1 { lib, pkgs, config, ... }:
3 env = config.myEnv.tools.etherpad-lite;
4 cfg = config.myServices.websites.tools.etherpad-lite;
5 # Make sure we’re not rebuilding whole libreoffice just because of a
7 libreoffice = (import <nixpkgs> { overlays = []; }).libreoffice-fresh;
8 ecfg = config.services.etherpad-lite;
10 options.myServices.websites.tools.etherpad-lite = {
11 enable = lib.mkEnableOption "enable etherpad's website";
14 config = lib.mkIf cfg.enable {
15 myServices.chatonsProperties.services.etherpad = {
16 file.datetime = "2021-01-04T00:01:00";
19 description = "Éditeur de texte collaboratif en temps réel. on peut y écrire simultanément.";
20 website = "https://ether.immae.eu";
21 logo = "https://ether.immae.eu/favicon.ico";
23 status.description = "OK";
24 registration."" = ["NONE" "MEMBER" "CLIENT"];
25 registration.load = "OPEN";
26 install.type = "PACKAGE";
30 website = "https://etherpad.org/";
31 license.url = "https://github.com/ether/etherpad-lite/blob/develop/LICENSE";
32 license.name = "Apache License Version 2.0";
33 version = ecfg.package.version;
34 source.url = "https://github.com/ether/etherpad-lite";
35 modules = ecfg.package.moduleNames;
39 "webapps/tools-etherpad-apikey" = {
43 "webapps/tools-etherpad-sessionkey" = {
45 text = env.session_key;
47 "webapps/tools-etherpad" = {
52 "favicon": "favicon.ico",
53 "skinName": "colibris",
54 "skinVariants": "dark-toolbar light-background super-light-editor full-width-editor",
57 "port" : "${ecfg.sockets.node}",
58 "showSettingsInAdminPage" : false,
59 "dbType" : "postgres",
61 "user" : "${env.postgresql.user}",
62 "host" : "${env.postgresql.socket}",
63 "password": "${env.postgresql.password}",
64 "database": "${env.postgresql.database}",
68 "defaultPadText" : "Welcome to Etherpad!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nGet involved with Etherpad at http:\/\/etherpad.org\n",
73 "showLineNumbers": true,
74 "useMonospaceFont": false,
78 "alwaysShowChat": false,
79 "chatAndUsers": false,
83 "suppressErrorsInPadText" : false,
84 "requireSession" : false,
86 "sessionNoPassword" : false,
90 "soffice" : "${libreoffice}/bin/soffice",
92 "allowUnknownFileEnds" : true,
93 "requireAuthentication" : false,
94 "requireAuthorization" : false,
96 "disableIPlogging" : false,
97 "automaticReconnectionTimeout" : 0,
98 "scrollWhenFocusLineIsOutOfViewport": {
100 "editionAboveViewport": 0,
101 "editionBelowViewport": 0
104 "scrollWhenCaretIsInTheLastLineOfViewport": false,
105 "percentageToScrollWhenUserPressesArrowUp": 0
109 "password": "${env.adminPassword}",
114 "url": "ldaps://${env.ldap.host}",
115 "accountBase": "${env.ldap.base}",
116 "accountPattern": "${env.ldap.filter}",
117 "displayNameAttribute": "cn",
118 "searchDN": "${env.ldap.dn}",
119 "searchPWD": "${env.ldap.password}",
120 "groupSearchBase": "${env.ldap.base}",
121 "groupAttribute": "member",
122 "groupAttributeIsDN": true,
123 "searchScope": "sub",
124 "groupSearch": "${env.ldap.group_filter}",
125 "anonymousReadonly": false
129 "warning": "This hash is stored in database, changing anything here will not have any consequence",
131 "url": "ldaps://${env.ldap.host}",
132 "bindDN": "${env.ldap.dn}",
133 "bindCredentials": "${env.ldap.password}",
134 "searchBase": "${env.ldap.base}",
135 "searchFilter": "${env.ldap.filter}",
139 "firstname": "givenName",
145 "ep_comments_page": {
146 "displayCommentAsIcon": true,
147 "highlightSelectedText": true
149 "socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
151 "indentationOnNewLine": false,
154 ["bold", "italic", "underline", "strikethrough"],
155 ["orderedlist", "unorderedlist", "indent", "outdent"],
160 ["importexport", "timeslider", "savedrevision"],
161 ["settings", "embed"],
165 ["timeslider_export", "timeslider_returnToPad"]
169 "logconfig" : { "appenders": [ { "type": "console" } ] }
174 services.etherpad-lite = {
176 package = pkgs.webapps.etherpad-lite.withModules (p: [
177 p.ep_align p.ep_bookmark p.ep_colors p.ep_comments_page
178 p.ep_cursortrace p.ep_delete_empty_pads p.ep_embedmedia
179 p.ep_font_size p.ep_headings2 p.ep_immae_buttons p.ep_ldapauth
180 p.ep_line_height p.ep_markdown p.ep_mypads p.ep_page_view
181 p.ep_previewimages p.ep_ruler p.ep_scrollto
182 p.ep_set_title_on_pad p.ep_subscript_and_superscript
186 sessionKeyFile = config.secrets.fullPaths."webapps/tools-etherpad-sessionkey";
187 apiKeyFile = config.secrets.fullPaths."webapps/tools-etherpad-apikey";
188 configFile = config.secrets.fullPaths."webapps/tools-etherpad";
191 systemd.services.etherpad-lite.serviceConfig.SupplementaryGroups = "keys";
192 # Needed so that they get in the closure
193 systemd.services.etherpad-lite.path = [ libreoffice pkgs.html-tidy ];
195 services.filesWatcher.etherpad-lite = {
197 paths = [ ecfg.sessionKeyFile ecfg.apiKeyFile ecfg.configFile ];
200 services.websites.env.tools.modules = [
201 "headers" "proxy" "proxy_http" "proxy_wstunnel"
203 services.websites.env.tools.vhostConfs.etherpad-lite = {
204 certName = "eldiron";
206 hosts = [ "ether.immae.eu" ];
209 Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
210 RequestHeader set X-Forwarded-Proto "https"
214 RewriteCond %{REQUEST_URI} ^/socket.io [NC]
215 RewriteCond %{QUERY_STRING} transport=websocket [NC]
216 RewriteRule /(.*) unix://${ecfg.sockets.node}|ws://ether.immae.eu/$1 [P,NE,QSA,L]
218 <IfModule mod_proxy.c>
222 ProxyPass / unix://${ecfg.sockets.node}|http://ether.immae.eu/
223 ProxyPassReverse / unix://${ecfg.sockets.node}|http://ether.immae.eu/
225 Options FollowSymLinks MultiViews