: https://lucide.dev/icons/

For more info check out the mintlify docs: https://mintlify.com/docs/code#code-block-options

sops = {
secrets = {
sourcebot-auth-secret.owner = "sourcebot";
sourcebot-encryption-key.owner = "sourcebot";
sourcebot-gitlab-token.owner = "sourcebot";
};
templates = {
sourcebot-env = {
content = ''
AUTH_SECRET=${config.sops.placeholder.sourcebot-auth-secret}
SOURCEBOT_ENCRYPTION_KEY=${config.sops.placeholder.sourcebot-encryption-key}
GITLAB_EXAMPLE_TOKEN=${config.sops.placeholder.sourcebot-gitlab-token}
'';
};
};
};
```

- [agenix](https://github.com/ryantm/agenix) example:

```nix
age.secrets.sourcebot-env.file = ../secrets/sourcebot.age;
```

`sourcebot.age` file should be an environment file in the format:

```
AUTH_SECRET=your-auth-secret
SOURCEBOT_ENCRYPTION_KEY=your-encryption-key
GITLAB_EXAMPLE_TOKEN=your-gitlab-token
```
</Step>
<Step title="Enable Sourcebot">
The following NixOS configuration will enable Sourcebot and set it up to run with the provided configuration.
Additional options could be found in the [source file](../../nix/nixosModule.nix)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems this is meant to link to the nixosModule.nix file in the repo, in which case you have to link to the file itself on GitHub. Mintlify (the docs library we're using) doesn't support linking to files outside of the docs folder like this as far as I'm aware


```nix
services.sourcebot = {
enable = true;
# envFile = config.sops.templates.sourcebot-env.path; # Uncomment if using sops-nix
# envFile = config.age.secrets.sourcebot-env.path; # Uncomment if using agenix
package = pkgs.sourcebot;
logLevel = "info";
dataDir = "/data/sourcebot";
dataCacheDir = "/data/sourcebot/cache";
configPath = "${pkgs.writeText "config" (builtins.toJSON {
"$schema" = "https://raw.githubusercontent.com/sourcebot-dev/sourcebot/main/schemas/v3/index.json";
connections = {
github-public = {
type = "github";
repos = [
"sourcebot-dev/sourcebot"
];
};
gitlab-private = {
type = "gitlab";
url = "https://gitlab.example.com";
all = true;
token = {
env = "GITLAB_EXAMPLE_TOKEN";
};
exclude = {
forks = true;
};
};
};
settings = {
resyncConnectionIntervalMs = 1000 * 60 * 60 * 24 * 7; # 1 week
reindexIntervalMs = 1000 * 60 * 60 * 24 * 7; # 1 week
maxRepoIndexingJobConcurrency = 1000; # 8 default
maxConnectionSyncJobConcurrency = 1000; # 8 default
maxRepoGarbageCollectionJobConcurrency = 1000; # 8 default
};
})}";
};
```
</Step>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: please add the Login and Done steps from the container deployment here. Copy and paste should be fine!

</Steps>



## Next steps
---

Expand Down
133 changes: 133 additions & 0 deletions flake.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

87 changes: 87 additions & 0 deletions flake.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
{
description = "SourceBot - Code search and navigation tool";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
microvm.url = "github:astro/microvm.nix";
microvm.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = {
self,
nixpkgs,
flake-utils,
microvm,
}:
flake-utils.lib.eachSystemPassThrough ["x86_64-linux"] (system: {
nixosModules = rec {
default = sourcebot;
sourcebot = import ./nix/nixosModule.nix self;
};

nixosConfigurations.testing = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
({
pkgs,
lib,
...
}: {
imports = [
self.nixosModules.sourcebot
];
system.stateVersion = "25.05";
boot.isContainer = true; # stop nix flake check complaining about missing root fs
documentation.nixos.enable = false; # skip generating nixos docs
virtualisation.vmVariant = {
boot.isContainer = lib.mkForce false; # let vm variant create a virtual disk
virtualisation.graphics = false; # connect serial console to terminal
};
})
];
};

overlays.default = import ./nix/overlay.nix;
})
// flake-utils.lib.eachSystem ["x86_64-linux"] (
system: let
pkgs = import nixpkgs {
inherit system;
overlays = [self.overlays.default];
};
sourcebotSystem = nixpkgs.lib.nixosSystem {
inherit system pkgs;
modules = [
microvm.nixosModules.microvm
self.nixosModules.sourcebot
./nix/microvm.nix
];
};
in {
packages = rec {
default = sourcebot;
sourcebot = pkgs.callPackage ./nix/sourcebot.nix {};
microvm = sourcebotSystem.config.microvm.declaredRunner;
};

checks.default = pkgs.callPackage ./nix/nixosTest.nix {inherit self;};

devShells.default = pkgs.mkShell {
packages = with pkgs; [
yarn-berry
yarn-berry.yarn-berry-fetcher
openssl
yarn
redis
];
buildInputs = with pkgs; [
nodePackages.prisma
];
YARN_ENABLE_SCRIPTS = "false";
PRISMA_SCHEMA_ENGINE_BINARY = "${pkgs.prisma-engines}/bin/schema-engine";
PRISMA_QUERY_ENGINE_BINARY = "${pkgs.prisma-engines}/bin/query-engine";
PRISMA_QUERY_ENGINE_LIBRARY = "${pkgs.prisma-engines}/lib/libquery_engine.node";
PRISMA_FMT_BINARY = "${pkgs.prisma-engines}/bin/prisma-fmt";
};
}
);
}
Loading