1 { lib, pkgs, config, ... }:
3 adminer = pkgs.callPackage ./adminer.nix {
4 inherit (pkgs.webapps) adminer;
6 ympd = pkgs.callPackage ./ympd.nix {
7 env = config.myEnv.tools.ympd;
9 ttrss = pkgs.callPackage ./ttrss.nix {
10 inherit (pkgs.webapps) ttrss ttrss-plugins;
11 env = config.myEnv.tools.ttrss;
13 kanboard = pkgs.callPackage ./kanboard.nix {
14 env = config.myEnv.tools.kanboard;
16 wallabag = pkgs.callPackage ./wallabag.nix {
17 inherit (pkgs.webapps) wallabag;
18 env = config.myEnv.tools.wallabag;
20 yourls = pkgs.callPackage ./yourls.nix {
21 inherit (pkgs.webapps) yourls yourls-plugins;
22 env = config.myEnv.tools.yourls;
24 rompr = pkgs.callPackage ./rompr.nix {
25 inherit (pkgs.webapps) rompr;
26 env = config.myEnv.tools.rompr;
28 shaarli = pkgs.callPackage ./shaarli.nix {
29 env = config.myEnv.tools.shaarli;
31 dokuwiki = pkgs.callPackage ./dokuwiki.nix {
32 inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
34 ldap = pkgs.callPackage ./ldap.nix {
35 inherit (pkgs.webapps) phpldapadmin;
36 env = config.myEnv.tools.phpldapadmin;
38 grocy = pkgs.callPackage ./grocy.nix {
39 inherit (pkgs.webapps) grocy;
42 cfg = config.myServices.websites.tools.tools;
43 pcfg = config.services.phpfpm.pools;
45 options.myServices.websites.tools.tools = {
46 enable = lib.mkEnableOption "enable tools website";
49 config = lib.mkIf cfg.enable {
58 services.duplyBackup.profiles = {
59 dokuwiki = dokuwiki.backups;
60 grocy = grocy.backups;
61 kanboard = kanboard.backups;
62 rompr = rompr.backups;
63 shaarli = shaarli.backups;
64 ttrss = ttrss.backups;
65 wallabag = wallabag.backups;
68 services.websites.env.tools.modules =
70 ++ adminer.apache.modules
71 ++ ympd.apache.modules
72 ++ ttrss.apache.modules
73 ++ wallabag.apache.modules
74 ++ yourls.apache.modules
75 ++ rompr.apache.modules
76 ++ shaarli.apache.modules
77 ++ dokuwiki.apache.modules
78 ++ ldap.apache.modules
79 ++ kanboard.apache.modules;
81 services.websites.env.integration.vhostConfs.devtools = {
82 certName = "integration";
83 certMainHost = "devtools.immae.eu";
85 hosts = [ "devtools.immae.eu" ];
86 root = "/var/lib/ftp/devtools.immae.eu";
91 <Directory "/var/lib/ftp/devtools.immae.eu">
92 DirectoryIndex index.php index.htm index.html
96 SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
103 services.websites.env.tools.vhostConfs.tools = {
104 certName = "eldiron";
106 hosts = ["tools.immae.eu" ];
107 root = "/var/lib/ftp/tools.immae.eu";
110 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
111 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
112 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
114 <Directory "/var/lib/ftp/tools.immae.eu">
115 DirectoryIndex index.php index.htm index.html
118 <FilesMatch "\.php$">
119 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
123 (adminer.apache.vhostConf pcfg.adminer.socket)
124 ympd.apache.vhostConf
125 (ttrss.apache.vhostConf pcfg.ttrss.socket)
126 (wallabag.apache.vhostConf pcfg.wallabag.socket)
127 (yourls.apache.vhostConf pcfg.yourls.socket)
128 (rompr.apache.vhostConf pcfg.rompr.socket)
129 (shaarli.apache.vhostConf pcfg.shaarli.socket)
130 (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
131 (ldap.apache.vhostConf pcfg.ldap.socket)
132 (kanboard.apache.vhostConf pcfg.kanboard.socket)
133 (grocy.apache.vhostConf pcfg.grocy.socket)
135 Alias /paste /var/lib/fiche
136 <Directory "/var/lib/fiche">
137 DirectoryIndex index.txt index.html
146 services.websites.env.tools.vhostConfs.outils = {
147 certName = "eldiron";
149 hosts = [ "outils.immae.eu" ];
153 RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
155 RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
157 RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
158 RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
160 RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
161 RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
162 RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
163 RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
165 RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
167 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
169 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
171 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
173 RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
180 after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
181 wants = dokuwiki.phpFpm.serviceDeps;
184 after = lib.mkAfter kanboard.phpFpm.serviceDeps;
185 wants = kanboard.phpFpm.serviceDeps;
188 after = lib.mkAfter ldap.phpFpm.serviceDeps;
189 wants = ldap.phpFpm.serviceDeps;
192 after = lib.mkAfter shaarli.phpFpm.serviceDeps;
193 wants = shaarli.phpFpm.serviceDeps;
196 after = lib.mkAfter ttrss.phpFpm.serviceDeps;
197 wants = ttrss.phpFpm.serviceDeps;
200 after = lib.mkAfter wallabag.phpFpm.serviceDeps;
201 wants = wallabag.phpFpm.serviceDeps;
202 preStart = lib.mkAfter wallabag.phpFpm.preStart;
205 after = lib.mkAfter yourls.phpFpm.serviceDeps;
206 wants = yourls.phpFpm.serviceDeps;
209 description = "Standalone MPD Web GUI written in C";
210 wantedBy = [ "multi-user.target" ];
212 export MPD_PASSWORD=$(cat /var/secrets/mpd)
213 ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
217 description = "Tiny Tiny RSS feeds update daemon";
220 ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
221 StandardOutput = "syslog";
222 StandardError = "syslog";
223 PermissionsStartOnly = true;
226 wantedBy = [ "multi-user.target" ];
227 requires = ["postgresql.service"];
228 after = ["network.target" "postgresql.service"];
232 services.filesWatcher.ympd = {
234 paths = [ "/var/secrets/mpd" ];
237 services.phpfpm.pools = {
242 "listen.owner" = "wwwrun";
243 "listen.group" = "wwwrun";
245 "pm.max_children" = "60";
246 "pm.start_servers" = "2";
247 "pm.min_spare_servers" = "1";
248 "pm.max_spare_servers" = "10";
250 # Needed to avoid clashes in browser cookies (same domain)
251 "php_value[session.name]" = "ToolsPHPSESSID";
252 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp";
259 "listen.owner" = "wwwrun";
260 "listen.group" = "wwwrun";
262 "pm.max_children" = "60";
263 "pm.start_servers" = "2";
264 "pm.min_spare_servers" = "1";
265 "pm.max_spare_servers" = "10";
267 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
269 phpOptions = config.services.phpfpm.phpOptions + ''
270 extension=${pkgs.php}/lib/php/extensions/mysqli.so
271 extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
272 extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
273 zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
276 adminer = adminer.phpFpm;
280 settings = ttrss.phpFpm.pool;
285 settings = wallabag.phpFpm.pool;
290 settings = yourls.phpFpm.pool;
295 settings = rompr.phpFpm.pool;
300 settings = shaarli.phpFpm.pool;
305 settings = dokuwiki.phpFpm.pool;
310 settings = ldap.phpFpm.pool;
311 phpPackage = pkgs.php72;
316 settings = kanboard.phpFpm.pool;
321 settings = grocy.phpFpm.pool;
325 system.activationScripts = {
326 adminer = adminer.activationScript;
327 grocy = grocy.activationScript;
328 ttrss = ttrss.activationScript;
329 wallabag = wallabag.activationScript;
330 yourls = yourls.activationScript;
331 rompr = rompr.activationScript;
332 shaarli = shaarli.activationScript;
333 dokuwiki = dokuwiki.activationScript;
334 kanboard = kanboard.activationScript;
335 ldap = ldap.activationScript;
338 services.websites.webappDirs = {
339 _adminer = adminer.webRoot;
340 "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
341 "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
342 "${rompr.apache.webappName}" = rompr.webRoot;
343 "${shaarli.apache.webappName}" = shaarli.webRoot;
344 "${ttrss.apache.webappName}" = ttrss.webRoot;
345 "${wallabag.apache.webappName}" = wallabag.webRoot;
346 "${yourls.apache.webappName}" = yourls.webRoot;
347 "${kanboard.apache.webappName}" = kanboard.webRoot;
348 "${grocy.apache.webappName}" = grocy.webRoot;
351 services.websites.env.tools.watchPaths = [
352 "/var/secrets/webapps/tools-shaarli"
354 services.filesWatcher.phpfpm-wallabag = {
356 paths = [ "/var/secrets/webapps/tools-wallabag" ];
361 port = config.myEnv.ports.fiche;
362 domain = "tools.immae.eu/paste";