X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Ftools%2Fdefault.nix;h=ada62537fb04021ef6e5ac759bd7622e0fa00b43;hb=da30ae4ffdd153a1eb32fb86f9ca9a65aa19e4e2;hp=1e30eed4affaf0770ba0d6d91d5054106c93509e;hpb=2053ddac783c931053676ebc2b02bc8b82d89399;p=perso%2FImmae%2FConfig%2FNix.git
diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix
index 1e30eed..ada6253 100644
--- a/modules/private/websites/tools/tools/default.nix
+++ b/modules/private/websites/tools/tools/default.nix
@@ -1,5 +1,7 @@
{ lib, pkgs, config, ... }:
let
+ flakeCompat = import ../../../../../lib/flake-compat.nix;
+
adminer = pkgs.callPackage ./adminer.nix {
inherit (pkgs.webapps) adminer;
};
@@ -10,8 +12,10 @@ let
inherit (pkgs.webapps) ttrss ttrss-plugins;
env = config.myEnv.tools.ttrss;
php = pkgs.php72;
+ inherit config;
};
kanboard = pkgs.callPackage ./kanboard.nix {
+ inherit config;
env = config.myEnv.tools.kanboard;
};
wallabag = pkgs.callPackage ./wallabag.nix {
@@ -21,10 +25,12 @@ let
};
};
env = config.myEnv.tools.wallabag;
+ inherit config;
};
yourls = pkgs.callPackage ./yourls.nix {
inherit (pkgs.webapps) yourls yourls-plugins;
env = config.myEnv.tools.yourls;
+ inherit config;
};
rompr = pkgs.callPackage ./rompr.nix {
inherit (pkgs.webapps) rompr;
@@ -32,6 +38,7 @@ let
};
shaarli = pkgs.callPackage ./shaarli.nix {
env = config.myEnv.tools.shaarli;
+ inherit config;
};
dokuwiki = pkgs.callPackage ./dokuwiki.nix {
inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
@@ -39,6 +46,7 @@ let
ldap = pkgs.callPackage ./ldap.nix {
inherit (pkgs.webapps) phpldapadmin;
env = config.myEnv.tools.phpldapadmin;
+ inherit config;
};
grocy = pkgs.callPackage ./grocy.nix {
grocy = pkgs.webapps.grocy.override { composerEnv = pkgs.composerEnv.override { php = pkgs.php72; }; };
@@ -54,6 +62,10 @@ let
};
dmarc-reports = pkgs.callPackage ./dmarc_reports.nix {
env = config.myEnv.tools.dmarc_reports;
+ inherit config;
+ };
+ csp-reports = pkgs.callPackage ./csp_reports.nix {
+ env = config.myEnv.tools.csp_reports;
};
landing = pkgs.callPackage ./landing.nix {};
@@ -61,6 +73,9 @@ let
cfg = config.myServices.websites.tools.tools;
pcfg = config.services.phpfpm.pools;
in {
+ imports =
+ builtins.attrValues (flakeCompat ../../../../../flakes/private/paste).nixosModules;
+
options.myServices.websites.tools.tools = {
enable = lib.mkEnableOption "enable tools website";
};
@@ -74,6 +89,7 @@ in {
++ wallabag.keys
++ yourls.keys
++ dmarc-reports.keys
+ ++ csp-reports.keys
++ webhooks.keys;
services.duplyBackup.profiles = {
@@ -110,6 +126,7 @@ in {
root = "/var/lib/ftp/devtools.immae.eu";
extraConfig = [
''
+ Use Apaxy "/var/lib/ftp/devtools.immae.eu" "title"
Timeout 600
ProxyTimeout 600
Header always set Content-Security-Policy-Report-Only "${config.myEnv.tools.csp_reports.policies.inline}"
@@ -160,13 +177,16 @@ in {
(phpbb.apache.vhostConf pcfg.phpbb.socket)
(dmarc-reports.apache.vhostConf pcfg.dmarc-reports.socket)
''
- Alias /paste /var/lib/fiche
-
- DirectoryIndex index.txt index.html
- AllowOverride None
- Require all granted
- Options -Indexes
-
+
+ ProxyPass unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
+ ProxyPassReverse unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
+ ProxyPreserveHost on
+
+
+ ProxyPass unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
+ ProxyPassReverse unix://${config.services.paste.sockets.gunicorn}|http://tools.immae.eu/paste/
+ ProxyPreserveHost on
+
Alias /BIP39 /var/lib/buildbot/outputs/immae/bip39
@@ -175,8 +195,8 @@ in {
Require all granted
- Alias /webhooks ${config.secrets.location}/webapps/webhooks
-
+ Alias /webhooks ${config.secrets.fullPaths."webapps/webhooks"}
+
Options -Indexes
Require all granted
AllowOverride None
@@ -258,7 +278,7 @@ in {
description = "Standalone MPD Web GUI written in C";
wantedBy = [ "multi-user.target" ];
script = ''
- export MPD_PASSWORD=$(cat /var/secrets/mpd)
+ export MPD_PASSWORD=$(cat ${config.secrets.fullPaths."mpd"})
${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
'';
};
@@ -280,7 +300,7 @@ in {
services.filesWatcher.ympd = {
restart = true;
- paths = [ "/var/secrets/mpd" ];
+ paths = [ config.secrets.fullPaths."mpd" ];
};
services.phpfpm.pools = {
@@ -300,13 +320,12 @@ in {
"php_value[session.name]" = "ToolsPHPSESSID";
"php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
"/run/wrappers/bin/sendmail" landing "/tmp"
- "${config.secrets.location}/webapps/webhooks"
+ config.secrets.fullPaths."webapps/webhooks"
];
+ "include" = config.secrets.fullPaths."webapps/tools-csp-reports.conf";
};
phpEnv = {
CONTACT_EMAIL = config.myEnv.tools.contact;
- CSP_REPORT_URI = with config.myEnv.tools.csp_reports.postgresql;
- "\"host=${socket} dbname=${database} user=${user} password=${password}\"";
};
phpPackage = pkgs.php72;
};
@@ -426,19 +445,13 @@ in {
};
services.websites.env.tools.watchPaths = [
- "/var/secrets/webapps/tools-shaarli"
+ config.secrets.fullPaths."webapps/tools-shaarli"
];
services.filesWatcher.phpfpm-wallabag = {
restart = true;
- paths = [ "/var/secrets/webapps/tools-wallabag" ];
+ paths = [ config.secrets.fullPaths."webapps/tools-wallabag" ];
};
- services.fiche = {
- enable = true;
- port = config.myEnv.ports.fiche;
- domain = "tools.immae.eu/paste";
- https = true;
- };
};
}