]>
Commit | Line | Data |
---|---|---|
9d90e7e2 | 1 | { lib, pkgs, config, myconfig, mylibs, ... }: |
10889174 IB |
2 | let |
3 | adminer = pkgs.callPackage ../../commons/adminer.nix {}; | |
bfe3c9c9 IB |
4 | ympd = pkgs.callPackage ./ympd.nix { |
5 | env = myconfig.env.tools.ympd; | |
6 | }; | |
9d90e7e2 IB |
7 | ttrss = pkgs.callPackage ./ttrss.nix { |
8 | inherit (mylibs) fetchedGithub fetchedGit; | |
9 | env = myconfig.env.tools.ttrss; | |
10 | }; | |
11 | roundcubemail = pkgs.callPackage ./roundcubemail.nix { env = myconfig.env.tools.roundcubemail; }; | |
d4ed0eff IB |
12 | kanboard = pkgs.callPackage ./kanboard.nix { |
13 | inherit (mylibs) fetchedGithub; | |
14 | env = myconfig.env.tools.kanboard; | |
15 | }; | |
9d90e7e2 | 16 | wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; }; |
133ebaee IB |
17 | yourls = pkgs.callPackage ./yourls.nix { |
18 | inherit (mylibs) fetchedGithub; | |
19 | env = myconfig.env.tools.yourls; | |
20 | }; | |
bfe3c9c9 IB |
21 | rompr = pkgs.callPackage ./rompr.nix { |
22 | inherit (mylibs) fetchedGithub; | |
23 | env = myconfig.env.tools.rompr; | |
24 | }; | |
95b20e17 IB |
25 | shaarli = pkgs.callPackage ./shaarli.nix { |
26 | env = myconfig.env.tools.shaarli; | |
27 | }; | |
b892dcbe IB |
28 | dokuwiki = pkgs.callPackage ./dokuwiki.nix { |
29 | inherit (mylibs) fetchedGithub; | |
30 | }; | |
f80772dc IB |
31 | ldap = pkgs.callPackage ./ldap.nix { |
32 | env = myconfig.env.tools.phpldapadmin; | |
33 | }; | |
10889174 IB |
34 | |
35 | cfg = config.services.myWebsites.tools.tools; | |
36 | in { | |
37 | options.services.myWebsites.tools.tools = { | |
38 | enable = lib.mkEnableOption "enable tools website"; | |
39 | }; | |
40 | ||
41 | config = lib.mkIf cfg.enable { | |
42 | security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null; | |
43 | ||
44 | services.myWebsites.tools.modules = | |
1922655a IB |
45 | [ "proxy_fcgi" ] |
46 | ++ adminer.apache.modules | |
10889174 IB |
47 | ++ ympd.apache.modules |
48 | ++ ttrss.apache.modules | |
aebd817b | 49 | ++ roundcubemail.apache.modules |
133ebaee | 50 | ++ wallabag.apache.modules |
bfe3c9c9 | 51 | ++ yourls.apache.modules |
95b20e17 | 52 | ++ rompr.apache.modules |
b892dcbe | 53 | ++ shaarli.apache.modules |
f80772dc | 54 | ++ dokuwiki.apache.modules |
d4ed0eff IB |
55 | ++ ldap.apache.modules |
56 | ++ kanboard.apache.modules; | |
10889174 | 57 | |
bfe3c9c9 | 58 | services.ympd = ympd.config // { enable = true; }; |
10889174 IB |
59 | |
60 | services.myWebsites.tools.vhostConfs.tools = { | |
61 | certName = "eldiron"; | |
62 | hosts = ["tools.immae.eu" ]; | |
1922655a | 63 | root = "/var/lib/ftp/tools.immae.eu"; |
10889174 | 64 | extraConfig = [ |
1922655a IB |
65 | '' |
66 | <Directory "/var/lib/ftp/tools.immae.eu"> | |
0eaac6ba | 67 | DirectoryIndex index.php index.htm index.html |
1922655a IB |
68 | AllowOverride all |
69 | Require all granted | |
70 | <FilesMatch "\.php$"> | |
71 | SetHandler "proxy:unix:/var/run/phpfpm/tools.sock|fcgi://localhost" | |
72 | </FilesMatch> | |
73 | </Directory> | |
74 | '' | |
10889174 IB |
75 | adminer.apache.vhostConf |
76 | ympd.apache.vhostConf | |
77 | ttrss.apache.vhostConf | |
78 | roundcubemail.apache.vhostConf | |
aebd817b | 79 | wallabag.apache.vhostConf |
133ebaee | 80 | yourls.apache.vhostConf |
bfe3c9c9 | 81 | rompr.apache.vhostConf |
95b20e17 | 82 | shaarli.apache.vhostConf |
b892dcbe | 83 | dokuwiki.apache.vhostConf |
f80772dc | 84 | ldap.apache.vhostConf |
d4ed0eff | 85 | kanboard.apache.vhostConf |
10889174 IB |
86 | ]; |
87 | }; | |
88 | ||
70606070 IB |
89 | security.acme.certs."eldiron".extraDomains."outils.immae.eu" = null; |
90 | services.myWebsites.tools.vhostConfs.outils = { | |
91 | certName = "eldiron"; | |
92 | hosts = [ "outils.immae.eu" ]; | |
93 | root = null; | |
94 | extraConfig = [ | |
95 | '' | |
96 | RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1 | |
97 | ||
98 | RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1 | |
99 | ||
100 | RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1 | |
101 | RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1 | |
102 | ||
103 | RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1 | |
104 | RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1 | |
105 | RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1 | |
106 | RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1 | |
107 | ||
108 | RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1 | |
109 | ||
110 | RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1 | |
111 | '' | |
112 | ]; | |
113 | }; | |
114 | ||
10889174 IB |
115 | services.myPhpfpm.poolConfigs = { |
116 | adminer = adminer.phpFpm.pool; | |
117 | ttrss = ttrss.phpFpm.pool; | |
118 | roundcubemail = roundcubemail.phpFpm.pool; | |
aebd817b | 119 | wallabag = wallabag.phpFpm.pool; |
133ebaee | 120 | yourls = yourls.phpFpm.pool; |
bfe3c9c9 | 121 | rompr = rompr.phpFpm.pool; |
95b20e17 | 122 | shaarli = shaarli.phpFpm.pool; |
b892dcbe | 123 | dokuwiki = dokuwiki.phpFpm.pool; |
f80772dc | 124 | ldap = ldap.phpFpm.pool; |
d4ed0eff | 125 | kanboard = kanboard.phpFpm.pool; |
1922655a IB |
126 | tools = '' |
127 | listen = /var/run/phpfpm/tools.sock | |
128 | user = wwwrun | |
129 | group = wwwrun | |
130 | listen.owner = wwwrun | |
131 | listen.group = wwwrun | |
132 | pm = dynamic | |
133 | pm.max_children = 60 | |
134 | pm.start_servers = 2 | |
135 | pm.min_spare_servers = 1 | |
136 | pm.max_spare_servers = 10 | |
137 | ||
138 | ; Needed to avoid clashes in browser cookies (same domain) | |
139 | php_value[session.name] = ToolsPHPSESSID | |
140 | php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp" | |
141 | ''; | |
10889174 IB |
142 | }; |
143 | ||
144 | system.activationScripts = { | |
145 | ttrss = ttrss.activationScript; | |
146 | roundcubemail = roundcubemail.activationScript; | |
aebd817b | 147 | wallabag = wallabag.activationScript; |
133ebaee | 148 | yourls = yourls.activationScript; |
bfe3c9c9 | 149 | rompr = rompr.activationScript; |
95b20e17 | 150 | shaarli = shaarli.activationScript; |
b892dcbe | 151 | dokuwiki = dokuwiki.activationScript; |
d4ed0eff | 152 | kanboard = kanboard.activationScript; |
10889174 IB |
153 | }; |
154 | ||
a95ab089 IB |
155 | system.extraSystemBuilderCmds = '' |
156 | mkdir -p $out/webapps | |
157 | ln -s ${dokuwiki.webRoot} $out/webapps/${dokuwiki.apache.webappName} | |
158 | ln -s ${ldap.webRoot}/htdocs $out/webapps/${ldap.apache.webappName} | |
159 | ln -s ${rompr.webRoot} $out/webapps/${rompr.apache.webappName} | |
160 | ln -s ${roundcubemail.webRoot} $out/webapps/${roundcubemail.apache.webappName} | |
161 | ln -s ${shaarli.webRoot} $out/webapps/${shaarli.apache.webappName} | |
162 | ln -s ${ttrss.webRoot} $out/webapps/${ttrss.apache.webappName} | |
163 | ln -s ${wallabag.webRoot} $out/webapps/${wallabag.apache.webappName} | |
164 | ln -s ${yourls.webRoot} $out/webapps/${yourls.apache.webappName} | |
d4ed0eff | 165 | ln -s ${kanboard.webRoot} $out/webapps/${kanboard.apache.webappName} |
a95ab089 IB |
166 | ''; |
167 | ||
2368a4b7 IB |
168 | nixpkgs.overlays = [ (self: super: rec { |
169 | ympd = super.ympd.overrideAttrs(old: mylibs.fetchedGithub ./ympd.json); | |
170 | }) ]; | |
e229e6f2 | 171 | |
10889174 IB |
172 | systemd.services.tt-rss = { |
173 | description = "Tiny Tiny RSS feeds update daemon"; | |
174 | serviceConfig = { | |
175 | User = "wwwrun"; | |
176 | ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon"; | |
177 | StandardOutput = "syslog"; | |
178 | StandardError = "syslog"; | |
179 | PermissionsStartOnly = true; | |
180 | }; | |
181 | ||
182 | wantedBy = [ "multi-user.target" ]; | |
183 | requires = ["postgresql.service"]; | |
184 | after = ["network.target" "postgresql.service"]; | |
185 | }; | |
186 | ||
187 | }; | |
188 | } | |
189 |