1 { lib, pkgs, config, ... }:
3 adminer = pkgs.callPackage ./adminer.nix {
4 inherit (pkgs.webapps) adminer;
6 ympd = pkgs.callPackage ./ympd.nix {
7 env = config.myEnv.tools.ympd;
9 ttrss = pkgs.callPackage ./ttrss.nix {
10 inherit (pkgs.webapps) ttrss ttrss-plugins;
11 env = config.myEnv.tools.ttrss;
13 kanboard = pkgs.callPackage ./kanboard.nix {
14 env = config.myEnv.tools.kanboard;
16 wallabag = pkgs.callPackage ./wallabag.nix {
17 inherit (pkgs.webapps) wallabag;
18 env = config.myEnv.tools.wallabag;
20 yourls = pkgs.callPackage ./yourls.nix {
21 inherit (pkgs.webapps) yourls yourls-plugins;
22 env = config.myEnv.tools.yourls;
24 rompr = pkgs.callPackage ./rompr.nix {
25 inherit (pkgs.webapps) rompr;
26 env = config.myEnv.tools.rompr;
28 shaarli = pkgs.callPackage ./shaarli.nix {
29 env = config.myEnv.tools.shaarli;
31 dokuwiki = pkgs.callPackage ./dokuwiki.nix {
32 inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
34 ldap = pkgs.callPackage ./ldap.nix {
35 inherit (pkgs.webapps) phpldapadmin;
36 env = config.myEnv.tools.phpldapadmin;
38 grocy = pkgs.callPackage ./grocy.nix {
39 inherit (pkgs.webapps) grocy;
41 phpbb = pkgs.callPackage ./phpbb.nix {
42 phpbb = (pkgs.webapps.phpbb.withLangs (l: [ l.fr ])).withExts (e: [
43 e.alfredoramos.markdown e.davidiq.mailinglist e.dmzx.mchat
44 e.empteintesduweb.monitoranswers e.lr94.autosubscribe
45 e.phpbbmodders.adduser ]);
47 webhooks = pkgs.callPackage ./webhooks.nix {
48 env = config.myEnv.tools.webhooks;
50 dmarc-reports = pkgs.callPackage ./dmarc_reports.nix {
51 env = config.myEnv.tools.dmarc_reports;
54 landing = pkgs.callPackage ./landing.nix {};
56 cfg = config.myServices.websites.tools.tools;
57 pcfg = config.services.phpfpm.pools;
59 options.myServices.websites.tools.tools = {
60 enable = lib.mkEnableOption "enable tools website";
63 config = lib.mkIf cfg.enable {
74 services.duplyBackup.profiles = {
75 dokuwiki = dokuwiki.backups;
76 grocy = grocy.backups;
77 kanboard = kanboard.backups;
78 rompr = rompr.backups;
79 shaarli = shaarli.backups;
80 ttrss = ttrss.backups;
81 wallabag = wallabag.backups;
82 phpbb = phpbb.backups;
85 services.websites.env.tools.modules =
87 ++ adminer.apache.modules
88 ++ ympd.apache.modules
89 ++ ttrss.apache.modules
90 ++ wallabag.apache.modules
91 ++ yourls.apache.modules
92 ++ rompr.apache.modules
93 ++ shaarli.apache.modules
94 ++ dokuwiki.apache.modules
95 ++ dmarc-reports.apache.modules
96 ++ phpbb.apache.modules
97 ++ ldap.apache.modules
98 ++ kanboard.apache.modules;
100 services.websites.env.integration.vhostConfs.devtools = {
101 certName = "integration";
102 certMainHost = "devtools.immae.eu";
104 hosts = [ "devtools.immae.eu" ];
105 root = "/var/lib/ftp/devtools.immae.eu";
110 <Directory "/var/lib/ftp/devtools.immae.eu">
111 DirectoryIndex index.php index.htm index.html
114 <FilesMatch "\.php$">
115 SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
122 services.websites.env.tools.vhostConfs.tools = {
123 certName = "eldiron";
125 hosts = ["tools.immae.eu" ];
129 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
130 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
131 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
133 <Directory "${landing}">
134 DirectoryIndex index.html
138 <FilesMatch "\.php$">
139 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
143 (adminer.apache.vhostConf pcfg.adminer.socket)
144 ympd.apache.vhostConf
145 (ttrss.apache.vhostConf pcfg.ttrss.socket)
146 (wallabag.apache.vhostConf pcfg.wallabag.socket)
147 (yourls.apache.vhostConf pcfg.yourls.socket)
148 (rompr.apache.vhostConf pcfg.rompr.socket)
149 (shaarli.apache.vhostConf pcfg.shaarli.socket)
150 (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
151 (ldap.apache.vhostConf pcfg.ldap.socket)
152 (kanboard.apache.vhostConf pcfg.kanboard.socket)
153 (grocy.apache.vhostConf pcfg.grocy.socket)
154 (phpbb.apache.vhostConf pcfg.phpbb.socket)
155 (dmarc-reports.apache.vhostConf pcfg.dmarc-reports.socket)
157 Alias /paste /var/lib/fiche
158 <Directory "/var/lib/fiche">
159 DirectoryIndex index.txt index.html
165 Alias /BIP39 /var/lib/buildbot/outputs/bip39
166 <Directory "/var/lib/buildbot/outputs/bip39">
167 DirectoryIndex index.html
172 Alias /webhooks ${config.secrets.location}/webapps/webhooks
173 <Directory "${config.secrets.location}/webapps/webhooks">
177 <FilesMatch "\.php$">
178 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
185 services.websites.env.tools.vhostConfs.outils = {
186 certName = "eldiron";
188 hosts = [ "outils.immae.eu" ];
192 RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
194 RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
196 RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
197 RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
199 RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
200 RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
201 RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
202 RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
204 RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
206 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
208 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
210 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
212 RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
219 after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
220 wants = dokuwiki.phpFpm.serviceDeps;
223 after = lib.mkAfter phpbb.phpFpm.serviceDeps;
224 wants = phpbb.phpFpm.serviceDeps;
227 after = lib.mkAfter kanboard.phpFpm.serviceDeps;
228 wants = kanboard.phpFpm.serviceDeps;
231 after = lib.mkAfter ldap.phpFpm.serviceDeps;
232 wants = ldap.phpFpm.serviceDeps;
235 after = lib.mkAfter shaarli.phpFpm.serviceDeps;
236 wants = shaarli.phpFpm.serviceDeps;
239 after = lib.mkAfter ttrss.phpFpm.serviceDeps;
240 wants = ttrss.phpFpm.serviceDeps;
243 after = lib.mkAfter wallabag.phpFpm.serviceDeps;
244 wants = wallabag.phpFpm.serviceDeps;
245 preStart = lib.mkAfter wallabag.phpFpm.preStart;
248 after = lib.mkAfter yourls.phpFpm.serviceDeps;
249 wants = yourls.phpFpm.serviceDeps;
252 description = "Standalone MPD Web GUI written in C";
253 wantedBy = [ "multi-user.target" ];
255 export MPD_PASSWORD=$(cat /var/secrets/mpd)
256 ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
260 description = "Tiny Tiny RSS feeds update daemon";
263 ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
264 StandardOutput = "syslog";
265 StandardError = "syslog";
266 PermissionsStartOnly = true;
269 wantedBy = [ "multi-user.target" ];
270 requires = ["postgresql.service"];
271 after = ["network.target" "postgresql.service"];
275 services.filesWatcher.ympd = {
277 paths = [ "/var/secrets/mpd" ];
280 services.phpfpm.pools = {
285 "listen.owner" = "wwwrun";
286 "listen.group" = "wwwrun";
288 "pm.max_children" = "60";
289 "pm.start_servers" = "2";
290 "pm.min_spare_servers" = "1";
291 "pm.max_spare_servers" = "10";
293 # Needed to avoid clashes in browser cookies (same domain)
294 "php_value[session.name]" = "ToolsPHPSESSID";
295 "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
296 "/run/wrappers/bin/sendmail" landing "/tmp"
297 "${config.secrets.location}/webapps/webhooks"
301 CONTACT_EMAIL = config.myEnv.tools.contact;
308 "listen.owner" = "wwwrun";
309 "listen.group" = "wwwrun";
311 "pm.max_children" = "60";
312 "pm.start_servers" = "2";
313 "pm.min_spare_servers" = "1";
314 "pm.max_spare_servers" = "10";
316 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
318 phpOptions = config.services.phpfpm.phpOptions + ''
319 extension=${pkgs.php}/lib/php/extensions/mysqli.so
320 extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
321 extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
322 zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
325 adminer = adminer.phpFpm;
329 settings = ttrss.phpFpm.pool;
334 settings = wallabag.phpFpm.pool;
339 settings = yourls.phpFpm.pool;
344 settings = rompr.phpFpm.pool;
349 settings = shaarli.phpFpm.pool;
354 settings = dmarc-reports.phpFpm.pool;
355 phpEnv = dmarc-reports.phpFpm.phpEnv;
356 phpOptions = config.services.phpfpm.phpOptions + ''
357 extension=${pkgs.php}/lib/php/extensions/mysqli.so
363 settings = dokuwiki.phpFpm.pool;
368 settings = phpbb.phpFpm.pool;
373 settings = ldap.phpFpm.pool;
374 phpPackage = pkgs.php72;
379 settings = kanboard.phpFpm.pool;
384 settings = grocy.phpFpm.pool;
388 system.activationScripts = {
389 adminer = adminer.activationScript;
390 grocy = grocy.activationScript;
391 ttrss = ttrss.activationScript;
392 wallabag = wallabag.activationScript;
393 yourls = yourls.activationScript;
394 rompr = rompr.activationScript;
395 shaarli = shaarli.activationScript;
396 dokuwiki = dokuwiki.activationScript;
397 phpbb = phpbb.activationScript;
398 kanboard = kanboard.activationScript;
399 ldap = ldap.activationScript;
402 services.websites.webappDirs = {
403 _adminer = adminer.webRoot;
404 "${dmarc-reports.apache.webappName}" = dmarc-reports.webRoot;
405 "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
406 "${phpbb.apache.webappName}" = phpbb.webRoot;
407 "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
408 "${rompr.apache.webappName}" = rompr.webRoot;
409 "${shaarli.apache.webappName}" = shaarli.webRoot;
410 "${ttrss.apache.webappName}" = ttrss.webRoot;
411 "${wallabag.apache.webappName}" = wallabag.webRoot;
412 "${yourls.apache.webappName}" = yourls.webRoot;
413 "${kanboard.apache.webappName}" = kanboard.webRoot;
414 "${grocy.apache.webappName}" = grocy.webRoot;
417 services.websites.env.tools.watchPaths = [
418 "/var/secrets/webapps/tools-shaarli"
420 services.filesWatcher.phpfpm-wallabag = {
422 paths = [ "/var/secrets/webapps/tools-wallabag" ];
427 port = config.myEnv.ports.fiche;
428 domain = "tools.immae.eu/paste";