X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Ftools%2Fwallabag.nix;fp=nixops%2Fmodules%2Fwebsites%2Ftools%2Ftools%2Fwallabag.nix;h=4bda8089a5d3df7c196a25e4f5f71209478defaf;hb=01f21083a897b86bf148f1d2bb9c8edca4d3786a;hp=0000000000000000000000000000000000000000;hpb=bfe3c9c9df0c5112bc8806483292b55ed0f7e02d;p=perso%2FImmae%2FConfig%2FNix.git
diff --git a/nixops/modules/websites/tools/tools/wallabag.nix b/nixops/modules/websites/tools/tools/wallabag.nix
new file mode 100644
index 0000000..4bda808
--- /dev/null
+++ b/nixops/modules/websites/tools/tools/wallabag.nix
@@ -0,0 +1,181 @@
+{ stdenv, fetchurl, writeText, env, composerEnv, phpPackages, php, which }:
+let
+ wallabag = rec {
+ varDir = "/var/lib/wallabag";
+ parameters = writeText "parameters.yml" ''
+ # This file is auto-generated during the composer install
+ parameters:
+ database_driver: pdo_pgsql
+ database_driver_class: Wallabag\CoreBundle\Doctrine\DBAL\Driver\CustomPostgreSQLDriver
+ database_host: ${env.postgresql.socket}
+ database_port: ${env.postgresql.port}
+ database_name: ${env.postgresql.database}
+ database_user: ${env.postgresql.user}
+ database_password: ${env.postgresql.password}
+ database_path: null
+ database_table_prefix: wallabag_
+ database_socket: null
+ database_charset: utf8
+ domain_name: https://tools.immae.eu/wallabag
+ mailer_transport: smtp
+ mailer_host: mail.immae.eu
+ mailer_user: null
+ mailer_password: null
+ locale: fr
+ secret: ${env.secret}
+ twofactor_auth: true
+ twofactor_sender: wallabag@immae.eu
+ fosuser_registration: false
+ fosuser_confirmation: true
+ from_email: wallabag@immae.eu
+ rss_limit: 50
+ rabbitmq_host: localhost
+ rabbitmq_port: 5672
+ rabbitmq_user: guest
+ rabbitmq_password: guest
+ rabbitmq_prefetch_count: 10
+ redis_scheme: unix
+ redis_host: null
+ redis_port: null
+ redis_path: ${env.redis.socket}
+ redis_password: null
+ sites_credentials: { }
+ ldap_enabled: true
+ ldap_host: ldap.immae.eu
+ ldap_port: 636
+ ldap_tls: false
+ ldap_ssl: true
+ ldap_bind_requires_dn: true
+ ldap_base: 'dc=immae,dc=eu'
+ ldap_manager_dn: 'cn=wallabag,ou=services,dc=immae,dc=eu'
+ ldap_manager_pw: ${env.ldap.password}
+ ldap_filter: '(&(memberOf=cn=users,cn=wallabag,ou=services,dc=immae,dc=eu))'
+ ldap_admin_filter: '(&(memberOf=cn=admins,cn=wallabag,ou=services,dc=immae,dc=eu)(uid=%s))'
+ ldap_username_attribute: uid
+ ldap_email_attribute: mail
+ ldap_name_attribute: cn
+ ldap_enabled_attribute: null
+ '';
+ webappDir = composerEnv.buildPackage rec {
+ packages = {
+ "fr3d/ldap-bundle" = {
+ targetDir = "";
+ src = composerEnv.buildZipPackage {
+ name = "fr3d-ldap-bundle-5a8927c11af45fa06331b97221c6da1a4a237475";
+ src = fetchurl {
+ url = https://api.github.com/repos/Maks3w/FR3DLdapBundle/zipball/5a8927c11af45fa06331b97221c6da1a4a237475;
+ sha256 = "168zkd82j200wd6h0a3lq81g5s2pifg889rv27q2g429nppsbfxc";
+ };
+ };
+ };
+ "zendframework/zend-ldap" = {
+ targetDir = "";
+ src = composerEnv.buildZipPackage {
+ name = "zendframework-zend-ldap-b63c7884a08d3a6bda60ebcf7d6238cf8ad89f49";
+ src = fetchurl {
+ url = https://api.github.com/repos/zendframework/zend-ldap/zipball/b63c7884a08d3a6bda60ebcf7d6238cf8ad89f49;
+ sha256 = "0mn4yqnb5prqhrbbybmw1i2rx7xf4s4wagbdq9qi55fa0vk3jgw9";
+ };
+ };
+ };
+ };
+ noDev = true;
+ doRemoveVendor = false;
+ # Beware when upgrading, I probably messed up with the migrations table
+ # (due to a psql bug in wallabag)
+ version = "2.3.6";
+ name = "wallabag-${version}";
+ src = fetchurl {
+ url = "https://static.wallabag.org/releases/wallabag-release-${version}.tar.gz";
+ sha256 = "0m0dy3r94ks5pfxyb9vbgrsm0vrwdl3jd5wqwg4f5vd107lq90q1";
+ };
+ unpackPhase = ''
+ unpackFile "$src"
+ sourceRoot=${version}
+ src=$PWD/${version}
+ '';
+ patches = [ ./wallabag_ldap.patch ];
+ preInstall = ''
+ export SYMFONY_ENV="prod"
+ '';
+ postInstall = ''
+ rm -rf web/assets var/{cache,logs,sessions} app/config/parameters.yml data
+ ln -sf ${parameters} app/config/parameters.yml
+ ln -sf ../../../../../../${varDir}/var/{cache,logs,sessions} var
+ ln -sf ../../../../../${varDir}/data data
+ ln -sf ../../../../../../${varDir}/assets web/assets
+ '';
+ };
+ activationScript = ''
+ install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
+ ${varDir}/var ${varDir}/data/db ${varDir}/assets/images
+ if [ ! -f "${varDir}/currentWebappDir" -o \
+ "${webappDir}" != "$(cat ${varDir}/currentWebappDir 2>/dev/null)" ]; then
+ pushd ${webappDir} > /dev/null
+ $wrapperDir/sudo -u wwwrun ./bin/console --env=prod cache:clear
+ $wrapperDir/sudo -u wwwrun ./bin/console --env=prod doctrine:migrations:migrate --no-interaction
+ popd > /dev/null
+ echo -n "${webappDir}" > ${varDir}/currentWebappDir
+ fi
+ '';
+ webRoot = "${webappDir}/web";
+ # Domain migration: Table wallabag_entry contains whole
+ # https://tools.immae.eu/wallabag domain name in preview_picture
+ apache = {
+ user = "wwwrun";
+ group = "wwwrun";
+ modules = [ "proxy_fcgi" ];
+ vhostConf = ''
+ Alias /wallabag "${webRoot}"
+
+ AllowOverride None
+ Require all granted
+ # For OAuth (apps)
+ CGIPassAuth On
+
+
+ SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+
+
+
+ Options -MultiViews
+ RewriteEngine On
+ RewriteCond %{REQUEST_FILENAME} !-f
+ RewriteRule ^(.*)$ app.php [QSA,L]
+
+
+
+
+ RewriteEngine Off
+
+
+
+ AllowOverride None
+ Require all granted
+
+ '';
+ };
+ phpFpm = rec {
+ basedir = builtins.concatStringsSep ":" [ webappDir parameters varDir ];
+ socket = "/var/run/phpfpm/wallabag.sock";
+ pool = ''
+ listen = ${socket}
+ user = ${apache.user}
+ group = ${apache.group}
+ listen.owner = ${apache.user}
+ listen.group = ${apache.group}
+ pm = dynamic
+ pm.max_children = 60
+ pm.start_servers = 2
+ pm.min_spare_servers = 1
+ pm.max_spare_servers = 10
+
+ ; Needed to avoid clashes in browser cookies (same domain)
+ php_value[session.name] = WallabagPHPSESSID
+ php_admin_value[open_basedir] = "${basedir}:/tmp"
+ php_value[max_execution_time] = 300
+ '';
+ };
+ };
+in
+ wallabag