1 { lib, pkgs, config, ... }:
3 env = config.myEnv.tools.etherpad-lite;
4 cfg = config.myServices.websites.tools.etherpad-lite;
5 # Make sure we’re not rebuilding whole libreoffice just because of a
7 libreoffice = (import <nixpkgs> { overlays = []; }).libreoffice-fresh;
8 ecfg = config.services.etherpad-lite;
10 options.myServices.websites.tools.etherpad-lite = {
11 enable = lib.mkEnableOption "enable etherpad's website";
14 config = lib.mkIf cfg.enable {
15 myServices.chatonsProperties.services.etherpad = {
16 file.datetime = "2021-01-04T00:01:00";
19 description = "Éditeur de texte collaboratif en temps réel. on peut y écrire simultanément.";
20 website = "https://ether.immae.eu";
21 logo = "https://ether.immae.eu/favicon.ico";
23 status.description = "OK";
24 registration."" = ["NONE" "MEMBER" "CLIENT"];
25 registration.load = "OPEN";
26 install.type = "PACKAGE";
30 website = "https://etherpad.org/";
31 license.url = "https://github.com/ether/etherpad-lite/blob/develop/LICENSE";
32 license.name = "Apache License Version 2.0";
33 version = ecfg.package.version;
34 source.url = "https://github.com/ether/etherpad-lite";
35 modules = ecfg.package.moduleNames;
39 "webapps/tools-etherpad-apikey" = {
43 "webapps/tools-etherpad-sessionkey" = {
45 text = env.session_key;
47 "webapps/tools-etherpad" = {
52 "favicon": "favicon.ico",
53 "skinName": "colibris",
54 "skinVariants": "dark-toolbar light-background super-light-editor full-width-editor",
57 "port" : "${ecfg.sockets.node}",
58 "showSettingsInAdminPage" : false,
59 "dbType" : "postgres",
61 "user" : "${env.postgresql.user}",
62 "host" : "${env.postgresql.socket}",
63 "password": "${env.postgresql.password}",
64 "database": "${env.postgresql.database}",
68 "defaultPadText" : "Welcome to Etherpad!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nGet involved with Etherpad at http:\/\/etherpad.org\n",
73 "showLineNumbers": true,
74 "useMonospaceFont": false,
78 "alwaysShowChat": false,
79 "chatAndUsers": false,
83 "suppressErrorsInPadText" : false,
84 "requireSession" : false,
86 "sessionNoPassword" : false,
90 "soffice" : "${libreoffice}/bin/soffice",
92 "allowUnknownFileEnds" : true,
93 "requireAuthentication" : false,
94 "requireAuthorization" : false,
96 "disableIPlogging" : false,
97 "automaticReconnectionTimeout" : 0,
98 "scrollWhenFocusLineIsOutOfViewport": {
100 "editionAboveViewport": 0,
101 "editionBelowViewport": 0
104 "scrollWhenCaretIsInTheLastLineOfViewport": false,
105 "percentageToScrollWhenUserPressesArrowUp": 0
109 "password": "${env.adminPassword}",
114 "url": "ldaps://${env.ldap.host}",
115 "accountBase": "${env.ldap.base}",
116 "accountPattern": "${env.ldap.filter}",
117 "displayNameAttribute": "cn",
118 "searchDN": "${env.ldap.dn}",
119 "searchPWD": "${env.ldap.password}",
120 "groupSearchBase": "${env.ldap.base}",
121 "groupAttribute": "member",
122 "groupAttributeIsDN": true,
123 "searchScope": "sub",
124 "groupSearch": "${env.ldap.group_filter}",
125 "anonymousReadonly": false
129 "warning": "This hash is stored in database, changing anything here will not have any consequence",
131 "url": "ldaps://${env.ldap.host}",
132 "bindDN": "${env.ldap.dn}",
133 "bindCredentials": "${env.ldap.password}",
134 "searchBase": "${env.ldap.base}",
135 "searchFilter": "${env.ldap.filter}",
139 "firstname": "givenName",
145 "ep_comments_page": {
146 "displayCommentAsIcon": true,
147 "highlightSelectedText": true
149 "socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
151 "indentationOnNewLine": false,
154 ["bold", "italic", "underline", "strikethrough"],
155 ["orderedlist", "unorderedlist", "indent", "outdent"],
160 ["importexport", "timeslider", "savedrevision"],
161 ["settings", "embed"],
165 ["timeslider_export", "timeslider_returnToPad"]
169 "logconfig" : { "appenders": [ { "type": "console" } ] }
174 services.etherpad-lite = {
176 package = pkgs.webapps.etherpad-lite.withModules (p: [
177 p.ep_align p.ep_bookmark p.ep_colors p.ep_comments_page
178 p.ep_cursortrace p.ep_delete_empty_pads p.ep_embedmedia
179 p.ep_font_size p.ep_headings2 p.ep_immae_buttons p.ep_ldapauth
180 p.ep_line_height p.ep_markdown p.ep_mypads p.ep_page_view
181 p.ep_previewimages p.ep_ruler p.ep_scrollto
182 p.ep_set_title_on_pad p.ep_subscript_and_superscript
186 sessionKeyFile = config.secrets.fullPaths."webapps/tools-etherpad-sessionkey";
187 apiKeyFile = config.secrets.fullPaths."webapps/tools-etherpad-apikey";
188 configFile = config.secrets.fullPaths."webapps/tools-etherpad";
191 systemd.services.etherpad-lite.serviceConfig.SupplementaryGroups = "keys";
192 systemd.services.etherpad-lite-cleanup.serviceConfig.SupplementaryGroups = "keys";
193 # Needed so that they get in the closure
194 systemd.services.etherpad-lite.path = [ libreoffice pkgs.html-tidy ];
196 services.filesWatcher.etherpad-lite = {
198 paths = [ ecfg.sessionKeyFile ecfg.apiKeyFile ecfg.configFile ];
201 services.websites.env.tools.modules = [
202 "headers" "proxy" "proxy_http" "proxy_wstunnel"
204 services.websites.env.tools.vhostConfs.etherpad-lite = {
205 certName = "eldiron";
207 hosts = [ "ether.immae.eu" ];
210 Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
211 RequestHeader set X-Forwarded-Proto "https"
215 RewriteCond %{REQUEST_URI} ^/socket.io [NC]
216 RewriteCond %{QUERY_STRING} transport=websocket [NC]
217 RewriteRule /(.*) unix://${ecfg.sockets.node}|ws://ether.immae.eu/$1 [P,NE,QSA,L]
219 <IfModule mod_proxy.c>
223 ProxyPass / unix://${ecfg.sockets.node}|http://ether.immae.eu/
224 ProxyPassReverse / unix://${ecfg.sockets.node}|http://ether.immae.eu/
226 Options FollowSymLinks MultiViews