X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Ftools%2Fdefault.nix;h=642755ff1ff5679dada6a577ec9489c3c04cd2f3;hb=f40f5b235b890f46770a22f005f8a0f664cf0562;hp=262e5587ec8b4974440da1906f7dbbe540fadba1;hpb=d21de7a044cc39c452306880707f79162b666b60;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/nixops/modules/websites/tools/tools/default.nix b/nixops/modules/websites/tools/tools/default.nix index 262e558..642755f 100644 --- a/nixops/modules/websites/tools/tools/default.nix +++ b/nixops/modules/websites/tools/tools/default.nix @@ -1,24 +1,27 @@ -{ lib, pkgs, config, myconfig, mylibs, ... }: +{ lib, pkgs, config, myconfig, ... }: let adminer = pkgs.callPackage ../../commons/adminer.nix {}; ympd = pkgs.callPackage ./ympd.nix { env = myconfig.env.tools.ympd; }; ttrss = pkgs.callPackage ./ttrss.nix { - inherit (mylibs) fetchedGithub fetchedGit; + inherit (pkgs.webapps) ttrss ttrss-plugins; env = myconfig.env.tools.ttrss; }; roundcubemail = pkgs.callPackage ./roundcubemail.nix { - inherit (mylibs) fetchedGithub; + inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins; env = myconfig.env.tools.roundcubemail; }; rainloop = pkgs.callPackage ./rainloop.nix {}; kanboard = pkgs.callPackage ./kanboard.nix { env = myconfig.env.tools.kanboard; }; - wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; }; + wallabag = pkgs.callPackage ./wallabag.nix { + inherit (pkgs.webapps) wallabag; + env = myconfig.env.tools.wallabag; + }; yourls = pkgs.callPackage ./yourls.nix { - inherit (mylibs) fetchedGithub; + inherit (pkgs.webapps) yourls yourls-plugins; env = myconfig.env.tools.yourls; }; rompr = pkgs.callPackage ./rompr.nix { @@ -43,10 +46,7 @@ in { }; config = lib.mkIf cfg.enable { - security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null; - security.acme.certs."eldiron".extraDomains."devtools.immae.eu" = null; - - mySecrets.keys = + secrets.keys = kanboard.keys ++ ldap.keys ++ roundcubemail.keys @@ -55,10 +55,10 @@ in { ++ wallabag.keys ++ yourls.keys; - services.myWebsites.integration.modules = + services.websites.integration.modules = rainloop.apache.modules; - services.myWebsites.tools.modules = + services.websites.tools.modules = [ "proxy_fcgi" ] ++ adminer.apache.modules ++ ympd.apache.modules @@ -72,17 +72,9 @@ in { ++ ldap.apache.modules ++ kanboard.apache.modules; - systemd.services.ympd = { - description = "Standalone MPD Web GUI written in C"; - wantedBy = [ "multi-user.target" ]; - script = '' - export MPD_PASSWORD=$(cat /var/secrets/mpd) - ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody - ''; - }; - - services.myWebsites.integration.vhostConfs.devtools = { + services.websites.integration.vhostConfs.devtools = { certName = "eldiron"; + addToCerts = true; hosts = ["devtools.immae.eu" ]; root = "/var/lib/ftp/devtools.immae.eu"; extraConfig = [ @@ -100,8 +92,9 @@ in { ]; }; - services.myWebsites.tools.vhostConfs.tools = { + services.websites.tools.vhostConfs.tools = { certName = "eldiron"; + addToCerts = true; hosts = ["tools.immae.eu" ]; root = "/var/lib/ftp/tools.immae.eu"; extraConfig = [ @@ -129,11 +122,11 @@ in { ]; }; - security.acme.certs."eldiron".extraDomains."outils.immae.eu" = null; - services.myWebsites.tools.vhostConfs.outils = { - certName = "eldiron"; - hosts = [ "outils.immae.eu" ]; - root = null; + services.websites.tools.vhostConfs.outils = { + certName = "eldiron"; + addToCerts = true; + hosts = [ "outils.immae.eu" ]; + root = null; extraConfig = [ '' RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1 @@ -155,33 +148,99 @@ in { ]; }; - services.myPhpfpm.serviceDependencies = { - dokuwiki = dokuwiki.phpFpm.serviceDeps; - kanboard = kanboard.phpFpm.serviceDeps; - ldap = ldap.phpFpm.serviceDeps; - rainloop = rainloop.phpFpm.serviceDeps; - roundcubemail = roundcubemail.phpFpm.serviceDeps; - shaarli = shaarli.phpFpm.serviceDeps; - ttrss = ttrss.phpFpm.serviceDeps; - wallabag = wallabag.phpFpm.serviceDeps; - yourls = yourls.phpFpm.serviceDeps; + systemd.services = { + phpfpm-dokuwiki = { + after = lib.mkAfter dokuwiki.phpFpm.serviceDeps; + wants = dokuwiki.phpFpm.serviceDeps; + }; + phpfpm-kanboard = { + after = lib.mkAfter kanboard.phpFpm.serviceDeps; + wants = kanboard.phpFpm.serviceDeps; + }; + phpfpm-ldap = { + after = lib.mkAfter ldap.phpFpm.serviceDeps; + wants = ldap.phpFpm.serviceDeps; + }; + phpfpm-rainloop = { + after = lib.mkAfter rainloop.phpFpm.serviceDeps; + wants = rainloop.phpFpm.serviceDeps; + }; + phpfpm-roundcubemail = { + after = lib.mkAfter roundcubemail.phpFpm.serviceDeps; + wants = roundcubemail.phpFpm.serviceDeps; + }; + phpfpm-shaarli = { + after = lib.mkAfter shaarli.phpFpm.serviceDeps; + wants = shaarli.phpFpm.serviceDeps; + }; + phpfpm-ttrss = { + after = lib.mkAfter ttrss.phpFpm.serviceDeps; + wants = ttrss.phpFpm.serviceDeps; + }; + phpfpm-wallabag = { + after = lib.mkAfter wallabag.phpFpm.serviceDeps; + wants = wallabag.phpFpm.serviceDeps; + preStart = lib.mkAfter wallabag.phpFpm.preStart; + }; + phpfpm-yourls = { + after = lib.mkAfter yourls.phpFpm.serviceDeps; + wants = yourls.phpFpm.serviceDeps; + }; + ympd = { + description = "Standalone MPD Web GUI written in C"; + wantedBy = [ "multi-user.target" ]; + script = '' + export MPD_PASSWORD=$(cat /var/secrets/mpd) + ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody + ''; + }; + tt-rss = { + description = "Tiny Tiny RSS feeds update daemon"; + serviceConfig = { + User = "wwwrun"; + ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon"; + StandardOutput = "syslog"; + StandardError = "syslog"; + PermissionsStartOnly = true; + }; + + wantedBy = [ "multi-user.target" ]; + requires = ["postgresql.service"]; + after = ["network.target" "postgresql.service"]; + }; + }; + + services.phpfpm.pools.roundcubemail = { + listen = roundcubemail.phpFpm.socket; + extraConfig = roundcubemail.phpFpm.pool; + phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig; }; - services.myPhpfpm.poolPhpConfigs = { - devtools = '' + services.phpfpm.pools.devtools = { + listen = "/var/run/phpfpm/devtools.sock"; + extraConfig = '' + user = wwwrun + group = wwwrun + listen.owner = wwwrun + listen.group = wwwrun + pm = dynamic + pm.max_children = 60 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 10 + + php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp" + ''; + phpOptions = config.services.phpfpm.phpOptions + '' extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so zend_extension=${pkgs.php}/lib/php/extensions/opcache.so ''; - roundcubemail = roundcubemail.phpFpm.phpConfig; }; - services.myPhpfpm.preStart = { - wallabag = wallabag.phpFpm.preStart; - }; - services.myPhpfpm.poolConfigs = { + + services.phpfpm.poolConfigs = { adminer = adminer.phpFpm.pool; ttrss = ttrss.phpFpm.pool; - roundcubemail = roundcubemail.phpFpm.pool; wallabag = wallabag.phpFpm.pool; yourls = yourls.phpFpm.pool; rompr = rompr.phpFpm.pool; @@ -190,20 +249,6 @@ in { ldap = ldap.phpFpm.pool; rainloop = rainloop.phpFpm.pool; kanboard = kanboard.phpFpm.pool; - devtools = '' - listen = /var/run/phpfpm/devtools.sock - user = wwwrun - group = wwwrun - listen.owner = wwwrun - listen.group = wwwrun - pm = dynamic - pm.max_children = 60 - pm.start_servers = 2 - pm.min_spare_servers = 1 - pm.max_spare_servers = 10 - - php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp" - ''; tools = '' listen = /var/run/phpfpm/tools.sock user = wwwrun @@ -248,21 +293,6 @@ in { ln -s ${kanboard.webRoot} $out/webapps/${kanboard.apache.webappName} ''; - systemd.services.tt-rss = { - description = "Tiny Tiny RSS feeds update daemon"; - serviceConfig = { - User = "wwwrun"; - ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon"; - StandardOutput = "syslog"; - StandardError = "syslog"; - PermissionsStartOnly = true; - }; - - wantedBy = [ "multi-user.target" ]; - requires = ["postgresql.service"]; - after = ["network.target" "postgresql.service"]; - }; - }; }