1 { lib, pkgs, config, ... }:
3 flakeCompat = import ../../../../../lib/flake-compat.nix;
5 adminer = pkgs.callPackage ./adminer.nix {};
6 ympd = pkgs.callPackage ./ympd.nix {
7 env = config.myEnv.tools.ympd;
9 ttrss = pkgs.callPackage ./ttrss.nix {
10 inherit (pkgs.webapps) ttrss ttrss-plugins;
11 env = config.myEnv.tools.ttrss;
15 kanboard = pkgs.callPackage ./kanboard.nix {
17 env = config.myEnv.tools.kanboard;
19 wallabag = pkgs.callPackage ./wallabag.nix {
20 wallabag = pkgs.webapps.wallabag.override {
21 composerEnv = pkgs.composerEnv.override {
22 php = pkgs.php73.withExtensions({ enabled, all }: enabled ++ [all.tidy]);
25 env = config.myEnv.tools.wallabag;
28 yourls = pkgs.callPackage ./yourls.nix {
29 inherit (pkgs.webapps) yourls yourls-plugins;
30 env = config.myEnv.tools.yourls;
33 rompr = pkgs.callPackage ./rompr.nix {
34 inherit (pkgs.webapps) rompr;
35 env = config.myEnv.tools.rompr;
37 shaarli = pkgs.callPackage ./shaarli.nix {
38 env = config.myEnv.tools.shaarli;
41 dokuwiki = pkgs.callPackage ./dokuwiki.nix {
42 inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
44 ldap = pkgs.callPackage ./ldap.nix {
45 inherit (pkgs.webapps) phpldapadmin;
46 env = config.myEnv.tools.phpldapadmin;
49 grocy = pkgs.callPackage ./grocy.nix {
50 grocy = pkgs.webapps.grocy.override { composerEnv = pkgs.composerEnv.override { php = pkgs.php72; }; };
52 phpbb = pkgs.callPackage ./phpbb.nix {
53 phpbb = (pkgs.webapps.phpbb.withLangs (l: [ l.fr ])).withExts (e: [
54 e.alfredoramos.markdown e.davidiq.mailinglist e.dmzx.mchat
55 e.empteintesduweb.monitoranswers e.lr94.autosubscribe
56 e.phpbbmodders.adduser ]);
58 webhooks-bin-env = pkgs.buildEnv {
60 paths = [ pkgs.apprise ];
61 pathsToLink = [ "/bin" ];
63 webhooks = pkgs.callPackage ./webhooks.nix {
64 env = config.myEnv.tools.webhooks;
65 binEnv = webhooks-bin-env;
67 dmarc-reports = pkgs.callPackage ./dmarc_reports.nix {
68 env = config.myEnv.tools.dmarc_reports;
72 landing = pkgs.callPackage ./landing.nix {};
74 cfg = config.myServices.websites.tools.tools;
75 pcfg = config.services.phpfpm.pools;
78 builtins.attrValues (flakeCompat ../../../../../flakes/private/paste).nixosModules;
80 options.myServices.websites.tools.tools = {
81 enable = lib.mkEnableOption "enable tools website";
84 config = lib.mkIf cfg.enable {
85 myServices.chatonsProperties.services = {
86 dokuwiki = dokuwiki.chatonsProperties;
87 shaarli = shaarli.chatonsProperties;
88 ttrss = ttrss.chatonsProperties;
89 wallabag = wallabag.chatonsProperties;
91 file.datetime = "2022-08-22T00:15:00";
94 description = "A simple paster script with syntax highlight";
95 website = "https://tools.immae.eu/paste/";
96 logo = "https://assets.immae.eu/logo.jpg";
98 status.description = "OK";
99 registration."" = ["MEMBER" "CLIENT"];
100 registration.load = "OPEN";
101 install.type = "PACKAGE";
102 guide.user = "https://tools.immae.eu/paste/";
106 website = "https://tools.immae.eu/paste/";
107 license.url = "https://tools.immae.eu/paste/license";
108 license.name = "MIT License";
109 version = "Unversioned";
110 source.url = "https://tools.immae.eu/paste/abcd123/py";
114 myServices.chatonsProperties.hostings = {
115 dokuwiki = dokuwiki.chatonsHostingProperties;
116 phpbb = phpbb.chatonsHostingProperties;
125 // dmarc-reports.keys
128 services.websites.env.tools.modules =
130 ++ adminer.apache.modules
131 ++ ympd.apache.modules
132 ++ ttrss.apache.modules
133 ++ wallabag.apache.modules
134 ++ yourls.apache.modules
135 ++ rompr.apache.modules
136 ++ shaarli.apache.modules
137 ++ dokuwiki.apache.modules
138 ++ dmarc-reports.apache.modules
139 ++ phpbb.apache.modules
140 ++ ldap.apache.modules
141 ++ kanboard.apache.modules;
143 services.websites.env.integration.vhostConfs.devtools = {
144 certName = "integration";
145 certMainHost = "tools.immae.dev";
147 hosts = [ "tools.immae.dev" ];
148 root = "/var/lib/ftp/immae/devtools";
151 Use Apaxy "/var/lib/ftp/immae/devtools" "title"
154 Header always set Content-Security-Policy-Report-Only "${config.myEnv.tools.csp_reports.policies.inline}"
155 <Directory "/var/lib/ftp/immae/devtools">
156 DirectoryIndex index.php index.htm index.html
159 <FilesMatch "\.php$">
160 SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
167 services.websites.env.tools.vhostConfs.tools = {
168 certName = "eldiron";
170 hosts = ["tools.immae.eu" ];
174 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
175 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
176 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
178 <Directory "${landing}">
179 DirectoryIndex index.html
183 <FilesMatch "\.php$">
184 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
188 (adminer.apache.vhostConf pcfg.adminer.socket)
189 ympd.apache.vhostConf
190 (ttrss.apache.vhostConf pcfg.ttrss.socket)
191 (wallabag.apache.vhostConf pcfg.wallabag.socket)
192 (yourls.apache.vhostConf pcfg.yourls.socket)
193 (rompr.apache.vhostConf pcfg.rompr.socket)
194 (shaarli.apache.vhostConf pcfg.shaarli.socket)
195 (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
196 (ldap.apache.vhostConf pcfg.ldap.socket)
197 (kanboard.apache.vhostConf pcfg.kanboard.socket)
198 (grocy.apache.vhostConf pcfg.grocy.socket)
199 (phpbb.apache.vhostConf pcfg.phpbb.socket)
200 (dmarc-reports.apache.vhostConf pcfg.dmarc-reports.socket)
203 ProxyPass unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
204 ProxyPassReverse unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
208 ProxyPass unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
209 ProxyPassReverse unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
213 Alias /BIP39 /var/lib/buildbot/outputs/immae/bip39
214 <Directory "/var/lib/buildbot/outputs/immae/bip39">
215 DirectoryIndex index.html
220 Alias /webhooks ${config.secrets.fullPaths."webapps/webhooks"}
221 <Directory "${config.secrets.fullPaths."webapps/webhooks"}">
223 DirectoryIndex index.php
226 <FilesMatch "\.php$">
227 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
234 services.websites.env.tools.vhostConfs.outils = {
235 certName = "eldiron";
237 hosts = [ "outils.immae.eu" ];
241 RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
243 RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
245 RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
246 RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
248 RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
249 RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
250 RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
251 RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
253 RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
255 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
257 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
259 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
261 RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
268 after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
269 wants = dokuwiki.phpFpm.serviceDeps;
272 after = lib.mkAfter phpbb.phpFpm.serviceDeps;
273 wants = phpbb.phpFpm.serviceDeps;
276 after = lib.mkAfter kanboard.phpFpm.serviceDeps;
277 wants = kanboard.phpFpm.serviceDeps;
280 after = lib.mkAfter ldap.phpFpm.serviceDeps;
281 wants = ldap.phpFpm.serviceDeps;
284 after = lib.mkAfter shaarli.phpFpm.serviceDeps;
285 wants = shaarli.phpFpm.serviceDeps;
288 after = lib.mkAfter ttrss.phpFpm.serviceDeps;
289 wants = ttrss.phpFpm.serviceDeps;
292 after = lib.mkAfter wallabag.phpFpm.serviceDeps;
293 wants = wallabag.phpFpm.serviceDeps;
294 preStart = lib.mkAfter wallabag.phpFpm.preStart;
297 after = lib.mkAfter yourls.phpFpm.serviceDeps;
298 wants = yourls.phpFpm.serviceDeps;
301 description = "Standalone MPD Web GUI written in C";
302 wantedBy = [ "multi-user.target" ];
304 export MPD_PASSWORD=$(cat ${config.secrets.fullPaths."mpd"})
305 ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
309 description = "Tiny Tiny RSS feeds update daemon";
312 ExecStart = "${pkgs.php72}/bin/php ${ttrss.webRoot}/update.php --daemon";
313 StandardOutput = "syslog";
314 StandardError = "syslog";
315 PermissionsStartOnly = true;
318 wantedBy = [ "multi-user.target" ];
319 requires = ["postgresql.service"];
320 after = ["network.target" "postgresql.service"];
324 services.filesWatcher.ympd = {
326 paths = [ config.secrets.fullPaths."mpd" ];
329 services.phpfpm.pools = {
334 "listen.owner" = "wwwrun";
335 "listen.group" = "wwwrun";
337 "pm.max_children" = "60";
338 "pm.start_servers" = "2";
339 "pm.min_spare_servers" = "1";
340 "pm.max_spare_servers" = "10";
342 # Needed to avoid clashes in browser cookies (same domain)
343 "php_value[session.name]" = "ToolsPHPSESSID";
344 "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
345 "/run/wrappers/bin/sendmail" landing "/tmp"
346 config.secrets.fullPaths."webapps/webhooks"
347 "${webhooks-bin-env}/bin"
351 CONTACT_EMAIL = config.myEnv.tools.contact;
353 phpPackage = pkgs.php72;
359 "listen.owner" = "wwwrun";
360 "listen.group" = "wwwrun";
362 "pm.max_children" = "60";
363 "pm.start_servers" = "2";
364 "pm.min_spare_servers" = "1";
365 "pm.max_spare_servers" = "10";
367 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/immae/devtools:/tmp";
369 phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [all.mysqli all.redis all.apcu all.opcache ]);
371 adminer = adminer.phpFpm;
375 settings = ttrss.phpFpm.pool;
376 phpPackage = pkgs.php72;
381 settings = wallabag.phpFpm.pool;
382 phpPackage = pkgs.php73.withExtensions({ enabled, all }: enabled ++ [all.tidy]);
387 settings = yourls.phpFpm.pool;
388 phpPackage = pkgs.php72;
393 settings = rompr.phpFpm.pool;
394 phpPackage = pkgs.php72;
399 settings = shaarli.phpFpm.pool;
400 phpPackage = pkgs.php72;
405 settings = dmarc-reports.phpFpm.pool;
406 phpEnv = dmarc-reports.phpFpm.phpEnv;
407 phpPackage = pkgs.php72;
412 settings = dokuwiki.phpFpm.pool;
413 phpPackage = pkgs.php72;
418 settings = phpbb.phpFpm.pool;
419 phpPackage = pkgs.php72;
424 settings = ldap.phpFpm.pool;
425 phpPackage = pkgs.php72;
430 settings = kanboard.phpFpm.pool;
431 phpPackage = pkgs.php72;
436 settings = grocy.phpFpm.pool;
437 phpPackage = pkgs.php72;
441 system.activationScripts = {
442 adminer = adminer.activationScript;
443 grocy = grocy.activationScript;
444 ttrss = ttrss.activationScript;
445 wallabag = wallabag.activationScript;
446 yourls = yourls.activationScript;
447 rompr = rompr.activationScript;
448 shaarli = shaarli.activationScript;
449 dokuwiki = dokuwiki.activationScript;
450 phpbb = phpbb.activationScript;
451 kanboard = kanboard.activationScript;
452 ldap = ldap.activationScript;
455 services.websites.env.tools.watchPaths = [
456 config.secrets.fullPaths."webapps/tools-shaarli"
458 services.filesWatcher.phpfpm-wallabag = {
460 paths = [ config.secrets.fullPaths."webapps/tools-wallabag" ];