matrix-authentication-service: init at 0.7.0

[teutat3s]

Description of changes

MAS (Matrix Authentication Service) is an OAuth 2.0 and OpenID Provider server for Matrix.

It has been created to support the migration of Matrix to an OpenID Connect (OIDC) based authentication layer as per MSC3861.
One can learn more about Matrix and OIDC at areweoidcyet.com.

https://github.com/matrix-org/matrix-authentication-service/releases/tag/v0.7.0

Vendoring the Cargo.lock is necessary because of a dependency they use: opa-wasm-0.1.0 (pinned to a git repo) .

Future work:
For this to be really useful, a NixOS module will be needed.

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 24.05 Release Notes (or backporting 23.05 and 23.11 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

---

Add a 👍 reaction to pull requests you find important.

[NickCao]

Actually I've packaged this before, see https://github.com/NickCao/flakes/blob/master/pkgs/matrix-authentication-service/default.nix for some ideas to steal from.

[teutat3s]

Actually I've packaged this before, see https://github.com/NickCao/flakes/blob/master/pkgs/matrix-authentication-service/default.nix for some ideas to steal from.

Thanks, I liked your version a lot and stole a lot (if not all 😄).

[NickCao]

I think we also need a nixos test for this, it's a complicated piece of software. Otherwise LGTM.

[teutat3s]

Do you mean a simple version test? In case you think of something more complex, can you point me to an example?

[NickCao]

Do you mean a simple version test? In case you think of something more complex, can you point me to an example?

Something like nixos/tests/matrix/synapse.nix, but with MAS instead of builtin authentication.

[teutat3s]

Was missing translations path.

I started something regarding module / test in this branch: teutat3s@287fbae

[adamcstephens]

@teutat3s are you planning to add the module to this PR or should we move forward with the package alone?

[teutat3s]

@adamcstephens I'm still working on the module and might be able to look into it some more in the coming week.
For me it would be fine to merge this now and add the module in a separate PR.

[adamcstephens]

Result of nixpkgs-review pr 275057 run on x86_64-linux 1

1 package built:

• matrix-authentication-service

---

Result of nixpkgs-review pr 275057 run on aarch64-darwin 1

1 package built:

• matrix-authentication-service

---

Result of nixpkgs-review pr 275057 run on x86_64-darwin 1

1 package built:

• matrix-authentication-service

---

Result of nixpkgs-review pr 275057 run on aarch64-linux 1

1 package built:

• matrix-authentication-service