]>
Commit | Line | Data |
---|---|---|
8a964143 | 1 | { lib, pkgs, config, myconfig, ... }: |
10889174 IB |
2 | let |
3 | adminer = pkgs.callPackage ../../commons/adminer.nix {}; | |
bfe3c9c9 IB |
4 | ympd = pkgs.callPackage ./ympd.nix { |
5 | env = myconfig.env.tools.ympd; | |
6 | }; | |
9d90e7e2 | 7 | ttrss = pkgs.callPackage ./ttrss.nix { |
86663f17 | 8 | inherit (pkgs.webapps) ttrss ttrss-plugins; |
9d90e7e2 IB |
9 | env = myconfig.env.tools.ttrss; |
10 | }; | |
8a2ccf84 | 11 | roundcubemail = pkgs.callPackage ./roundcubemail.nix { |
fffbbb56 | 12 | inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins; |
8a2ccf84 IB |
13 | env = myconfig.env.tools.roundcubemail; |
14 | }; | |
46f30ecc | 15 | rainloop = pkgs.callPackage ./rainloop.nix {}; |
d4ed0eff | 16 | kanboard = pkgs.callPackage ./kanboard.nix { |
d4ed0eff IB |
17 | env = myconfig.env.tools.kanboard; |
18 | }; | |
fd2d83bd IB |
19 | wallabag = pkgs.callPackage ./wallabag.nix { |
20 | inherit (pkgs.webapps) wallabag; | |
21 | env = myconfig.env.tools.wallabag; | |
22 | }; | |
133ebaee | 23 | yourls = pkgs.callPackage ./yourls.nix { |
b44b42a1 | 24 | inherit (pkgs.webapps) yourls yourls-plugins; |
133ebaee IB |
25 | env = myconfig.env.tools.yourls; |
26 | }; | |
bfe3c9c9 | 27 | rompr = pkgs.callPackage ./rompr.nix { |
5dbe7ba1 | 28 | inherit (pkgs.webapps) rompr; |
bfe3c9c9 IB |
29 | env = myconfig.env.tools.rompr; |
30 | }; | |
95b20e17 IB |
31 | shaarli = pkgs.callPackage ./shaarli.nix { |
32 | env = myconfig.env.tools.shaarli; | |
33 | }; | |
b892dcbe | 34 | dokuwiki = pkgs.callPackage ./dokuwiki.nix { |
c9d13ae3 | 35 | inherit (pkgs.webapps) dokuwiki dokuwiki-plugins; |
b892dcbe | 36 | }; |
f80772dc | 37 | ldap = pkgs.callPackage ./ldap.nix { |
f5efae0f | 38 | inherit (pkgs.webapps) phpldapadmin; |
f80772dc IB |
39 | env = myconfig.env.tools.phpldapadmin; |
40 | }; | |
10889174 IB |
41 | |
42 | cfg = config.services.myWebsites.tools.tools; | |
43 | in { | |
44 | options.services.myWebsites.tools.tools = { | |
45 | enable = lib.mkEnableOption "enable tools website"; | |
46 | }; | |
47 | ||
48 | config = lib.mkIf cfg.enable { | |
1a718805 | 49 | secrets.keys = |
a840a21c | 50 | kanboard.keys |
8db8e666 IB |
51 | ++ ldap.keys |
52 | ++ roundcubemail.keys | |
53 | ++ shaarli.keys | |
54 | ++ ttrss.keys | |
55 | ++ wallabag.keys | |
56 | ++ yourls.keys; | |
98163486 | 57 | |
daf64e3f | 58 | services.websites.integration.modules = |
46f30ecc | 59 | rainloop.apache.modules; |
10889174 | 60 | |
daf64e3f | 61 | services.websites.tools.modules = |
1922655a IB |
62 | [ "proxy_fcgi" ] |
63 | ++ adminer.apache.modules | |
10889174 IB |
64 | ++ ympd.apache.modules |
65 | ++ ttrss.apache.modules | |
aebd817b | 66 | ++ roundcubemail.apache.modules |
133ebaee | 67 | ++ wallabag.apache.modules |
bfe3c9c9 | 68 | ++ yourls.apache.modules |
95b20e17 | 69 | ++ rompr.apache.modules |
b892dcbe | 70 | ++ shaarli.apache.modules |
f80772dc | 71 | ++ dokuwiki.apache.modules |
d4ed0eff IB |
72 | ++ ldap.apache.modules |
73 | ++ kanboard.apache.modules; | |
10889174 | 74 | |
daf64e3f | 75 | services.websites.integration.vhostConfs.devtools = { |
46f30ecc | 76 | certName = "eldiron"; |
7df420c2 | 77 | addToCerts = true; |
46f30ecc | 78 | hosts = ["devtools.immae.eu" ]; |
0aae0181 | 79 | root = "/var/lib/ftp/devtools.immae.eu"; |
46f30ecc | 80 | extraConfig = [ |
0aae0181 IB |
81 | '' |
82 | <Directory "/var/lib/ftp/devtools.immae.eu"> | |
83 | DirectoryIndex index.php index.htm index.html | |
84 | AllowOverride all | |
85 | Require all granted | |
86 | <FilesMatch "\.php$"> | |
87 | SetHandler "proxy:unix:/var/run/phpfpm/devtools.sock|fcgi://localhost" | |
88 | </FilesMatch> | |
89 | </Directory> | |
90 | '' | |
46f30ecc IB |
91 | rainloop.apache.vhostConf |
92 | ]; | |
93 | }; | |
94 | ||
daf64e3f | 95 | services.websites.tools.vhostConfs.tools = { |
10889174 | 96 | certName = "eldiron"; |
7df420c2 | 97 | addToCerts = true; |
10889174 | 98 | hosts = ["tools.immae.eu" ]; |
1922655a | 99 | root = "/var/lib/ftp/tools.immae.eu"; |
10889174 | 100 | extraConfig = [ |
1922655a IB |
101 | '' |
102 | <Directory "/var/lib/ftp/tools.immae.eu"> | |
0eaac6ba | 103 | DirectoryIndex index.php index.htm index.html |
1922655a IB |
104 | AllowOverride all |
105 | Require all granted | |
106 | <FilesMatch "\.php$"> | |
107 | SetHandler "proxy:unix:/var/run/phpfpm/tools.sock|fcgi://localhost" | |
108 | </FilesMatch> | |
109 | </Directory> | |
110 | '' | |
10889174 IB |
111 | adminer.apache.vhostConf |
112 | ympd.apache.vhostConf | |
113 | ttrss.apache.vhostConf | |
114 | roundcubemail.apache.vhostConf | |
aebd817b | 115 | wallabag.apache.vhostConf |
133ebaee | 116 | yourls.apache.vhostConf |
bfe3c9c9 | 117 | rompr.apache.vhostConf |
95b20e17 | 118 | shaarli.apache.vhostConf |
b892dcbe | 119 | dokuwiki.apache.vhostConf |
f80772dc | 120 | ldap.apache.vhostConf |
d4ed0eff | 121 | kanboard.apache.vhostConf |
10889174 IB |
122 | ]; |
123 | }; | |
124 | ||
daf64e3f | 125 | services.websites.tools.vhostConfs.outils = { |
7df420c2 IB |
126 | certName = "eldiron"; |
127 | addToCerts = true; | |
128 | hosts = [ "outils.immae.eu" ]; | |
129 | root = null; | |
70606070 IB |
130 | extraConfig = [ |
131 | '' | |
132 | RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1 | |
133 | ||
134 | RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1 | |
135 | ||
136 | RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1 | |
137 | RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1 | |
138 | ||
139 | RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1 | |
140 | RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1 | |
141 | RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1 | |
142 | RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1 | |
143 | ||
144 | RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1 | |
145 | ||
146 | RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1 | |
147 | '' | |
148 | ]; | |
149 | }; | |
150 | ||
f40f5b23 IB |
151 | systemd.services = { |
152 | phpfpm-dokuwiki = { | |
153 | after = lib.mkAfter dokuwiki.phpFpm.serviceDeps; | |
154 | wants = dokuwiki.phpFpm.serviceDeps; | |
155 | }; | |
156 | phpfpm-kanboard = { | |
157 | after = lib.mkAfter kanboard.phpFpm.serviceDeps; | |
158 | wants = kanboard.phpFpm.serviceDeps; | |
159 | }; | |
160 | phpfpm-ldap = { | |
161 | after = lib.mkAfter ldap.phpFpm.serviceDeps; | |
162 | wants = ldap.phpFpm.serviceDeps; | |
163 | }; | |
164 | phpfpm-rainloop = { | |
165 | after = lib.mkAfter rainloop.phpFpm.serviceDeps; | |
166 | wants = rainloop.phpFpm.serviceDeps; | |
167 | }; | |
168 | phpfpm-roundcubemail = { | |
169 | after = lib.mkAfter roundcubemail.phpFpm.serviceDeps; | |
170 | wants = roundcubemail.phpFpm.serviceDeps; | |
171 | }; | |
172 | phpfpm-shaarli = { | |
173 | after = lib.mkAfter shaarli.phpFpm.serviceDeps; | |
174 | wants = shaarli.phpFpm.serviceDeps; | |
175 | }; | |
176 | phpfpm-ttrss = { | |
177 | after = lib.mkAfter ttrss.phpFpm.serviceDeps; | |
178 | wants = ttrss.phpFpm.serviceDeps; | |
179 | }; | |
180 | phpfpm-wallabag = { | |
181 | after = lib.mkAfter wallabag.phpFpm.serviceDeps; | |
182 | wants = wallabag.phpFpm.serviceDeps; | |
183 | preStart = lib.mkAfter wallabag.phpFpm.preStart; | |
184 | }; | |
185 | phpfpm-yourls = { | |
186 | after = lib.mkAfter yourls.phpFpm.serviceDeps; | |
187 | wants = yourls.phpFpm.serviceDeps; | |
188 | }; | |
189 | ympd = { | |
190 | description = "Standalone MPD Web GUI written in C"; | |
191 | wantedBy = [ "multi-user.target" ]; | |
192 | script = '' | |
193 | export MPD_PASSWORD=$(cat /var/secrets/mpd) | |
194 | ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody | |
195 | ''; | |
196 | }; | |
197 | tt-rss = { | |
198 | description = "Tiny Tiny RSS feeds update daemon"; | |
199 | serviceConfig = { | |
200 | User = "wwwrun"; | |
201 | ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon"; | |
202 | StandardOutput = "syslog"; | |
203 | StandardError = "syslog"; | |
204 | PermissionsStartOnly = true; | |
205 | }; | |
206 | ||
207 | wantedBy = [ "multi-user.target" ]; | |
208 | requires = ["postgresql.service"]; | |
209 | after = ["network.target" "postgresql.service"]; | |
210 | }; | |
211 | }; | |
212 | ||
213 | services.phpfpm.pools.roundcubemail = { | |
214 | listen = roundcubemail.phpFpm.socket; | |
215 | extraConfig = roundcubemail.phpFpm.pool; | |
216 | phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig; | |
a840a21c IB |
217 | }; |
218 | ||
f40f5b23 IB |
219 | services.phpfpm.pools.devtools = { |
220 | listen = "/var/run/phpfpm/devtools.sock"; | |
221 | extraConfig = '' | |
222 | user = wwwrun | |
223 | group = wwwrun | |
224 | listen.owner = wwwrun | |
225 | listen.group = wwwrun | |
226 | pm = dynamic | |
227 | pm.max_children = 60 | |
228 | pm.start_servers = 2 | |
229 | pm.min_spare_servers = 1 | |
230 | pm.max_spare_servers = 10 | |
231 | ||
232 | php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp" | |
233 | ''; | |
234 | phpOptions = config.services.phpfpm.phpOptions + '' | |
0aae0181 IB |
235 | extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so |
236 | extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so | |
237 | zend_extension=${pkgs.php}/lib/php/extensions/opcache.so | |
238 | ''; | |
8eded9ec | 239 | }; |
f40f5b23 IB |
240 | |
241 | services.phpfpm.poolConfigs = { | |
10889174 IB |
242 | adminer = adminer.phpFpm.pool; |
243 | ttrss = ttrss.phpFpm.pool; | |
aebd817b | 244 | wallabag = wallabag.phpFpm.pool; |
133ebaee | 245 | yourls = yourls.phpFpm.pool; |
bfe3c9c9 | 246 | rompr = rompr.phpFpm.pool; |
95b20e17 | 247 | shaarli = shaarli.phpFpm.pool; |
b892dcbe | 248 | dokuwiki = dokuwiki.phpFpm.pool; |
f80772dc | 249 | ldap = ldap.phpFpm.pool; |
46f30ecc | 250 | rainloop = rainloop.phpFpm.pool; |
d4ed0eff | 251 | kanboard = kanboard.phpFpm.pool; |
1922655a IB |
252 | tools = '' |
253 | listen = /var/run/phpfpm/tools.sock | |
254 | user = wwwrun | |
255 | group = wwwrun | |
256 | listen.owner = wwwrun | |
257 | listen.group = wwwrun | |
258 | pm = dynamic | |
259 | pm.max_children = 60 | |
260 | pm.start_servers = 2 | |
261 | pm.min_spare_servers = 1 | |
262 | pm.max_spare_servers = 10 | |
263 | ||
264 | ; Needed to avoid clashes in browser cookies (same domain) | |
265 | php_value[session.name] = ToolsPHPSESSID | |
266 | php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp" | |
267 | ''; | |
10889174 IB |
268 | }; |
269 | ||
270 | system.activationScripts = { | |
271 | ttrss = ttrss.activationScript; | |
272 | roundcubemail = roundcubemail.activationScript; | |
aebd817b | 273 | wallabag = wallabag.activationScript; |
133ebaee | 274 | yourls = yourls.activationScript; |
bfe3c9c9 | 275 | rompr = rompr.activationScript; |
95b20e17 | 276 | shaarli = shaarli.activationScript; |
b892dcbe | 277 | dokuwiki = dokuwiki.activationScript; |
46f30ecc | 278 | rainloop = rainloop.activationScript; |
d4ed0eff | 279 | kanboard = kanboard.activationScript; |
10889174 IB |
280 | }; |
281 | ||
a95ab089 IB |
282 | system.extraSystemBuilderCmds = '' |
283 | mkdir -p $out/webapps | |
284 | ln -s ${dokuwiki.webRoot} $out/webapps/${dokuwiki.apache.webappName} | |
285 | ln -s ${ldap.webRoot}/htdocs $out/webapps/${ldap.apache.webappName} | |
286 | ln -s ${rompr.webRoot} $out/webapps/${rompr.apache.webappName} | |
287 | ln -s ${roundcubemail.webRoot} $out/webapps/${roundcubemail.apache.webappName} | |
288 | ln -s ${shaarli.webRoot} $out/webapps/${shaarli.apache.webappName} | |
289 | ln -s ${ttrss.webRoot} $out/webapps/${ttrss.apache.webappName} | |
290 | ln -s ${wallabag.webRoot} $out/webapps/${wallabag.apache.webappName} | |
291 | ln -s ${yourls.webRoot} $out/webapps/${yourls.apache.webappName} | |
46f30ecc | 292 | ln -s ${rainloop.webRoot} $out/webapps/${rainloop.apache.webappName} |
d4ed0eff | 293 | ln -s ${kanboard.webRoot} $out/webapps/${kanboard.apache.webappName} |
a95ab089 IB |
294 | ''; |
295 | ||
10889174 IB |
296 | }; |
297 | } | |
298 |