[perso/Immae/Config/Nix.git] / modules / private / websites / tools / tools / default.nix

{ lib, pkgs, config, ... }:
let
  adminer = pkgs.callPackage ./adminer.nix {
    inherit (pkgs.webapps) adminer;
  };
  ympd = pkgs.callPackage ./ympd.nix {
    env = config.myEnv.tools.ympd;
  };
  ttrss = pkgs.callPackage ./ttrss.nix {
    inherit (pkgs.webapps) ttrss ttrss-plugins;
    env = config.myEnv.tools.ttrss;
  };
  kanboard = pkgs.callPackage ./kanboard.nix  {
    env = config.myEnv.tools.kanboard;
  };
  wallabag = pkgs.callPackage ./wallabag.nix {
    inherit (pkgs.webapps) wallabag;
    env = config.myEnv.tools.wallabag;
  };
  yourls = pkgs.callPackage ./yourls.nix {
    inherit (pkgs.webapps) yourls yourls-plugins;
    env = config.myEnv.tools.yourls;
  };
  rompr = pkgs.callPackage ./rompr.nix {
    inherit (pkgs.webapps) rompr;
    env = config.myEnv.tools.rompr;
  };
  shaarli = pkgs.callPackage ./shaarli.nix {
    env = config.myEnv.tools.shaarli;
  };
  dokuwiki = pkgs.callPackage ./dokuwiki.nix {
    inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
  };
  ldap = pkgs.callPackage ./ldap.nix {
    inherit (pkgs.webapps) phpldapadmin;
    env = config.myEnv.tools.phpldapadmin;
  };
  grocy = pkgs.callPackage ./grocy.nix {
    inherit (pkgs.webapps) grocy;
  };

  cfg = config.myServices.websites.tools.tools;
in {
  options.myServices.websites.tools.tools = {
    enable = lib.mkEnableOption "enable tools website";
  };

  config = lib.mkIf cfg.enable {
    secrets.keys =
      kanboard.keys
      ++ ldap.keys
      ++ shaarli.keys
      ++ ttrss.keys
      ++ wallabag.keys
      ++ yourls.keys;

    services.duplyBackup.profiles = {
      dokuwiki = dokuwiki.backups;
      grocy = grocy.backups;
      kanboard = kanboard.backups;
      rompr = rompr.backups;
      shaarli = shaarli.backups;
      ttrss = ttrss.backups;
      wallabag = wallabag.backups;
    };

    services.websites.env.tools.modules =
      [ "proxy_fcgi" ]
      ++ adminer.apache.modules
      ++ ympd.apache.modules
      ++ ttrss.apache.modules
      ++ wallabag.apache.modules
      ++ yourls.apache.modules
      ++ rompr.apache.modules
      ++ shaarli.apache.modules
      ++ dokuwiki.apache.modules
      ++ ldap.apache.modules
      ++ kanboard.apache.modules;

    services.websites.env.integration.vhostConfs.devtools = {
      certName     = "integration";
      certMainHost = "devtools.immae.eu";
      addToCerts   = true;
      hosts        = [ "devtools.immae.eu" ];
      root         = "/var/lib/ftp/devtools.immae.eu";
      extraConfig  = [
        ''
          Timeout 600
          ProxyTimeout 600
          <Directory "/var/lib/ftp/devtools.immae.eu">
            DirectoryIndex index.php index.htm index.html
            AllowOverride all
            Require all granted
            <FilesMatch "\.php$">
              SetHandler "proxy:unix:/var/run/phpfpm/devtools.sock|fcgi://localhost"
            </FilesMatch>
          </Directory>
          ''
      ];
    };

    services.websites.env.tools.vhostConfs.tools = {
      certName    = "eldiron";
      addToCerts  = true;
      hosts       = ["tools.immae.eu" ];
      root        = "/var/lib/ftp/tools.immae.eu";
      extraConfig = [
        ''
          RedirectMatch 301 ^/vpn(.*)$         https://vpn.immae.eu$1
          RedirectMatch 301 ^/roundcube(.*)$   https://mail.immae.eu/roundcube$1
          RedirectMatch 301 ^/jappix(.*)$      https://im.immae.fr/converse

          <Directory "/var/lib/ftp/tools.immae.eu">
            DirectoryIndex index.php index.htm index.html
            AllowOverride all
            Require all granted
            <FilesMatch "\.php$">
              SetHandler "proxy:unix:/var/run/phpfpm/tools.sock|fcgi://localhost"
            </FilesMatch>
          </Directory>
          ''
        adminer.apache.vhostConf
        ympd.apache.vhostConf
        ttrss.apache.vhostConf
        wallabag.apache.vhostConf
        yourls.apache.vhostConf
        rompr.apache.vhostConf
        shaarli.apache.vhostConf
        dokuwiki.apache.vhostConf
        ldap.apache.vhostConf
        kanboard.apache.vhostConf
        grocy.apache.vhostConf
      ];
    };

    services.websites.env.tools.vhostConfs.outils = {
      certName   = "eldiron";
      addToCerts = true;
      hosts      = [ "outils.immae.eu" ];
      root       = null;
      extraConfig = [
        ''
        RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1

        RedirectMatch 301 ^/ether(.*)$       https://ether.immae.eu$1

        RedirectMatch 301 ^/nextcloud(.*)$   https://cloud.immae.eu$1
        RedirectMatch 301 ^/owncloud(.*)$    https://cloud.immae.eu$1

        RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
        RedirectMatch 301 ^/caldavzap(.*)$   https://dav.immae.eu/infcloud$1
        RedirectMatch 301 ^/caldav.php(.*)$  https://dav.immae.eu/caldav.php$1
        RedirectMatch 301 ^/davical(.*)$     https://dav.immae.eu/davical$1

        RedirectMatch 301 ^/taskweb(.*)$     https://task.immae.eu/taskweb$1

        RedirectMatch 301 ^/roundcube(.*)$   https://mail.immae.eu/roundcube$1

        RedirectMatch 301 ^/jappix(.*)$      https://im.immae.fr/converse

        RedirectMatch 301 ^/vpn(.*)$         https://vpn.immae.eu$1

        RedirectMatch 301 ^/(.*)$            https://tools.immae.eu/$1
        ''
      ];
    };

    systemd.services = {
      phpfpm-dokuwiki = {
        after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
        wants = dokuwiki.phpFpm.serviceDeps;
      };
      phpfpm-kanboard = {
        after = lib.mkAfter kanboard.phpFpm.serviceDeps;
        wants = kanboard.phpFpm.serviceDeps;
      };
      phpfpm-ldap = {
        after = lib.mkAfter ldap.phpFpm.serviceDeps;
        wants = ldap.phpFpm.serviceDeps;
      };
      phpfpm-shaarli = {
        after = lib.mkAfter shaarli.phpFpm.serviceDeps;
        wants = shaarli.phpFpm.serviceDeps;
      };
      phpfpm-ttrss = {
        after = lib.mkAfter ttrss.phpFpm.serviceDeps;
        wants = ttrss.phpFpm.serviceDeps;
      };
      phpfpm-wallabag = {
        after = lib.mkAfter wallabag.phpFpm.serviceDeps;
        wants = wallabag.phpFpm.serviceDeps;
        preStart = lib.mkAfter wallabag.phpFpm.preStart;
      };
      phpfpm-yourls = {
        after = lib.mkAfter yourls.phpFpm.serviceDeps;
        wants = yourls.phpFpm.serviceDeps;
      };
      ympd = {
        description = "Standalone MPD Web GUI written in C";
        wantedBy = [ "multi-user.target" ];
        script = ''
          export MPD_PASSWORD=$(cat /var/secrets/mpd)
          ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
          '';
      };
      tt-rss = {
        description = "Tiny Tiny RSS feeds update daemon";
        serviceConfig = {
          User = "wwwrun";
          ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
          StandardOutput = "syslog";
          StandardError = "syslog";
          PermissionsStartOnly = true;
        };

        wantedBy = [ "multi-user.target" ];
        requires = ["postgresql.service"];
        after = ["network.target" "postgresql.service"];
      };
    };

    services.filesWatcher.ympd = {
      restart = true;
      paths = [ "/var/secrets/mpd" ];
    };

    services.phpfpm.pools.devtools = {
      listen = "/var/run/phpfpm/devtools.sock";
      extraConfig = ''
        user = wwwrun
        group = wwwrun
        listen.owner = wwwrun
        listen.group = wwwrun
        pm = dynamic
        pm.max_children = 60
        pm.start_servers = 2
        pm.min_spare_servers = 1
        pm.max_spare_servers = 10

        php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"
        '';
      phpOptions = config.services.phpfpm.phpOptions + ''
        extension=${pkgs.php}/lib/php/extensions/mysqli.so
        extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
        extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
        zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
        '';
    };

    services.phpfpm.poolConfigs = {
      adminer = adminer.phpFpm.pool;
      ttrss = ttrss.phpFpm.pool;
      wallabag = wallabag.phpFpm.pool;
      yourls = yourls.phpFpm.pool;
      rompr = rompr.phpFpm.pool;
      shaarli = shaarli.phpFpm.pool;
      dokuwiki = dokuwiki.phpFpm.pool;
      ldap = ldap.phpFpm.pool;
      kanboard = kanboard.phpFpm.pool;
      grocy = grocy.phpFpm.pool;
      tools = ''
        listen = /var/run/phpfpm/tools.sock
        user = wwwrun
        group = wwwrun
        listen.owner = wwwrun
        listen.group = wwwrun
        pm = dynamic
        pm.max_children = 60
        pm.start_servers = 2
        pm.min_spare_servers = 1
        pm.max_spare_servers = 10

        ; Needed to avoid clashes in browser cookies (same domain)
        php_value[session.name] = ToolsPHPSESSID
        php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp"
        '';
    };

    system.activationScripts = {
      adminer = adminer.activationScript;
      grocy = grocy.activationScript;
      ttrss = ttrss.activationScript;
      wallabag = wallabag.activationScript;
      yourls = yourls.activationScript;
      rompr = rompr.activationScript;
      shaarli = shaarli.activationScript;
      dokuwiki = dokuwiki.activationScript;
      kanboard = kanboard.activationScript;
      ldap = ldap.activationScript;
    };

    myServices.websites.webappDirs = {
      _adminer = adminer.webRoot;
      "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
      "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
      "${rompr.apache.webappName}" = rompr.webRoot;
      "${shaarli.apache.webappName}" = shaarli.webRoot;
      "${ttrss.apache.webappName}" = ttrss.webRoot;
      "${wallabag.apache.webappName}" = wallabag.webRoot;
      "${yourls.apache.webappName}" = yourls.webRoot;
      "${kanboard.apache.webappName}" = kanboard.webRoot;
      "${grocy.apache.webappName}" = grocy.webRoot;
    };

    services.websites.env.tools.watchPaths = [
      "/var/secrets/webapps/tools-shaarli"
    ];
    services.filesWatcher.phpfpm-wallabag = {
      restart = true;
      paths = [ "/var/secrets/webapps/tools-wallabag" ];
    };
  };
}
Commit	Line	Data
ab8f306d	1	{ lib, pkgs, config, ... }:
10889174	2	let
4288c2f2 IB	3	adminer = pkgs.callPackage ./adminer.nix {
	4	inherit (pkgs.webapps) adminer;
	5	};
	6	ympd = pkgs.callPackage ./ympd.nix {
ab8f306d	7	env = config.myEnv.tools.ympd;
4288c2f2 IB	8	};
	9	ttrss = pkgs.callPackage ./ttrss.nix {
	10	inherit (pkgs.webapps) ttrss ttrss-plugins;
ab8f306d	11	env = config.myEnv.tools.ttrss;
4288c2f2	12	};
4288c2f2	13	kanboard = pkgs.callPackage ./kanboard.nix {
ab8f306d	14	env = config.myEnv.tools.kanboard;
4288c2f2 IB	15	};
	16	wallabag = pkgs.callPackage ./wallabag.nix {
	17	inherit (pkgs.webapps) wallabag;
ab8f306d	18	env = config.myEnv.tools.wallabag;
4288c2f2 IB	19	};
	20	yourls = pkgs.callPackage ./yourls.nix {
	21	inherit (pkgs.webapps) yourls yourls-plugins;
ab8f306d	22	env = config.myEnv.tools.yourls;
4288c2f2 IB	23	};
	24	rompr = pkgs.callPackage ./rompr.nix {
	25	inherit (pkgs.webapps) rompr;
ab8f306d	26	env = config.myEnv.tools.rompr;
4288c2f2 IB	27	};
4288c2f2 IB	28	shaarli = pkgs.callPackage ./shaarli.nix {
ab8f306d	29	env = config.myEnv.tools.shaarli;
4288c2f2 IB	30	};
	31	dokuwiki = pkgs.callPackage ./dokuwiki.nix {
	32	inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
	33	};
	34	ldap = pkgs.callPackage ./ldap.nix {
	35	inherit (pkgs.webapps) phpldapadmin;
ab8f306d	36	env = config.myEnv.tools.phpldapadmin;
4288c2f2	37	};
c7627e14 IB	38	grocy = pkgs.callPackage ./grocy.nix {
	39	inherit (pkgs.webapps) grocy;
	40	};
10889174	41
4288c2f2	42	cfg = config.myServices.websites.tools.tools;
10889174	43	in {
4288c2f2	44	options.myServices.websites.tools.tools = {
10889174 IB	45	enable = lib.mkEnableOption "enable tools website";
	46	};
	47
	48	config = lib.mkIf cfg.enable {
1a718805	49	secrets.keys =
a840a21c	50	kanboard.keys
8db8e666	51	++ ldap.keys
8db8e666 IB	52	++ shaarli.keys
	53	++ ttrss.keys
	54	++ wallabag.keys
	55	++ yourls.keys;
98163486	56
d2e703c5	57	services.duplyBackup.profiles = {
6a8252b1	58	dokuwiki = dokuwiki.backups;
c7627e14	59	grocy = grocy.backups;
6a8252b1 IB	60	kanboard = kanboard.backups;
	61	rompr = rompr.backups;
	62	shaarli = shaarli.backups;
	63	ttrss = ttrss.backups;
	64	wallabag = wallabag.backups;
	65	};
	66
29f8cb85	67	services.websites.env.tools.modules =
1922655a IB	68	[ "proxy_fcgi" ]
1922655a IB	69	++ adminer.apache.modules
10889174 IB	70	++ ympd.apache.modules
10889174 IB	71	++ ttrss.apache.modules
133ebaee	72	++ wallabag.apache.modules
bfe3c9c9	73	++ yourls.apache.modules
95b20e17	74	++ rompr.apache.modules
b892dcbe	75	++ shaarli.apache.modules
f80772dc	76	++ dokuwiki.apache.modules
d4ed0eff IB	77	++ ldap.apache.modules
d4ed0eff IB	78	++ kanboard.apache.modules;
10889174	79
29f8cb85	80	services.websites.env.integration.vhostConfs.devtools = {
0f71cd76 IB	81	certName = "integration";
	82	certMainHost = "devtools.immae.eu";
	83	addToCerts = true;
	84	hosts = [ "devtools.immae.eu" ];
	85	root = "/var/lib/ftp/devtools.immae.eu";
	86	extraConfig = [
0aae0181	87	''
9338c832 IB	88	Timeout 600
9338c832 IB	89	ProxyTimeout 600
0aae0181 IB	90	<Directory "/var/lib/ftp/devtools.immae.eu">
	91	DirectoryIndex index.php index.htm index.html
	92	AllowOverride all
	93	Require all granted
	94	<FilesMatch "\.php$">
	95	SetHandler "proxy:unix:/var/run/phpfpm/devtools.sock\|fcgi://localhost"
	96	</FilesMatch>
	97	</Directory>
	98	''
46f30ecc IB	99	];
	100	};
	101
29f8cb85	102	services.websites.env.tools.vhostConfs.tools = {
10889174	103	certName = "eldiron";
7df420c2	104	addToCerts = true;
10889174	105	hosts = ["tools.immae.eu" ];
1922655a	106	root = "/var/lib/ftp/tools.immae.eu";
10889174	107	extraConfig = [
1922655a	108	''
ea9c6fe8	109	RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
afcc5de0	110	RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
3f453c7d	111	RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
afcc5de0	112
1922655a	113	<Directory "/var/lib/ftp/tools.immae.eu">
0eaac6ba	114	DirectoryIndex index.php index.htm index.html
1922655a IB	115	AllowOverride all
	116	Require all granted
	117	<FilesMatch "\.php$">
	118	SetHandler "proxy:unix:/var/run/phpfpm/tools.sock\|fcgi://localhost"
	119	</FilesMatch>
	120	</Directory>
	121	''
10889174 IB	122	adminer.apache.vhostConf
	123	ympd.apache.vhostConf
	124	ttrss.apache.vhostConf
aebd817b	125	wallabag.apache.vhostConf
133ebaee	126	yourls.apache.vhostConf
bfe3c9c9	127	rompr.apache.vhostConf
95b20e17	128	shaarli.apache.vhostConf
b892dcbe	129	dokuwiki.apache.vhostConf
f80772dc	130	ldap.apache.vhostConf
d4ed0eff	131	kanboard.apache.vhostConf
c7627e14	132	grocy.apache.vhostConf
10889174 IB	133	];
	134	};
	135
29f8cb85	136	services.websites.env.tools.vhostConfs.outils = {
7df420c2 IB	137	certName = "eldiron";
7df420c2 IB	138	addToCerts = true;
0f71cd76	139	hosts = [ "outils.immae.eu" ];
7df420c2	140	root = null;
70606070 IB	141	extraConfig = [
	142	''
	143	RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
	144
	145	RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
	146
	147	RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
	148	RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
	149
	150	RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
	151	RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
	152	RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
	153	RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
	154
	155	RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
	156
afcc5de0 IB	157	RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
afcc5de0 IB	158
3f453c7d IB	159	RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
3f453c7d IB	160
ea9c6fe8 IB	161	RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
ea9c6fe8 IB	162
70606070 IB	163	RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
	164	''
	165	];
	166	};
	167
f40f5b23 IB	168	systemd.services = {
	169	phpfpm-dokuwiki = {
	170	after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
	171	wants = dokuwiki.phpFpm.serviceDeps;
	172	};
	173	phpfpm-kanboard = {
	174	after = lib.mkAfter kanboard.phpFpm.serviceDeps;
	175	wants = kanboard.phpFpm.serviceDeps;
	176	};
	177	phpfpm-ldap = {
	178	after = lib.mkAfter ldap.phpFpm.serviceDeps;
	179	wants = ldap.phpFpm.serviceDeps;
	180	};
f40f5b23 IB	181	phpfpm-shaarli = {
	182	after = lib.mkAfter shaarli.phpFpm.serviceDeps;
	183	wants = shaarli.phpFpm.serviceDeps;
	184	};
	185	phpfpm-ttrss = {
	186	after = lib.mkAfter ttrss.phpFpm.serviceDeps;
	187	wants = ttrss.phpFpm.serviceDeps;
	188	};
	189	phpfpm-wallabag = {
	190	after = lib.mkAfter wallabag.phpFpm.serviceDeps;
	191	wants = wallabag.phpFpm.serviceDeps;
	192	preStart = lib.mkAfter wallabag.phpFpm.preStart;
	193	};
	194	phpfpm-yourls = {
	195	after = lib.mkAfter yourls.phpFpm.serviceDeps;
	196	wants = yourls.phpFpm.serviceDeps;
	197	};
	198	ympd = {
	199	description = "Standalone MPD Web GUI written in C";
	200	wantedBy = [ "multi-user.target" ];
	201	script = ''
	202	export MPD_PASSWORD=$(cat /var/secrets/mpd)
	203	${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
	204	'';
	205	};
	206	tt-rss = {
	207	description = "Tiny Tiny RSS feeds update daemon";
	208	serviceConfig = {
	209	User = "wwwrun";
	210	ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
	211	StandardOutput = "syslog";
	212	StandardError = "syslog";
	213	PermissionsStartOnly = true;
	214	};
	215
	216	wantedBy = [ "multi-user.target" ];
	217	requires = ["postgresql.service"];
	218	after = ["network.target" "postgresql.service"];
	219	};
	220	};
	221
17f6eae9 IB	222	services.filesWatcher.ympd = {
	223	restart = true;
	224	paths = [ "/var/secrets/mpd" ];
	225	};
	226
f40f5b23 IB	227	services.phpfpm.pools.devtools = {
	228	listen = "/var/run/phpfpm/devtools.sock";
	229	extraConfig = ''
	230	user = wwwrun
	231	group = wwwrun
	232	listen.owner = wwwrun
	233	listen.group = wwwrun
	234	pm = dynamic
	235	pm.max_children = 60
	236	pm.start_servers = 2
	237	pm.min_spare_servers = 1
	238	pm.max_spare_servers = 10
	239
	240	php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"
	241	'';
	242	phpOptions = config.services.phpfpm.phpOptions + ''
c75b75a2	243	extension=${pkgs.php}/lib/php/extensions/mysqli.so
0aae0181 IB	244	extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
	245	extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
	246	zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
	247	'';
8eded9ec	248	};
f40f5b23 IB	249
f40f5b23 IB	250	services.phpfpm.poolConfigs = {
10889174 IB	251	adminer = adminer.phpFpm.pool;
10889174 IB	252	ttrss = ttrss.phpFpm.pool;
aebd817b	253	wallabag = wallabag.phpFpm.pool;
133ebaee	254	yourls = yourls.phpFpm.pool;
bfe3c9c9	255	rompr = rompr.phpFpm.pool;
95b20e17	256	shaarli = shaarli.phpFpm.pool;
b892dcbe	257	dokuwiki = dokuwiki.phpFpm.pool;
f80772dc	258	ldap = ldap.phpFpm.pool;
d4ed0eff	259	kanboard = kanboard.phpFpm.pool;
c7627e14	260	grocy = grocy.phpFpm.pool;
1922655a IB	261	tools = ''
	262	listen = /var/run/phpfpm/tools.sock
	263	user = wwwrun
	264	group = wwwrun
	265	listen.owner = wwwrun
	266	listen.group = wwwrun
	267	pm = dynamic
	268	pm.max_children = 60
	269	pm.start_servers = 2
	270	pm.min_spare_servers = 1
	271	pm.max_spare_servers = 10
	272
	273	; Needed to avoid clashes in browser cookies (same domain)
	274	php_value[session.name] = ToolsPHPSESSID
	275	php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp"
	276	'';
10889174 IB	277	};
	278
	279	system.activationScripts = {
4288c2f2	280	adminer = adminer.activationScript;
c7627e14	281	grocy = grocy.activationScript;
10889174	282	ttrss = ttrss.activationScript;
aebd817b	283	wallabag = wallabag.activationScript;
133ebaee	284	yourls = yourls.activationScript;
bfe3c9c9	285	rompr = rompr.activationScript;
95b20e17	286	shaarli = shaarli.activationScript;
b892dcbe	287	dokuwiki = dokuwiki.activationScript;
d4ed0eff	288	kanboard = kanboard.activationScript;
4288c2f2	289	ldap = ldap.activationScript;
10889174 IB	290	};
10889174 IB	291
4288c2f2 IB	292	myServices.websites.webappDirs = {
	293	_adminer = adminer.webRoot;
	294	"${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
	295	"${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
	296	"${rompr.apache.webappName}" = rompr.webRoot;
4288c2f2 IB	297	"${shaarli.apache.webappName}" = shaarli.webRoot;
	298	"${ttrss.apache.webappName}" = ttrss.webRoot;
	299	"${wallabag.apache.webappName}" = wallabag.webRoot;
	300	"${yourls.apache.webappName}" = yourls.webRoot;
4288c2f2	301	"${kanboard.apache.webappName}" = kanboard.webRoot;
c7627e14	302	"${grocy.apache.webappName}" = grocy.webRoot;
4288c2f2	303	};
a95ab089	304
29f8cb85	305	services.websites.env.tools.watchPaths = [
9247b444	306	"/var/secrets/webapps/tools-shaarli"
17f6eae9 IB	307	];
	308	services.filesWatcher.phpfpm-wallabag = {
	309	restart = true;
	310	paths = [ "/var/secrets/webapps/tools-wallabag" ];
	311	};
10889174 IB	312	};
	313	}
	314