package.nix: updated to build Invoice Ninja with React frontend

CHANGELOG.md

@@ -1,11 +0,0 @@
-# Changelog
-
-All notable changes to this project will be documented in this file.
-
-The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
-and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
-
-## [2024.07.04] 2024-07-04
-
-- Initial release
-

Makefile

@@ -34,14 +34,12 @@ clean: ## Clean build artifacts and shutdown running virtual machines
 	exit 0
 
 build-vm: clean ## Build virtual machine for testing
-	nixos-rebuild build-vm \
-		-I nixpkgs=http://nixos.org/channels/nixos-24.05/nixexprs.tar.xz \
-		-I nixos-config=./tests/test-config.nix
+	nix build ".#nixosConfigurations.test.config.system.build.vm"
 
 boot-vm: ## Run virtual machine in current terminal
 	QEMU_KERNEL_PARAMS=console=ttyS0 \
 	QEMU_NET_OPTS=hostfwd=tcp::8080-:80 \
-	./result/bin/run-nixos-vm \
-		-nographic; \
+	QEMU_OPTS=-nographic \
+	./result/bin/run-nixos-vm
 	reset
 

flake.lock

@@ -3,11 +3,11 @@
     "flake-compat": {
       "flake": false,
       "locked": {
-        "lastModified": 1696426674,
-        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
+        "lastModified": 1733328505,
+        "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
         "owner": "edolstra",
         "repo": "flake-compat",
-        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+        "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
         "type": "github"
       },
       "original": {
@@ -24,11 +24,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1719994518,
-        "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=",
+        "lastModified": 1733312601,
+        "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7",
+        "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
         "type": "github"
       },
       "original": {
@@ -55,11 +55,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1721042469,
-        "narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=",
+        "lastModified": 1734279981,
+        "narHash": "sha256-NdaCraHPp8iYMWzdXAt5Nv6sA3MUzlCiGiR586TCwo0=",
         "owner": "cachix",
         "repo": "git-hooks.nix",
-        "rev": "f451c19376071a90d8c58ab1a953c6e9840527fd",
+        "rev": "aa9f40c906904ebd83da78e7f328cd8aeaeae785",
         "type": "github"
       },
       "original": {
@@ -68,39 +68,21 @@
         "type": "github"
       }
     },
-    "libgit2": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1715853528,
-        "narHash": "sha256-J2rCxTecyLbbDdsyBWn9w7r3pbKRMkI9E7RvRgAqBdY=",
-        "owner": "libgit2",
-        "repo": "libgit2",
-        "rev": "36f7e21ad757a3dacc58cf7944329da6bc1d6e96",
-        "type": "github"
-      },
-      "original": {
-        "owner": "libgit2",
-        "ref": "v1.8.1",
-        "repo": "libgit2",
-        "type": "github"
-      }
-    },
     "nix": {
       "inputs": {
         "flake-compat": "flake-compat",
         "flake-parts": "flake-parts",
         "git-hooks-nix": "git-hooks-nix",
-        "libgit2": "libgit2",
         "nixpkgs": "nixpkgs",
         "nixpkgs-23-11": "nixpkgs-23-11",
         "nixpkgs-regression": "nixpkgs-regression"
       },
       "locked": {
-        "lastModified": 1735389339,
-        "narHash": "sha256-JfQXQL0MysQSfvbw7xHto9YbqZ1VQLFgus+c4KYt6xg=",
+        "lastModified": 1740432616,
+        "narHash": "sha256-2yad3RqbLhCeMK01lpSLXmeZR7J74YeBg4yNAqhzLLk=",
         "owner": "NixOS",
         "repo": "nix",
-        "rev": "8a3fc27f1b63a08ac983ee46435a56cf49ebaf4a",
+        "rev": "8384e41b7608b5ff50306d3dec6171483cf2d4cd",
         "type": "github"
       },
       "original": {
@@ -110,16 +92,16 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1723688146,
-        "narHash": "sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz+NG82pbdg=",
+        "lastModified": 1734359947,
+        "narHash": "sha256-1Noao/H+N8nFB4Beoy8fgwrcOQLVm9o4zKW1ODaqK9E=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "c3d4ac725177c030b1e289015989da2ad9d56af0",
+        "rev": "48d12d5e70ee91fe8481378e540433a7303dbf6a",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-24.05",
+        "ref": "release-24.11",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -158,11 +140,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1735264675,
-        "narHash": "sha256-MgdXpeX2GuJbtlBrH9EdsUeWl/yXEubyvxM1G+yO4Ak=",
+        "lastModified": 1740339700,
+        "narHash": "sha256-cbrw7EgQhcdFnu6iS3vane53bEagZQy/xyIkDWpCgVE=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "d49da4c08359e3c39c4e27c74ac7ac9b70085966",
+        "rev": "04ef94c4c1582fd485bbfdb8c4a8ba250e359195",
         "type": "github"
       },
       "original": {

flake.nix

@@ -1,5 +1,5 @@
 {
-  description = "An Invoice Ninja package and a module which can be added to a NixOS configuration";
+  description = "An Invoice Ninja package and module.";
 
   inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
 
@@ -18,19 +18,20 @@
           overlays = overlayList;
         }
       );
-
     in
     rec {
+      nixosConfigurations.test = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules = [ ./tests ];
+      };
 
-      # A Nixpkgs overlay that provides a 'Invoice Ninja' package.
-      overlays.default = final: prev: { invoice-ninja = final.callPackage ./package.nix { }; };
+      overlays.default = final: prev: { invoiceninja = final.callPackage ./package.nix { }; };
 
       packages = forEachSystem (system: {
-        invoice-ninja = pkgsBySystem.${system}.invoice-ninja;
-        default = pkgsBySystem.${system}.invoice-ninja;
+        invoiceninja = pkgsBySystem.${system}.invoiceninja;
+        default = pkgsBySystem.${system}.invoiceninja;
       });
 
       nixosModules = import ./nixos-module { overlays = overlayList; };
-
     };
 }

nixos-module/default.nix

@@ -1,7 +1,7 @@
 { overlays }:
 
 {
-  invoice-ninja = import ./invoice-ninja.nix;
+  invoiceninja = import ./invoiceninja.nix;
   overlayNixpkgsForThisInstance = 
     { pkgs, ... }: {
       nixpkgs = {

nixos-module/invoiceninja.nix

@@ -1,21 +1,20 @@
-{
-  config,
-  lib,
-  modulesPath,
-  options,
-  pkgs,
-  ...
+{ config
+, lib
+, modulesPath
+, options
+, pkgs
+, ...
 }:
 
 let
-  cfg = config.services.invoice-ninja;
+  cfg = config.services.invoiceninja;
   user = cfg.user;
   group = cfg.group;
-  invoice-ninja = pkgs.callPackage ../package.nix {
+  invoiceninja = pkgs.callPackage ../package.nix {
     inherit (cfg) dataDir runtimeDir;
   };
   configFormat = pkgs.formats.keyValue { };
-  configFile = pkgs.writeText "invoice-ninja-env" (lib.generators.toKeyValue { } cfg.settings);
+  configFile = pkgs.writeText "invoiceninja-env" (lib.generators.toKeyValue { } cfg.settings);
 
   # PHP environment
   phpPackage = cfg.phpPackage.buildEnv {
@@ -53,8 +52,8 @@ let
   extraPrograms = [ chromium ];
 
   # Management script
-  invoice-ninja-manage = pkgs.writeShellScriptBin "invoice-ninja-manage" ''
-    cd ${invoice-ninja}
+  invoiceninja-manage = pkgs.writeShellScriptBin "invoiceninja-manage" ''
+    cd ${invoiceninja}
     sudo=exec
     if [[ "$USER" != ${user} ]]; then
       sudo='exec /run/wrappers/bin/sudo -u ${user}'
@@ -63,10 +62,10 @@ let
   '';
 in
 {
-  options.services.invoice-ninja = {
-    enable = lib.mkEnableOption "invoice-ninja";
+  options.services.invoiceninja = {
+    enable = lib.mkEnableOption "invoiceninja";
 
-    package = lib.mkPackageOption pkgs "invoice-ninja" { };
+    package = lib.mkPackageOption pkgs "invoiceninja" { };
 
     phpPackage = lib.mkPackageOption pkgs "php82" { };
 
@@ -94,7 +93,7 @@ in
       '';
     };
 
-    msmtp.accounts.invoice-ninja = lib.mkOption {
+    msmtp.accounts.invoiceninja = lib.mkOption {
       type = lib.types.attrs;
       default = { };
       example = {
@@ -107,9 +106,9 @@ in
         passwordeval = "cat /secrets/password.txt";
       };
       description = ''
-        Define the msmtp configuration for an invoice-ninja account which
+        Define the msmtp configuration for an invoiceninja account which
         will be used by Invoice Ninja to send email message when
-        `config.services.invoice-ninja.settings.MAIL_MAILER` is `sendmail`.
+        `config.services.invoiceninja.settings.MAIL_MAILER` is `sendmail`.
 
         It is advised to use the `passwordeval` setting to read the password
         from a secret file to avoid having it written in the world-readable
@@ -125,18 +124,18 @@ in
 
     dataDir = lib.mkOption {
       type = lib.types.str;
-      default = "/var/lib/invoice-ninja";
+      default = "/var/lib/invoiceninja";
       description = ''
-        State directory of the `invoice-ninja` user which holds
+        State directory of the `invoiceninja` user which holds
         the application's state and data.
       '';
     };
 
     runtimeDir = lib.mkOption {
       type = lib.types.str;
-      default = "/run/invoice-ninja";
+      default = "/run/invoiceninja";
       description = ''
-        Rutime directory of the `invoice-ninja` user which holds
+        Rutime directory of the `invoiceninja` user which holds
         the application's caches and temporary files.
       '';
     };
@@ -207,7 +206,7 @@ in
         options = {
           APP_NAME = lib.mkOption {
             type = lib.types.str;
-            default = "Invoice Ninja";
+            default = ''"Invoice Ninja"'';
             description = "Your application name - used in client portal title banner";
           };
           APP_DEBUG = lib.mkOption {
@@ -256,13 +255,13 @@ in
           };
           MAIL_SENDMAIL_PATH = lib.mkOption {
             type = lib.types.str;
-            default = ''"/run/wrappers/bin/sendmail -t -a invoice-ninja"'';
+            default = ''"/run/wrappers/bin/sendmail -t -a invoiceninja"'';
             description = ''
               Path to sendmail along with arguments for Invoice Ninja to use when using sendmail
               as mail transport agent.
 
               :: note
-              The default value will work with the `msmtp.accounts.invoice-ninja` setting. Only
+              The default value will work with the `msmtp.accounts.invoiceninja` setting. Only
               change if you know what your doing.
               ::
             '';
@@ -294,7 +293,7 @@ in
             default =
               if cfg.redis.createLocally then "redis" else (if cfg.database.createLocally then "database" else "file");
             defaultText = lib.literalExpression ''
-              if config.services.invoice-ninja.redis.enable
+              if config.services.invoiceninja.redis.enable
               then "redis"
               else (if config.services.invoie-ninja.database.createLocally then "database" else "file")
             '';
@@ -317,7 +316,7 @@ in
             default =
               if cfg.redis.createLocally then "redis" else (if cfg.database.createLocally then "database" else "sync");
             defaultText = lib.literalExpression ''
-              if config.services.invoice-ninja.redis.enable
+              if config.services.invoiceninja.redis.enable
               then "redis"
               else (if config.services.invoie-ninja.database.createLocally then "database" else "sync")
             '';
@@ -329,7 +328,7 @@ in
               "redis"
             ];
             default = if cfg.redis.createLocally then "redis" else "file";
-            defaultText = lib.literalExpression ''if config.services.invoice-ninja.redis.enable then "redis" else "file"'';
+            defaultText = lib.literalExpression ''if config.services.invoiceninja.redis.enable then "redis" else "file"'';
             description = "Laravel cache driver for Invoice Ninja to use.";
           };
         };
@@ -337,7 +336,7 @@ in
     };
 
     adminAccount = {
-      createAdmin = lib.mkOption {
+      enable = lib.mkOption {
         type = lib.types.bool;
         default = true;
         description = ''
@@ -347,7 +346,7 @@ in
       };
       email = lib.mkOption {
         type = lib.types.str;
-        default = "example@email.com";
+        default = "admin@email.com";
         description = "Email address of the first (admin) account for this Invoice Ninja installation";
       };
       passwordFile = lib.mkOption {
@@ -423,14 +422,14 @@ in
 
     users.groups.invoiceninja = lib.mkIf (cfg.group == "invoiceninja") { };
 
-    environment.systemPackages = [ invoice-ninja-manage ] ++ extraPrograms;
+    environment.systemPackages = [ invoiceninja-manage ] ++ extraPrograms;
 
     programs.msmtp = lib.mkIf (cfg.settings.MAIL_MAILER == "sendmail") {
       inherit (cfg.msmtp) accounts;
       enable = true;
     };
 
-    services.invoice-ninja.settings = lib.mkMerge [
+    services.invoiceninja.settings = lib.mkMerge [
       ({
         APP_URL = lib.mkDefault (
           if (cfg.hostname == "localhost") then ("http://" + cfg.hostname) else ("https://" + cfg.hostname)
@@ -452,12 +451,12 @@ in
         DB_USERNAME = lib.mkDefault user;
       })
       (lib.mkIf cfg.redis.createLocally {
-        REDIS_HOST = lib.mkDefault config.services.redis.servers.invoice-ninja.bind;
-        REDIS_PORT = lib.mkDefault config.services.redis.servers.invoice-ninja.port;
+        REDIS_HOST = lib.mkDefault config.services.redis.servers.invoiceninja.bind;
+        REDIS_PORT = lib.mkDefault config.services.redis.servers.invoiceninja.port;
       })
     ];
 
-    services.phpfpm.pools.invoice-ninja = {
+    services.phpfpm.pools.invoiceninja = {
       inherit user group phpPackage;
 
       settings = {
@@ -474,7 +473,7 @@ in
       '';
     };
 
-    services.redis.servers.invoice-ninja = lib.mkIf cfg.redis.createLocally {
+    services.redis.servers.invoiceninja = lib.mkIf cfg.redis.createLocally {
       enable = true;
       port = 6379;
     };
@@ -485,7 +484,7 @@ in
     services.nginx = lib.mkIf (cfg.proxy.server == "nginx") {
       enable = true;
 
-      recommendedTlsSettings = true;
+      recommendedTlsSettings = (if (cfg.hostname == "localhost") then false else true);
       recommendedGzipSettings = true;
       recommendedProxySettings = true;
       recommendedOptimisation = true;
@@ -495,9 +494,9 @@ in
       virtualHosts."${cfg.hostname}" = lib.mkMerge [
         cfg.proxy.nginxConfig
         {
-          root = lib.mkForce "${invoice-ninja}/public";
-          addSSL = lib.mkForce true;
-          enableACME = lib.mkForce true;
+          root = lib.mkForce "${invoiceninja}/public";
+          addSSL = lib.mkForce (if (cfg.hostname == "localhost") then false else true);
+          enableACME = lib.mkForce (if (cfg.hostname == "localhost") then false else true);
           locations = {
             "/".tryFiles = "$uri $uri/ /index.php?$query_string";
             "/".extraConfig = ''
@@ -514,7 +513,7 @@ in
             '';
             "~ \\.php$".extraConfig = "return 403;";
             "= /index.php".extraConfig = ''
-              fastcgi_pass unix:${config.services.phpfpm.pools.invoice-ninja.socket};
+              fastcgi_pass unix:${config.services.phpfpm.pools.invoiceninja.socket};
             '';
             "~ /\\.ht".extraConfig = "deny all;";
           };
@@ -533,35 +532,43 @@ in
     users.users."${config.services.caddy.user}" = lib.mkIf (cfg.proxy.server == "caddy") {
       extraGroups = [ cfg.group ];
     };
-    services.caddy = lib.mkIf (cfg.proxy.server == "caddy") {
-      enable = true;
+    services.caddy = 
+      let
+        proto_hostname = (
+          if (cfg.hostname == "localhost")
+          then (cfg.hostname + ":80")
+          else (cfg.hostname + ":443")
+        );
+      in
+      lib.mkIf (cfg.proxy.server == "caddy") {
+        enable = true;
 
-      globalConfig = lib.mkIf (cfg.hostname == "localhost") ''
-        auto_https disable_redirects
-      '';
+        globalConfig = lib.mkIf (cfg.hostname == "localhost") ''
+          auto_https disable_redirects
+        '';
 
-      virtualHosts."${cfg.hostname}" = lib.mkMerge [
-        cfg.proxy.caddyConfig
-        {
-          hostName = lib.mkForce cfg.hostname;
-          extraConfig = ''
-            encode zstd gzip
-            root * ${invoice-ninja}/public
-            php_fastcgi unix/${config.services.phpfpm.pools.invoice-ninja.socket}
-            try_files {path} /index.html
-            header {
-              Access-Control-Allow-Origin "*"
-              Access-Control-Allow-Methods "*"
-              Access-Control-Max-Age "0"
-              Access-Control-Allow-Headers "X-API-COMPANY-KEY,X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Disposition,Content-Type,Range,X-CSRF-TOKEN,X-XSRF-TOKEN,X-LIVEWIRE"
-              Access-Control-Expose-Headers "X-APP-VERSION,X-MINIMUM-CLIENT-VERSION,X-CSRF-TOKEN,X-XSRF-TOKEN,X-LIVEWIRE"
-              Access-Control-Allow-Credentials false
-            }
-            file_server
-          '';
-        }
-      ];
-    };
+        virtualHosts."${proto_hostname}" = lib.mkMerge [
+          cfg.proxy.caddyConfig
+          {
+            hostName = lib.mkForce proto_hostname;
+            extraConfig = ''
+              encode zstd gzip
+              root * ${invoiceninja}/public
+              php_fastcgi unix/${config.services.phpfpm.pools.invoiceninja.socket}
+              try_files {path} /index.html
+              header {
+                Access-Control-Allow-Origin "*"
+                Access-Control-Allow-Methods "*"
+                Access-Control-Max-Age "0"
+                Access-Control-Allow-Headers "X-API-COMPANY-KEY,X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Disposition,Content-Type,Range,X-CSRF-TOKEN,X-XSRF-TOKEN,X-LIVEWIRE"
+                Access-Control-Expose-Headers "X-APP-VERSION,X-MINIMUM-CLIENT-VERSION,X-CSRF-TOKEN,X-XSRF-TOKEN,X-LIVEWIRE"
+                Access-Control-Allow-Credentials false
+              }
+              file_server
+            '';
+          }
+        ];
+      };
 
     services.mysql = lib.mkIf (cfg.database.createLocally) {
       enable = lib.mkDefault true;
@@ -577,33 +584,33 @@ in
       ];
     };
 
-    systemd.services.phpfpm-invoice-ninja.after = [ "invoice-ninja-data-setup.service" ];
-    systemd.services.phpfpm-invoice-ninja.requires = [
-      "invoice-ninja-data-setup.service"
+    systemd.services.phpfpm-invoiceninja.after = [ "invoiceninja-data-setup.service" ];
+    systemd.services.phpfpm-invoiceninja.requires = [
+      "invoiceninja-data-setup.service"
     ] ++ lib.optional cfg.database.createLocally "mysql.service";
     # Ensure chromium is available
-    systemd.services.phpfpm-invoice-ninja.path = extraPrograms;
+    systemd.services.phpfpm-invoiceninja.path = extraPrograms;
 
-    systemd.services.invoice-ninja-queue-worker = {
+    systemd.services.invoiceninja-queue-worker = {
       description = "Invoice Ninja periodic tasks";
-      after = [ "invoice-ninja-data-setup.service" ];
-      requires = [ "phpfpm-invoice-ninja.service" ];
+      after = [ "invoiceninja-data-setup.service" ];
+      requires = [ "phpfpm-invoiceninja.service" ];
       wantedBy = [ "multi-user.target" ];
-      reloadTriggers = [ invoice-ninja ];
-      reload = "${invoice-ninja-manage}/bin/invoice-ninja-manage queue:restart";
+      reloadTriggers = [ invoiceninja ];
+      reload = "${invoiceninja-manage}/bin/invoiceninja-manage queue:restart";
 
       serviceConfig = {
-        ExecStart = "${invoice-ninja-manage}/bin/invoice-ninja-manage queue:work ${
+        ExecStart = "${invoiceninja-manage}/bin/invoiceninja-manage queue:work ${
           lib.strings.optionalString (cfg.settings.QUEUE_CONNECTION == "redis") "redis"
         }";
         User = user;
         Group = group;
-        StateDirectory = lib.mkIf (cfg.dataDir == "/var/lib/invoice-ninja") "invoice-ninja";
+        StateDirectory = lib.mkIf (cfg.dataDir == "/var/lib/invoiceninja") "invoiceninja";
         Restart = "always";
       };
     };
 
-    systemd.services.invoice-ninja-data-setup = {
+    systemd.services.invoiceninja-data-setup = {
       description = "Invoice Ninja setup: migrations, environment file update, cache reload, data changes";
       wantedBy = [ "multi-user.target" ];
       after = lib.optional cfg.database.createLocally "mysql.service";
@@ -612,7 +619,7 @@ in
         with pkgs;
         [
           bash
-          invoice-ninja-manage
+          invoiceninja-manage
           rsync
           config.services.mysql.package
         ]
@@ -622,7 +629,7 @@ in
         Type = "oneshot";
         User = user;
         Group = group;
-        StateDirectory = lib.mkIf (cfg.dataDir == "/var/lib/invoice-ninja") "invoice-ninja";
+        StateDirectory = lib.mkIf (cfg.dataDir == "/var/lib/invoiceninja") "invoiceninja";
         StateDirectoryMode = "0750";
         LoadCredential = [
           "env-secrets:${cfg.secretFile}"
@@ -645,38 +652,33 @@ in
         cat "$CREDENTIALS_DIRECTORY/env-secrets" >> ${cfg.dataDir}/.env
 
         # Link the static storage (package provided) to the runtime storage
-        # Necessary for cities.json and static images.
-        rsync -av --no-perms ${invoice-ninja}/storage-static/ ${cfg.dataDir}/storage
-
-        # Link the static vendor/bin (package provided) to the runtime vendor/bin
-        # Necessary for cities.json and static images.
-        rsync -av --no-perms ${invoice-ninja}/vendor/bin-static/ ${cfg.dataDir}/vendor/bin
+        rsync -av --no-perms ${invoiceninja}/storage-static/ ${cfg.dataDir}/storage
 
         # Link the app.php in the runtime folder.
         # We cannot link the cache folder only because bootstrap folder needs to be writeable.
-        ln -sf ${invoice-ninja}/bootstrap-static/app.php ${cfg.runtimeDir}/app.php
+        ln -sf ${invoiceninja}/bootstrap-static/app.php ${cfg.runtimeDir}/app.php
 
         # Perform the first migration
-        [[ ! -f ${cfg.dataDir}/.initial-migration ]] && invoice-ninja-manage migrate --force && touch ${cfg.dataDir}/.initial-migration
+        [[ ! -f ${cfg.dataDir}/.initial-migration ]] && invoiceninja-manage migrate --force && touch ${cfg.dataDir}/.initial-migration
 
         # Seed database with records
         # Necessary for languages, currencies, countries, etc.
-        [[ ! -f ${cfg.dataDir}/.db-seeded ]] && invoice-ninja-manage db:seed --force && touch ${cfg.dataDir}/.db-seeded
+        [[ ! -f ${cfg.dataDir}/.db-seeded ]] && invoiceninja-manage db:seed --force && touch ${cfg.dataDir}/.db-seeded
 
         # Create Invoice Ninja admin account
         [[ (! -f ${cfg.dataDir}/.admin-created) && (${
-          if cfg.adminAccount.createAdmin then "true" else "false"
+          if cfg.adminAccount.enable then "true" else "false"
         } == "true") ]] \
-          && invoice-ninja-manage ninja:create-account --email=${cfg.adminAccount.email} --password=$(cat $CREDENTIALS_DIRECTORY/admin-pass) \
+          && invoiceninja-manage ninja:create-account --email=${cfg.adminAccount.email} --password=$(cat $CREDENTIALS_DIRECTORY/admin-pass) \
           && touch ${cfg.dataDir}/.admin-created
 
-        invoice-ninja-manage route:cache
-        invoice-ninja-manage view:cache
-        invoice-ninja-manage config:cache
+        invoiceninja-manage route:cache
+        invoiceninja-manage view:cache
+        invoiceninja-manage config:cache
       '';
     };
 
-    systemd.tmpfiles.settings."10-invoice-ninja" =
+    systemd.tmpfiles.settings."10-invoiceninja" =
       lib.attrsets.genAttrs
         [
           cfg.dataDir

package.json

@@ -0,0 +1,194 @@
+{
+  "name": "@invoiceninja/ui",
+  "version": "03.05.2026.1",
+  "private": true,
+  "dependencies": {
+    "@azure/msal-browser": "^3.28.1",
+    "@docuninja/builder2.0": "^0.0.90",
+    "@emotion/styled": "^11.14.0",
+    "@excalidraw/excalidraw": "^0.18.0",
+    "@fontsource/alex-brush": "^5.2.6",
+    "@fontsource/dancing-script": "^5.2.6",
+    "@fontsource/great-vibes": "^5.2.6",
+    "@fontsource/pacifico": "^5.2.6",
+    "@fontsource/satisfy": "^5.2.6",
+    "@fortawesome/fontawesome-free": "^7.0.1",
+    "@headlessui/react": "^1.7.19",
+    "@headlessui/tailwindcss": "^0.2.2",
+    "@hello-pangea/dnd": "^16.6.0",
+    "@monaco-editor/react": "^4.7.0",
+    "@react-oauth/google": "^0.12.1",
+    "@reduxjs/toolkit": "^1.9.7",
+    "@sentry/react": "^7.120.3",
+    "@sentry/tracing": "^7.120.3",
+    "@stripe/stripe-js": "^4.10.0",
+    "@tinymce/tinymce-react": "^5.1.1",
+    "@tippyjs/react": "^4.2.6",
+    "@tiptap/extension-color": "^3.11.1",
+    "@tiptap/extension-font-family": "^3.11.1",
+    "@tiptap/extension-highlight": "^3.11.1",
+    "@tiptap/extension-image": "^3.12.1",
+    "@tiptap/extension-link": "^3.11.1",
+    "@tiptap/extension-placeholder": "^3.11.1",
+    "@tiptap/extension-strike": "^3.11.1",
+    "@tiptap/extension-subscript": "^3.11.1",
+    "@tiptap/extension-superscript": "^3.11.1",
+    "@tiptap/extension-table": "^3.11.1",
+    "@tiptap/extension-table-cell": "^3.11.1",
+    "@tiptap/extension-table-header": "^3.11.1",
+    "@tiptap/extension-table-row": "^3.11.1",
+    "@tiptap/extension-task-item": "^3.11.1",
+    "@tiptap/extension-task-list": "^3.11.1",
+    "@tiptap/extension-text-align": "^3.11.1",
+    "@tiptap/extension-underline": "^3.11.1",
+    "@tiptap/react": "^3.11.1",
+    "@tiptap/starter-kit": "^3.11.1",
+    "@types/js-beautify": "^1.14.3",
+    "antd": "^5.24.3",
+    "array-move": "^4.0.0",
+    "axios": "^1.8.3",
+    "classnames": "^2.5.1",
+    "collect.js": "^4.36.1",
+    "currency.js": "^2.0.4",
+    "dayjs": "^1.11.13",
+    "deep-object-diff": "^1.1.9",
+    "dompurify": "^3.2.4",
+    "dotenv": "^16.4.7",
+    "driver.js": "^1.4.0",
+    "font-awesome": "^4.7.0",
+    "formik": "^2.4.6",
+    "grapesjs": "^0.22.13",
+    "grapesjs-blocks-basic": "^1.0.2",
+    "grapesjs-parser-postcss": "^1.0.3",
+    "grapesjs-plugin-export": "^1.0.12",
+    "grapesjs-preset-webpage": "^1.0.3",
+    "grapesjs-style-bg": "^2.0.2",
+    "grapesjs-tui-image-editor": "^1.0.2",
+    "hex-color-regex": "^1.1.0",
+    "history": "^5.3.0",
+    "i18next": "^22.5.1",
+    "jotai": "^2.12.2",
+    "js-beautify": "^1.15.4",
+    "js-sha256": "^0.11.0",
+    "katex": "^0.16.22",
+    "lodash": "^4.17.21",
+    "lodash-es": "^4.17.21",
+    "mitt": "^3.0.1",
+    "monaco-editor": "^0.53.0",
+    "papaparse": "^5.5.2",
+    "playwright": "^1.59.0",
+    "pretty-bytes": "^6.1.1",
+    "pusher-js": "^8.4.0",
+    "randexp": "^0.5.3",
+    "react": "^18.3.1",
+    "react-apple-signin-auth": "^1.1.0",
+    "react-colorful": "^5.6.1",
+    "react-date-range": "^1.4.0",
+    "react-datepicker": "^4.25.0",
+    "react-day-picker": "^9.10.0",
+    "react-debounce-input": "^3.3.0",
+    "react-dom": "^18.3.1",
+    "react-dropzone": "^14.3.8",
+    "react-feather": "^2.0.10",
+    "react-hot-toast": "^2.5.2",
+    "react-i18next": "^12.3.1",
+    "react-icons": "^4.12.0",
+    "react-image-crop": "^11.0.10",
+    "react-json-tree": "^0.20.0",
+    "react-markdown": "^10.1.0",
+    "react-number-format": "^5.4.3",
+    "react-phone-number-input": "^3.4.12",
+    "react-qr-code": "^2.0.15",
+    "react-query": "^3.39.3",
+    "react-redux": "^8.1.3",
+    "react-resizable-panels": "^2.1.7",
+    "react-responsive": "^9.0.2",
+    "react-router-dom": "^6.30.0",
+    "react-select": "^5.10.1",
+    "react-string-replace": "^1.1.1",
+    "react-turnstile": "^1.1.4",
+    "react-use": "^17.6.0",
+    "react-verification-input": "^3.3.1",
+    "recharts": "^2.15.1",
+    "rehype-raw": "^7.0.0",
+    "remove": "^0.1.5",
+    "sha256": "^0.2.0",
+    "signature_pad": "^5.0.10",
+    "socket.io-client": "^4.8.3",
+    "styled-components": "^6.1.15",
+    "tailwind-scrollbar": "^3.1.0",
+    "tiptap-extension-font-size": "^1.2.0",
+    "uuid": "^11.1.0",
+    "v": "^0.3.0",
+    "y-websocket": "^3.0.0",
+    "zustand": "^5.0.8"
+  },
+  "scripts": {
+    "dev": "vite",
+    "build": "tsc && vite build",
+    "format": "prettier --write src/",
+    "lint": "eslint src --max-warnings=0",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "prepare": "husky install",
+    "preview": "vite build && vite preview"
+  },
+  "browserslist": {
+    "production": [
+      ">0.2%",
+      "not dead",
+      "not op_mini all"
+    ],
+    "development": [
+      "last 1 chrome version",
+      "last 1 firefox version",
+      "last 1 safari version"
+    ]
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.22.0",
+    "@faker-js/faker": "^9.0.0",
+    "@playwright/test": "^1.58.2",
+    "@tailwindcss/forms": "^0.5.10",
+    "@tailwindcss/typography": "^0.5.16",
+    "@types/dompurify": "^3.2.0",
+    "@types/hex-color-regex": "^1.1.3",
+    "@types/lodash": "^4.17.16",
+    "@types/lodash-es": "^4.17.12",
+    "@types/node": "^22.19.11",
+    "@types/papaparse": "^5.3.15",
+    "@types/prettier": "^2.7.3",
+    "@types/react": "^18.3.18",
+    "@types/react-date-range": "^1.4.10",
+    "@types/react-datepicker": "^4.19.6",
+    "@types/react-dom": "^18.3.5",
+    "@types/uuid": "^9.0.8",
+    "@vitejs/plugin-react": "^5.1.0",
+    "autoprefixer": "^10.4.21",
+    "eslint": "^9.22.0",
+    "eslint-plugin-react": "^7.37.4",
+    "eslint-plugin-unused-imports": "^4.1.4",
+    "globals": "^16.0.0",
+    "husky": "^8.0.3",
+    "postcss": "^8.5.3",
+    "prettier": "^2.8.8",
+    "tailwindcss": "^3.4.17",
+    "typescript": "^5.8.2",
+    "typescript-eslint": "^8.26.1",
+    "vite": "^7.3.1",
+    "vite-tsconfig-paths": "^6.1.0",
+    "vitest": "^4.0.18"
+  },
+  "engines": {
+    "node": ">=22"
+  },
+  "engineStrict": true,
+  "type": "module",
+  "overrides": {
+    "@docuninja/builder2.0": {
+      "react": "$react",
+      "react-dom": "$react-dom"
+    },
+    "socket.io-parser": "^4.2.6"
+  }
+}

package.nix

@@ -1,62 +1,84 @@
-{ lib
-, php
-, openssl
-, writers
+{ buildNpmPackage
 , fetchFromGitHub
-, dataDir ? "/var/lib/invoice-ninja"
-, runtimeDir ? "/run/invoice-ninja"
+, importNpmLock
+, lib
+, openssl
+, php82
+, nodejs_22
+, symlinkJoin
+, writers
+, dataDir ? "/var/lib/invoiceninja"
+, runtimeDir ? "/run/invoiceninja"
 }:
 
-php.buildComposerProject (finalAttrs: {
-  pname = "invoice-ninja";
-  version = "5.11.6";
-
+let
+  pname = "invoiceninja";
+  version = "5.13.19";
+  uiVersion = "03.05.2026.1";
   src = fetchFromGitHub {
-    owner = "invoiceninja";
-    repo = "invoiceninja";
-    rev = "v${finalAttrs.version}";
-    hash = "sha256-RWkvMVerqWTNb1U2oE14rWnqImdPyShaUemlTQZf+sQ=";
+    owner = pname;
+    repo = pname;
+    rev = "v${version}";
+    hash = "sha256-PlFu9MQ4nZ2oHgSwOLffqERpZPIWkpgZ/qTqru63a9Y=";
+  };
+  uiSrc = fetchFromGitHub {
+    owner = pname;
+    repo = "ui";
+    tag = uiVersion;
+    hash = "sha256-aEqYX/YNUV5UR631X4zQyqoXSSuUqvILplV8Mm557Bc=";
   };
 
-  vendorHash = "sha256-RA7IkPXz1HdqQAyB/VIbYg3BmCnlJKLxIVtODIRmZxg=";
+  # PHP composer
+  composer = php82.buildComposerProject (finalAttrs: {
+    inherit src version;
+    pname = "${pname}-composer";
 
-  # Patch sources for more restrictive permissions
-  patches = [
-    ./disable-react-for-admin.patch
-  ];
+    vendorHash = "sha256-2CyWKlyCyoCt/WdY7Ta0oEXW2KIkGwhilHtzpBJ5Wnk=";
 
-  # Upstream composer.json has invalid license, webpatser/laravel-countries package is pointing
-  # to commit-ref, and php required in require and require-dev
-  composerStrictValidation = false;
+    # Upstream composer.json has invalid license, webpatser/laravel-countries package is pointing
+    # to commit-ref, and php required in require and require-dev
+    composerStrictValidation = false;
 
-  postInstall = ''
-    mv "$out/share/php/${finalAttrs.pname}"/* $out
-    rm -R $out/bootstrap/cache
+    postInstall = ''mv "$out/share/php/${finalAttrs.pname}"/* $out'';
+  });
+  
+  # React frontend
+  ui = buildNpmPackage {
+    pname = "${pname}-ui";
+    version = uiVersion;
+    src = uiSrc;
 
-    rm -rf $out/public/storage
+    nodejs = nodejs_22;
+  
+    #npmDepsHash = "sha256-T2/0POKcr4x98cy3rfeNyTIBZrHuLfqpC1J6nymGcys=";
 
-    # Move static contents for the NixOS module to pick it up, if needed.
-    mv $out/bootstrap $out/bootstrap-static
-    mv $out/storage $out/storage-static
-    mv $out/vendor/bin $out/vendor/bin-static
+    #npmPackFlags = [ "--ignore-scripts" ];
+    #npmInstallFlags = [ "--omit=dev" ];
 
-    # Link NixOS module files to derivation output
-    ln -s ${dataDir}/.env $out/.env
-    ln -s ${dataDir}/storage $out/
-    ln -s ${dataDir}/storage/app/public $out/public/storage
-    ln -s ${dataDir}/vendor/bin $out/vendor
-    ln -s ${runtimeDir} $out/bootstrap
-  '';
+    npmConfigHook = importNpmLock.npmConfigHook;
+    #npmDeps = importNpmLock {
+    #  package = builtins.readFile ./. + "/package.json";
+    #  packageLock = builtins.readFile ./. + "/package-lock.json";
+    #};
+    npmDeps = importNpmLock { npmRoot = ./.; };
 
-  meta = {
-    description = "Open-source, self-hosted invoicing application";
-    homepage = "https://www.invoiceninja.com/";
-    license = with lib.licenses; {
-      fullName = "Elastic License 2.0";
-      shortName = "Elastic-2.0";
-      free = false;
-    };
-    platforms = lib.platforms.all;
+    prePatch = ''
+      sed -i 's/VITE_IS_TEST=true/VITE_IS_TEST=false/' .env.example
+      cp .env.example .env
+
+      # This will make the build output a single bundle file (bundle.[hash].js)
+      cp ${composer}/vite.config.ts.react ./vite.config.js
+
+      #${npm-lockfile-fix}/bin/npm-lockfile-fix ./package-lock.json
+    '';
   };
-})
+
+  invoiceNinja = symlinkJoin {
+    name = "invoiceninja";
+    paths = [
+      composer
+      ui
+    ];
+  };
+in ui
 

shell.nix

@@ -1,26 +0,0 @@
-{ pkgs ? import <nixpkgs> { config.allowUnfree = true; }
-, lib ? import <nixpkgs/lib>
-}:
-
-let
-  # Helper script to generate an APP_KEY for .env
-  generate-invoice-ninja-app-key = pkgs.writers.writeBashBin "generate-laravel-key" ''
-    echo "APP_KEY=base64:$(${pkgs.openssl}/bin/openssl rand -base64 32)"
-  '';
-
-  # Invoice Ninja derivation
-  # Add to buildInputs to test in nix-shell environment
-  invoice-ninja = pkgs.callPackage ./default.nix {
-    inherit lib;
-    php = pkgs.php;
-    openssl = pkgs.openssl;
-    fetchFromGitHub = pkgs.fetchFromGitHub;
-  };
-in
-pkgs.mkShell {
-  buildInputs = [
-    generate-invoice-ninja-app-key
-    pkgs.nixpkgs-fmt
-  ];
-}
-  

tests/default.nix

@@ -0,0 +1,30 @@
+{ modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
+    ../nixos-module/invoiceninja.nix
+  ];
+
+  system.stateVersion = "24.11";
+
+  nixpkgs.config.allowUnfree = true;
+
+  users.users.test = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ];
+    initialPassword = "test";
+  };
+
+  services.invoiceninja = {
+    enable = true;
+    proxy.server = "caddy";
+    adminAccount.passwordFile = ./invoice_ninja_test_password;
+    secretFile = ./test.env;
+  };
+
+  networking.firewall.enable = false;
+
+  services.resolved.enable = true;
+}
+

tests/invoice_ninja_test_password

@@ -0,0 +1 @@
+password

tests/test-config.nix

@@ -1,53 +0,0 @@
-{ modulesPath, ... }:
-
-{
-  imports = [
-    (modulesPath + "/profiles/qemu-guest.nix")
-    ../invoice-ninja.nix
-  ];
-
-  system.stateVersion = "24.05";
-
-  nixpkgs.config.allowUnfree = true;
-
-  environment.etc."msmtp-password" = {
-    enable = true;
-    user = "invoiceninja";
-    group = "invoiceninja";
-    mode = "0440";
-    text = ''
-      3t5h638t3a7y7275
-
-    '';
-  };
-
-  users.users.test = {
-    isNormalUser = true;
-    extraGroups = [ "wheel" ];
-    initialPassword = "test";
-  };
-
-  services.invoice-ninja = {
-    enable = true;
-    database.createLocally = true;
-    webserver.caddy.enable = true;
-    webserver.nginx.enable = false;
-    mail.mailFromName = "Andrew Bryant";
-    adminEmail = "billing@allpawcare.com";
-    msmtp.accounts.invoice-ninja = {
-      auth = true;
-      tls = true;
-      tls_starttls = false;
-      from = "billing@allpawcare.com";
-      host = "smtp.fastmail.com";
-      port = 465;
-      user = "awkawb@awkawb.cloud";
-      passwordeval = "cat /etc/msmtp-password";
-    };
-    secretFile = ./test-secrets.env;
-  };
-
-  networking.firewall.enable = false;
-
-  services.resolved.enable = true;
-}

tests/test-password

@@ -1 +0,0 @@
-test