X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Fether%2Fdefault.nix;h=64e411de5c72ac6e00d3c9f0757ae126c5106e3a;hb=da30ae4ffdd153a1eb32fb86f9ca9a65aa19e4e2;hp=600254b74865ba8021f0854977ca859cf695ee41;hpb=6a8252b11bb02f3e67857d5a9d733b1affa6a625;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/websites/tools/ether/default.nix b/modules/private/websites/tools/ether/default.nix index 600254b..64e411d 100644 --- a/modules/private/websites/tools/ether/default.nix +++ b/modules/private/websites/tools/ether/default.nix @@ -1,6 +1,6 @@ -{ lib, pkgs, config, myconfig, ... }: +{ lib, pkgs, config, ... }: let - env = myconfig.env.tools.etherpad-lite; + env = config.myEnv.tools.etherpad-lite; cfg = config.myServices.websites.tools.etherpad-lite; # Make sure we’re not rebuilding whole libreoffice just because of a # dependency @@ -12,7 +12,7 @@ in { }; config = lib.mkIf cfg.enable { - services.backup.profiles.etherpad-lite = { + services.duplyBackup.profiles.etherpad-lite = { rootDir = "/var/lib/private/etherpad-lite"; }; secrets.keys = [ @@ -33,6 +33,8 @@ in { { "title": "Etherpad", "favicon": "favicon.ico", + "skinName": "colibris", + "skinVariants": "dark-toolbar light-background super-light-editor full-width-editor", "ip": "", "port" : "${ecfg.sockets.node}", @@ -58,7 +60,7 @@ in { "rtl": false, "alwaysShowChat": false, "chatAndUsers": false, - "lang": "en-gb" + "lang": "fr" }, "suppressErrorsInPadText" : false, @@ -69,7 +71,7 @@ in { "maxAge" : 21600, "abiword" : null, "soffice" : "${libreoffice}/bin/soffice", - "tidyHtml" : "${pkgs.html-tidy}/bin/tidy", + "tidyHtml" : "", "allowUnknownFileEnds" : true, "requireAuthentication" : false, "requireAuthorization" : false, @@ -86,21 +88,47 @@ in { "percentageToScrollWhenUserPressesArrowUp": 0 }, "users": { + "admin": { + "password": "${env.adminPassword}", + "is_admin": true + }, "ldapauth": { + "hash": "invalid", "url": "ldaps://${env.ldap.host}", "accountBase": "${env.ldap.base}", - "accountPattern": "(&(memberOf=cn=users,cn=etherpad,ou=services,dc=immae,dc=eu)(uid={{username}}))", + "accountPattern": "${env.ldap.filter}", "displayNameAttribute": "cn", - "searchDN": "cn=etherpad,ou=services,dc=immae,dc=eu", + "searchDN": "${env.ldap.dn}", "searchPWD": "${env.ldap.password}", "groupSearchBase": "${env.ldap.base}", "groupAttribute": "member", "groupAttributeIsDN": true, "searchScope": "sub", - "groupSearch": "(memberOf=cn=groups,cn=etherpad,ou=services,dc=immae,dc=eu)", + "groupSearch": "${env.ldap.group_filter}", "anonymousReadonly": false } }, + "ep_mypads": { + "warning": "This hash is stored in database, changing anything here will not have any consequence", + "ldap": { + "url": "ldaps://${env.ldap.host}", + "bindDN": "${env.ldap.dn}", + "bindCredentials": "${env.ldap.password}", + "searchBase": "${env.ldap.base}", + "searchFilter": "${env.ldap.filter}", + "properties": { + "login": "uid", + "email": "mail", + "firstname": "givenName", + "lastname": "sn" + }, + "defaultLang": "fr" + } + }, + "ep_comments_page": { + "displayCommentAsIcon": true, + "highlightSelectedText": true + }, "socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"], "loadTest": false, "indentationOnNewLine": false, @@ -128,13 +156,24 @@ in { ]; services.etherpad-lite = { enable = true; - modules = builtins.attrValues pkgs.webapps.etherpad-lite-modules; - sessionKeyFile = "/var/secrets/webapps/tools-etherpad-sessionkey"; - apiKeyFile = "/var/secrets/webapps/tools-etherpad-apikey"; - configFile = "/var/secrets/webapps/tools-etherpad"; + package = pkgs.webapps.etherpad-lite.withModules (p: [ + p.ep_align p.ep_bookmark p.ep_colors p.ep_comments_page + p.ep_cursortrace p.ep_delete_empty_pads p.ep_embedmedia + p.ep_font_size p.ep_headings2 p.ep_immae_buttons p.ep_ldapauth + p.ep_line_height p.ep_markdown p.ep_mypads p.ep_page_view + p.ep_previewimages p.ep_ruler p.ep_scrollto + p.ep_set_title_on_pad p.ep_subscript_and_superscript + p.ep_timesliderdiff + ]); + modules = []; + sessionKeyFile = config.secrets.fullPaths."webapps/tools-etherpad-sessionkey"; + apiKeyFile = config.secrets.fullPaths."webapps/tools-etherpad-apikey"; + configFile = config.secrets.fullPaths."webapps/tools-etherpad"; }; systemd.services.etherpad-lite.serviceConfig.SupplementaryGroups = "keys"; + # Needed so that they get in the closure + systemd.services.etherpad-lite.path = [ libreoffice pkgs.html-tidy ]; services.filesWatcher.etherpad-lite = { restart = true; @@ -155,7 +194,7 @@ in { RewriteEngine On - RewriteMap redirects "txt:${pkgs.writeText "redirects.txt" myconfig.env.tools.etherpad-lite.redirects}" + RewriteMap redirects "txt:${pkgs.writeText "redirects.txt" config.myEnv.tools.etherpad-lite.redirects}" RewriteCond %{QUERY_STRING} "!noredirect" RewriteCond %{REQUEST_URI} "^(.*)$" RewriteCond ''${redirects:$1|Unknown} "!Unknown"