From: Ismaƫl Bouya Date: Fri, 22 Oct 2021 18:07:14 +0000 (+0200) Subject: Remove webappdirs X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=750fe5a43b957b91a26069cf8a4fe19fc7b2633c;p=perso%2FImmae%2FConfig%2FNix.git Remove webappdirs --- diff --git a/modules/private/tasks/default.nix b/modules/private/tasks/default.nix index ac2aa21..26112dd 100644 --- a/modules/private/tasks/default.nix +++ b/modules/private/tasks/default.nix @@ -165,9 +165,9 @@ in { certName = "eldiron"; addToCerts = true; hosts = [ "task.immae.eu" ]; - root = "/run/current-system/webapps/_task"; + root = ./www; extraConfig = [ '' - + DirectoryIndex index.php Use LDAPConnect Require ldap-group cn=users,cn=taskwarrior,ou=services,dc=immae,dc=eu @@ -243,8 +243,6 @@ in { }; }; - services.websites.webappDirs._task = ./www; - security.acme.certs."task" = config.myServices.certificates.certConfig // { inherit user group; domain = fqdn; diff --git a/modules/private/websites/capitaines/landing_pages.nix b/modules/private/websites/capitaines/landing_pages.nix index b94a398..edba8b9 100644 --- a/modules/private/websites/capitaines/landing_pages.nix +++ b/modules/private/websites/capitaines/landing_pages.nix @@ -1,23 +1,21 @@ { lib, config, ... }: let cfg = config.myServices.websites.capitaines.landing_pages; - webappdirs = config.services.websites.webappDirsPaths; certName = "capitaines"; domain = "capitaines.fr"; in { options.myServices.websites.capitaines.landing_pages.enable = lib.mkEnableOption "enable Capitaines's landing pages"; config = lib.mkIf cfg.enable { - services.websites.webappDirs.capitaines_mastodon = ./mastodon_static; services.websites.env.production.vhostConfs.capitaines_mastodon = rec { inherit certName; certMainHost = "mastodon.${domain}"; hosts = [ certMainHost ]; - root = webappdirs.capitaines_mastodon; + root = ./mastodon_static; extraConfig = [ '' ErrorDocument 404 /index.html - + DirectoryIndex index.html Options Indexes FollowSymLinks MultiViews Includes Require all granted @@ -26,16 +24,15 @@ in { ]; }; - services.websites.webappDirs.capitaines_discourse = ./discourse_static; services.websites.env.production.vhostConfs.capitaines_discourse = { inherit certName; addToCerts = true; hosts = [ "discourse.${domain}" ]; - root = webappdirs.capitaines_discourse; + root = ./discourse_static; extraConfig = [ '' ErrorDocument 404 /index.html - + DirectoryIndex index.html Options Indexes FollowSymLinks MultiViews Includes Require all granted @@ -48,9 +45,9 @@ in { inherit certName; addToCerts = true; hosts = [ domain ]; - root = webappdirs._www; + root = ../_www; extraConfig = [ '' - + DirectoryIndex index.htm Require all granted diff --git a/modules/private/websites/chloe/integration.nix b/modules/private/websites/chloe/integration.nix index c4b79f8..7ed3852 100644 --- a/modules/private/websites/chloe/integration.nix +++ b/modules/private/websites/chloe/integration.nix @@ -9,7 +9,6 @@ let varDir = "/var/lib/chloe_integration"; }; cfg = config.myServices.websites.chloe.integration; - webappdir = config.services.websites.webappDirsPaths.chloe_integration; in { options.myServices.websites.chloe.integration.enable = lib.mkEnableOption "enable Chloe's website in integration"; @@ -61,13 +60,12 @@ in { install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions ''; }; - services.websites.webappDirs.chloe_integration = app.webRoot; services.websites.env.integration.modules = [ "proxy_fcgi" ]; services.websites.env.integration.vhostConfs.chloe_integration = { certName = "integration"; addToCerts = true; hosts = ["chloe.immae.eu" ]; - root = webappdir; + root = app.webRoot; extraConfig = [ '' Include ${config.secrets.fullPaths."websites/chloe/integration"} @@ -78,16 +76,16 @@ in { SetHandler "proxy:unix:${config.services.phpfpm.pools.chloe_integration.socket}|fcgi://localhost" - + DirectoryIndex index.php index.htm index.html Options -Indexes +FollowSymLinks +MultiViews +Includes - Include ${webappdir}/htaccess.txt + Include ${app.webRoot}/htaccess.txt AllowOverride AuthConfig FileInfo Limit Require all granted - + Require all denied diff --git a/modules/private/websites/chloe/production.nix b/modules/private/websites/chloe/production.nix index 92ae05b..c3a5732 100644 --- a/modules/private/websites/chloe/production.nix +++ b/modules/private/websites/chloe/production.nix @@ -9,7 +9,6 @@ let varDir = "/var/lib/chloe_production"; }; cfg = config.myServices.websites.chloe.production; - webappdir = config.services.websites.webappDirsPaths.chloe_production; in { options.myServices.websites.chloe.production.enable = lib.mkEnableOption "enable Chloe's website in production"; @@ -66,13 +65,12 @@ in { install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions ''; }; - services.websites.webappDirs.chloe_production = app.webRoot; services.websites.env.production.modules = [ "proxy_fcgi" ]; services.websites.env.production.vhostConfs.chloe = { certName = "chloe"; certMainHost = "osteopathe-cc.fr"; hosts = ["osteopathe-cc.fr" "www.osteopathe-cc.fr" ]; - root = webappdir; + root = app.webRoot; extraConfig = [ '' Use Stats osteopathe-cc.fr @@ -90,16 +88,16 @@ in { SetHandler "proxy:unix:${config.services.phpfpm.pools.chloe_production.socket}|fcgi://localhost" - + DirectoryIndex index.php index.htm index.html Options -Indexes +FollowSymLinks +MultiViews +Includes - Include ${webappdir}/htaccess.txt + Include ${app.webRoot}/htaccess.txt AllowOverride AuthConfig FileInfo Limit Require all granted - + Require all denied diff --git a/modules/private/websites/commons/adminer.nix b/modules/private/websites/commons/adminer.nix index 1803468..eae6a9a 100644 --- a/modules/private/websites/commons/adminer.nix +++ b/modules/private/websites/commons/adminer.nix @@ -1,5 +1,4 @@ { config, callPackage }: callPackage ../tools/tools/adminer.nix { - adminer = null; forcePhpSocket = config.services.phpfpm.pools.adminer.socket; } diff --git a/modules/private/websites/connexionswing/integration.nix b/modules/private/websites/connexionswing/integration.nix index 1b3587a..93cda00 100644 --- a/modules/private/websites/connexionswing/integration.nix +++ b/modules/private/websites/connexionswing/integration.nix @@ -74,7 +74,7 @@ in { certName = "integration"; addToCerts = true; hosts = ["connexionswing.immae.eu" "sandetludo.immae.eu" ]; - root = pcfg.webappDirs.connexionswing_integration; + root = app.webRoot; extraConfig = [ '' @@ -99,7 +99,7 @@ in { ErrorDocument 401 "" - + Options Indexes FollowSymLinks MultiViews Includes AllowOverride None Require all granted diff --git a/modules/private/websites/connexionswing/production.nix b/modules/private/websites/connexionswing/production.nix index 981e95e..144093a 100644 --- a/modules/private/websites/connexionswing/production.nix +++ b/modules/private/websites/connexionswing/production.nix @@ -79,7 +79,7 @@ in { certName = "connexionswing"; certMainHost = "connexionswing.com"; hosts = ["connexionswing.com" "sandetludo.com" "www.connexionswing.com" "www.sandetludo.com" ]; - root = pcfg.webappDirs.connexionswing_production; + root = app.webRoot; extraConfig = [ '' @@ -100,7 +100,7 @@ in { Use Stats connexionswing.com - + Options Indexes FollowSymLinks MultiViews Includes AllowOverride All Require all granted diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix index e819324..08c9d79 100644 --- a/modules/private/websites/default.nix +++ b/modules/private/websites/default.nix @@ -1,7 +1,7 @@ { lib, pkgs, config, ... }: let - www_root = "/run/current-system/webapps/_www"; - theme_root = "/run/current-system/webapps/_theme"; + www_root = ./_www; + theme_root = pkgs.webapps.apache-theme.theme; apacheConfig = { cache = { # This setting permits to ignore time-based cache for files in the @@ -216,10 +216,6 @@ in }; }; - services.websites.webappDirs = { - _www = ./_www; - _theme = pkgs.webapps.apache-theme.theme; - }; myServices.websites = { bakeer.cloud.enable = true; capitaines.landing_pages.enable = true; diff --git a/modules/private/websites/emilia/moodle.nix b/modules/private/websites/emilia/moodle.nix index d49faf5..f943502 100644 --- a/modules/private/websites/emilia/moodle.nix +++ b/modules/private/websites/emilia/moodle.nix @@ -4,8 +4,6 @@ let env = config.myEnv.websites.emilia; varDir = "/var/lib/emilia_moodle"; siteDir = ./moodle; - webappName = "emilia_moodle"; - webappdir = config.services.websites.webappDirsPaths.emilia_moodle; # php_admin_value[upload_max_filesize] = 50000000 # php_admin_value[post_max_size] = 50000000 configFile = '' @@ -49,15 +47,14 @@ in { system.activationScripts.emilia_moodle = '' install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d ${varDir} ''; - services.websites.webappDirs.emilia_moodle = siteDir; services.websites.env.production.vhostConfs.emilia_moodle = { certName = "emilia"; certMainHost = "saison-photo.org"; hosts = [ "saison-photo.org" "www.saison-photo.org" ]; - root = webappdir; + root = siteDir; extraConfig = [ '' - + DirectoryIndex pause.html Options Indexes FollowSymLinks MultiViews Includes Require all granted diff --git a/modules/private/websites/florian/app.nix b/modules/private/websites/florian/app.nix index 87e622a..5e6255c 100644 --- a/modules/private/websites/florian/app.nix +++ b/modules/private/websites/florian/app.nix @@ -81,7 +81,7 @@ in { certName = "integration"; addToCerts = true; hosts = [ "app.tellesflorian.com" ]; - root = pcfg.webappDirs.florian_app; + root = app.webRoot; extraConfig = [ '' @@ -99,7 +99,7 @@ in { ErrorDocument 401 "" - + Options Indexes FollowSymLinks MultiViews Includes AllowOverride None Require all granted diff --git a/modules/private/websites/isabelle/aten_integration.nix b/modules/private/websites/isabelle/aten_integration.nix index 899ee66..7e0aaf7 100644 --- a/modules/private/websites/isabelle/aten_integration.nix +++ b/modules/private/websites/isabelle/aten_integration.nix @@ -60,7 +60,7 @@ in { certName = "integration"; addToCerts = true; hosts = [ "dev.aten.pro" ]; - root = pcfg.webappDirs.isabelle_aten_integration; + root = app.webRoot; extraConfig = [ '' @@ -81,7 +81,7 @@ in { ErrorDocument 401 "" - + Options Indexes FollowSymLinks MultiViews Includes AllowOverride All Require all granted diff --git a/modules/private/websites/isabelle/aten_production.nix b/modules/private/websites/isabelle/aten_production.nix index b8d12b9..6a04710 100644 --- a/modules/private/websites/isabelle/aten_production.nix +++ b/modules/private/websites/isabelle/aten_production.nix @@ -61,7 +61,7 @@ in { certName = "isabelle"; certMainHost = "aten.pro"; hosts = [ "aten.pro" "www.aten.pro" ]; - root = pcfg.webappDirs.isabelle_aten_production; + root = app.webRoot; extraConfig = [ '' @@ -78,7 +78,7 @@ in { ErrorDocument 401 "" - + Options Indexes FollowSymLinks MultiViews Includes AllowOverride All Require all granted diff --git a/modules/private/websites/isabelle/iridologie.nix b/modules/private/websites/isabelle/iridologie.nix index decda36..88521fc 100644 --- a/modules/private/websites/isabelle/iridologie.nix +++ b/modules/private/websites/isabelle/iridologie.nix @@ -10,7 +10,6 @@ let apacheUser = config.services.httpd.Prod.user; apacheGroup = config.services.httpd.Prod.group; - webappdir = config.services.websites.webappDirsPaths.isabelle_iridologie; secretsPath = config.secrets.fullPaths."websites/isabelle/iridologie"; in { options.myServices.websites.isabelle.iridologie.enable = lib.mkEnableOption "enable Iridologie's website"; @@ -68,13 +67,12 @@ in { install -m 0750 -o ${apacheUser} -g ${apacheGroup} -d ${app.varDir}/phpSessions ''; }; - services.websites.webappDirs.isabelle_iridologie = app.webRoot; services.websites.env.production.modules = [ "proxy_fcgi" ]; services.websites.env.production.vhostConfs.isabelle_iridologie = { certName = "isabelle"; addToCerts = true; hosts = [ "iridologie.icommandeur.org" "icommandeur.org" "www.icommandeur.org" ]; - root = webappdir; + root = app.webRoot; extraConfig = [ '' RewriteEngine On @@ -89,16 +87,16 @@ in { SetHandler "proxy:unix:${config.services.phpfpm.pools.isabelle_iridologie.socket}|fcgi://localhost" - + DirectoryIndex index.php index.htm index.html Options -Indexes +FollowSymLinks +MultiViews +Includes - Include ${webappdir}/htaccess.txt + Include ${app.webRoot}/htaccess.txt AllowOverride AuthConfig FileInfo Limit Require all granted - + Require all denied diff --git a/modules/private/websites/ludivine/integration.nix b/modules/private/websites/ludivine/integration.nix index cfef385..99c9acf 100644 --- a/modules/private/websites/ludivine/integration.nix +++ b/modules/private/websites/ludivine/integration.nix @@ -90,7 +90,7 @@ in { certName = "integration"; addToCerts = true; hosts = [ "ludivine.immae.eu" ]; - root = pcfg.webappDirs.ludivine_integration; + root = app.webRoot; extraConfig = [ '' @@ -103,7 +103,7 @@ in { ErrorDocument 401 "" - + Options Indexes FollowSymLinks MultiViews Includes AllowOverride None Require all granted diff --git a/modules/private/websites/ludivine/production.nix b/modules/private/websites/ludivine/production.nix index 73b63a2..09bb3dc 100644 --- a/modules/private/websites/ludivine/production.nix +++ b/modules/private/websites/ludivine/production.nix @@ -93,7 +93,7 @@ in { certName = "ludivine"; certMainHost = "ludivinecassal.com"; hosts = ["ludivinecassal.com" "www.ludivinecassal.com" ]; - root = pcfg.webappDirs.ludivine_production; + root = app.webRoot; extraConfig = [ '' RewriteEngine on @@ -106,7 +106,7 @@ in { Use Stats ludivinecassal.com - + Options Indexes FollowSymLinks MultiViews Includes AllowOverride All Require all granted diff --git a/modules/private/websites/papa/maison_bbc.nix b/modules/private/websites/papa/maison_bbc.nix index 528c832..3eb736e 100644 --- a/modules/private/websites/papa/maison_bbc.nix +++ b/modules/private/websites/papa/maison_bbc.nix @@ -1,23 +1,21 @@ { lib, config, ... }: let cfg = config.myServices.websites.papa.maison_bbc; - webappdirs = config.services.websites.webappDirsPaths; in { options.myServices.websites.papa.maison_bbc.enable = lib.mkEnableOption "enable Papa Maison bbc website"; config = lib.mkIf cfg.enable { services.webstats.sites = [ { name = "maison.bbc.bouya.org"; } ]; - services.websites.webappDirs.papa_maison_bbc = ./maison_bbc_static; services.websites.env.production.vhostConfs.papa_maison_bbc = { certName = "papa"; addToCerts = true; hosts = [ "maison.bbc.bouya.org" ]; - root = webappdirs.papa_maison_bbc; + root = ./maison_bbc_static; extraConfig = [ '' ErrorDocument 404 /index.html - + DirectoryIndex index.htm index.html AllowOverride None Require all granted diff --git a/modules/private/websites/piedsjaloux/integration.nix b/modules/private/websites/piedsjaloux/integration.nix index f501eba..437b127 100644 --- a/modules/private/websites/piedsjaloux/integration.nix +++ b/modules/private/websites/piedsjaloux/integration.nix @@ -80,7 +80,7 @@ in { certName = "integration"; addToCerts = true; hosts = [ "piedsjaloux.immae.eu" ]; - root = pcfg.webappDirs.piedsjaloux_integration; + root = app.webRoot; extraConfig = [ '' @@ -93,7 +93,7 @@ in { ErrorDocument 401 "" - + Options Indexes FollowSymLinks MultiViews Includes AllowOverride None Require all granted diff --git a/modules/private/websites/piedsjaloux/production.nix b/modules/private/websites/piedsjaloux/production.nix index fed5a0f..118846d 100644 --- a/modules/private/websites/piedsjaloux/production.nix +++ b/modules/private/websites/piedsjaloux/production.nix @@ -83,7 +83,7 @@ in { certName = "piedsjaloux"; certMainHost = "piedsjaloux.fr"; hosts = [ "piedsjaloux.fr" "www.piedsjaloux.fr" ]; - root = pcfg.webappDirs.piedsjaloux_production; + root = app.webRoot; extraConfig = [ '' RewriteEngine on @@ -96,7 +96,7 @@ in { Use Stats piedsjaloux.fr - + Options Indexes FollowSymLinks MultiViews Includes AllowOverride All Require all granted diff --git a/modules/private/websites/richie/production.nix b/modules/private/websites/richie/production.nix index 3efa9f0..e95df30 100644 --- a/modules/private/websites/richie/production.nix +++ b/modules/private/websites/richie/production.nix @@ -17,7 +17,6 @@ let sed -i "s@localedef --list-archive@localedef --list-archive /run/current-system/sw/lib/locale/locale-archive@" $out/admin/parametres.php ''; }; - webappdir = config.services.websites.webappDirsPaths.richie_production; secretPath = config.secrets.fullPaths."websites/richie/production"; apacheUser = config.services.httpd.Prod.user; apacheGroup = config.services.httpd.Prod.group; @@ -48,7 +47,6 @@ in ?> ''; }; - services.websites.webappDirs.richie_production = richieSrc; system.activationScripts.richie_production = { deps = [ "httpd" ]; text = '' @@ -85,7 +83,7 @@ in addToCerts = true; certMainHost = "europe-richie.org"; hosts = [ "europe-richie.org" "www.europe-richie.org" ]; - root = webappdir; + root = richieSrc; extraConfig = [ '' Use Stats europe-richie.org @@ -93,7 +91,7 @@ in Require all denied - + DirectoryIndex index.php index.htm index.html Options Indexes FollowSymLinks MultiViews Includes AllowOverride None diff --git a/modules/private/websites/tools/cloud/default.nix b/modules/private/websites/tools/cloud/default.nix index fc0aae6..44163de 100644 --- a/modules/private/websites/tools/cloud/default.nix +++ b/modules/private/websites/tools/cloud/default.nix @@ -8,8 +8,6 @@ let ]); env = config.myEnv.tools.nextcloud; varDir = "/var/lib/nextcloud"; - webappName = "tools_nextcloud"; - apacheRoot = "/run/current-system/webapps/${webappName}"; cfg = config.myServices.websites.tools.cloud; phpFpm = rec { basedir = builtins.concatStringsSep ":" ([ nextcloud varDir ] ++ nextcloud.apps); @@ -49,11 +47,11 @@ in { certName = "eldiron"; addToCerts = true; hosts = ["cloud.immae.eu" ]; - root = apacheRoot; + root = nextcloud; extraConfig = [ '' SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 - + AcceptPathInfo On DirectoryIndex index.php Options FollowSymlinks @@ -159,11 +157,6 @@ in { #install -D -m 0600 -o wwwrun -g wwwrun -T ${config.secrets.fullPaths."webapps/tools-nextcloud"} ${varDir}/config/config.php ''; }; - # FIXME: add a warning when config.php changes - system.extraSystemBuilderCmds = '' - mkdir -p $out/webapps - ln -s ${nextcloud} $out/webapps/${webappName} - ''; services.phpfpm.pools.nextcloud = { user = "wwwrun"; diff --git a/modules/private/websites/tools/dav/davical.nix b/modules/private/websites/tools/dav/davical.nix index 9e4056a..bc5ecf6 100644 --- a/modules/private/websites/tools/dav/davical.nix +++ b/modules/private/websites/tools/dav/davical.nix @@ -70,8 +70,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_davical"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /davical "${root}" Alias /caldav.php "${root}/caldav.php" diff --git a/modules/private/websites/tools/dav/default.nix b/modules/private/websites/tools/dav/default.nix index c54e152..b3aa03d 100644 --- a/modules/private/websites/tools/dav/default.nix +++ b/modules/private/websites/tools/dav/default.nix @@ -1,8 +1,7 @@ { lib, pkgs, config, ... }: let infcloud = rec { - webappName = "tools_infcloud"; - root = "/run/current-system/webapps/${webappName}"; + root = pkgs.webapps.infcloud; vhostConf = '' Alias /carddavmate ${root} Alias /caldavzap ${root} @@ -36,7 +35,7 @@ in { certName = "eldiron"; addToCerts = true; hosts = ["dav.immae.eu" ]; - root = "/run/current-system/webapps/_dav"; + root = ./www; extraConfig = [ infcloud.vhostConf (davical.apache.vhostConf config.services.phpfpm.pools.davical.socket) @@ -51,10 +50,6 @@ in { phpPackage = pkgs.php72; }; }; - - services.websites.webappDirs._dav = ./www; - services.websites.webappDirs."${davical.apache.webappName}" = davical.webRoot; - services.websites.webappDirs."${infcloud.webappName}" = pkgs.webapps.infcloud; }; } diff --git a/modules/private/websites/tools/diaspora/default.nix b/modules/private/websites/tools/diaspora/default.nix index 9119ead..9afd5b9 100644 --- a/modules/private/websites/tools/diaspora/default.nix +++ b/modules/private/websites/tools/diaspora/default.nix @@ -1,7 +1,7 @@ { lib, pkgs, config, ... }: let env = config.myEnv.tools.diaspora; - root = "/run/current-system/webapps/tools_diaspora"; + root = "${dcfg.workdir}/public/"; cfg = config.myServices.websites.tools.diaspora; dcfg = config.services.diaspora; in { @@ -160,10 +160,6 @@ in { services.websites.env.tools.modules = [ "headers" "proxy" "proxy_http" ]; - system.extraSystemBuilderCmds = '' - mkdir -p $out/webapps - ln -s ${dcfg.workdir}/public/ $out/webapps/tools_diaspora - ''; services.websites.env.tools.vhostConfs.diaspora = { certName = "eldiron"; addToCerts = true; diff --git a/modules/private/websites/tools/git/default.nix b/modules/private/websites/tools/git/default.nix index 755bab0..8f611ee 100644 --- a/modules/private/websites/tools/git/default.nix +++ b/modules/private/websites/tools/git/default.nix @@ -20,8 +20,6 @@ in { services.websites.env.tools.modules = gitweb.apache.modules ++ mantisbt.apache.modules; - services.websites.webappDirs."${gitweb.apache.webappName}" = gitweb.webRoot; - services.websites.webappDirs."${mantisbt.apache.webappName}" = mantisbt.webRoot; system.activationScripts.mantisbt = mantisbt.activationScript; services.websites.env.tools.vhostConfs.git = { diff --git a/modules/private/websites/tools/git/gitweb.nix b/modules/private/websites/tools/git/gitweb.nix index dab0c9e..ff34da5 100644 --- a/modules/private/websites/tools/git/gitweb.nix +++ b/modules/private/websites/tools/git/gitweb.nix @@ -1,7 +1,6 @@ { gitweb, writeText, stdenv, coreutils, writeScript, gitolite, git, cgit, gitoliteDir, mailcap, highlight }: rec { varDir = gitoliteDir; - webRoot = gitweb; config = writeText "gitweb.conf" '' $git_temp = "/tmp"; @@ -77,8 +76,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "cgid" ]; - webappName = "tools_gitweb"; - root = "/run/current-system/webapps/${webappName}"; + root = gitweb; vhostConf = '' SetEnv GIT_PROJECT_ROOT ${varDir}/repositories/ ScriptAliasMatch \ diff --git a/modules/private/websites/tools/git/mantisbt.nix b/modules/private/websites/tools/git/mantisbt.nix index 033a651..2ef76af 100644 --- a/modules/private/websites/tools/git/mantisbt.nix +++ b/modules/private/websites/tools/git/mantisbt.nix @@ -50,8 +50,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_mantisbt"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /mantisbt "${root}" diff --git a/modules/private/websites/tools/mail/default.nix b/modules/private/websites/tools/mail/default.nix index 033a587..7bc3d2d 100644 --- a/modules/private/websites/tools/mail/default.nix +++ b/modules/private/websites/tools/mail/default.nix @@ -36,12 +36,12 @@ in certName = "mail"; addToCerts = true; hosts = ["mail.immae.eu"]; - root = "/run/current-system/webapps/_mail"; + root = ./www; extraConfig = [ (rainloop.apache.vhostConf pcfg.rainloop.socket) (roundcubemail.apache.vhostConf pcfg.roundcubemail.socket) '' - + Require all granted Options -Indexes @@ -78,13 +78,6 @@ in roundcubemail = roundcubemail.activationScript; rainloop = rainloop.activationScript; }; - - services.websites.webappDirs = { - _mail = ./www; - "${roundcubemail.apache.webappName}" = roundcubemail.webRoot; - "${rainloop.apache.webappName}" = rainloop.webRoot; - }; - }; } diff --git a/modules/private/websites/tools/mail/mta-sts.nix b/modules/private/websites/tools/mail/mta-sts.nix index c5f71f0..77ba2d4 100644 --- a/modules/private/websites/tools/mail/mta-sts.nix +++ b/modules/private/websites/tools/mail/mta-sts.nix @@ -33,21 +33,17 @@ let in { config = lib.mkIf cfg.enable { - services.websites.webappDirs = { - _mta-sts = root; - }; - services.websites.env.tools.vhostConfs.mta_sts = { certName = "mail"; addToCerts = true; hosts = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.domain}") domains; - root = "/run/current-system/webapps/_mta-sts"; + root = root; extraConfig = [ '' RewriteEngine on RewriteCond %{HTTP_HOST} ^mta-sts.(.*)$ RewriteRule ^/.well-known/mta-sts.txt$ %{DOCUMENT_ROOT}/%1.txt [L] - + Require all granted Options -Indexes diff --git a/modules/private/websites/tools/mail/rainloop.nix b/modules/private/websites/tools/mail/rainloop.nix index 21de5eb..20e43a1 100644 --- a/modules/private/websites/tools/mail/rainloop.nix +++ b/modules/private/websites/tools/mail/rainloop.nix @@ -14,8 +14,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_rainloop"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /rainloop "${root}" diff --git a/modules/private/websites/tools/mail/roundcubemail.nix b/modules/private/websites/tools/mail/roundcubemail.nix index 92de28e..2661b55 100644 --- a/modules/private/websites/tools/mail/roundcubemail.nix +++ b/modules/private/websites/tools/mail/roundcubemail.nix @@ -79,8 +79,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_roundcubemail"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /roundcube "${root}" diff --git a/modules/private/websites/tools/mastodon/default.nix b/modules/private/websites/tools/mastodon/default.nix index 87e8d72..3512cf1 100644 --- a/modules/private/websites/tools/mastodon/default.nix +++ b/modules/private/websites/tools/mastodon/default.nix @@ -1,7 +1,7 @@ { lib, pkgs, config, ... }: let env = config.myEnv.tools.mastodon; - root = "/run/current-system/webapps/tools_mastodon"; + root = "${mcfg.workdir}/public/"; cfg = config.myServices.websites.tools.mastodon; mcfg = config.services.mastodon; in { @@ -82,10 +82,6 @@ in { services.websites.env.tools.modules = [ "headers" "proxy" "proxy_wstunnel" "proxy_http" ]; - system.extraSystemBuilderCmds = '' - mkdir -p $out/webapps - ln -s ${mcfg.workdir}/public/ $out/webapps/tools_mastodon - ''; services.websites.env.tools.vhostConfs.mastodon = { certName = "eldiron"; addToCerts = true; diff --git a/modules/private/websites/tools/tools/adminer.nix b/modules/private/websites/tools/tools/adminer.nix index a4ba344..c280684 100644 --- a/modules/private/websites/tools/tools/adminer.nix +++ b/modules/private/websites/tools/tools/adminer.nix @@ -1,4 +1,4 @@ -{ adminer, php74, myPhpPackages, lib, forcePhpSocket ? null }: +{ webapps, php74, myPhpPackages, lib, forcePhpSocket ? null }: rec { activationScript = { deps = [ "httpd" ]; @@ -6,7 +6,7 @@ rec { install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/adminer ''; }; - webRoot = adminer; + webRoot = webapps.adminer; phpFpm = rec { user = apache.user; group = apache.group; @@ -28,11 +28,10 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "_adminer"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' - Alias /adminer ${root} - + Alias /adminer ${webRoot} + DirectoryIndex index.php SetHandler "proxy:unix:${if forcePhpSocket != null then forcePhpSocket else socket}|fcgi://localhost" diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix index 1f499fb..499ef91 100644 --- a/modules/private/websites/tools/tools/default.nix +++ b/modules/private/websites/tools/tools/default.nix @@ -2,9 +2,7 @@ let flakeCompat = import ../../../../../lib/flake-compat.nix; - adminer = pkgs.callPackage ./adminer.nix { - inherit (pkgs.webapps) adminer; - }; + adminer = pkgs.callPackage ./adminer.nix {}; ympd = pkgs.callPackage ./ympd.nix { env = config.myEnv.tools.ympd; }; @@ -429,21 +427,6 @@ in { ldap = ldap.activationScript; }; - services.websites.webappDirs = { - _adminer = adminer.webRoot; - "${dmarc-reports.apache.webappName}" = dmarc-reports.webRoot; - "${dokuwiki.apache.webappName}" = dokuwiki.webRoot; - "${phpbb.apache.webappName}" = phpbb.webRoot; - "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs"; - "${rompr.apache.webappName}" = rompr.webRoot; - "${shaarli.apache.webappName}" = shaarli.webRoot; - "${ttrss.apache.webappName}" = ttrss.webRoot; - "${wallabag.apache.webappName}" = wallabag.webRoot; - "${yourls.apache.webappName}" = yourls.webRoot; - "${kanboard.apache.webappName}" = kanboard.webRoot; - "${grocy.apache.webappName}" = grocy.webRoot; - }; - services.websites.env.tools.watchPaths = [ config.secrets.fullPaths."webapps/tools-shaarli" ]; diff --git a/modules/private/websites/tools/tools/dmarc_reports.nix b/modules/private/websites/tools/tools/dmarc_reports.nix index 89da246..8a77b13 100644 --- a/modules/private/websites/tools/tools/dmarc_reports.nix +++ b/modules/private/websites/tools/tools/dmarc_reports.nix @@ -20,8 +20,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_dmarc_reports"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /dmarc-reports "${root}" diff --git a/modules/private/websites/tools/tools/dokuwiki.nix b/modules/private/websites/tools/tools/dokuwiki.nix index 6175a68..1bcd852 100644 --- a/modules/private/websites/tools/tools/dokuwiki.nix +++ b/modules/private/websites/tools/tools/dokuwiki.nix @@ -25,8 +25,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_dokuwiki"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /dokuwiki "${root}" diff --git a/modules/private/websites/tools/tools/grocy.nix b/modules/private/websites/tools/tools/grocy.nix index a98d8ac..3c33170 100644 --- a/modules/private/websites/tools/tools/grocy.nix +++ b/modules/private/websites/tools/tools/grocy.nix @@ -16,8 +16,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_grocy"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /grocy "${root}" diff --git a/modules/private/websites/tools/tools/kanboard.nix b/modules/private/websites/tools/tools/kanboard.nix index b2e7b65..54bbe01 100644 --- a/modules/private/websites/tools/tools/kanboard.nix +++ b/modules/private/websites/tools/tools/kanboard.nix @@ -46,8 +46,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_kanboard"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /kanboard "${root}" diff --git a/modules/private/websites/tools/tools/ldap.nix b/modules/private/websites/tools/tools/ldap.nix index 14920f4..2ca59f7 100644 --- a/modules/private/websites/tools/tools/ldap.nix +++ b/modules/private/websites/tools/tools/ldap.nix @@ -36,8 +36,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_ldap"; - root = "/run/current-system/webapps/${webappName}"; + root = "${webRoot}/htdocs"; vhostConf = socket: '' Alias /ldap "${root}" diff --git a/modules/private/websites/tools/tools/phpbb.nix b/modules/private/websites/tools/tools/phpbb.nix index fa26069..e341a64 100644 --- a/modules/private/websites/tools/tools/phpbb.nix +++ b/modules/private/websites/tools/tools/phpbb.nix @@ -20,8 +20,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_phpbb"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /forum "${root}" diff --git a/modules/private/websites/tools/tools/rompr.nix b/modules/private/websites/tools/tools/rompr.nix index 106164c..9765df5 100644 --- a/modules/private/websites/tools/tools/rompr.nix +++ b/modules/private/websites/tools/tools/rompr.nix @@ -13,8 +13,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "headers" "mime" "proxy_fcgi" ]; - webappName = "tools_rompr"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /rompr ${root} diff --git a/modules/private/websites/tools/tools/shaarli.nix b/modules/private/websites/tools/tools/shaarli.nix index b7126cc..f63c722 100644 --- a/modules/private/websites/tools/tools/shaarli.nix +++ b/modules/private/websites/tools/tools/shaarli.nix @@ -16,8 +16,7 @@ in rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" "rewrite" "env" ]; - webappName = "tools_shaarli"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /Shaarli "${root}" diff --git a/modules/private/websites/tools/tools/ttrss.nix b/modules/private/websites/tools/tools/ttrss.nix index f6abae9..bee26c8 100644 --- a/modules/private/websites/tools/tools/ttrss.nix +++ b/modules/private/websites/tools/tools/ttrss.nix @@ -96,8 +96,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_ttrss"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /ttrss "${root}" diff --git a/modules/private/websites/tools/tools/wallabag.nix b/modules/private/websites/tools/tools/wallabag.nix index b6ad151..ceb061f 100644 --- a/modules/private/websites/tools/tools/wallabag.nix +++ b/modules/private/websites/tools/tools/wallabag.nix @@ -80,8 +80,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_wallabag"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /wallabag "${root}" diff --git a/modules/private/websites/tools/tools/yourls.nix b/modules/private/websites/tools/tools/yourls.nix index 01ef548..3717520 100644 --- a/modules/private/websites/tools/tools/yourls.nix +++ b/modules/private/websites/tools/tools/yourls.nix @@ -44,8 +44,7 @@ rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; - webappName = "tools_yourls"; - root = "/run/current-system/webapps/${webappName}"; + root = webRoot; vhostConf = socket: '' Alias /url "${root}" diff --git a/modules/private/websites/tools/vpn/default.nix b/modules/private/websites/tools/vpn/default.nix index 4398a60..9cd499b 100644 --- a/modules/private/websites/tools/vpn/default.nix +++ b/modules/private/websites/tools/vpn/default.nix @@ -7,9 +7,7 @@ in { certName = "eldiron"; addToCerts = true; hosts = [ "vpn.immae.eu" ]; - root = "/run/current-system/webapps/_vpn"; + root = ./www; }; - - services.websites.webappDirs._vpn = ./www; }; } diff --git a/modules/websites/default.nix b/modules/websites/default.nix index 0a78c13..6658c66 100644 --- a/modules/websites/default.nix +++ b/modules/websites/default.nix @@ -7,22 +7,6 @@ in certs = mkOption { description = "Default websites configuration for certificates as accepted by acme"; }; - webappDirs = mkOption { - description = '' - Defines a symlink between /run/current-system/webapps and a store - app directory to be used in http configuration. Permits to avoid - restarting httpd when only the folder name changes. - ''; - type = types.attrsOf types.path; - default = {}; - }; - webappDirsName = mkOption { - type = str; - default = "webapps"; - description = '' - Name of the webapp dir to create in /run/current-system - ''; - }; env = mkOption { default = {}; description = "Each type of website to enable will target a distinct httpd server"; @@ -145,17 +129,6 @@ in }; }); }; - # Readonly variables - webappDirsPaths = mkOption { - type = attrsOf path; - readOnly = true; - description = '' - Full paths of the webapp dir - ''; - default = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair - name "/run/current-system/${cfg.webappDirsName}/${name}" - ) cfg.webappDirs; - }; }; config.services.httpd = let @@ -268,14 +241,6 @@ in } ) groupedCerts; - config.system.extraSystemBuilderCmds = lib.mkIf (builtins.length (builtins.attrValues cfg.webappDirs) > 0) '' - mkdir -p $out/${cfg.webappDirsName} - ${builtins.concatStringsSep "\n" - (attrsets.mapAttrsToList - (name: path: "ln -s ${path} $out/${cfg.webappDirsName}/${name}") cfg.webappDirs) - } - ''; - config.systemd.services = let package = httpdName: config.services.httpd.${httpdName}.package.out; cfgFile = httpdName: config.services.httpd.${httpdName}.configFile; diff --git a/modules/websites/php-application.nix b/modules/websites/php-application.nix index 23e2b23..3a43a45 100644 --- a/modules/websites/php-application.nix +++ b/modules/websites/php-application.nix @@ -110,13 +110,6 @@ in Path to application root ''; }; - webappName = mkOption { - type = nullOr str; - default = null; - description = '' - Alias name for the app, to be used in services.websites.webappDirs - ''; - }; webRoot = mkOption { type = nullOr path; description = '' @@ -152,14 +145,6 @@ in Full paths to listen for php ''; }; - services.phpApplication.webappDirs = mkOption { - type = attrsOf path; - default = attrsets.filterAttrs (n: v: builtins.hasAttr n cfg.apps) config.services.websites.webappDirsPaths; - readOnly = true; - description = '' - Stable name webapp dirs for httpd - ''; - }; }; config = { @@ -186,10 +171,6 @@ in } ) cfg.apps; - services.websites.webappDirs = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair - (if icfg.webappName == null then name else icfg.webappName) icfg.webRoot - ) (attrsets.filterAttrs (n: v: !isNull v.webRoot) cfg.apps); - services.filesWatcher = attrsets.mapAttrs' (name: icfg: attrsets.nameValuePair "phpfpm-${name}" { restart = true;