networking = {
firewall = {
enable = true;
- allowedTCPPorts = [ 22 80 443 3306 5432 ];
+ allowedTCPPorts = [ 22 80 443 3306 5432 9418 ];
};
};
'';
extraDomains = {
"db-1.immae.eu" = null;
+ "git.immae.eu" = null;
"tools.immae.eu" = null;
"connexionswing.immae.eu" = null;
"sandetludo.immae.eu" = null;
users.users.wwwrun.extraGroups = [ "gitolite" ];
+ users.users.gitolite.packages = let
+ python-packages = python-packages: with python-packages; [
+ simplejson
+ urllib3
+ ];
+ in
+ [
+ (pkgs.python3.withPackages python-packages)
+ ];
# FIXME: after initial install, need to
# (1) copy rc file (adjust gitolite_ldap_groups.sh)
# (2) (mark old readonly and) sync repos except gitolite-admin
connexionswing_dev = mypkgs.connexionswing_dev.phpFpm.pool;
connexionswing_prod = mypkgs.connexionswing_prod.phpFpm.pool;
nextcloud = mypkgs.nextcloud.phpFpm.pool;
+ mantisbt = mypkgs.mantisbt.phpFpm.pool;
};
};
source = ldap_authorized_keys;
};
+ services.gitDaemon = {
+ enable = true;
+ user = "gitolite";
+ group = "gitolite";
+ basePath = "${mypkgs.git.web.varDir}/repositories";
+ };
+
services.httpd = let
withSSL = domain: {
enableSSL = true;
mypkgs.connexionswing_prod.apache.modules ++
mypkgs.ympd.apache.modules ++
mypkgs.git.web.apache.modules ++
+ mypkgs.mantisbt.apache.modules ++
pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++
[ "macro" ]);
extraConfig = builtins.concatStringsSep "\n"
documentRoot = mypkgs.git.web.webRoot;
extraConfig = builtins.concatStringsSep "\n" [
mypkgs.git.web.apache.vhostConf
+ mypkgs.mantisbt.apache.vhostConf
] + ''
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/releases
authentication = ''
local all postgres ident
local all all md5
+ host all all samehost md5
host all all 178.33.252.96/32 md5
host all all 188.165.209.148/32 md5
#host all all all pam