[perso/Immae/Config/Nix.git] / modules / private / websites / tools / tools / default.nix

{ lib, pkgs, config, myconfig,  ... }:
let
  adminer = pkgs.callPackage ./adminer.nix {
    inherit (pkgs.webapps) adminer;
  };
  ympd = pkgs.callPackage ./ympd.nix {
    env = myconfig.env.tools.ympd;
  };
  ttrss = pkgs.callPackage ./ttrss.nix {
    inherit (pkgs.webapps) ttrss ttrss-plugins;
    env = myconfig.env.tools.ttrss;
  };
  kanboard = pkgs.callPackage ./kanboard.nix  {
    env = myconfig.env.tools.kanboard;
  };
  wallabag = pkgs.callPackage ./wallabag.nix {
    inherit (pkgs.webapps) wallabag;
    env = myconfig.env.tools.wallabag;
  };
  yourls = pkgs.callPackage ./yourls.nix {
    inherit (pkgs.webapps) yourls yourls-plugins;
    env = myconfig.env.tools.yourls;
  };
  rompr = pkgs.callPackage ./rompr.nix {
    inherit (pkgs.webapps) rompr;
    env = myconfig.env.tools.rompr;
  };
  shaarli = pkgs.callPackage ./shaarli.nix {
    env = myconfig.env.tools.shaarli;
  };
  dokuwiki = pkgs.callPackage ./dokuwiki.nix {
    inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
  };
  ldap = pkgs.callPackage ./ldap.nix {
    inherit (pkgs.webapps) phpldapadmin;
    env = myconfig.env.tools.phpldapadmin;
  };

  cfg = config.myServices.websites.tools.tools;
in {
  options.myServices.websites.tools.tools = {
    enable = lib.mkEnableOption "enable tools website";
  };

  config = lib.mkIf cfg.enable {
    secrets.keys =
      kanboard.keys
      ++ ldap.keys
      ++ shaarli.keys
      ++ ttrss.keys
      ++ wallabag.keys
      ++ yourls.keys;

    services.websites.env.tools.modules =
      [ "proxy_fcgi" ]
      ++ adminer.apache.modules
      ++ ympd.apache.modules
      ++ ttrss.apache.modules
      ++ wallabag.apache.modules
      ++ yourls.apache.modules
      ++ rompr.apache.modules
      ++ shaarli.apache.modules
      ++ dokuwiki.apache.modules
      ++ ldap.apache.modules
      ++ kanboard.apache.modules;

    services.websites.env.integration.vhostConfs.devtools = {
      certName    = "eldiron";
      addToCerts  = true;
      hosts       = ["devtools.immae.eu" ];
      root        = "/var/lib/ftp/devtools.immae.eu";
      extraConfig = [
        ''
          <Directory "/var/lib/ftp/devtools.immae.eu">
            DirectoryIndex index.php index.htm index.html
            AllowOverride all
            Require all granted
            <FilesMatch "\.php$">
              SetHandler "proxy:unix:/var/run/phpfpm/devtools.sock|fcgi://localhost"
            </FilesMatch>
          </Directory>
          ''
      ];
    };

    services.websites.env.tools.vhostConfs.tools = {
      certName    = "eldiron";
      addToCerts  = true;
      hosts       = ["tools.immae.eu" ];
      root        = "/var/lib/ftp/tools.immae.eu";
      extraConfig = [
        ''
          RedirectMatch 301 ^/roundcube(.*)$   https://mail.immae.eu/roundcube$1

          <Directory "/var/lib/ftp/tools.immae.eu">
            DirectoryIndex index.php index.htm index.html
            AllowOverride all
            Require all granted
            <FilesMatch "\.php$">
              SetHandler "proxy:unix:/var/run/phpfpm/tools.sock|fcgi://localhost"
            </FilesMatch>
          </Directory>
          ''
        adminer.apache.vhostConf
        ympd.apache.vhostConf
        ttrss.apache.vhostConf
        wallabag.apache.vhostConf
        yourls.apache.vhostConf
        rompr.apache.vhostConf
        shaarli.apache.vhostConf
        dokuwiki.apache.vhostConf
        ldap.apache.vhostConf
        kanboard.apache.vhostConf
      ];
    };

    services.websites.env.tools.vhostConfs.outils = {
      certName   = "eldiron";
      addToCerts = true;
      hosts      = [ "outils.immae.eu" ];
      root       = null;
      extraConfig = [
        ''
        RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1

        RedirectMatch 301 ^/ether(.*)$       https://ether.immae.eu$1

        RedirectMatch 301 ^/nextcloud(.*)$   https://cloud.immae.eu$1
        RedirectMatch 301 ^/owncloud(.*)$    https://cloud.immae.eu$1

        RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
        RedirectMatch 301 ^/caldavzap(.*)$   https://dav.immae.eu/infcloud$1
        RedirectMatch 301 ^/caldav.php(.*)$  https://dav.immae.eu/caldav.php$1
        RedirectMatch 301 ^/davical(.*)$     https://dav.immae.eu/davical$1

        RedirectMatch 301 ^/taskweb(.*)$     https://task.immae.eu/taskweb$1

        RedirectMatch 301 ^/roundcube(.*)$   https://mail.immae.eu/roundcube$1

        RedirectMatch 301 ^/(.*)$            https://tools.immae.eu/$1
        ''
      ];
    };

    systemd.services = {
      phpfpm-dokuwiki = {
        after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
        wants = dokuwiki.phpFpm.serviceDeps;
      };
      phpfpm-kanboard = {
        after = lib.mkAfter kanboard.phpFpm.serviceDeps;
        wants = kanboard.phpFpm.serviceDeps;
      };
      phpfpm-ldap = {
        after = lib.mkAfter ldap.phpFpm.serviceDeps;
        wants = ldap.phpFpm.serviceDeps;
      };
      phpfpm-shaarli = {
        after = lib.mkAfter shaarli.phpFpm.serviceDeps;
        wants = shaarli.phpFpm.serviceDeps;
      };
      phpfpm-ttrss = {
        after = lib.mkAfter ttrss.phpFpm.serviceDeps;
        wants = ttrss.phpFpm.serviceDeps;
      };
      phpfpm-wallabag = {
        after = lib.mkAfter wallabag.phpFpm.serviceDeps;
        wants = wallabag.phpFpm.serviceDeps;
        preStart = lib.mkAfter wallabag.phpFpm.preStart;
      };
      phpfpm-yourls = {
        after = lib.mkAfter yourls.phpFpm.serviceDeps;
        wants = yourls.phpFpm.serviceDeps;
      };
      ympd = {
        description = "Standalone MPD Web GUI written in C";
        wantedBy = [ "multi-user.target" ];
        script = ''
          export MPD_PASSWORD=$(cat /var/secrets/mpd)
          ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
          '';
      };
      tt-rss = {
        description = "Tiny Tiny RSS feeds update daemon";
        serviceConfig = {
          User = "wwwrun";
          ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
          StandardOutput = "syslog";
          StandardError = "syslog";
          PermissionsStartOnly = true;
        };

        wantedBy = [ "multi-user.target" ];
        requires = ["postgresql.service"];
        after = ["network.target" "postgresql.service"];
      };
    };

    services.filesWatcher.ympd = {
      restart = true;
      paths = [ "/var/secrets/mpd" ];
    };

    services.phpfpm.pools.devtools = {
      listen = "/var/run/phpfpm/devtools.sock";
      extraConfig = ''
        user = wwwrun
        group = wwwrun
        listen.owner = wwwrun
        listen.group = wwwrun
        pm = dynamic
        pm.max_children = 60
        pm.start_servers = 2
        pm.min_spare_servers = 1
        pm.max_spare_servers = 10

        php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"
        '';
      phpOptions = config.services.phpfpm.phpOptions + ''
        extension=${pkgs.php}/lib/php/extensions/mysqli.so
        extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
        extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
        zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
        '';
    };

    services.phpfpm.poolConfigs = {
      adminer = adminer.phpFpm.pool;
      ttrss = ttrss.phpFpm.pool;
      wallabag = wallabag.phpFpm.pool;
      yourls = yourls.phpFpm.pool;
      rompr = rompr.phpFpm.pool;
      shaarli = shaarli.phpFpm.pool;
      dokuwiki = dokuwiki.phpFpm.pool;
      ldap = ldap.phpFpm.pool;
      kanboard = kanboard.phpFpm.pool;
      tools = ''
        listen = /var/run/phpfpm/tools.sock
        user = wwwrun
        group = wwwrun
        listen.owner = wwwrun
        listen.group = wwwrun
        pm = dynamic
        pm.max_children = 60
        pm.start_servers = 2
        pm.min_spare_servers = 1
        pm.max_spare_servers = 10

        ; Needed to avoid clashes in browser cookies (same domain)
        php_value[session.name] = ToolsPHPSESSID
        php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp"
        '';
    };

    system.activationScripts = {
      adminer = adminer.activationScript;
      ttrss = ttrss.activationScript;
      wallabag = wallabag.activationScript;
      yourls = yourls.activationScript;
      rompr = rompr.activationScript;
      shaarli = shaarli.activationScript;
      dokuwiki = dokuwiki.activationScript;
      kanboard = kanboard.activationScript;
      ldap = ldap.activationScript;
    };

    myServices.websites.webappDirs = {
      _adminer = adminer.webRoot;
      "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
      "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
      "${rompr.apache.webappName}" = rompr.webRoot;
      "${shaarli.apache.webappName}" = shaarli.webRoot;
      "${ttrss.apache.webappName}" = ttrss.webRoot;
      "${wallabag.apache.webappName}" = wallabag.webRoot;
      "${yourls.apache.webappName}" = yourls.webRoot;
      "${kanboard.apache.webappName}" = kanboard.webRoot;
    };

    services.websites.env.tools.watchPaths = [
      "/var/secrets/webapps/tools-shaarli"
    ];
    services.filesWatcher.phpfpm-wallabag = {
      restart = true;
      paths = [ "/var/secrets/webapps/tools-wallabag" ];
    };
  };
}
Commit	Line	Data
8a964143	1	{ lib, pkgs, config, myconfig, ... }:
10889174	2	let
4288c2f2 IB	3	adminer = pkgs.callPackage ./adminer.nix {
	4	inherit (pkgs.webapps) adminer;
	5	};
	6	ympd = pkgs.callPackage ./ympd.nix {
	7	env = myconfig.env.tools.ympd;
	8	};
	9	ttrss = pkgs.callPackage ./ttrss.nix {
	10	inherit (pkgs.webapps) ttrss ttrss-plugins;
	11	env = myconfig.env.tools.ttrss;
	12	};
4288c2f2 IB	13	kanboard = pkgs.callPackage ./kanboard.nix {
	14	env = myconfig.env.tools.kanboard;
	15	};
	16	wallabag = pkgs.callPackage ./wallabag.nix {
	17	inherit (pkgs.webapps) wallabag;
	18	env = myconfig.env.tools.wallabag;
	19	};
	20	yourls = pkgs.callPackage ./yourls.nix {
	21	inherit (pkgs.webapps) yourls yourls-plugins;
	22	env = myconfig.env.tools.yourls;
	23	};
	24	rompr = pkgs.callPackage ./rompr.nix {
	25	inherit (pkgs.webapps) rompr;
	26	env = myconfig.env.tools.rompr;
	27	};
	28	shaarli = pkgs.callPackage ./shaarli.nix {
	29	env = myconfig.env.tools.shaarli;
	30	};
	31	dokuwiki = pkgs.callPackage ./dokuwiki.nix {
	32	inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
	33	};
	34	ldap = pkgs.callPackage ./ldap.nix {
	35	inherit (pkgs.webapps) phpldapadmin;
	36	env = myconfig.env.tools.phpldapadmin;
	37	};
10889174	38
4288c2f2	39	cfg = config.myServices.websites.tools.tools;
10889174	40	in {
4288c2f2	41	options.myServices.websites.tools.tools = {
10889174 IB	42	enable = lib.mkEnableOption "enable tools website";
	43	};
	44
	45	config = lib.mkIf cfg.enable {
1a718805	46	secrets.keys =
a840a21c	47	kanboard.keys
8db8e666	48	++ ldap.keys
8db8e666 IB	49	++ shaarli.keys
	50	++ ttrss.keys
	51	++ wallabag.keys
	52	++ yourls.keys;
98163486	53
29f8cb85	54	services.websites.env.tools.modules =
1922655a IB	55	[ "proxy_fcgi" ]
1922655a IB	56	++ adminer.apache.modules
10889174 IB	57	++ ympd.apache.modules
10889174 IB	58	++ ttrss.apache.modules
133ebaee	59	++ wallabag.apache.modules
bfe3c9c9	60	++ yourls.apache.modules
95b20e17	61	++ rompr.apache.modules
b892dcbe	62	++ shaarli.apache.modules
f80772dc	63	++ dokuwiki.apache.modules
d4ed0eff IB	64	++ ldap.apache.modules
d4ed0eff IB	65	++ kanboard.apache.modules;
10889174	66
29f8cb85	67	services.websites.env.integration.vhostConfs.devtools = {
46f30ecc	68	certName = "eldiron";
7df420c2	69	addToCerts = true;
46f30ecc	70	hosts = ["devtools.immae.eu" ];
0aae0181	71	root = "/var/lib/ftp/devtools.immae.eu";
46f30ecc	72	extraConfig = [
0aae0181 IB	73	''
	74	<Directory "/var/lib/ftp/devtools.immae.eu">
	75	DirectoryIndex index.php index.htm index.html
	76	AllowOverride all
	77	Require all granted
	78	<FilesMatch "\.php$">
	79	SetHandler "proxy:unix:/var/run/phpfpm/devtools.sock\|fcgi://localhost"
	80	</FilesMatch>
	81	</Directory>
	82	''
46f30ecc IB	83	];
	84	};
	85
29f8cb85	86	services.websites.env.tools.vhostConfs.tools = {
10889174	87	certName = "eldiron";
7df420c2	88	addToCerts = true;
10889174	89	hosts = ["tools.immae.eu" ];
1922655a	90	root = "/var/lib/ftp/tools.immae.eu";
10889174	91	extraConfig = [
1922655a	92	''
afcc5de0 IB	93	RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
afcc5de0 IB	94
1922655a	95	<Directory "/var/lib/ftp/tools.immae.eu">
0eaac6ba	96	DirectoryIndex index.php index.htm index.html
1922655a IB	97	AllowOverride all
	98	Require all granted
	99	<FilesMatch "\.php$">
	100	SetHandler "proxy:unix:/var/run/phpfpm/tools.sock\|fcgi://localhost"
	101	</FilesMatch>
	102	</Directory>
	103	''
10889174 IB	104	adminer.apache.vhostConf
	105	ympd.apache.vhostConf
	106	ttrss.apache.vhostConf
aebd817b	107	wallabag.apache.vhostConf
133ebaee	108	yourls.apache.vhostConf
bfe3c9c9	109	rompr.apache.vhostConf
95b20e17	110	shaarli.apache.vhostConf
b892dcbe	111	dokuwiki.apache.vhostConf
f80772dc	112	ldap.apache.vhostConf
d4ed0eff	113	kanboard.apache.vhostConf
10889174 IB	114	];
	115	};
	116
29f8cb85	117	services.websites.env.tools.vhostConfs.outils = {
7df420c2 IB	118	certName = "eldiron";
	119	addToCerts = true;
	120	hosts = [ "outils.immae.eu" ];
	121	root = null;
70606070 IB	122	extraConfig = [
	123	''
	124	RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
	125
	126	RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
	127
	128	RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
	129	RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
	130
	131	RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
	132	RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
	133	RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
	134	RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
	135
	136	RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
	137
afcc5de0 IB	138	RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
afcc5de0 IB	139
70606070 IB	140	RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
	141	''
	142	];
	143	};
	144
f40f5b23 IB	145	systemd.services = {
	146	phpfpm-dokuwiki = {
	147	after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
	148	wants = dokuwiki.phpFpm.serviceDeps;
	149	};
	150	phpfpm-kanboard = {
	151	after = lib.mkAfter kanboard.phpFpm.serviceDeps;
	152	wants = kanboard.phpFpm.serviceDeps;
	153	};
	154	phpfpm-ldap = {
	155	after = lib.mkAfter ldap.phpFpm.serviceDeps;
	156	wants = ldap.phpFpm.serviceDeps;
	157	};
f40f5b23 IB	158	phpfpm-shaarli = {
	159	after = lib.mkAfter shaarli.phpFpm.serviceDeps;
	160	wants = shaarli.phpFpm.serviceDeps;
	161	};
	162	phpfpm-ttrss = {
	163	after = lib.mkAfter ttrss.phpFpm.serviceDeps;
	164	wants = ttrss.phpFpm.serviceDeps;
	165	};
	166	phpfpm-wallabag = {
	167	after = lib.mkAfter wallabag.phpFpm.serviceDeps;
	168	wants = wallabag.phpFpm.serviceDeps;
	169	preStart = lib.mkAfter wallabag.phpFpm.preStart;
	170	};
	171	phpfpm-yourls = {
	172	after = lib.mkAfter yourls.phpFpm.serviceDeps;
	173	wants = yourls.phpFpm.serviceDeps;
	174	};
	175	ympd = {
	176	description = "Standalone MPD Web GUI written in C";
	177	wantedBy = [ "multi-user.target" ];
	178	script = ''
	179	export MPD_PASSWORD=$(cat /var/secrets/mpd)
	180	${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
	181	'';
	182	};
	183	tt-rss = {
	184	description = "Tiny Tiny RSS feeds update daemon";
	185	serviceConfig = {
	186	User = "wwwrun";
	187	ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
	188	StandardOutput = "syslog";
	189	StandardError = "syslog";
	190	PermissionsStartOnly = true;
	191	};
	192
	193	wantedBy = [ "multi-user.target" ];
	194	requires = ["postgresql.service"];
	195	after = ["network.target" "postgresql.service"];
	196	};
	197	};
	198
17f6eae9 IB	199	services.filesWatcher.ympd = {
	200	restart = true;
	201	paths = [ "/var/secrets/mpd" ];
	202	};
	203
f40f5b23 IB	204	services.phpfpm.pools.devtools = {
	205	listen = "/var/run/phpfpm/devtools.sock";
	206	extraConfig = ''
	207	user = wwwrun
	208	group = wwwrun
	209	listen.owner = wwwrun
	210	listen.group = wwwrun
	211	pm = dynamic
	212	pm.max_children = 60
	213	pm.start_servers = 2
	214	pm.min_spare_servers = 1
	215	pm.max_spare_servers = 10
	216
	217	php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"
	218	'';
	219	phpOptions = config.services.phpfpm.phpOptions + ''
c75b75a2	220	extension=${pkgs.php}/lib/php/extensions/mysqli.so
0aae0181 IB	221	extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
	222	extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
	223	zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
	224	'';
8eded9ec	225	};
f40f5b23 IB	226
f40f5b23 IB	227	services.phpfpm.poolConfigs = {
10889174 IB	228	adminer = adminer.phpFpm.pool;
10889174 IB	229	ttrss = ttrss.phpFpm.pool;
aebd817b	230	wallabag = wallabag.phpFpm.pool;
133ebaee	231	yourls = yourls.phpFpm.pool;
bfe3c9c9	232	rompr = rompr.phpFpm.pool;
95b20e17	233	shaarli = shaarli.phpFpm.pool;
b892dcbe	234	dokuwiki = dokuwiki.phpFpm.pool;
f80772dc	235	ldap = ldap.phpFpm.pool;
d4ed0eff	236	kanboard = kanboard.phpFpm.pool;
1922655a IB	237	tools = ''
	238	listen = /var/run/phpfpm/tools.sock
	239	user = wwwrun
	240	group = wwwrun
	241	listen.owner = wwwrun
	242	listen.group = wwwrun
	243	pm = dynamic
	244	pm.max_children = 60
	245	pm.start_servers = 2
	246	pm.min_spare_servers = 1
	247	pm.max_spare_servers = 10
	248
	249	; Needed to avoid clashes in browser cookies (same domain)
	250	php_value[session.name] = ToolsPHPSESSID
	251	php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp"
	252	'';
10889174 IB	253	};
	254
	255	system.activationScripts = {
4288c2f2	256	adminer = adminer.activationScript;
10889174	257	ttrss = ttrss.activationScript;
aebd817b	258	wallabag = wallabag.activationScript;
133ebaee	259	yourls = yourls.activationScript;
bfe3c9c9	260	rompr = rompr.activationScript;
95b20e17	261	shaarli = shaarli.activationScript;
b892dcbe	262	dokuwiki = dokuwiki.activationScript;
d4ed0eff	263	kanboard = kanboard.activationScript;
4288c2f2	264	ldap = ldap.activationScript;
10889174 IB	265	};
10889174 IB	266
4288c2f2 IB	267	myServices.websites.webappDirs = {
	268	_adminer = adminer.webRoot;
	269	"${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
	270	"${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
	271	"${rompr.apache.webappName}" = rompr.webRoot;
4288c2f2 IB	272	"${shaarli.apache.webappName}" = shaarli.webRoot;
	273	"${ttrss.apache.webappName}" = ttrss.webRoot;
	274	"${wallabag.apache.webappName}" = wallabag.webRoot;
	275	"${yourls.apache.webappName}" = yourls.webRoot;
4288c2f2 IB	276	"${kanboard.apache.webappName}" = kanboard.webRoot;
4288c2f2 IB	277	};
a95ab089	278
29f8cb85	279	services.websites.env.tools.watchPaths = [
9247b444	280	"/var/secrets/webapps/tools-shaarli"
17f6eae9 IB	281	];
	282	services.filesWatcher.phpfpm-wallabag = {
	283	restart = true;
	284	paths = [ "/var/secrets/webapps/tools-wallabag" ];
	285	};
10889174 IB	286	};
	287	}
	288