1 { lib, pkgs, config, ... }:
3 adminer = pkgs.callPackage ./adminer.nix {
4 inherit (pkgs.webapps) adminer;
6 ympd = pkgs.callPackage ./ympd.nix {
7 env = config.myEnv.tools.ympd;
9 ttrss = pkgs.callPackage ./ttrss.nix {
10 inherit (pkgs.webapps) ttrss ttrss-plugins;
11 env = config.myEnv.tools.ttrss;
14 kanboard = pkgs.callPackage ./kanboard.nix {
15 env = config.myEnv.tools.kanboard;
17 wallabag = pkgs.callPackage ./wallabag.nix {
18 wallabag = pkgs.webapps.wallabag.override { composerEnv = pkgs.composerEnv.override { php = pkgs.php72; }; };
19 env = config.myEnv.tools.wallabag;
21 yourls = pkgs.callPackage ./yourls.nix {
22 inherit (pkgs.webapps) yourls yourls-plugins;
23 env = config.myEnv.tools.yourls;
25 rompr = pkgs.callPackage ./rompr.nix {
26 inherit (pkgs.webapps) rompr;
27 env = config.myEnv.tools.rompr;
29 shaarli = pkgs.callPackage ./shaarli.nix {
30 env = config.myEnv.tools.shaarli;
32 dokuwiki = pkgs.callPackage ./dokuwiki.nix {
33 inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
35 ldap = pkgs.callPackage ./ldap.nix {
36 inherit (pkgs.webapps) phpldapadmin;
37 env = config.myEnv.tools.phpldapadmin;
39 grocy = pkgs.callPackage ./grocy.nix {
40 grocy = pkgs.webapps.grocy.override { composerEnv = pkgs.composerEnv.override { php = pkgs.php72; }; };
42 phpbb = pkgs.callPackage ./phpbb.nix {
43 phpbb = (pkgs.webapps.phpbb.withLangs (l: [ l.fr ])).withExts (e: [
44 e.alfredoramos.markdown e.davidiq.mailinglist e.dmzx.mchat
45 e.empteintesduweb.monitoranswers e.lr94.autosubscribe
46 e.phpbbmodders.adduser ]);
48 webhooks = pkgs.callPackage ./webhooks.nix {
49 env = config.myEnv.tools.webhooks;
51 dmarc-reports = pkgs.callPackage ./dmarc_reports.nix {
52 env = config.myEnv.tools.dmarc_reports;
55 landing = pkgs.callPackage ./landing.nix {};
57 cfg = config.myServices.websites.tools.tools;
58 pcfg = config.services.phpfpm.pools;
60 options.myServices.websites.tools.tools = {
61 enable = lib.mkEnableOption "enable tools website";
64 config = lib.mkIf cfg.enable {
75 services.duplyBackup.profiles = {
76 dokuwiki = dokuwiki.backups;
77 grocy = grocy.backups;
78 kanboard = kanboard.backups;
79 rompr = rompr.backups;
80 shaarli = shaarli.backups;
81 ttrss = ttrss.backups;
82 wallabag = wallabag.backups;
83 phpbb = phpbb.backups;
86 services.websites.env.tools.modules =
88 ++ adminer.apache.modules
89 ++ ympd.apache.modules
90 ++ ttrss.apache.modules
91 ++ wallabag.apache.modules
92 ++ yourls.apache.modules
93 ++ rompr.apache.modules
94 ++ shaarli.apache.modules
95 ++ dokuwiki.apache.modules
96 ++ dmarc-reports.apache.modules
97 ++ phpbb.apache.modules
98 ++ ldap.apache.modules
99 ++ kanboard.apache.modules;
101 services.websites.env.integration.vhostConfs.devtools = {
102 certName = "integration";
103 certMainHost = "devtools.immae.eu";
105 hosts = [ "devtools.immae.eu" ];
106 root = "/var/lib/ftp/devtools.immae.eu";
111 <Directory "/var/lib/ftp/devtools.immae.eu">
112 DirectoryIndex index.php index.htm index.html
115 <FilesMatch "\.php$">
116 SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
123 services.websites.env.tools.vhostConfs.tools = {
124 certName = "eldiron";
126 hosts = ["tools.immae.eu" ];
130 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
131 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
132 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
134 <Directory "${landing}">
135 DirectoryIndex index.html
139 <FilesMatch "\.php$">
140 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
144 (adminer.apache.vhostConf pcfg.adminer.socket)
145 ympd.apache.vhostConf
146 (ttrss.apache.vhostConf pcfg.ttrss.socket)
147 (wallabag.apache.vhostConf pcfg.wallabag.socket)
148 (yourls.apache.vhostConf pcfg.yourls.socket)
149 (rompr.apache.vhostConf pcfg.rompr.socket)
150 (shaarli.apache.vhostConf pcfg.shaarli.socket)
151 (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
152 (ldap.apache.vhostConf pcfg.ldap.socket)
153 (kanboard.apache.vhostConf pcfg.kanboard.socket)
154 (grocy.apache.vhostConf pcfg.grocy.socket)
155 (phpbb.apache.vhostConf pcfg.phpbb.socket)
156 (dmarc-reports.apache.vhostConf pcfg.dmarc-reports.socket)
158 Alias /paste /var/lib/fiche
159 <Directory "/var/lib/fiche">
160 DirectoryIndex index.txt index.html
166 Alias /BIP39 /var/lib/buildbot/outputs/bip39
167 <Directory "/var/lib/buildbot/outputs/bip39">
168 DirectoryIndex index.html
173 Alias /webhooks ${config.secrets.location}/webapps/webhooks
174 <Directory "${config.secrets.location}/webapps/webhooks">
178 <FilesMatch "\.php$">
179 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
186 services.websites.env.tools.vhostConfs.outils = {
187 certName = "eldiron";
189 hosts = [ "outils.immae.eu" ];
193 RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
195 RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
197 RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
198 RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
200 RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
201 RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
202 RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
203 RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
205 RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
207 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
209 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
211 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
213 RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
220 after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
221 wants = dokuwiki.phpFpm.serviceDeps;
224 after = lib.mkAfter phpbb.phpFpm.serviceDeps;
225 wants = phpbb.phpFpm.serviceDeps;
228 after = lib.mkAfter kanboard.phpFpm.serviceDeps;
229 wants = kanboard.phpFpm.serviceDeps;
232 after = lib.mkAfter ldap.phpFpm.serviceDeps;
233 wants = ldap.phpFpm.serviceDeps;
236 after = lib.mkAfter shaarli.phpFpm.serviceDeps;
237 wants = shaarli.phpFpm.serviceDeps;
240 after = lib.mkAfter ttrss.phpFpm.serviceDeps;
241 wants = ttrss.phpFpm.serviceDeps;
244 after = lib.mkAfter wallabag.phpFpm.serviceDeps;
245 wants = wallabag.phpFpm.serviceDeps;
246 preStart = lib.mkAfter wallabag.phpFpm.preStart;
249 after = lib.mkAfter yourls.phpFpm.serviceDeps;
250 wants = yourls.phpFpm.serviceDeps;
253 description = "Standalone MPD Web GUI written in C";
254 wantedBy = [ "multi-user.target" ];
256 export MPD_PASSWORD=$(cat /var/secrets/mpd)
257 ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
261 description = "Tiny Tiny RSS feeds update daemon";
264 ExecStart = "${pkgs.php72}/bin/php ${ttrss.webRoot}/update.php --daemon";
265 StandardOutput = "syslog";
266 StandardError = "syslog";
267 PermissionsStartOnly = true;
270 wantedBy = [ "multi-user.target" ];
271 requires = ["postgresql.service"];
272 after = ["network.target" "postgresql.service"];
276 services.filesWatcher.ympd = {
278 paths = [ "/var/secrets/mpd" ];
281 services.phpfpm.pools = {
286 "listen.owner" = "wwwrun";
287 "listen.group" = "wwwrun";
289 "pm.max_children" = "60";
290 "pm.start_servers" = "2";
291 "pm.min_spare_servers" = "1";
292 "pm.max_spare_servers" = "10";
294 # Needed to avoid clashes in browser cookies (same domain)
295 "php_value[session.name]" = "ToolsPHPSESSID";
296 "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
297 "/run/wrappers/bin/sendmail" landing "/tmp"
298 "${config.secrets.location}/webapps/webhooks"
302 CONTACT_EMAIL = config.myEnv.tools.contact;
304 phpPackage = pkgs.php72;
310 "listen.owner" = "wwwrun";
311 "listen.group" = "wwwrun";
313 "pm.max_children" = "60";
314 "pm.start_servers" = "2";
315 "pm.min_spare_servers" = "1";
316 "pm.max_spare_servers" = "10";
318 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
320 phpPackage = pkgs.php72.withExtensions(e: pkgs.php72.enabledExtensions ++ [e.mysqli e.redis e.apcu e.opcache ]);
322 adminer = adminer.phpFpm;
326 settings = ttrss.phpFpm.pool;
327 phpPackage = pkgs.php72;
332 settings = wallabag.phpFpm.pool;
333 phpPackage = pkgs.php72;
338 settings = yourls.phpFpm.pool;
339 phpPackage = pkgs.php72;
344 settings = rompr.phpFpm.pool;
345 phpPackage = pkgs.php72;
350 settings = shaarli.phpFpm.pool;
351 phpPackage = pkgs.php72;
356 settings = dmarc-reports.phpFpm.pool;
357 phpEnv = dmarc-reports.phpFpm.phpEnv;
358 phpPackage = pkgs.php72;
363 settings = dokuwiki.phpFpm.pool;
364 phpPackage = pkgs.php72;
369 settings = phpbb.phpFpm.pool;
370 phpPackage = pkgs.php72;
375 settings = ldap.phpFpm.pool;
376 phpPackage = pkgs.php72;
381 settings = kanboard.phpFpm.pool;
382 phpPackage = pkgs.php72;
387 settings = grocy.phpFpm.pool;
388 phpPackage = pkgs.php72;
392 system.activationScripts = {
393 adminer = adminer.activationScript;
394 grocy = grocy.activationScript;
395 ttrss = ttrss.activationScript;
396 wallabag = wallabag.activationScript;
397 yourls = yourls.activationScript;
398 rompr = rompr.activationScript;
399 shaarli = shaarli.activationScript;
400 dokuwiki = dokuwiki.activationScript;
401 phpbb = phpbb.activationScript;
402 kanboard = kanboard.activationScript;
403 ldap = ldap.activationScript;
406 services.websites.webappDirs = {
407 _adminer = adminer.webRoot;
408 "${dmarc-reports.apache.webappName}" = dmarc-reports.webRoot;
409 "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
410 "${phpbb.apache.webappName}" = phpbb.webRoot;
411 "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
412 "${rompr.apache.webappName}" = rompr.webRoot;
413 "${shaarli.apache.webappName}" = shaarli.webRoot;
414 "${ttrss.apache.webappName}" = ttrss.webRoot;
415 "${wallabag.apache.webappName}" = wallabag.webRoot;
416 "${yourls.apache.webappName}" = yourls.webRoot;
417 "${kanboard.apache.webappName}" = kanboard.webRoot;
418 "${grocy.apache.webappName}" = grocy.webRoot;
421 services.websites.env.tools.watchPaths = [
422 "/var/secrets/webapps/tools-shaarli"
424 services.filesWatcher.phpfpm-wallabag = {
426 paths = [ "/var/secrets/webapps/tools-wallabag" ];
431 port = config.myEnv.ports.fiche;
432 domain = "tools.immae.eu/paste";