From 5c9a5ec701482b554ef3daaaa1ace4c23967d7a2 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Isma=C3=ABl=20Bouya?= Date: Wed, 8 Dec 2021 15:35:34 +0100 Subject: [PATCH] Cloud Installation for librezo --- modules/private/default.nix | 5 ++ modules/private/websites/default.nix | 7 +++ modules/private/websites/librezo/dolibarr.nix | 62 +++++++++++++++++++ .../websites/librezo/dolibarr_integration.nix | 62 +++++++++++++++++++ .../private/websites/librezo/nextcloud.nix | 28 +++++++++ modules/private/websites/librezo/website.nix | 30 +++++++++ 6 files changed, 194 insertions(+) create mode 100644 modules/private/websites/librezo/dolibarr.nix create mode 100644 modules/private/websites/librezo/dolibarr_integration.nix create mode 100644 modules/private/websites/librezo/nextcloud.nix create mode 100644 modules/private/websites/librezo/website.nix diff --git a/modules/private/default.nix b/modules/private/default.nix index 7eaa91e..7330cd1 100644 --- a/modules/private/default.nix +++ b/modules/private/default.nix @@ -62,6 +62,11 @@ set = { leilaProd = ./websites/leila/production.nix; + librezoCloud = ./websites/librezo/nextcloud.nix; + librezoDolibarr = ./websites/librezo/dolibarr.nix; + librezoDolibarrDev = ./websites/librezo/dolibarr_integration.nix; + librezoWebsite = ./websites/librezo/website.nix; + ludivineInte = ./websites/ludivine/integration.nix; ludivineProd = ./websites/ludivine/production.nix; diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix index 9134ca9..98c766c 100644 --- a/modules/private/websites/default.nix +++ b/modules/private/websites/default.nix @@ -272,6 +272,13 @@ in leila.production.enable = true; + librezo = { + cloud.enable = true; + dolibarr.enable = true; + dolibarrDev.enable = true; + website.enable = true; + }; + ludivine = { integration.enable = true; production.enable = true; diff --git a/modules/private/websites/librezo/dolibarr.nix b/modules/private/websites/librezo/dolibarr.nix new file mode 100644 index 0000000..4eb0f7c --- /dev/null +++ b/modules/private/websites/librezo/dolibarr.nix @@ -0,0 +1,62 @@ +{ lib, config, pkgs, ... }: +let + cfg = config.myServices.websites.librezo.dolibarr; + varDir = "/var/lib/ftp/librezo/dolibarr"; + apacheUser = config.services.httpd.Prod.user; + apacheGroup = config.services.httpd.Prod.group; +in { + options.myServices.websites.librezo.dolibarr.enable = lib.mkEnableOption "enable Dolibarr website"; + + config = lib.mkIf cfg.enable { + system.activationScripts.dolibarr = { + deps = [ "httpd" "users" ]; + text = '' + install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d /var/lib/php/sessions/librezo + ''; + }; + services.phpfpm.pools.librezo_dolibarr = { + user = apacheUser; + group = apacheGroup; + settings = { + "listen.owner" = apacheUser; + "listen.group" = apacheGroup; + + "pm" = "ondemand"; + "pm.max_children" = "5"; + "pm.process_idle_timeout" = "60"; + + "php_admin_value[upload_max_filesize]" = "100M"; + "php_admin_value[post_max_size]" = "100M"; + "php_admin_value[open_basedir]" = "/var/lib/php/sessions/librezo:${varDir}:/tmp"; + "php_admin_value[session.save_path]" = "/var/lib/php/sessions/librezo"; + }; + phpOptions = config.services.phpfpm.phpOptions + '' + disable_functions = "mail" + ''; + phpPackage = pkgs.php74; + }; + services.websites.env.production.modules = [ "proxy_fcgi" ]; + services.websites.env.production.vhostConfs.librezo_dolibarr = { + certName = "librezo"; + addToCerts = true; + hosts = ["dolibarr.librezo.com"]; + root = "${varDir}/dolibarr/htdocs"; + extraConfig = [ + '' + + SetHandler "proxy:unix:${config.services.phpfpm.pools.librezo_dolibarr.socket}|fcgi://localhost" + + + + DirectoryIndex index.php index.htm index.html + Options Indexes FollowSymLinks MultiViews Includes + AllowOverride All + Require all granted + + '' + ]; + }; + }; +} + + diff --git a/modules/private/websites/librezo/dolibarr_integration.nix b/modules/private/websites/librezo/dolibarr_integration.nix new file mode 100644 index 0000000..f8e3bf4 --- /dev/null +++ b/modules/private/websites/librezo/dolibarr_integration.nix @@ -0,0 +1,62 @@ +{ lib, config, pkgs, ... }: +let + cfg = config.myServices.websites.librezo.dolibarrDev; + varDir = "/var/lib/ftp/librezo/dolibarr_dev"; + apacheUser = config.services.httpd.Inte.user; + apacheGroup = config.services.httpd.Inte.group; +in { + options.myServices.websites.librezo.dolibarrDev.enable = lib.mkEnableOption "enable Dolibarr website"; + + config = lib.mkIf cfg.enable { + system.activationScripts.dolibarr = { + deps = [ "httpd" "users" ]; + text = '' + install -m 0755 -o ${apacheUser} -g ${apacheGroup} -d /var/lib/php/sessions/librezo + ''; + }; + services.phpfpm.pools.librezo_dolibarr_dev = { + user = apacheUser; + group = apacheGroup; + settings = { + "listen.owner" = apacheUser; + "listen.group" = apacheGroup; + + "pm" = "ondemand"; + "pm.max_children" = "5"; + "pm.process_idle_timeout" = "60"; + + "php_admin_value[upload_max_filesize]" = "100M"; + "php_admin_value[post_max_size]" = "100M"; + "php_admin_value[open_basedir]" = "/var/lib/php/sessions/librezo:${varDir}:/tmp"; + "php_admin_value[session.save_path]" = "/var/lib/php/sessions/librezo"; + }; + phpOptions = config.services.phpfpm.phpOptions + '' + disable_functions = "mail" + ''; + phpPackage = pkgs.php74; + }; + services.websites.env.production.modules = [ "proxy_fcgi" ]; + services.websites.env.integration.vhostConfs.librezo_dolibarr_dev = { + certName = "integration"; + addToCerts = true; + hosts = ["dolibarr.librezo.immae.dev"]; + root = "${varDir}/dolibarr/htdocs"; + extraConfig = [ + '' + + SetHandler "proxy:unix:${config.services.phpfpm.pools.librezo_dolibarr_dev.socket}|fcgi://localhost" + + + + DirectoryIndex index.php index.htm index.html + Options Indexes FollowSymLinks MultiViews Includes + AllowOverride All + Require all granted + + '' + ]; + }; + }; +} + + diff --git a/modules/private/websites/librezo/nextcloud.nix b/modules/private/websites/librezo/nextcloud.nix new file mode 100644 index 0000000..9ffd412 --- /dev/null +++ b/modules/private/websites/librezo/nextcloud.nix @@ -0,0 +1,28 @@ +{ lib, pkgs, config, ... }: +let + cfg = config.myServices.websites.librezo.cloud; +in { + options.myServices.websites.librezo.cloud.enable = lib.mkEnableOption "enable Librezo’s cloud"; + + config = lib.mkIf cfg.enable { + myServices.tools.cloud.farm.instances.librezo = { + nextcloud = pkgs.webapps.nextcloud_22; + apps = a: [ + a.calendar a.spreed a.contacts a.groupfolders a.files_mindmap a.onlyoffice a.talk_matterbridge + a.external a.deck a.drawio + ]; + }; + services.websites.env.production.modules = [ "proxy_fcgi" ]; + services.websites.env.production.vhostConfs.librezo = { + certName = "librezo"; + addToCerts = true; + certMainHost = "cloud.librezo.com"; + hosts = ["cloud.librezo.com"]; + root = config.myServices.tools.cloud.farm.rootDirs.librezo; + extraConfig = [ + config.myServices.tools.cloud.farm.vhosts.librezo + ]; + }; + }; +} + diff --git a/modules/private/websites/librezo/website.nix b/modules/private/websites/librezo/website.nix new file mode 100644 index 0000000..8f4cc06 --- /dev/null +++ b/modules/private/websites/librezo/website.nix @@ -0,0 +1,30 @@ +{ lib, config, pkgs, ... }: +let + cfg = config.myServices.websites.librezo.website; + varDir = "/var/lib/ftp/librezo/website"; + apacheUser = config.services.httpd.Inte.user; + apacheGroup = config.services.httpd.Inte.group; +in { + options.myServices.websites.librezo.website.enable = lib.mkEnableOption "enable Librezo website"; + + config = lib.mkIf cfg.enable { + services.websites.env.integration.vhostConfs.librezo_website = { + certName = "librezo"; + addToCerts = true; + hosts = ["web.librezo.immae.dev"]; + root = varDir; + extraConfig = [ + '' + + DirectoryIndex index.htm index.html + Options Indexes FollowSymLinks MultiViews Includes + AllowOverride None + Require all granted + + '' + ]; + }; + }; +} + + -- 2.41.0