[perso/Immae/Config/Nix.git] / modules / private / websites / tools / tools / default.nix

{ lib, pkgs, config, myconfig,  ... }:
let
  adminer = pkgs.callPackage ./adminer.nix {
    inherit (pkgs.webapps) adminer;
  };
  ympd = pkgs.callPackage ./ympd.nix {
    env = myconfig.env.tools.ympd;
  };
  ttrss = pkgs.callPackage ./ttrss.nix {
    inherit (pkgs.webapps) ttrss ttrss-plugins;
    env = myconfig.env.tools.ttrss;
  };
  roundcubemail = pkgs.callPackage ./roundcubemail.nix {
    inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins;
    env = myconfig.env.tools.roundcubemail;
  };
  rainloop = pkgs.callPackage ./rainloop.nix  {};
  kanboard = pkgs.callPackage ./kanboard.nix  {
    env = myconfig.env.tools.kanboard;
  };
  wallabag = pkgs.callPackage ./wallabag.nix {
    inherit (pkgs.webapps) wallabag;
    env = myconfig.env.tools.wallabag;
  };
  yourls = pkgs.callPackage ./yourls.nix {
    inherit (pkgs.webapps) yourls yourls-plugins;
    env = myconfig.env.tools.yourls;
  };
  rompr = pkgs.callPackage ./rompr.nix {
    inherit (pkgs.webapps) rompr;
    env = myconfig.env.tools.rompr;
  };
  shaarli = pkgs.callPackage ./shaarli.nix {
    env = myconfig.env.tools.shaarli;
  };
  dokuwiki = pkgs.callPackage ./dokuwiki.nix {
    inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
  };
  ldap = pkgs.callPackage ./ldap.nix {
    inherit (pkgs.webapps) phpldapadmin;
    env = myconfig.env.tools.phpldapadmin;
  };

  cfg = config.myServices.websites.tools.tools;
in {
  options.myServices.websites.tools.tools = {
    enable = lib.mkEnableOption "enable tools website";
  };

  config = lib.mkIf cfg.enable {
    secrets.keys =
      kanboard.keys
      ++ ldap.keys
      ++ roundcubemail.keys
      ++ shaarli.keys
      ++ ttrss.keys
      ++ wallabag.keys
      ++ yourls.keys;

    services.websites.env.integration.modules =
      rainloop.apache.modules;

    services.websites.env.tools.modules =
      [ "proxy_fcgi" ]
      ++ adminer.apache.modules
      ++ ympd.apache.modules
      ++ ttrss.apache.modules
      ++ roundcubemail.apache.modules
      ++ wallabag.apache.modules
      ++ yourls.apache.modules
      ++ rompr.apache.modules
      ++ shaarli.apache.modules
      ++ dokuwiki.apache.modules
      ++ ldap.apache.modules
      ++ kanboard.apache.modules;

    services.websites.env.integration.vhostConfs.devtools = {
      certName    = "eldiron";
      addToCerts  = true;
      hosts       = ["devtools.immae.eu" ];
      root        = "/var/lib/ftp/devtools.immae.eu";
      extraConfig = [
        ''
          <Directory "/var/lib/ftp/devtools.immae.eu">
            DirectoryIndex index.php index.htm index.html
            AllowOverride all
            Require all granted
            <FilesMatch "\.php$">
              SetHandler "proxy:unix:/var/run/phpfpm/devtools.sock|fcgi://localhost"
            </FilesMatch>
          </Directory>
          ''
        rainloop.apache.vhostConf
      ];
    };

    services.websites.env.tools.vhostConfs.tools = {
      certName    = "eldiron";
      addToCerts  = true;
      hosts       = ["tools.immae.eu" ];
      root        = "/var/lib/ftp/tools.immae.eu";
      extraConfig = [
        ''
          <Directory "/var/lib/ftp/tools.immae.eu">
            DirectoryIndex index.php index.htm index.html
            AllowOverride all
            Require all granted
            <FilesMatch "\.php$">
              SetHandler "proxy:unix:/var/run/phpfpm/tools.sock|fcgi://localhost"
            </FilesMatch>
          </Directory>
          ''
        adminer.apache.vhostConf
        ympd.apache.vhostConf
        ttrss.apache.vhostConf
        roundcubemail.apache.vhostConf
        wallabag.apache.vhostConf
        yourls.apache.vhostConf
        rompr.apache.vhostConf
        shaarli.apache.vhostConf
        dokuwiki.apache.vhostConf
        ldap.apache.vhostConf
        kanboard.apache.vhostConf
      ];
    };

    services.websites.env.tools.vhostConfs.outils = {
      certName   = "eldiron";
      addToCerts = true;
      hosts      = [ "outils.immae.eu" ];
      root       = null;
      extraConfig = [
        ''
        RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1

        RedirectMatch 301 ^/ether(.*)$       https://ether.immae.eu$1

        RedirectMatch 301 ^/nextcloud(.*)$   https://cloud.immae.eu$1
        RedirectMatch 301 ^/owncloud(.*)$    https://cloud.immae.eu$1

        RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
        RedirectMatch 301 ^/caldavzap(.*)$   https://dav.immae.eu/infcloud$1
        RedirectMatch 301 ^/caldav.php(.*)$  https://dav.immae.eu/caldav.php$1
        RedirectMatch 301 ^/davical(.*)$     https://dav.immae.eu/davical$1

        RedirectMatch 301 ^/taskweb(.*)$     https://task.immae.eu/taskweb$1

        RedirectMatch 301 ^/(.*)$            https://tools.immae.eu/$1
        ''
      ];
    };

    systemd.services = {
      phpfpm-dokuwiki = {
        after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
        wants = dokuwiki.phpFpm.serviceDeps;
      };
      phpfpm-kanboard = {
        after = lib.mkAfter kanboard.phpFpm.serviceDeps;
        wants = kanboard.phpFpm.serviceDeps;
      };
      phpfpm-ldap = {
        after = lib.mkAfter ldap.phpFpm.serviceDeps;
        wants = ldap.phpFpm.serviceDeps;
      };
      phpfpm-rainloop = {
        after = lib.mkAfter rainloop.phpFpm.serviceDeps;
        wants = rainloop.phpFpm.serviceDeps;
      };
      phpfpm-roundcubemail = {
        after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
        wants = roundcubemail.phpFpm.serviceDeps;
      };
      phpfpm-shaarli = {
        after = lib.mkAfter shaarli.phpFpm.serviceDeps;
        wants = shaarli.phpFpm.serviceDeps;
      };
      phpfpm-ttrss = {
        after = lib.mkAfter ttrss.phpFpm.serviceDeps;
        wants = ttrss.phpFpm.serviceDeps;
      };
      phpfpm-wallabag = {
        after = lib.mkAfter wallabag.phpFpm.serviceDeps;
        wants = wallabag.phpFpm.serviceDeps;
        preStart = lib.mkAfter wallabag.phpFpm.preStart;
      };
      phpfpm-yourls = {
        after = lib.mkAfter yourls.phpFpm.serviceDeps;
        wants = yourls.phpFpm.serviceDeps;
      };
      ympd = {
        description = "Standalone MPD Web GUI written in C";
        wantedBy = [ "multi-user.target" ];
        script = ''
          export MPD_PASSWORD=$(cat /var/secrets/mpd)
          ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
          '';
      };
      tt-rss = {
        description = "Tiny Tiny RSS feeds update daemon";
        serviceConfig = {
          User = "wwwrun";
          ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
          StandardOutput = "syslog";
          StandardError = "syslog";
          PermissionsStartOnly = true;
        };

        wantedBy = [ "multi-user.target" ];
        requires = ["postgresql.service"];
        after = ["network.target" "postgresql.service"];
      };
    };

    services.filesWatcher.ympd = {
      restart = true;
      paths = [ "/var/secrets/mpd" ];
    };

    services.phpfpm.pools.roundcubemail = {
      listen = roundcubemail.phpFpm.socket;
      extraConfig = roundcubemail.phpFpm.pool;
      phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig;
    };

    services.phpfpm.pools.devtools = {
      listen = "/var/run/phpfpm/devtools.sock";
      extraConfig = ''
        user = wwwrun
        group = wwwrun
        listen.owner = wwwrun
        listen.group = wwwrun
        pm = dynamic
        pm.max_children = 60
        pm.start_servers = 2
        pm.min_spare_servers = 1
        pm.max_spare_servers = 10

        php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"
        '';
      phpOptions = config.services.phpfpm.phpOptions + ''
        extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
        extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
        zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
        '';
    };

    services.phpfpm.poolConfigs = {
      adminer = adminer.phpFpm.pool;
      ttrss = ttrss.phpFpm.pool;
      wallabag = wallabag.phpFpm.pool;
      yourls = yourls.phpFpm.pool;
      rompr = rompr.phpFpm.pool;
      shaarli = shaarli.phpFpm.pool;
      dokuwiki = dokuwiki.phpFpm.pool;
      ldap = ldap.phpFpm.pool;
      rainloop = rainloop.phpFpm.pool;
      kanboard = kanboard.phpFpm.pool;
      tools = ''
        listen = /var/run/phpfpm/tools.sock
        user = wwwrun
        group = wwwrun
        listen.owner = wwwrun
        listen.group = wwwrun
        pm = dynamic
        pm.max_children = 60
        pm.start_servers = 2
        pm.min_spare_servers = 1
        pm.max_spare_servers = 10

        ; Needed to avoid clashes in browser cookies (same domain)
        php_value[session.name] = ToolsPHPSESSID
        php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp"
        '';
    };

    system.activationScripts = {
      adminer = adminer.activationScript;
      ttrss = ttrss.activationScript;
      roundcubemail = roundcubemail.activationScript;
      wallabag = wallabag.activationScript;
      yourls = yourls.activationScript;
      rompr = rompr.activationScript;
      shaarli = shaarli.activationScript;
      dokuwiki = dokuwiki.activationScript;
      rainloop = rainloop.activationScript;
      kanboard = kanboard.activationScript;
      ldap = ldap.activationScript;
    };

    myServices.websites.webappDirs = {
      _adminer = adminer.webRoot;
      "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
      "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
      "${rompr.apache.webappName}" = rompr.webRoot;
      "${roundcubemail.apache.webappName}" = roundcubemail.webRoot;
      "${shaarli.apache.webappName}" = shaarli.webRoot;
      "${ttrss.apache.webappName}" = ttrss.webRoot;
      "${wallabag.apache.webappName}" = wallabag.webRoot;
      "${yourls.apache.webappName}" = yourls.webRoot;
      "${rainloop.apache.webappName}" = rainloop.webRoot;
      "${kanboard.apache.webappName}" = kanboard.webRoot;
    };

    services.websites.env.tools.watchPaths = [
      "/var/secrets/webapps/tools-shaarli"
    ];
    services.filesWatcher.phpfpm-wallabag = {
      restart = true;
      paths = [ "/var/secrets/webapps/tools-wallabag" ];
    };
  };
}
Commit	Line	Data
8a964143	1	{ lib, pkgs, config, myconfig, ... }:
10889174	2	let
4288c2f2 IB	3	adminer = pkgs.callPackage ./adminer.nix {
	4	inherit (pkgs.webapps) adminer;
	5	};
	6	ympd = pkgs.callPackage ./ympd.nix {
	7	env = myconfig.env.tools.ympd;
	8	};
	9	ttrss = pkgs.callPackage ./ttrss.nix {
	10	inherit (pkgs.webapps) ttrss ttrss-plugins;
	11	env = myconfig.env.tools.ttrss;
	12	};
	13	roundcubemail = pkgs.callPackage ./roundcubemail.nix {
	14	inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins;
	15	env = myconfig.env.tools.roundcubemail;
	16	};
	17	rainloop = pkgs.callPackage ./rainloop.nix {};
	18	kanboard = pkgs.callPackage ./kanboard.nix {
	19	env = myconfig.env.tools.kanboard;
	20	};
	21	wallabag = pkgs.callPackage ./wallabag.nix {
	22	inherit (pkgs.webapps) wallabag;
	23	env = myconfig.env.tools.wallabag;
	24	};
	25	yourls = pkgs.callPackage ./yourls.nix {
	26	inherit (pkgs.webapps) yourls yourls-plugins;
	27	env = myconfig.env.tools.yourls;
	28	};
	29	rompr = pkgs.callPackage ./rompr.nix {
	30	inherit (pkgs.webapps) rompr;
	31	env = myconfig.env.tools.rompr;
	32	};
	33	shaarli = pkgs.callPackage ./shaarli.nix {
	34	env = myconfig.env.tools.shaarli;
	35	};
	36	dokuwiki = pkgs.callPackage ./dokuwiki.nix {
	37	inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
	38	};
	39	ldap = pkgs.callPackage ./ldap.nix {
	40	inherit (pkgs.webapps) phpldapadmin;
	41	env = myconfig.env.tools.phpldapadmin;
	42	};
10889174	43
4288c2f2	44	cfg = config.myServices.websites.tools.tools;
10889174	45	in {
4288c2f2	46	options.myServices.websites.tools.tools = {
10889174 IB	47	enable = lib.mkEnableOption "enable tools website";
	48	};
	49
	50	config = lib.mkIf cfg.enable {
1a718805	51	secrets.keys =
a840a21c	52	kanboard.keys
8db8e666 IB	53	++ ldap.keys
	54	++ roundcubemail.keys
	55	++ shaarli.keys
	56	++ ttrss.keys
	57	++ wallabag.keys
	58	++ yourls.keys;
98163486	59
29f8cb85	60	services.websites.env.integration.modules =
46f30ecc	61	rainloop.apache.modules;
10889174	62
29f8cb85	63	services.websites.env.tools.modules =
1922655a IB	64	[ "proxy_fcgi" ]
1922655a IB	65	++ adminer.apache.modules
10889174 IB	66	++ ympd.apache.modules
10889174 IB	67	++ ttrss.apache.modules
aebd817b	68	++ roundcubemail.apache.modules
133ebaee	69	++ wallabag.apache.modules
bfe3c9c9	70	++ yourls.apache.modules
95b20e17	71	++ rompr.apache.modules
b892dcbe	72	++ shaarli.apache.modules
f80772dc	73	++ dokuwiki.apache.modules
d4ed0eff IB	74	++ ldap.apache.modules
d4ed0eff IB	75	++ kanboard.apache.modules;
10889174	76
29f8cb85	77	services.websites.env.integration.vhostConfs.devtools = {
46f30ecc	78	certName = "eldiron";
7df420c2	79	addToCerts = true;
46f30ecc	80	hosts = ["devtools.immae.eu" ];
0aae0181	81	root = "/var/lib/ftp/devtools.immae.eu";
46f30ecc	82	extraConfig = [
0aae0181 IB	83	''
	84	<Directory "/var/lib/ftp/devtools.immae.eu">
	85	DirectoryIndex index.php index.htm index.html
	86	AllowOverride all
	87	Require all granted
	88	<FilesMatch "\.php$">
	89	SetHandler "proxy:unix:/var/run/phpfpm/devtools.sock\|fcgi://localhost"
	90	</FilesMatch>
	91	</Directory>
	92	''
46f30ecc IB	93	rainloop.apache.vhostConf
	94	];
	95	};
	96
29f8cb85	97	services.websites.env.tools.vhostConfs.tools = {
10889174	98	certName = "eldiron";
7df420c2	99	addToCerts = true;
10889174	100	hosts = ["tools.immae.eu" ];
1922655a	101	root = "/var/lib/ftp/tools.immae.eu";
10889174	102	extraConfig = [
1922655a IB	103	''
1922655a IB	104	<Directory "/var/lib/ftp/tools.immae.eu">
0eaac6ba	105	DirectoryIndex index.php index.htm index.html
1922655a IB	106	AllowOverride all
	107	Require all granted
	108	<FilesMatch "\.php$">
	109	SetHandler "proxy:unix:/var/run/phpfpm/tools.sock\|fcgi://localhost"
	110	</FilesMatch>
	111	</Directory>
	112	''
10889174 IB	113	adminer.apache.vhostConf
	114	ympd.apache.vhostConf
	115	ttrss.apache.vhostConf
	116	roundcubemail.apache.vhostConf
aebd817b	117	wallabag.apache.vhostConf
133ebaee	118	yourls.apache.vhostConf
bfe3c9c9	119	rompr.apache.vhostConf
95b20e17	120	shaarli.apache.vhostConf
b892dcbe	121	dokuwiki.apache.vhostConf
f80772dc	122	ldap.apache.vhostConf
d4ed0eff	123	kanboard.apache.vhostConf
10889174 IB	124	];
	125	};
	126
29f8cb85	127	services.websites.env.tools.vhostConfs.outils = {
7df420c2 IB	128	certName = "eldiron";
	129	addToCerts = true;
	130	hosts = [ "outils.immae.eu" ];
	131	root = null;
70606070 IB	132	extraConfig = [
	133	''
	134	RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
	135
	136	RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
	137
	138	RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
	139	RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
	140
	141	RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
	142	RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
	143	RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
	144	RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
	145
	146	RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
	147
	148	RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
	149	''
	150	];
	151	};
	152
f40f5b23 IB	153	systemd.services = {
	154	phpfpm-dokuwiki = {
	155	after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
	156	wants = dokuwiki.phpFpm.serviceDeps;
	157	};
	158	phpfpm-kanboard = {
	159	after = lib.mkAfter kanboard.phpFpm.serviceDeps;
	160	wants = kanboard.phpFpm.serviceDeps;
	161	};
	162	phpfpm-ldap = {
	163	after = lib.mkAfter ldap.phpFpm.serviceDeps;
	164	wants = ldap.phpFpm.serviceDeps;
	165	};
	166	phpfpm-rainloop = {
	167	after = lib.mkAfter rainloop.phpFpm.serviceDeps;
	168	wants = rainloop.phpFpm.serviceDeps;
	169	};
	170	phpfpm-roundcubemail = {
	171	after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
	172	wants = roundcubemail.phpFpm.serviceDeps;
	173	};
	174	phpfpm-shaarli = {
	175	after = lib.mkAfter shaarli.phpFpm.serviceDeps;
	176	wants = shaarli.phpFpm.serviceDeps;
	177	};
	178	phpfpm-ttrss = {
	179	after = lib.mkAfter ttrss.phpFpm.serviceDeps;
	180	wants = ttrss.phpFpm.serviceDeps;
	181	};
	182	phpfpm-wallabag = {
	183	after = lib.mkAfter wallabag.phpFpm.serviceDeps;
	184	wants = wallabag.phpFpm.serviceDeps;
	185	preStart = lib.mkAfter wallabag.phpFpm.preStart;
	186	};
	187	phpfpm-yourls = {
	188	after = lib.mkAfter yourls.phpFpm.serviceDeps;
	189	wants = yourls.phpFpm.serviceDeps;
	190	};
	191	ympd = {
	192	description = "Standalone MPD Web GUI written in C";
	193	wantedBy = [ "multi-user.target" ];
	194	script = ''
	195	export MPD_PASSWORD=$(cat /var/secrets/mpd)
	196	${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
	197	'';
	198	};
	199	tt-rss = {
	200	description = "Tiny Tiny RSS feeds update daemon";
	201	serviceConfig = {
	202	User = "wwwrun";
	203	ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
	204	StandardOutput = "syslog";
	205	StandardError = "syslog";
	206	PermissionsStartOnly = true;
	207	};
	208
	209	wantedBy = [ "multi-user.target" ];
	210	requires = ["postgresql.service"];
	211	after = ["network.target" "postgresql.service"];
	212	};
	213	};
	214
17f6eae9 IB	215	services.filesWatcher.ympd = {
	216	restart = true;
	217	paths = [ "/var/secrets/mpd" ];
	218	};
	219
f40f5b23 IB	220	services.phpfpm.pools.roundcubemail = {
	221	listen = roundcubemail.phpFpm.socket;
	222	extraConfig = roundcubemail.phpFpm.pool;
	223	phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig;
a840a21c IB	224	};
a840a21c IB	225
f40f5b23 IB	226	services.phpfpm.pools.devtools = {
	227	listen = "/var/run/phpfpm/devtools.sock";
	228	extraConfig = ''
	229	user = wwwrun
	230	group = wwwrun
	231	listen.owner = wwwrun
	232	listen.group = wwwrun
	233	pm = dynamic
	234	pm.max_children = 60
	235	pm.start_servers = 2
	236	pm.min_spare_servers = 1
	237	pm.max_spare_servers = 10
	238
	239	php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"
	240	'';
	241	phpOptions = config.services.phpfpm.phpOptions + ''
0aae0181 IB	242	extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
	243	extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
	244	zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
	245	'';
8eded9ec	246	};
f40f5b23 IB	247
f40f5b23 IB	248	services.phpfpm.poolConfigs = {
10889174 IB	249	adminer = adminer.phpFpm.pool;
10889174 IB	250	ttrss = ttrss.phpFpm.pool;
aebd817b	251	wallabag = wallabag.phpFpm.pool;
133ebaee	252	yourls = yourls.phpFpm.pool;
bfe3c9c9	253	rompr = rompr.phpFpm.pool;
95b20e17	254	shaarli = shaarli.phpFpm.pool;
b892dcbe	255	dokuwiki = dokuwiki.phpFpm.pool;
f80772dc	256	ldap = ldap.phpFpm.pool;
46f30ecc	257	rainloop = rainloop.phpFpm.pool;
d4ed0eff	258	kanboard = kanboard.phpFpm.pool;
1922655a IB	259	tools = ''
	260	listen = /var/run/phpfpm/tools.sock
	261	user = wwwrun
	262	group = wwwrun
	263	listen.owner = wwwrun
	264	listen.group = wwwrun
	265	pm = dynamic
	266	pm.max_children = 60
	267	pm.start_servers = 2
	268	pm.min_spare_servers = 1
	269	pm.max_spare_servers = 10
	270
	271	; Needed to avoid clashes in browser cookies (same domain)
	272	php_value[session.name] = ToolsPHPSESSID
	273	php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp"
	274	'';
10889174 IB	275	};
	276
	277	system.activationScripts = {
4288c2f2	278	adminer = adminer.activationScript;
10889174 IB	279	ttrss = ttrss.activationScript;
10889174 IB	280	roundcubemail = roundcubemail.activationScript;
aebd817b	281	wallabag = wallabag.activationScript;
133ebaee	282	yourls = yourls.activationScript;
bfe3c9c9	283	rompr = rompr.activationScript;
95b20e17	284	shaarli = shaarli.activationScript;
b892dcbe	285	dokuwiki = dokuwiki.activationScript;
46f30ecc	286	rainloop = rainloop.activationScript;
d4ed0eff	287	kanboard = kanboard.activationScript;
4288c2f2	288	ldap = ldap.activationScript;
10889174 IB	289	};
10889174 IB	290
4288c2f2 IB	291	myServices.websites.webappDirs = {
	292	_adminer = adminer.webRoot;
	293	"${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
	294	"${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
	295	"${rompr.apache.webappName}" = rompr.webRoot;
	296	"${roundcubemail.apache.webappName}" = roundcubemail.webRoot;
	297	"${shaarli.apache.webappName}" = shaarli.webRoot;
	298	"${ttrss.apache.webappName}" = ttrss.webRoot;
	299	"${wallabag.apache.webappName}" = wallabag.webRoot;
	300	"${yourls.apache.webappName}" = yourls.webRoot;
	301	"${rainloop.apache.webappName}" = rainloop.webRoot;
	302	"${kanboard.apache.webappName}" = kanboard.webRoot;
	303	};
a95ab089	304
29f8cb85	305	services.websites.env.tools.watchPaths = [
9247b444	306	"/var/secrets/webapps/tools-shaarli"
17f6eae9 IB	307	];
	308	services.filesWatcher.phpfpm-wallabag = {
	309	restart = true;
	310	paths = [ "/var/secrets/webapps/tools-wallabag" ];
	311	};
10889174 IB	312	};
	313	}
	314