certName = "eldiron";
addToCerts = true;
hosts = [ "task.immae.eu" ];
- root = "/run/current-system/webapps/_task";
+ root = ./www;
extraConfig = [ ''
- <Directory /run/current-system/webapps/_task>
+ <Directory ${./www}>
DirectoryIndex index.php
Use LDAPConnect
Require ldap-group cn=users,cn=taskwarrior,ou=services,dc=immae,dc=eu
};
};
- services.websites.webappDirs._task = ./www;
-
security.acme.certs."task" = config.myServices.certificates.certConfig // {
inherit user group;
domain = fqdn;
{ lib, config, ... }:
let
cfg = config.myServices.websites.capitaines.landing_pages;
- webappdirs = config.services.websites.webappDirsPaths;
certName = "capitaines";
domain = "capitaines.fr";
in {
options.myServices.websites.capitaines.landing_pages.enable = lib.mkEnableOption "enable Capitaines's landing pages";
config = lib.mkIf cfg.enable {
- services.websites.webappDirs.capitaines_mastodon = ./mastodon_static;
services.websites.env.production.vhostConfs.capitaines_mastodon = rec {
inherit certName;
certMainHost = "mastodon.${domain}";
hosts = [ certMainHost ];
- root = webappdirs.capitaines_mastodon;
+ root = ./mastodon_static;
extraConfig = [
''
ErrorDocument 404 /index.html
- <Directory ${webappdirs.capitaines_mastodon}>
+ <Directory ${./mastodon_static}>
DirectoryIndex index.html
Options Indexes FollowSymLinks MultiViews Includes
Require all granted
];
};
- services.websites.webappDirs.capitaines_discourse = ./discourse_static;
services.websites.env.production.vhostConfs.capitaines_discourse = {
inherit certName;
addToCerts = true;
hosts = [ "discourse.${domain}" ];
- root = webappdirs.capitaines_discourse;
+ root = ./discourse_static;
extraConfig = [
''
ErrorDocument 404 /index.html
- <Directory ${webappdirs.capitaines_discourse}>
+ <Directory ${./discourse_static}>
DirectoryIndex index.html
Options Indexes FollowSymLinks MultiViews Includes
Require all granted
inherit certName;
addToCerts = true;
hosts = [ domain ];
- root = webappdirs._www;
+ root = ../_www;
extraConfig = [ ''
- <Directory ${webappdirs._www}>
+ <Directory ${../_www}>
DirectoryIndex index.htm
Require all granted
</Directory>
varDir = "/var/lib/chloe_integration";
};
cfg = config.myServices.websites.chloe.integration;
- webappdir = config.services.websites.webappDirsPaths.chloe_integration;
in {
options.myServices.websites.chloe.integration.enable = lib.mkEnableOption "enable Chloe's website in integration";
install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
- services.websites.webappDirs.chloe_integration = app.webRoot;
services.websites.env.integration.modules = [ "proxy_fcgi" ];
services.websites.env.integration.vhostConfs.chloe_integration = {
certName = "integration";
addToCerts = true;
hosts = ["chloe.immae.eu" ];
- root = webappdir;
+ root = app.webRoot;
extraConfig = [
''
Include ${config.secrets.fullPaths."websites/chloe/integration"}
SetHandler "proxy:unix:${config.services.phpfpm.pools.chloe_integration.socket}|fcgi://localhost"
</FilesMatch>
- <Directory ${webappdir}>
+ <Directory ${app.webRoot}>
DirectoryIndex index.php index.htm index.html
Options -Indexes +FollowSymLinks +MultiViews +Includes
- Include ${webappdir}/htaccess.txt
+ Include ${app.webRoot}/htaccess.txt
AllowOverride AuthConfig FileInfo Limit
Require all granted
</Directory>
- <DirectoryMatch "${webappdir}/squelettes">
+ <DirectoryMatch "${app.webRoot}/squelettes">
Require all denied
</DirectoryMatch>
varDir = "/var/lib/chloe_production";
};
cfg = config.myServices.websites.chloe.production;
- webappdir = config.services.websites.webappDirsPaths.chloe_production;
in {
options.myServices.websites.chloe.production.enable = lib.mkEnableOption "enable Chloe's website in production";
install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
- services.websites.webappDirs.chloe_production = app.webRoot;
services.websites.env.production.modules = [ "proxy_fcgi" ];
services.websites.env.production.vhostConfs.chloe = {
certName = "chloe";
certMainHost = "osteopathe-cc.fr";
hosts = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ];
- root = webappdir;
+ root = app.webRoot;
extraConfig = [
''
Use Stats osteopathe-cc.fr
SetHandler "proxy:unix:${config.services.phpfpm.pools.chloe_production.socket}|fcgi://localhost"
</FilesMatch>
- <Directory ${webappdir}>
+ <Directory ${app.webRoot}>
DirectoryIndex index.php index.htm index.html
Options -Indexes +FollowSymLinks +MultiViews +Includes
- Include ${webappdir}/htaccess.txt
+ Include ${app.webRoot}/htaccess.txt
AllowOverride AuthConfig FileInfo Limit
Require all granted
</Directory>
- <DirectoryMatch "${webappdir}/squelettes">
+ <DirectoryMatch "${app.webRoot}/squelettes">
Require all denied
</DirectoryMatch>
{ config, callPackage }:
callPackage ../tools/tools/adminer.nix {
- adminer = null;
forcePhpSocket = config.services.phpfpm.pools.adminer.socket;
}
certName = "integration";
addToCerts = true;
hosts = ["connexionswing.immae.eu" "sandetludo.immae.eu" ];
- root = pcfg.webappDirs.connexionswing_integration;
+ root = app.webRoot;
extraConfig = [
''
<FilesMatch "\.php$">
ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://connexionswing.com\"></html>"
</Location>
- <Directory ${pcfg.webappDirs.connexionswing_integration}>
+ <Directory ${app.webRoot}>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride None
Require all granted
certName = "connexionswing";
certMainHost = "connexionswing.com";
hosts = ["connexionswing.com" "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ];
- root = pcfg.webappDirs.connexionswing_production;
+ root = app.webRoot;
extraConfig = [
''
<FilesMatch "\.php$">
Use Stats connexionswing.com
- <Directory ${pcfg.webappDirs.connexionswing_production}>
+ <Directory ${app.webRoot}>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride All
Require all granted
{ lib, pkgs, config, ... }:
let
- www_root = "/run/current-system/webapps/_www";
- theme_root = "/run/current-system/webapps/_theme";
+ www_root = ./_www;
+ theme_root = pkgs.webapps.apache-theme.theme;
apacheConfig = {
cache = {
# This setting permits to ignore time-based cache for files in the
};
};
- services.websites.webappDirs = {
- _www = ./_www;
- _theme = pkgs.webapps.apache-theme.theme;
- };
myServices.websites = {
bakeer.cloud.enable = true;
capitaines.landing_pages.enable = true;
env = config.myEnv.websites.emilia;
varDir = "/var/lib/emilia_moodle";
siteDir = ./moodle;
- webappName = "emilia_moodle";
- webappdir = config.services.websites.webappDirsPaths.emilia_moodle;
# php_admin_value[upload_max_filesize] = 50000000
# php_admin_value[post_max_size] = 50000000
configFile = ''
system.activationScripts.emilia_moodle = ''
install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${varDir}
'';
- services.websites.webappDirs.emilia_moodle = siteDir;
services.websites.env.production.vhostConfs.emilia_moodle = {
certName = "emilia";
certMainHost = "saison-photo.org";
hosts = [ "saison-photo.org" "www.saison-photo.org" ];
- root = webappdir;
+ root = siteDir;
extraConfig = [
''
- <Directory ${webappdir}>
+ <Directory ${siteDir}>
DirectoryIndex pause.html
Options Indexes FollowSymLinks MultiViews Includes
Require all granted
certName = "integration";
addToCerts = true;
hosts = [ "app.tellesflorian.com" ];
- root = pcfg.webappDirs.florian_app;
+ root = app.webRoot;
extraConfig = [
''
<FilesMatch "\.php$">
ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://tellesflorian.com\"></html>"
</Location>
- <Directory ${pcfg.webappDirs.florian_app}>
+ <Directory ${app.webRoot}>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride None
Require all granted
certName = "integration";
addToCerts = true;
hosts = [ "dev.aten.pro" ];
- root = pcfg.webappDirs.isabelle_aten_integration;
+ root = app.webRoot;
extraConfig = [
''
<FilesMatch "\.php$">
ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://aten.pro\"></html>"
</Location>
- <Directory ${pcfg.webappDirs.isabelle_aten_integration}>
+ <Directory ${app.webRoot}>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride All
Require all granted
certName = "isabelle";
certMainHost = "aten.pro";
hosts = [ "aten.pro" "www.aten.pro" ];
- root = pcfg.webappDirs.isabelle_aten_production;
+ root = app.webRoot;
extraConfig = [
''
<FilesMatch "\.php$">
ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://aten.pro\"></html>"
</Location>
- <Directory ${pcfg.webappDirs.isabelle_aten_production}>
+ <Directory ${app.webRoot}>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride All
Require all granted
apacheUser = config.services.httpd.Prod.user;
apacheGroup = config.services.httpd.Prod.group;
- webappdir = config.services.websites.webappDirsPaths.isabelle_iridologie;
secretsPath = config.secrets.fullPaths."websites/isabelle/iridologie";
in {
options.myServices.websites.isabelle.iridologie.enable = lib.mkEnableOption "enable Iridologie's website";
install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions
'';
};
- services.websites.webappDirs.isabelle_iridologie = app.webRoot;
services.websites.env.production.modules = [ "proxy_fcgi" ];
services.websites.env.production.vhostConfs.isabelle_iridologie = {
certName = "isabelle";
addToCerts = true;
hosts = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ];
- root = webappdir;
+ root = app.webRoot;
extraConfig = [
''
RewriteEngine On
SetHandler "proxy:unix:${config.services.phpfpm.pools.isabelle_iridologie.socket}|fcgi://localhost"
</FilesMatch>
- <Directory ${webappdir}>
+ <Directory ${app.webRoot}>
DirectoryIndex index.php index.htm index.html
Options -Indexes +FollowSymLinks +MultiViews +Includes
- Include ${webappdir}/htaccess.txt
+ Include ${app.webRoot}/htaccess.txt
AllowOverride AuthConfig FileInfo Limit
Require all granted
</Directory>
- <DirectoryMatch "${webappdir}/squelettes">
+ <DirectoryMatch "${app.webRoot}/squelettes">
Require all denied
</DirectoryMatch>
certName = "integration";
addToCerts = true;
hosts = [ "ludivine.immae.eu" ];
- root = pcfg.webappDirs.ludivine_integration;
+ root = app.webRoot;
extraConfig = [
''
<FilesMatch "\.php$">
ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://ludivinecassal.com\"></html>"
</Location>
- <Directory ${pcfg.webappDirs.ludivine_integration}>
+ <Directory ${app.webRoot}>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride None
Require all granted
certName = "ludivine";
certMainHost = "ludivinecassal.com";
hosts = ["ludivinecassal.com" "www.ludivinecassal.com" ];
- root = pcfg.webappDirs.ludivine_production;
+ root = app.webRoot;
extraConfig = [
''
RewriteEngine on
Use Stats ludivinecassal.com
- <Directory ${pcfg.webappDirs.ludivine_production}>
+ <Directory ${app.webRoot}>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride All
Require all granted
{ lib, config, ... }:
let
cfg = config.myServices.websites.papa.maison_bbc;
- webappdirs = config.services.websites.webappDirsPaths;
in {
options.myServices.websites.papa.maison_bbc.enable = lib.mkEnableOption "enable Papa Maison bbc website";
config = lib.mkIf cfg.enable {
services.webstats.sites = [ { name = "maison.bbc.bouya.org"; } ];
- services.websites.webappDirs.papa_maison_bbc = ./maison_bbc_static;
services.websites.env.production.vhostConfs.papa_maison_bbc = {
certName = "papa";
addToCerts = true;
hosts = [ "maison.bbc.bouya.org" ];
- root = webappdirs.papa_maison_bbc;
+ root = ./maison_bbc_static;
extraConfig = [
''
ErrorDocument 404 /index.html
- <Directory ${webappdirs.papa_maison_bbc}>
+ <Directory ${./maison_bbc_static}>
DirectoryIndex index.htm index.html
AllowOverride None
Require all granted
certName = "integration";
addToCerts = true;
hosts = [ "piedsjaloux.immae.eu" ];
- root = pcfg.webappDirs.piedsjaloux_integration;
+ root = app.webRoot;
extraConfig = [
''
<FilesMatch "\.php$">
ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://piedsjaloux.fr\"></html>"
</Location>
- <Directory ${pcfg.webappDirs.piedsjaloux_integration}>
+ <Directory ${app.webRoot}>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride None
Require all granted
certName = "piedsjaloux";
certMainHost = "piedsjaloux.fr";
hosts = [ "piedsjaloux.fr" "www.piedsjaloux.fr" ];
- root = pcfg.webappDirs.piedsjaloux_production;
+ root = app.webRoot;
extraConfig = [
''
RewriteEngine on
Use Stats piedsjaloux.fr
- <Directory ${pcfg.webappDirs.piedsjaloux_production}>
+ <Directory ${app.webRoot}>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride All
Require all granted
sed -i "s@localedef --list-archive@localedef --list-archive /run/current-system/sw/lib/locale/locale-archive@" $out/admin/parametres.php
'';
};
- webappdir = config.services.websites.webappDirsPaths.richie_production;
secretPath = config.secrets.fullPaths."websites/richie/production";
apacheUser = config.services.httpd.Prod.user;
apacheGroup = config.services.httpd.Prod.group;
?>
'';
};
- services.websites.webappDirs.richie_production = richieSrc;
system.activationScripts.richie_production = {
deps = [ "httpd" ];
text = ''
addToCerts = true;
certMainHost = "europe-richie.org";
hosts = [ "europe-richie.org" "www.europe-richie.org" ];
- root = webappdir;
+ root = richieSrc;
extraConfig = [
''
Use Stats europe-richie.org
<LocationMatch "^/files/.*/admin/">
Require all denied
</LocationMatch>
- <Directory ${webappdir}>
+ <Directory ${richieSrc}>
DirectoryIndex index.php index.htm index.html
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride None
]);
env = config.myEnv.tools.nextcloud;
varDir = "/var/lib/nextcloud";
- webappName = "tools_nextcloud";
- apacheRoot = "/run/current-system/webapps/${webappName}";
cfg = config.myServices.websites.tools.cloud;
phpFpm = rec {
basedir = builtins.concatStringsSep ":" ([ nextcloud varDir ] ++ nextcloud.apps);
certName = "eldiron";
addToCerts = true;
hosts = ["cloud.immae.eu" ];
- root = apacheRoot;
+ root = nextcloud;
extraConfig = [
''
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
- <Directory ${apacheRoot}>
+ <Directory ${nextcloud}>
AcceptPathInfo On
DirectoryIndex index.php
Options FollowSymlinks
#install -D -m 0600 -o wwwrun -g wwwrun -T ${config.secrets.fullPaths."webapps/tools-nextcloud"} ${varDir}/config/config.php
'';
};
- # FIXME: add a warning when config.php changes
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${nextcloud} $out/webapps/${webappName}
- '';
services.phpfpm.pools.nextcloud = {
user = "wwwrun";
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_davical";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /davical "${root}"
Alias /caldav.php "${root}/caldav.php"
{ lib, pkgs, config, ... }:
let
infcloud = rec {
- webappName = "tools_infcloud";
- root = "/run/current-system/webapps/${webappName}";
+ root = pkgs.webapps.infcloud;
vhostConf = ''
Alias /carddavmate ${root}
Alias /caldavzap ${root}
certName = "eldiron";
addToCerts = true;
hosts = ["dav.immae.eu" ];
- root = "/run/current-system/webapps/_dav";
+ root = ./www;
extraConfig = [
infcloud.vhostConf
(davical.apache.vhostConf config.services.phpfpm.pools.davical.socket)
phpPackage = pkgs.php72;
};
};
-
- services.websites.webappDirs._dav = ./www;
- services.websites.webappDirs."${davical.apache.webappName}" = davical.webRoot;
- services.websites.webappDirs."${infcloud.webappName}" = pkgs.webapps.infcloud;
};
}
{ lib, pkgs, config, ... }:
let
env = config.myEnv.tools.diaspora;
- root = "/run/current-system/webapps/tools_diaspora";
+ root = "${dcfg.workdir}/public/";
cfg = config.myServices.websites.tools.diaspora;
dcfg = config.services.diaspora;
in {
services.websites.env.tools.modules = [
"headers" "proxy" "proxy_http"
];
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${dcfg.workdir}/public/ $out/webapps/tools_diaspora
- '';
services.websites.env.tools.vhostConfs.diaspora = {
certName = "eldiron";
addToCerts = true;
services.websites.env.tools.modules =
gitweb.apache.modules ++
mantisbt.apache.modules;
- services.websites.webappDirs."${gitweb.apache.webappName}" = gitweb.webRoot;
- services.websites.webappDirs."${mantisbt.apache.webappName}" = mantisbt.webRoot;
system.activationScripts.mantisbt = mantisbt.activationScript;
services.websites.env.tools.vhostConfs.git = {
{ gitweb, writeText, stdenv, coreutils, writeScript, gitolite, git, cgit, gitoliteDir, mailcap, highlight }:
rec {
varDir = gitoliteDir;
- webRoot = gitweb;
config = writeText "gitweb.conf" ''
$git_temp = "/tmp";
user = "wwwrun";
group = "wwwrun";
modules = [ "cgid" ];
- webappName = "tools_gitweb";
- root = "/run/current-system/webapps/${webappName}";
+ root = gitweb;
vhostConf = ''
SetEnv GIT_PROJECT_ROOT ${varDir}/repositories/
ScriptAliasMatch \
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_mantisbt";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /mantisbt "${root}"
<Directory "${root}">
certName = "mail";
addToCerts = true;
hosts = ["mail.immae.eu"];
- root = "/run/current-system/webapps/_mail";
+ root = ./www;
extraConfig = [
(rainloop.apache.vhostConf pcfg.rainloop.socket)
(roundcubemail.apache.vhostConf pcfg.roundcubemail.socket)
''
- <Directory /run/current-system/webapps/_mail>
+ <Directory ${./www}>
Require all granted
Options -Indexes
</Directory>
roundcubemail = roundcubemail.activationScript;
rainloop = rainloop.activationScript;
};
-
- services.websites.webappDirs = {
- _mail = ./www;
- "${roundcubemail.apache.webappName}" = roundcubemail.webRoot;
- "${rainloop.apache.webappName}" = rainloop.webRoot;
- };
-
};
}
in
{
config = lib.mkIf cfg.enable {
- services.websites.webappDirs = {
- _mta-sts = root;
- };
-
services.websites.env.tools.vhostConfs.mta_sts = {
certName = "mail";
addToCerts = true;
hosts = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.domain}") domains;
- root = "/run/current-system/webapps/_mta-sts";
+ root = root;
extraConfig = [
''
RewriteEngine on
RewriteCond %{HTTP_HOST} ^mta-sts.(.*)$
RewriteRule ^/.well-known/mta-sts.txt$ %{DOCUMENT_ROOT}/%1.txt [L]
- <Directory /run/current-system/webapps/_mta-sts>
+ <Directory ${root}>
Require all granted
Options -Indexes
</Directory>
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_rainloop";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /rainloop "${root}"
<Directory "${root}">
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_roundcubemail";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /roundcube "${root}"
<Directory "${root}">
{ lib, pkgs, config, ... }:
let
env = config.myEnv.tools.mastodon;
- root = "/run/current-system/webapps/tools_mastodon";
+ root = "${mcfg.workdir}/public/";
cfg = config.myServices.websites.tools.mastodon;
mcfg = config.services.mastodon;
in {
services.websites.env.tools.modules = [
"headers" "proxy" "proxy_wstunnel" "proxy_http"
];
- system.extraSystemBuilderCmds = ''
- mkdir -p $out/webapps
- ln -s ${mcfg.workdir}/public/ $out/webapps/tools_mastodon
- '';
services.websites.env.tools.vhostConfs.mastodon = {
certName = "eldiron";
addToCerts = true;
-{ adminer, php74, myPhpPackages, lib, forcePhpSocket ? null }:
+{ webapps, php74, myPhpPackages, lib, forcePhpSocket ? null }:
rec {
activationScript = {
deps = [ "httpd" ];
install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/adminer
'';
};
- webRoot = adminer;
+ webRoot = webapps.adminer;
phpFpm = rec {
user = apache.user;
group = apache.group;
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "_adminer";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
- Alias /adminer ${root}
- <Directory ${root}>
+ Alias /adminer ${webRoot}
+ <Directory ${webRoot}>
DirectoryIndex index.php
<FilesMatch "\.php$">
SetHandler "proxy:unix:${if forcePhpSocket != null then forcePhpSocket else socket}|fcgi://localhost"
let
flakeCompat = import ../../../../../lib/flake-compat.nix;
- adminer = pkgs.callPackage ./adminer.nix {
- inherit (pkgs.webapps) adminer;
- };
+ adminer = pkgs.callPackage ./adminer.nix {};
ympd = pkgs.callPackage ./ympd.nix {
env = config.myEnv.tools.ympd;
};
ldap = ldap.activationScript;
};
- services.websites.webappDirs = {
- _adminer = adminer.webRoot;
- "${dmarc-reports.apache.webappName}" = dmarc-reports.webRoot;
- "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
- "${phpbb.apache.webappName}" = phpbb.webRoot;
- "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
- "${rompr.apache.webappName}" = rompr.webRoot;
- "${shaarli.apache.webappName}" = shaarli.webRoot;
- "${ttrss.apache.webappName}" = ttrss.webRoot;
- "${wallabag.apache.webappName}" = wallabag.webRoot;
- "${yourls.apache.webappName}" = yourls.webRoot;
- "${kanboard.apache.webappName}" = kanboard.webRoot;
- "${grocy.apache.webappName}" = grocy.webRoot;
- };
-
services.websites.env.tools.watchPaths = [
config.secrets.fullPaths."webapps/tools-shaarli"
];
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_dmarc_reports";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /dmarc-reports "${root}"
<Directory "${root}">
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_dokuwiki";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /dokuwiki "${root}"
<Directory "${root}">
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_grocy";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /grocy "${root}"
<Directory "${root}">
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_kanboard";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /kanboard "${root}"
<Directory "${root}">
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_ldap";
- root = "/run/current-system/webapps/${webappName}";
+ root = "${webRoot}/htdocs";
vhostConf = socket: ''
Alias /ldap "${root}"
<Directory "${root}">
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_phpbb";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /forum "${root}"
<Directory "${root}">
user = "wwwrun";
group = "wwwrun";
modules = [ "headers" "mime" "proxy_fcgi" ];
- webappName = "tools_rompr";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /rompr ${root}
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" "rewrite" "env" ];
- webappName = "tools_shaarli";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /Shaarli "${root}"
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_ttrss";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /ttrss "${root}"
<Directory "${root}">
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_wallabag";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /wallabag "${root}"
<Directory "${root}">
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
- webappName = "tools_yourls";
- root = "/run/current-system/webapps/${webappName}";
+ root = webRoot;
vhostConf = socket: ''
Alias /url "${root}"
<Directory "${root}">
certName = "eldiron";
addToCerts = true;
hosts = [ "vpn.immae.eu" ];
- root = "/run/current-system/webapps/_vpn";
+ root = ./www;
};
-
- services.websites.webappDirs._vpn = ./www;
};
}
certs = mkOption {
description = "Default websites configuration for certificates as accepted by acme";
};
- webappDirs = mkOption {
- description = ''
- Defines a symlink between /run/current-system/webapps and a store
- app directory to be used in http configuration. Permits to avoid
- restarting httpd when only the folder name changes.
- '';
- type = types.attrsOf types.path;
- default = {};
- };
- webappDirsName = mkOption {
- type = str;
- default = "webapps";
- description = ''
- Name of the webapp dir to create in /run/current-system
- '';
- };
env = mkOption {
default = {};
description = "Each type of website to enable will target a distinct httpd server";
};
});
};
- # Readonly variables
- webappDirsPaths = mkOption {
- type = attrsOf path;
- readOnly = true;
- description = ''
- Full paths of the webapp dir
- '';
- default = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
- name "/run/current-system/${cfg.webappDirsName}/${name}"
- ) cfg.webappDirs;
- };
};
config.services.httpd = let
}
) groupedCerts;
- config.system.extraSystemBuilderCmds = lib.mkIf (builtins.length (builtins.attrValues cfg.webappDirs) > 0) ''
- mkdir -p $out/${cfg.webappDirsName}
- ${builtins.concatStringsSep "\n"
- (attrsets.mapAttrsToList
- (name: path: "ln -s ${path} $out/${cfg.webappDirsName}/${name}") cfg.webappDirs)
- }
- '';
-
config.systemd.services = let
package = httpdName: config.services.httpd.${httpdName}.package.out;
cfgFile = httpdName: config.services.httpd.${httpdName}.configFile;
Path to application root
'';
};
- webappName = mkOption {
- type = nullOr str;
- default = null;
- description = ''
- Alias name for the app, to be used in services.websites.webappDirs
- '';
- };
webRoot = mkOption {
type = nullOr path;
description = ''
Full paths to listen for php
'';
};
- services.phpApplication.webappDirs = mkOption {
- type = attrsOf path;
- default = attrsets.filterAttrs (n: v: builtins.hasAttr n cfg.apps) config.services.websites.webappDirsPaths;
- readOnly = true;
- description = ''
- Stable name webapp dirs for httpd
- '';
- };
};
config = {
}
) cfg.apps;
- services.websites.webappDirs = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
- (if icfg.webappName == null then name else icfg.webappName) icfg.webRoot
- ) (attrsets.filterAttrs (n: v: !isNull v.webRoot) cfg.apps);
-
services.filesWatcher = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair
"phpfpm-${name}" {
restart = true;
projects / perso / Immae / Config / Nix.git / commitdiff
