1 { lib, pkgs, config, ... }:
3 adminer = pkgs.callPackage ./adminer.nix {
4 inherit (pkgs.webapps) adminer;
6 ympd = pkgs.callPackage ./ympd.nix {
7 env = config.myEnv.tools.ympd;
9 ttrss = pkgs.callPackage ./ttrss.nix {
10 inherit (pkgs.webapps) ttrss ttrss-plugins;
11 env = config.myEnv.tools.ttrss;
14 kanboard = pkgs.callPackage ./kanboard.nix {
15 env = config.myEnv.tools.kanboard;
17 wallabag = pkgs.callPackage ./wallabag.nix {
18 wallabag = pkgs.webapps.wallabag.override {
19 composerEnv = pkgs.composerEnv.override {
20 php = pkgs.php73.withExtensions(e: pkgs.php73.enabledExtensions ++ [e.tidy]);
23 env = config.myEnv.tools.wallabag;
25 yourls = pkgs.callPackage ./yourls.nix {
26 inherit (pkgs.webapps) yourls yourls-plugins;
27 env = config.myEnv.tools.yourls;
29 rompr = pkgs.callPackage ./rompr.nix {
30 inherit (pkgs.webapps) rompr;
31 env = config.myEnv.tools.rompr;
33 shaarli = pkgs.callPackage ./shaarli.nix {
34 env = config.myEnv.tools.shaarli;
36 dokuwiki = pkgs.callPackage ./dokuwiki.nix {
37 inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
39 ldap = pkgs.callPackage ./ldap.nix {
40 inherit (pkgs.webapps) phpldapadmin;
41 env = config.myEnv.tools.phpldapadmin;
43 grocy = pkgs.callPackage ./grocy.nix {
44 grocy = pkgs.webapps.grocy.override { composerEnv = pkgs.composerEnv.override { php = pkgs.php72; }; };
46 phpbb = pkgs.callPackage ./phpbb.nix {
47 phpbb = (pkgs.webapps.phpbb.withLangs (l: [ l.fr ])).withExts (e: [
48 e.alfredoramos.markdown e.davidiq.mailinglist e.dmzx.mchat
49 e.empteintesduweb.monitoranswers e.lr94.autosubscribe
50 e.phpbbmodders.adduser ]);
52 webhooks = pkgs.callPackage ./webhooks.nix {
53 env = config.myEnv.tools.webhooks;
55 dmarc-reports = pkgs.callPackage ./dmarc_reports.nix {
56 env = config.myEnv.tools.dmarc_reports;
59 landing = pkgs.callPackage ./landing.nix {};
61 cfg = config.myServices.websites.tools.tools;
62 pcfg = config.services.phpfpm.pools;
64 options.myServices.websites.tools.tools = {
65 enable = lib.mkEnableOption "enable tools website";
68 config = lib.mkIf cfg.enable {
79 services.duplyBackup.profiles = {
80 dokuwiki = dokuwiki.backups;
81 grocy = grocy.backups;
82 kanboard = kanboard.backups;
83 rompr = rompr.backups;
84 shaarli = shaarli.backups;
85 ttrss = ttrss.backups;
86 wallabag = wallabag.backups;
87 phpbb = phpbb.backups;
90 services.websites.env.tools.modules =
92 ++ adminer.apache.modules
93 ++ ympd.apache.modules
94 ++ ttrss.apache.modules
95 ++ wallabag.apache.modules
96 ++ yourls.apache.modules
97 ++ rompr.apache.modules
98 ++ shaarli.apache.modules
99 ++ dokuwiki.apache.modules
100 ++ dmarc-reports.apache.modules
101 ++ phpbb.apache.modules
102 ++ ldap.apache.modules
103 ++ kanboard.apache.modules;
105 services.websites.env.integration.vhostConfs.devtools = {
106 certName = "integration";
107 certMainHost = "devtools.immae.eu";
109 hosts = [ "devtools.immae.eu" ];
110 root = "/var/lib/ftp/devtools.immae.eu";
115 <Directory "/var/lib/ftp/devtools.immae.eu">
116 DirectoryIndex index.php index.htm index.html
119 <FilesMatch "\.php$">
120 SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
127 services.websites.env.tools.vhostConfs.tools = {
128 certName = "eldiron";
130 hosts = ["tools.immae.eu" ];
134 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
135 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
136 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
138 <Directory "${landing}">
139 DirectoryIndex index.html
143 <FilesMatch "\.php$">
144 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
148 (adminer.apache.vhostConf pcfg.adminer.socket)
149 ympd.apache.vhostConf
150 (ttrss.apache.vhostConf pcfg.ttrss.socket)
151 (wallabag.apache.vhostConf pcfg.wallabag.socket)
152 (yourls.apache.vhostConf pcfg.yourls.socket)
153 (rompr.apache.vhostConf pcfg.rompr.socket)
154 (shaarli.apache.vhostConf pcfg.shaarli.socket)
155 (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
156 (ldap.apache.vhostConf pcfg.ldap.socket)
157 (kanboard.apache.vhostConf pcfg.kanboard.socket)
158 (grocy.apache.vhostConf pcfg.grocy.socket)
159 (phpbb.apache.vhostConf pcfg.phpbb.socket)
160 (dmarc-reports.apache.vhostConf pcfg.dmarc-reports.socket)
162 Alias /paste /var/lib/fiche
163 <Directory "/var/lib/fiche">
164 DirectoryIndex index.txt index.html
170 Alias /BIP39 /var/lib/buildbot/outputs/bip39
171 <Directory "/var/lib/buildbot/outputs/bip39">
172 DirectoryIndex index.html
177 Alias /webhooks ${config.secrets.location}/webapps/webhooks
178 <Directory "${config.secrets.location}/webapps/webhooks">
182 <FilesMatch "\.php$">
183 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
190 services.websites.env.tools.vhostConfs.outils = {
191 certName = "eldiron";
193 hosts = [ "outils.immae.eu" ];
197 RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
199 RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
201 RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
202 RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
204 RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
205 RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
206 RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
207 RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
209 RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
211 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
213 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
215 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
217 RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
224 after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
225 wants = dokuwiki.phpFpm.serviceDeps;
228 after = lib.mkAfter phpbb.phpFpm.serviceDeps;
229 wants = phpbb.phpFpm.serviceDeps;
232 after = lib.mkAfter kanboard.phpFpm.serviceDeps;
233 wants = kanboard.phpFpm.serviceDeps;
236 after = lib.mkAfter ldap.phpFpm.serviceDeps;
237 wants = ldap.phpFpm.serviceDeps;
240 after = lib.mkAfter shaarli.phpFpm.serviceDeps;
241 wants = shaarli.phpFpm.serviceDeps;
244 after = lib.mkAfter ttrss.phpFpm.serviceDeps;
245 wants = ttrss.phpFpm.serviceDeps;
248 after = lib.mkAfter wallabag.phpFpm.serviceDeps;
249 wants = wallabag.phpFpm.serviceDeps;
250 preStart = lib.mkAfter wallabag.phpFpm.preStart;
253 after = lib.mkAfter yourls.phpFpm.serviceDeps;
254 wants = yourls.phpFpm.serviceDeps;
257 description = "Standalone MPD Web GUI written in C";
258 wantedBy = [ "multi-user.target" ];
260 export MPD_PASSWORD=$(cat /var/secrets/mpd)
261 ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
265 description = "Tiny Tiny RSS feeds update daemon";
268 ExecStart = "${pkgs.php72}/bin/php ${ttrss.webRoot}/update.php --daemon";
269 StandardOutput = "syslog";
270 StandardError = "syslog";
271 PermissionsStartOnly = true;
274 wantedBy = [ "multi-user.target" ];
275 requires = ["postgresql.service"];
276 after = ["network.target" "postgresql.service"];
280 services.filesWatcher.ympd = {
282 paths = [ "/var/secrets/mpd" ];
285 services.phpfpm.pools = {
290 "listen.owner" = "wwwrun";
291 "listen.group" = "wwwrun";
293 "pm.max_children" = "60";
294 "pm.start_servers" = "2";
295 "pm.min_spare_servers" = "1";
296 "pm.max_spare_servers" = "10";
298 # Needed to avoid clashes in browser cookies (same domain)
299 "php_value[session.name]" = "ToolsPHPSESSID";
300 "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
301 "/run/wrappers/bin/sendmail" landing "/tmp"
302 "${config.secrets.location}/webapps/webhooks"
306 CONTACT_EMAIL = config.myEnv.tools.contact;
308 phpPackage = pkgs.php72;
314 "listen.owner" = "wwwrun";
315 "listen.group" = "wwwrun";
317 "pm.max_children" = "60";
318 "pm.start_servers" = "2";
319 "pm.min_spare_servers" = "1";
320 "pm.max_spare_servers" = "10";
322 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
324 phpPackage = pkgs.php72.withExtensions(e: pkgs.php72.enabledExtensions ++ [e.mysqli e.redis e.apcu e.opcache ]);
326 adminer = adminer.phpFpm;
330 settings = ttrss.phpFpm.pool;
331 phpPackage = pkgs.php72;
336 settings = wallabag.phpFpm.pool;
337 phpPackage = pkgs.php73.withExtensions(e: pkgs.php73.enabledExtensions ++ [e.tidy]);
342 settings = yourls.phpFpm.pool;
343 phpPackage = pkgs.php72;
348 settings = rompr.phpFpm.pool;
349 phpPackage = pkgs.php72;
354 settings = shaarli.phpFpm.pool;
355 phpPackage = pkgs.php72;
360 settings = dmarc-reports.phpFpm.pool;
361 phpEnv = dmarc-reports.phpFpm.phpEnv;
362 phpPackage = pkgs.php72;
367 settings = dokuwiki.phpFpm.pool;
368 phpPackage = pkgs.php72;
373 settings = phpbb.phpFpm.pool;
374 phpPackage = pkgs.php72;
379 settings = ldap.phpFpm.pool;
380 phpPackage = pkgs.php72;
385 settings = kanboard.phpFpm.pool;
386 phpPackage = pkgs.php72;
391 settings = grocy.phpFpm.pool;
392 phpPackage = pkgs.php72;
396 system.activationScripts = {
397 adminer = adminer.activationScript;
398 grocy = grocy.activationScript;
399 ttrss = ttrss.activationScript;
400 wallabag = wallabag.activationScript;
401 yourls = yourls.activationScript;
402 rompr = rompr.activationScript;
403 shaarli = shaarli.activationScript;
404 dokuwiki = dokuwiki.activationScript;
405 phpbb = phpbb.activationScript;
406 kanboard = kanboard.activationScript;
407 ldap = ldap.activationScript;
410 services.websites.webappDirs = {
411 _adminer = adminer.webRoot;
412 "${dmarc-reports.apache.webappName}" = dmarc-reports.webRoot;
413 "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
414 "${phpbb.apache.webappName}" = phpbb.webRoot;
415 "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
416 "${rompr.apache.webappName}" = rompr.webRoot;
417 "${shaarli.apache.webappName}" = shaarli.webRoot;
418 "${ttrss.apache.webappName}" = ttrss.webRoot;
419 "${wallabag.apache.webappName}" = wallabag.webRoot;
420 "${yourls.apache.webappName}" = yourls.webRoot;
421 "${kanboard.apache.webappName}" = kanboard.webRoot;
422 "${grocy.apache.webappName}" = grocy.webRoot;
425 services.websites.env.tools.watchPaths = [
426 "/var/secrets/webapps/tools-shaarli"
428 services.filesWatcher.phpfpm-wallabag = {
430 paths = [ "/var/secrets/webapps/tools-wallabag" ];
435 port = config.myEnv.ports.fiche;
436 domain = "tools.immae.eu/paste";