]> git.immae.eu Git - perso/Immae/Config/Nix.git/blame - systems/eldiron/websites/tools/default.nix
projects / perso / Immae / Config / Nix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Move backup directory to host subdir
[perso/Immae/Config/Nix.git] / systems / eldiron / websites / tools / default.nix
CommitLineData
1a64deeb 1{ lib, pkgs, config, mypackages-lib, grocy, ... }:
10889174 2let
1a64deeb
IB		 3 composerEnv = mypackages-lib.composerEnv;
4 adminer = pkgs.callPackage ./adminer.nix { inherit config; };
4288c2f2 5 ympd = pkgs.callPackage ./ympd.nix {
ab8f306d 6 env = config.myEnv.tools.ympd;
1a64deeb 7 inherit config;
4288c2f2
IB		 8 };
9 ttrss = pkgs.callPackage ./ttrss.nix {
1a64deeb
IB		 10 ttrss = pkgs.webapps-ttrss;
11 ttrss-plugins = pkgs.webapps-ttrss-plugins;
ab8f306d 12 env = config.myEnv.tools.ttrss;
dcac3ec7 13 php = pkgs.php72;
da30ae4f 14 inherit config;
4288c2f2 15 };
4288c2f2 16 kanboard = pkgs.callPackage ./kanboard.nix {
da30ae4f 17 inherit config;
ab8f306d 18 env = config.myEnv.tools.kanboard;
4288c2f2
IB		 19 };
20 wallabag = pkgs.callPackage ./wallabag.nix {
1a64deeb
IB		 21 wallabag = pkgs.webapps-wallabag.override {
22 composerEnv = composerEnv.override {
2053ddac 23 php = pkgs.php73.withExtensions({ enabled, all }: enabled ++ [all.tidy]);
46c99b57
IB		 24 };
25 };
ab8f306d 26 env = config.myEnv.tools.wallabag;
da30ae4f 27 inherit config;
4288c2f2
IB		 28 };
29 yourls = pkgs.callPackage ./yourls.nix {
1a64deeb
IB		 30 yourls = pkgs.webapps-yourls;
31 yourls-plugins = pkgs.webapps-yourls-plugins;
ab8f306d 32 env = config.myEnv.tools.yourls;
da30ae4f 33 inherit config;
4288c2f2
IB		 34 };
35 rompr = pkgs.callPackage ./rompr.nix {
1a64deeb 36 rompr = pkgs.webapps-rompr;
ab8f306d 37 env = config.myEnv.tools.rompr;
1a64deeb 38 inherit config;
4288c2f2
IB		 39 };
40 shaarli = pkgs.callPackage ./shaarli.nix {
ab8f306d 41 env = config.myEnv.tools.shaarli;
da30ae4f 42 inherit config;
4288c2f2
IB		 43 };
44 dokuwiki = pkgs.callPackage ./dokuwiki.nix {
1a64deeb
IB		 45 dokuwiki = pkgs.webapps-dokuwiki;
46 dokuwiki-plugins = pkgs.webapps-dokuwiki-plugins;
47 inherit config;
4288c2f2
IB		 48 };
49 ldap = pkgs.callPackage ./ldap.nix {
1a64deeb 50 phpldapadmin = pkgs.webapps-phpldapadmin;
ab8f306d 51 env = config.myEnv.tools.phpldapadmin;
da30ae4f 52 inherit config;
4288c2f2 53 };
1a64deeb
IB		 54 grocy' = pkgs.callPackage ./grocy.nix {
55 grocy = grocy.override { composerEnv = composerEnv.override { php = pkgs.php72; }; };
c7627e14 56 };
a8ef1adb 57 phpbb = pkgs.callPackage ./phpbb.nix {
1a64deeb 58 phpbb = (pkgs.webapps-phpbb.withLangs (l: [ l.fr ])).withExts (e: [
a8ef1adb
IB		 59 e.alfredoramos.markdown e.davidiq.mailinglist e.dmzx.mchat
60 e.empteintesduweb.monitoranswers e.lr94.autosubscribe
61 e.phpbbmodders.adduser ]);
62 };
1a64deeb
IB		 63 webhooks-bin-env = pkgs.buildEnv {
64 name = "webhook-env";
65 paths = [ pkgs.apprise ];
66 pathsToLink = [ "/bin" ];
67 };
251c0a13
IB		 68 webhooks = pkgs.callPackage ./webhooks.nix {
69 env = config.myEnv.tools.webhooks;
1a64deeb 70 binEnv = webhooks-bin-env;
251c0a13 71 };
7df5e532
IB		 72 dmarc-reports = pkgs.callPackage ./dmarc_reports.nix {
73 env = config.myEnv.tools.dmarc_reports;
da30ae4f 74 inherit config;
7df5e532 75 };
251c0a13 76
1a64deeb 77 landing = pkgs.callPackage ./landing.nix { };
10889174 78
3cc24358
IB		 79 matrix = pkgs.element-web.override {
80 conf = {
81 default_server_config."m.homeserver" = {
d1527470 82 base_url = "https://synapse.immae.eu";
3cc24358
IB		 83 server_name = "immae.eu";
84 };
85 default_server_config."m.identity_server" = {
86 base_url = "https://vector.im";
87 };
88 room_directory.servers = [ "immae.eu" "matrix.org" ];
89 };
90 };
91
4288c2f2 92 cfg = config.myServices.websites.tools.tools;
5400b9b6 93 pcfg = config.services.phpfpm.pools;
10889174 94in {
4288c2f2 95 options.myServices.websites.tools.tools = {
10889174
IB		 96 enable = lib.mkEnableOption "enable tools website";
97 };
98
99 config = lib.mkIf cfg.enable {
1a64deeb
IB		 100 # Services needing to send e-mails
101 myServices.dns.zones."immae.eu".emailPolicies."tools".receive = true;
102 myServices.dns.zones."immae.eu".subdomains =
103 with config.myServices.dns.helpers;
104 {
105 outils = ips servers.eldiron.ips.main;
106 tools = lib.mkMerge [
97787a9d 107 (mailCommon "immae.eu" true)
1a64deeb
IB		 108 mailSend
109 (ips servers.eldiron.ips.main)
110 ];
9c0cd092 111 synapse = ips servers.zoldene.ips.main;
1a64deeb
IB		 112 };
113
1c90c0dd
IB		 114 services.borgBackup.profiles.global.ignoredPaths = [
115 "duply"
116 "kanboard"
117 "ntfy"
118 ];
119 services.borgBackup.profiles.global.includedPaths = [
120 "paste"
121 "dokuwiki/conf"
122 "dokuwiki/data"
123 "phpbb"
124 "shaarli/cache"
125 "shaarli/pagecache"
126 "shaarli/tmp"
127 ];
128
1a64deeb
IB		 129 myServices.chatonsProperties.services = {
130 adminer = adminer.chatonsProperties;
131 dokuwiki = dokuwiki.chatonsProperties;
132 shaarli = shaarli.chatonsProperties;
133 ttrss = ttrss.chatonsProperties;
134 wallabag = wallabag.chatonsProperties;
135 paste = {
136 file.datetime = "2022-08-22T00:15:00";
137 service = {
138 name = "Paste";
139 description = "A simple paster script with syntax highlight";
140 website = "https://tools.immae.eu/paste/";
141 logo = "https://assets.immae.eu/logo.jpg";
142 status.level = "OK";
143 status.description = "OK";
144 registration."" = ["MEMBER" "CLIENT"];
145 registration.load = "OPEN";
146 install.type = "PACKAGE";
147 guide.user = "https://tools.immae.eu/paste/";
148 };
149 software = {
150 name = "Paste";
151 website = "https://tools.immae.eu/paste/";
152 license.url = "https://tools.immae.eu/paste/license";
153 license.name = "MIT License";
154 version = "Unversioned";
155 source.url = "https://tools.immae.eu/paste/abcd123/py";
156 };
157 };
158 };
159 myServices.chatonsProperties.hostings = {
160 dokuwiki = dokuwiki.chatonsHostingProperties;
161 phpbb = phpbb.chatonsHostingProperties;
162 };
1a718805 163 secrets.keys =
a840a21c 164 kanboard.keys
4c4652aa
IB		 165 // ldap.keys
166 // shaarli.keys
167 // ttrss.keys
168 // wallabag.keys
169 // yourls.keys
170 // dmarc-reports.keys
1a64deeb
IB		 171 // webhooks.keys
172 // ({ "webapps/tools-landing-sql-rw" = {
173 user = "wwwrun";
174 group = "wwwrun";
175 permissions = "0400";
176 text = let
177 env = config.myEnv.tools.landing;
178 in ''
179 SetEnv PGUSER "${env.postgresql.user}"
180 SetEnv PGPASSWORD "${env.postgresql.password}"
181 SetEnv PGDATABASE "${env.postgresql.database}"
182 SetEnv PGHOST "${env.postgresql.socket}"
183 '';
184 }; });
29f8cb85 185 services.websites.env.tools.modules =
1922655a
IB		 186 [ "proxy_fcgi" ]
187 ++ adminer.apache.modules
10889174
IB		 188 ++ ympd.apache.modules
189 ++ ttrss.apache.modules
133ebaee 190 ++ wallabag.apache.modules
bfe3c9c9 191 ++ yourls.apache.modules
95b20e17 192 ++ rompr.apache.modules
b892dcbe 193 ++ shaarli.apache.modules
f80772dc 194 ++ dokuwiki.apache.modules
7df5e532 195 ++ dmarc-reports.apache.modules
a8ef1adb 196 ++ phpbb.apache.modules
d4ed0eff
IB		 197 ++ ldap.apache.modules
198 ++ kanboard.apache.modules;
10889174 199
1a64deeb
IB		 200 myServices.dns.zones."immae.dev" = with config.myServices.dns.helpers; {
201 subdomains.tools = ips servers.eldiron.ips.integration;
202 };
203 security.acme.certs.integration.domain = "tools.immae.dev";
29f8cb85 204 services.websites.env.integration.vhostConfs.devtools = {
0f71cd76 205 certName = "integration";
7c5e6fe8 206 hosts = [ "tools.immae.dev" ];
41cce84a 207 root = "/var/lib/ftp/immae/devtools";
0f71cd76 208 extraConfig = [
0aae0181 209 ''
41cce84a 210 Use Apaxy "/var/lib/ftp/immae/devtools" "title"
9338c832
IB		 211 Timeout 600
212 ProxyTimeout 600
68c45ad5 213 Header always set Content-Security-Policy-Report-Only "${config.myEnv.tools.csp_reports.policies.inline}"
41cce84a 214 <Directory "/var/lib/ftp/immae/devtools">
0aae0181
IB		 215 DirectoryIndex index.php index.htm index.html
216 AllowOverride all
217 Require all granted
218 <FilesMatch "\.php$">
5400b9b6 219 SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
0aae0181
IB		 220 </FilesMatch>
221 </Directory>
222 ''
46f30ecc
IB		 223 ];
224 };
225
1a64deeb
IB		 226
227 security.acme.certs.eldiron.extraDomainNames = [ "outils.immae.eu" "tools.immae.eu" ];
29f8cb85 228 services.websites.env.tools.vhostConfs.tools = {
10889174
IB		 229 certName = "eldiron";
230 hosts = ["tools.immae.eu" ];
a8ef1adb 231 root = landing;
10889174 232 extraConfig = [
1922655a 233 ''
ea9c6fe8 234 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
afcc5de0 235 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
3f453c7d 236 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
afcc5de0 237
251c0a13 238 <Directory "${landing}">
1a64deeb 239 Include ${config.secrets.fullPaths."webapps/tools-landing-sql-rw"}
251c0a13
IB		 240 DirectoryIndex index.html
241 AllowOverride None
242 Require all granted
243
244 <FilesMatch "\.php$">
245 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
246 </FilesMatch>
247 </Directory>
1922655a 248 ''
5400b9b6 249 (adminer.apache.vhostConf pcfg.adminer.socket)
10889174 250 ympd.apache.vhostConf
5400b9b6
IB		 251 (ttrss.apache.vhostConf pcfg.ttrss.socket)
252 (wallabag.apache.vhostConf pcfg.wallabag.socket)
253 (yourls.apache.vhostConf pcfg.yourls.socket)
254 (rompr.apache.vhostConf pcfg.rompr.socket)
255 (shaarli.apache.vhostConf pcfg.shaarli.socket)
256 (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
257 (ldap.apache.vhostConf pcfg.ldap.socket)
258 (kanboard.apache.vhostConf pcfg.kanboard.socket)
1a64deeb 259 (grocy'.apache.vhostConf pcfg.grocy.socket)
a8ef1adb 260 (phpbb.apache.vhostConf pcfg.phpbb.socket)
7df5e532 261 (dmarc-reports.apache.vhostConf pcfg.dmarc-reports.socket)
ea3b46ee 262 ''
a9f52ec5
IB		 263 <Location "/paste/">
264 ProxyPass unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
265 ProxyPassReverse unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
266 ProxyPreserveHost on
267 </Location>
268 <Location "/paste">
269 ProxyPass unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
270 ProxyPassReverse unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
271 ProxyPreserveHost on
272 </Location>
251c0a13 273
1a64deeb
IB		 274 <Location "/ntfy/">
275 SetEnv proxy-nokeepalive 1
276 SetEnv proxy-sendchunked 1
277 LimitRequestBody 102400
278
279 RewriteEngine On
280
281 # FIXME: why is landing prefixed in the url?
282 RewriteCond %{HTTP:Upgrade} websocket [NC]
283 RewriteCond %{HTTP:Connection} upgrade [NC]
284 RewriteRule ^(${landing}/ntfy)?/?(.*) unix:///run/ntfy/ntfy.sock|ws://tools.immae.eu/$2 [P,NE,QSA,L]
285
286 RewriteRule ^(${landing}/ntfy)?/?(.*) unix:///run/ntfy/ntfy.sock|http://tools.immae.eu/$2 [P,NE,QSA,L]
287 </Location>
cb589b2e
IB		 288 Alias /BIP39 /var/lib/buildbot/outputs/immae/bip39
289 <Directory "/var/lib/buildbot/outputs/immae/bip39">
251c0a13
IB		 290 DirectoryIndex index.html
291 AllowOverride None
292 Require all granted
293 </Directory>
294
da30ae4f
IB		 295 Alias /webhooks ${config.secrets.fullPaths."webapps/webhooks"}
296 <Directory "${config.secrets.fullPaths."webapps/webhooks"}">
251c0a13 297 Options -Indexes
1a64deeb 298 DirectoryIndex index.php
251c0a13
IB		 299 Require all granted
300 AllowOverride None
301 <FilesMatch "\.php$">
302 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
303 </FilesMatch>
304 </Directory>
3cc24358
IB		 305
306 Alias /matrix ${matrix}
307 <Directory "${matrix}">
308 DirectoryIndex index.html
309 AllowOverride None
310 Require all granted
311 </Directory>
ea3b46ee 312 ''
10889174
IB		 313 ];
314 };
315
29f8cb85 316 services.websites.env.tools.vhostConfs.outils = {
7df420c2 317 certName = "eldiron";
0f71cd76 318 hosts = [ "outils.immae.eu" ];
7df420c2 319 root = null;
70606070
IB		 320 extraConfig = [
321 ''
322 RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
323
324 RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
325
326 RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
327 RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
328
329 RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
330 RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
331 RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
332 RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
333
334 RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
335
afcc5de0
IB		 336 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
337
3f453c7d
IB		 338 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
339
ea9c6fe8
IB		 340 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
341
70606070
IB		 342 RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
343 ''
344 ];
345 };
346
f40f5b23
IB		 347 systemd.services = {
348 phpfpm-dokuwiki = {
349 after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
350 wants = dokuwiki.phpFpm.serviceDeps;
351 };
a8ef1adb
IB		 352 phpfpm-phpbb = {
353 after = lib.mkAfter phpbb.phpFpm.serviceDeps;
354 wants = phpbb.phpFpm.serviceDeps;
355 };
f40f5b23
IB		 356 phpfpm-kanboard = {
357 after = lib.mkAfter kanboard.phpFpm.serviceDeps;
358 wants = kanboard.phpFpm.serviceDeps;
359 };
360 phpfpm-ldap = {
361 after = lib.mkAfter ldap.phpFpm.serviceDeps;
362 wants = ldap.phpFpm.serviceDeps;
363 };
f40f5b23
IB		 364 phpfpm-shaarli = {
365 after = lib.mkAfter shaarli.phpFpm.serviceDeps;
366 wants = shaarli.phpFpm.serviceDeps;
367 };
368 phpfpm-ttrss = {
369 after = lib.mkAfter ttrss.phpFpm.serviceDeps;
370 wants = ttrss.phpFpm.serviceDeps;
371 };
372 phpfpm-wallabag = {
373 after = lib.mkAfter wallabag.phpFpm.serviceDeps;
374 wants = wallabag.phpFpm.serviceDeps;
375 preStart = lib.mkAfter wallabag.phpFpm.preStart;
376 };
377 phpfpm-yourls = {
378 after = lib.mkAfter yourls.phpFpm.serviceDeps;
379 wants = yourls.phpFpm.serviceDeps;
380 };
1a64deeb
IB		 381 ntfy = {
382 description = "send push notifications to your phone or desktop via scripts from any computer";
383 wantedBy = [ "multi-user.target" ];
384 serviceConfig = {
385 ExecStart = "${pkgs.ntfy-sh}/bin/ntfy serve --listen-http '' --listen-unix %t/ntfy/ntfy.sock --cache-file %S/ntfy/cache.db --cache-duration 120h --behind-proxy --attachment-cache-dir %S/ntfy/attachments --base-url https://tools.immae.eu/ntfy";
386 Type = "simple";
387 WorkingDirectory = "%S/ntfy";
388 RuntimeDirectory = "ntfy";
389 StateDirectory = "ntfy";
390 User = "wwwrun";
391 };
392 };
f40f5b23
IB		 393 ympd = {
394 description = "Standalone MPD Web GUI written in C";
395 wantedBy = [ "multi-user.target" ];
396 script = ''
da30ae4f 397 export MPD_PASSWORD=$(cat ${config.secrets.fullPaths."mpd"})
f40f5b23
IB		 398 ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
399 '';
400 };
401 tt-rss = {
402 description = "Tiny Tiny RSS feeds update daemon";
403 serviceConfig = {
404 User = "wwwrun";
dcac3ec7 405 ExecStart = "${pkgs.php72}/bin/php ${ttrss.webRoot}/update.php --daemon";
f40f5b23
IB		 406 StandardOutput = "syslog";
407 StandardError = "syslog";
408 PermissionsStartOnly = true;
409 };
410
411 wantedBy = [ "multi-user.target" ];
412 requires = ["postgresql.service"];
413 after = ["network.target" "postgresql.service"];
414 };
415 };
416
17f6eae9
IB		 417 services.filesWatcher.ympd = {
418 restart = true;
da30ae4f 419 paths = [ config.secrets.fullPaths."mpd" ];
17f6eae9
IB		 420 };
421
f8df6790
IB		 422 services.paste = {
423 enable = true;
424 webDirectory = "/paste";
425 };
426
441da8aa
IB		 427 services.phpfpm.pools = {
428 tools = {
5400b9b6
IB		 429 user = "wwwrun";
430 group = "wwwrun";
431 settings = {
432 "listen.owner" = "wwwrun";
433 "listen.group" = "wwwrun";
434 "pm" = "dynamic";
435 "pm.max_children" = "60";
436 "pm.start_servers" = "2";
437 "pm.min_spare_servers" = "1";
438 "pm.max_spare_servers" = "10";
f40f5b23 439
1a64deeb
IB		 440 "php_admin_value[sendmail_path]" = "/run/wrappers/bin/sendmail -t -i";
441 "php_admin_value[session.save_handler]" = "redis";
442 "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Tools:'";
5400b9b6
IB		 443 # Needed to avoid clashes in browser cookies (same domain)
444 "php_value[session.name]" = "ToolsPHPSESSID";
251c0a13 445 "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
a8ef1adb 446 "/run/wrappers/bin/sendmail" landing "/tmp"
da30ae4f 447 config.secrets.fullPaths."webapps/webhooks"
1a64deeb 448 "${webhooks-bin-env}/bin"
251c0a13
IB		 449 ];
450 };
451 phpEnv = {
452 CONTACT_EMAIL = config.myEnv.tools.contact;
5400b9b6 453 };
1a64deeb 454 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [ all.redis ]);
441da8aa
IB		 455 };
456 devtools = {
5400b9b6
IB		 457 user = "wwwrun";
458 group = "wwwrun";
459 settings = {
460 "listen.owner" = "wwwrun";
461 "listen.group" = "wwwrun";
462 "pm" = "dynamic";
463 "pm.max_children" = "60";
464 "pm.start_servers" = "2";
465 "pm.min_spare_servers" = "1";
466 "pm.max_spare_servers" = "10";
1922655a 467
1a64deeb
IB		 468 "php_admin_value[sendmail_path]" = "/run/wrappers/bin/sendmail -t -i";
469 "php_admin_value[session.save_handler]" = "redis";
470 "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Devtools:'";
41cce84a 471 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/immae/devtools:/tmp";
5400b9b6 472 };
736621e5 473 phpPackage = pkgs.php82.withExtensions({ enabled, all }: enabled ++ [all.mysqli all.sqlite3 all.redis all.apcu all.opcache ]);
441da8aa 474 };
5400b9b6 475 adminer = adminer.phpFpm;
441da8aa 476 ttrss = {
5400b9b6
IB		 477 user = "wwwrun";
478 group = "wwwrun";
479 settings = ttrss.phpFpm.pool;
1a64deeb 480 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.redis]);
441da8aa
IB		 481 };
482 wallabag = {
5400b9b6
IB		 483 user = "wwwrun";
484 group = "wwwrun";
485 settings = wallabag.phpFpm.pool;
1a64deeb 486 phpPackage = pkgs.php73.withExtensions({ enabled, all }: enabled ++ [all.tidy all.redis]);
441da8aa
IB		 487 };
488 yourls = {
5400b9b6
IB		 489 user = "wwwrun";
490 group = "wwwrun";
491 settings = yourls.phpFpm.pool;
1a64deeb 492 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.redis]);
441da8aa
IB		 493 };
494 rompr = {
5400b9b6
IB		 495 user = "wwwrun";
496 group = "wwwrun";
497 settings = rompr.phpFpm.pool;
1a64deeb 498 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.redis]);
441da8aa
IB		 499 };
500 shaarli = {
5400b9b6
IB		 501 user = "wwwrun";
502 group = "wwwrun";
503 settings = shaarli.phpFpm.pool;
1a64deeb 504 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.redis]);
441da8aa 505 };
7df5e532
IB		 506 dmarc-reports = {
507 user = "wwwrun";
508 group = "wwwrun";
509 settings = dmarc-reports.phpFpm.pool;
510 phpEnv = dmarc-reports.phpFpm.phpEnv;
1a64deeb 511 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.redis]);
7df5e532 512 };
441da8aa 513 dokuwiki = {
5400b9b6
IB		 514 user = "wwwrun";
515 group = "wwwrun";
516 settings = dokuwiki.phpFpm.pool;
1a64deeb 517 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.redis]);
441da8aa 518 };
a8ef1adb
IB		 519 phpbb = {
520 user = "wwwrun";
521 group = "wwwrun";
522 settings = phpbb.phpFpm.pool;
1a64deeb 523 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.redis]);
a8ef1adb 524 };
441da8aa 525 ldap = {
5400b9b6
IB		 526 user = "wwwrun";
527 group = "wwwrun";
528 settings = ldap.phpFpm.pool;
1a64deeb 529 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.redis]);
441da8aa
IB		 530 };
531 kanboard = {
5400b9b6
IB		 532 user = "wwwrun";
533 group = "wwwrun";
534 settings = kanboard.phpFpm.pool;
1a64deeb 535 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.redis]);
441da8aa
IB		 536 };
537 grocy = {
5400b9b6
IB		 538 user = "wwwrun";
539 group = "wwwrun";
1a64deeb
IB		 540 settings = grocy'.phpFpm.pool;
541 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.redis]);
441da8aa 542 };
10889174
IB		 543 };
544
545 system.activationScripts = {
1a64deeb 546 grocy = grocy'.activationScript;
10889174 547 ttrss = ttrss.activationScript;
aebd817b 548 wallabag = wallabag.activationScript;
bfe3c9c9 549 rompr = rompr.activationScript;
95b20e17 550 shaarli = shaarli.activationScript;
b892dcbe 551 dokuwiki = dokuwiki.activationScript;
a8ef1adb 552 phpbb = phpbb.activationScript;
d4ed0eff 553 kanboard = kanboard.activationScript;
10889174
IB		 554 };
555
29f8cb85 556 services.websites.env.tools.watchPaths = [
da30ae4f 557 config.secrets.fullPaths."webapps/tools-shaarli"
17f6eae9
IB		 558 ];
559 services.filesWatcher.phpfpm-wallabag = {
560 restart = true;
da30ae4f 561 paths = [ config.secrets.fullPaths."webapps/tools-wallabag" ];
17f6eae9 562 };
ea3b46ee 563
1a64deeb
IB		 564 myServices.monitoring.fromMasterActivatedPlugins = lib.mkMerge [
565 ttrss.monitoringPlugins
566 rompr.monitoringPlugins
567 wallabag.monitoringPlugins
568 yourls.monitoringPlugins
569 ympd.monitoringPlugins
570 dokuwiki.monitoringPlugins
571 shaarli.monitoringPlugins
572 ldap.monitoringPlugins
573 adminer.monitoringPlugins
574 ];
575 myServices.monitoring.fromMasterObjects = lib.mkMerge [
576 ttrss.monitoringObjects
577 rompr.monitoringObjects
578 wallabag.monitoringObjects
579 yourls.monitoringObjects
580 ympd.monitoringObjects
581 dokuwiki.monitoringObjects
582 shaarli.monitoringObjects
583 ldap.monitoringObjects
584 adminer.monitoringObjects
585 ];
10889174
IB		 586 };
587}
588
My infrastructure configuration