X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Ftools%2Fdefault.nix;h=dbd65e63ffdb76fcaba36ea56a8368131c74d5b7;hb=251c0a135a4153453030dc0e2c132e57934c0095;hp=5dc0981ef627e979523ad7d6a7c8fd6a55aa61cb;hpb=441da8aac378f401625e82caf281fa0e26128310;p=perso%2FImmae%2FConfig%2FNix.git
diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix
index 5dc0981..dbd65e6 100644
--- a/modules/private/websites/tools/tools/default.nix
+++ b/modules/private/websites/tools/tools/default.nix
@@ -38,8 +38,14 @@ let
grocy = pkgs.callPackage ./grocy.nix {
inherit (pkgs.webapps) grocy;
};
+ webhooks = pkgs.callPackage ./webhooks.nix {
+ env = config.myEnv.tools.webhooks;
+ };
+
+ landing = pkgs.callPackage ./landing.nix {};
cfg = config.myServices.websites.tools.tools;
+ pcfg = config.services.phpfpm.pools;
in {
options.myServices.websites.tools.tools = {
enable = lib.mkEnableOption "enable tools website";
@@ -52,7 +58,8 @@ in {
++ shaarli.keys
++ ttrss.keys
++ wallabag.keys
- ++ yourls.keys;
+ ++ yourls.keys
+ ++ webhooks.keys;
services.duplyBackup.profiles = {
dokuwiki = dokuwiki.backups;
@@ -92,7 +99,7 @@ in {
AllowOverride all
Require all granted
- SetHandler "proxy:unix:/var/run/phpfpm/devtools.sock|fcgi://localhost"
+ SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
''
@@ -110,26 +117,68 @@ in {
RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
+ Alias /landing ${landing}
+
+ DirectoryIndex index.html
+ AllowOverride None
+ Require all granted
+
+
+ SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
+
+
+
DirectoryIndex index.php index.htm index.html
AllowOverride all
Require all granted
- SetHandler "proxy:unix:/var/run/phpfpm/tools.sock|fcgi://localhost"
+ SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
+
+ RewriteEngine On
+ RewriteCond ${landing}%{REQUEST_URI} -f
+ RewriteRule ^(.*)$ /landing/$1 [L]
+ RewriteRule ^$ /landing/ [L]
''
- adminer.apache.vhostConf
+ (adminer.apache.vhostConf pcfg.adminer.socket)
ympd.apache.vhostConf
- ttrss.apache.vhostConf
- wallabag.apache.vhostConf
- yourls.apache.vhostConf
- rompr.apache.vhostConf
- shaarli.apache.vhostConf
- dokuwiki.apache.vhostConf
- ldap.apache.vhostConf
- kanboard.apache.vhostConf
- grocy.apache.vhostConf
+ (ttrss.apache.vhostConf pcfg.ttrss.socket)
+ (wallabag.apache.vhostConf pcfg.wallabag.socket)
+ (yourls.apache.vhostConf pcfg.yourls.socket)
+ (rompr.apache.vhostConf pcfg.rompr.socket)
+ (shaarli.apache.vhostConf pcfg.shaarli.socket)
+ (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
+ (ldap.apache.vhostConf pcfg.ldap.socket)
+ (kanboard.apache.vhostConf pcfg.kanboard.socket)
+ (grocy.apache.vhostConf pcfg.grocy.socket)
+ ''
+ Alias /paste /var/lib/fiche
+
+ DirectoryIndex index.txt index.html
+ AllowOverride None
+ Require all granted
+ Options -Indexes
+
+
+ Alias /BIP39 /var/lib/buildbot/outputs/bip39
+
+ DirectoryIndex index.html
+ AllowOverride None
+ Require all granted
+
+
+ Alias /webhooks ${config.secrets.location}/webapps/webhooks
+
+ Options -Indexes
+ Require all granted
+ AllowOverride None
+
+ SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
+
+
+ ''
];
};
@@ -226,38 +275,42 @@ in {
services.phpfpm.pools = {
tools = {
- listen = "/var/run/phpfpm/tools.sock";
- extraConfig = ''
- user = wwwrun
- group = wwwrun
- listen.owner = wwwrun
- listen.group = wwwrun
- pm = dynamic
- pm.max_children = 60
- pm.start_servers = 2
- pm.min_spare_servers = 1
- pm.max_spare_servers = 10
-
- ; Needed to avoid clashes in browser cookies (same domain)
- php_value[session.name] = ToolsPHPSESSID
- php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp"
- '';
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = {
+ "listen.owner" = "wwwrun";
+ "listen.group" = "wwwrun";
+ "pm" = "dynamic";
+ "pm.max_children" = "60";
+ "pm.start_servers" = "2";
+ "pm.min_spare_servers" = "1";
+ "pm.max_spare_servers" = "10";
+
+ # Needed to avoid clashes in browser cookies (same domain)
+ "php_value[session.name]" = "ToolsPHPSESSID";
+ "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
+ "/run/wrappers/bin/sendmail" "/var/lib/ftp/tools.immae.eu"
+ landing "/tmp" "${config.secrets.location}/webapps/webhooks"
+ ];
+ };
+ phpEnv = {
+ CONTACT_EMAIL = config.myEnv.tools.contact;
+ };
};
devtools = {
- listen = "/var/run/phpfpm/devtools.sock";
- extraConfig = ''
- user = wwwrun
- group = wwwrun
- listen.owner = wwwrun
- listen.group = wwwrun
- pm = dynamic
- pm.max_children = 60
- pm.start_servers = 2
- pm.min_spare_servers = 1
- pm.max_spare_servers = 10
-
- php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"
- '';
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = {
+ "listen.owner" = "wwwrun";
+ "listen.group" = "wwwrun";
+ "pm" = "dynamic";
+ "pm.max_children" = "60";
+ "pm.start_servers" = "2";
+ "pm.min_spare_servers" = "1";
+ "pm.max_spare_servers" = "10";
+
+ "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
+ };
phpOptions = config.services.phpfpm.phpOptions + ''
extension=${pkgs.php}/lib/php/extensions/mysqli.so
extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
@@ -265,45 +318,52 @@ in {
zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
'';
};
- adminer = {
- listen = adminer.phpFpm.socket;
- extraConfig = adminer.phpFpm.pool;
- };
+ adminer = adminer.phpFpm;
ttrss = {
- listen = ttrss.phpFpm.socket;
- extraConfig = ttrss.phpFpm.pool;
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = ttrss.phpFpm.pool;
};
wallabag = {
- listen = wallabag.phpFpm.socket;
- extraConfig = wallabag.phpFpm.pool;
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = wallabag.phpFpm.pool;
};
yourls = {
- listen = yourls.phpFpm.socket;
- extraConfig = yourls.phpFpm.pool;
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = yourls.phpFpm.pool;
};
rompr = {
- listen = rompr.phpFpm.socket;
- extraConfig = rompr.phpFpm.pool;
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = rompr.phpFpm.pool;
};
shaarli = {
- listen = shaarli.phpFpm.socket;
- extraConfig = shaarli.phpFpm.pool;
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = shaarli.phpFpm.pool;
};
dokuwiki = {
- listen = dokuwiki.phpFpm.socket;
- extraConfig = dokuwiki.phpFpm.pool;
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = dokuwiki.phpFpm.pool;
};
ldap = {
- listen = ldap.phpFpm.socket;
- extraConfig = ldap.phpFpm.pool;
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = ldap.phpFpm.pool;
+ phpPackage = pkgs.php72;
};
kanboard = {
- listen = kanboard.phpFpm.socket;
- extraConfig = kanboard.phpFpm.pool;
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = kanboard.phpFpm.pool;
};
grocy = {
- listen = grocy.phpFpm.socket;
- extraConfig = grocy.phpFpm.pool;
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = grocy.phpFpm.pool;
};
};
@@ -320,7 +380,7 @@ in {
ldap = ldap.activationScript;
};
- myServices.websites.webappDirs = {
+ services.websites.webappDirs = {
_adminer = adminer.webRoot;
"${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
"${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
@@ -340,6 +400,13 @@ in {
restart = true;
paths = [ "/var/secrets/webapps/tools-wallabag" ];
};
+
+ services.fiche = {
+ enable = true;
+ port = config.myEnv.ports.fiche;
+ domain = "tools.immae.eu/paste";
+ https = true;
+ };
};
}