X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Ftools%2Fshaarli.nix;h=2e89a473837a24918eb53e8301df250681a4576f;hb=bee035b7eb4dfe65f9787ae85beb46cec33a5c2f;hp=157c4de661ac2cac58c4e1c8eca757f393426e2c;hpb=5f08b34c5247ee0c4de2a9264d059b69271e3473;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/nixops/modules/websites/tools/tools/shaarli.nix b/nixops/modules/websites/tools/tools/shaarli.nix index 157c4de..2e89a47 100644 --- a/nixops/modules/websites/tools/tools/shaarli.nix +++ b/nixops/modules/websites/tools/tools/shaarli.nix @@ -1,45 +1,13 @@ -{ lib, env, stdenv, fetchurl }: - +{ lib, env, stdenv, fetchurl, shaarli }: let varDir = "/var/lib/shaarli"; - shaarli = stdenv.mkDerivation rec { - name = "shaarli-${version}"; - version = "0.10.2"; - - src = fetchurl { - url = "https://github.com/shaarli/Shaarli/releases/download/v${version}/shaarli-v${version}-full.tar.gz"; - sha256 = "0h8sspj7siy3vgpi2i3gdrjcr5935fr4dfwq2zwd70sjx2sh9s78"; - }; - - outputs = [ "out" "doc" ]; - - patches = [ ./shaarli_ldap.patch ]; - - installPhase = '' - rm -r {cache,pagecache,tmp,data}/ - ln -sf ${varDir}/{cache,pagecache,tmp,data} . - mkdir -p $doc/share/doc - mv doc/ $doc/share/doc/shaarli - mkdir $out/ - cp -R ./* $out - cp .htaccess $out/ - ''; - - meta = with stdenv.lib; { - description = "The personal, minimalist, super-fast, database free, bookmarking service"; - license = licenses.gpl3Plus; - homepage = https://github.com/shaarli/Shaarli; - maintainers = with maintainers; [ schneefux ]; - platforms = platforms.all; - }; - }; in rec { activationScript = '' install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \ ${varDir}/cache ${varDir}/pagecache ${varDir}/tmp ${varDir}/data \ ${varDir}/phpSessions ''; - webRoot = shaarli; + webRoot = shaarli varDir; apache = rec { user = "wwwrun"; group = "wwwrun"; @@ -49,6 +17,7 @@ in rec { vhostConf = '' Alias /Shaarli "${root}" + Include /var/secrets/webapps/tools-shaarli DirectoryIndex index.php index.htm index.html Options Indexes FollowSymLinks MultiViews Includes @@ -60,22 +29,21 @@ in rec { ''; }; - keys.tools-shaarli = { - destDir = "/run/keys/webapps"; + keys = [{ + dest = "webapps/tools-shaarli"; user = apache.user; group = apache.group; - permissions = "0700"; + permissions = "0400"; text = '' - SHAARLI_LDAP_PASSWORD="${env.ldap.password}" - SHAARLI_LDAP_DN="${env.ldap.dn}" - SHAARLI_LDAP_HOST="ldaps://${env.ldap.host}" - SHAARLI_LDAP_BASE="${env.ldap.base}" - SHAARLI_LDAP_FILTER="${env.ldap.search}" + SetEnv SHAARLI_LDAP_PASSWORD "${env.ldap.password}" + SetEnv SHAARLI_LDAP_DN "${env.ldap.dn}" + SetEnv SHAARLI_LDAP_HOST "ldaps://${env.ldap.host}" + SetEnv SHAARLI_LDAP_BASE "${env.ldap.base}" + SetEnv SHAARLI_LDAP_FILTER "${env.ldap.search}" ''; - }; + }]; phpFpm = rec { - serviceDeps = [ "openldap.service" "tools-shaarli-key.service" ]; - envFile = "/run/keys/webapps/tools-shaarli"; + serviceDeps = [ "openldap.service" ]; basedir = builtins.concatStringsSep ":" [ webRoot varDir ]; socket = "/var/run/phpfpm/shaarli.sock"; pool = '' @@ -87,7 +55,6 @@ in rec { pm = ondemand pm.max_children = 60 pm.process_idle_timeout = 60 - clear_env = no ; Needed to avoid clashes in browser cookies (same domain) php_value[session.name] = ShaarliPHPSESSID