[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / tools / default.nix

{ lib, pkgs, config, myconfig, mylibs, ... }:
let
    adminer = pkgs.callPackage ../../commons/adminer.nix {};
    ympd = pkgs.callPackage ./ympd.nix {
      env = myconfig.env.tools.ympd;
    };
    ttrss = pkgs.callPackage ./ttrss.nix {
      inherit (mylibs) fetchedGithub fetchedGit;
      env = myconfig.env.tools.ttrss;
    };
    roundcubemail = pkgs.callPackage ./roundcubemail.nix { env = myconfig.env.tools.roundcubemail; };
    wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; };
    yourls = pkgs.callPackage ./yourls.nix {
      inherit (mylibs) fetchedGithub;
      env = myconfig.env.tools.yourls;
    };
    rompr = pkgs.callPackage ./rompr.nix {
      inherit (mylibs) fetchedGithub;
      env = myconfig.env.tools.rompr;
    };
    shaarli = pkgs.callPackage ./shaarli.nix {
      env = myconfig.env.tools.shaarli;
    };
    dokuwiki = pkgs.callPackage ./dokuwiki.nix {
      inherit (mylibs) fetchedGithub;
    };
    ldap = pkgs.callPackage ./ldap.nix {
      env = myconfig.env.tools.phpldapadmin;
    };

    cfg = config.services.myWebsites.tools.tools;
in {
  options.services.myWebsites.tools.tools = {
    enable = lib.mkEnableOption "enable tools website";
  };

  config = lib.mkIf cfg.enable {
    security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null;

    services.myWebsites.tools.modules =
      [ "proxy_fcgi" ]
      ++ adminer.apache.modules
      ++ ympd.apache.modules
      ++ ttrss.apache.modules
      ++ roundcubemail.apache.modules
      ++ wallabag.apache.modules
      ++ yourls.apache.modules
      ++ rompr.apache.modules
      ++ shaarli.apache.modules
      ++ dokuwiki.apache.modules
      ++ ldap.apache.modules;

    services.ympd = ympd.config // { enable = true; };

    services.myWebsites.tools.vhostConfs.tools = {
      certName    = "eldiron";
      hosts       = ["tools.immae.eu" ];
      root        = "/var/lib/ftp/tools.immae.eu";
      extraConfig = [
        ''
          <Directory "/var/lib/ftp/tools.immae.eu">
            AllowOverride all
            Require all granted
            <FilesMatch "\.php$">
              SetHandler "proxy:unix:/var/run/phpfpm/tools.sock|fcgi://localhost"
            </FilesMatch>
          </Directory>
          ''
        adminer.apache.vhostConf
        ympd.apache.vhostConf
        ttrss.apache.vhostConf
        roundcubemail.apache.vhostConf
        wallabag.apache.vhostConf
        yourls.apache.vhostConf
        rompr.apache.vhostConf
        shaarli.apache.vhostConf
        dokuwiki.apache.vhostConf
        ldap.apache.vhostConf
      ];
    };

    services.myPhpfpm.poolConfigs = {
      adminer = adminer.phpFpm.pool;
      ttrss = ttrss.phpFpm.pool;
      roundcubemail = roundcubemail.phpFpm.pool;
      wallabag = wallabag.phpFpm.pool;
      yourls = yourls.phpFpm.pool;
      rompr = rompr.phpFpm.pool;
      shaarli = shaarli.phpFpm.pool;
      dokuwiki = dokuwiki.phpFpm.pool;
      ldap = ldap.phpFpm.pool;
      tools = ''
        listen = /var/run/phpfpm/tools.sock
        user = wwwrun
        group = wwwrun
        listen.owner = wwwrun
        listen.group = wwwrun
        pm = dynamic
        pm.max_children = 60
        pm.start_servers = 2
        pm.min_spare_servers = 1
        pm.max_spare_servers = 10

        ; Needed to avoid clashes in browser cookies (same domain)
        php_value[session.name] = ToolsPHPSESSID
        php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp"
        '';
    };

    system.activationScripts = {
      ttrss = ttrss.activationScript;
      roundcubemail = roundcubemail.activationScript;
      wallabag = wallabag.activationScript;
      yourls = yourls.activationScript;
      rompr = rompr.activationScript;
      shaarli = shaarli.activationScript;
      dokuwiki = dokuwiki.activationScript;
    };

    systemd.services.tt-rss = {
      description = "Tiny Tiny RSS feeds update daemon";
      serviceConfig = {
        User = "wwwrun";
        ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
        StandardOutput = "syslog";
        StandardError = "syslog";
        PermissionsStartOnly = true;
      };

      wantedBy = [ "multi-user.target" ];
      requires = ["postgresql.service"];
      after = ["network.target" "postgresql.service"];
    };

  };
}
Commit	Line	Data
9d90e7e2	1	{ lib, pkgs, config, myconfig, mylibs, ... }:
10889174 IB	2	let
10889174 IB	3	adminer = pkgs.callPackage ../../commons/adminer.nix {};
bfe3c9c9 IB	4	ympd = pkgs.callPackage ./ympd.nix {
	5	env = myconfig.env.tools.ympd;
	6	};
9d90e7e2 IB	7	ttrss = pkgs.callPackage ./ttrss.nix {
	8	inherit (mylibs) fetchedGithub fetchedGit;
	9	env = myconfig.env.tools.ttrss;
	10	};
	11	roundcubemail = pkgs.callPackage ./roundcubemail.nix { env = myconfig.env.tools.roundcubemail; };
	12	wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; };
133ebaee IB	13	yourls = pkgs.callPackage ./yourls.nix {
	14	inherit (mylibs) fetchedGithub;
	15	env = myconfig.env.tools.yourls;
	16	};
bfe3c9c9 IB	17	rompr = pkgs.callPackage ./rompr.nix {
	18	inherit (mylibs) fetchedGithub;
	19	env = myconfig.env.tools.rompr;
	20	};
95b20e17 IB	21	shaarli = pkgs.callPackage ./shaarli.nix {
	22	env = myconfig.env.tools.shaarli;
	23	};
b892dcbe IB	24	dokuwiki = pkgs.callPackage ./dokuwiki.nix {
	25	inherit (mylibs) fetchedGithub;
	26	};
f80772dc IB	27	ldap = pkgs.callPackage ./ldap.nix {
	28	env = myconfig.env.tools.phpldapadmin;
	29	};
10889174 IB	30
	31	cfg = config.services.myWebsites.tools.tools;
	32	in {
	33	options.services.myWebsites.tools.tools = {
	34	enable = lib.mkEnableOption "enable tools website";
	35	};
	36
	37	config = lib.mkIf cfg.enable {
	38	security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null;
	39
	40	services.myWebsites.tools.modules =
1922655a IB	41	[ "proxy_fcgi" ]
1922655a IB	42	++ adminer.apache.modules
10889174 IB	43	++ ympd.apache.modules
10889174 IB	44	++ ttrss.apache.modules
aebd817b	45	++ roundcubemail.apache.modules
133ebaee	46	++ wallabag.apache.modules
bfe3c9c9	47	++ yourls.apache.modules
95b20e17	48	++ rompr.apache.modules
b892dcbe	49	++ shaarli.apache.modules
f80772dc IB	50	++ dokuwiki.apache.modules
f80772dc IB	51	++ ldap.apache.modules;
10889174	52
bfe3c9c9	53	services.ympd = ympd.config // { enable = true; };
10889174 IB	54
	55	services.myWebsites.tools.vhostConfs.tools = {
	56	certName = "eldiron";
	57	hosts = ["tools.immae.eu" ];
1922655a	58	root = "/var/lib/ftp/tools.immae.eu";
10889174	59	extraConfig = [
1922655a IB	60	''
	61	<Directory "/var/lib/ftp/tools.immae.eu">
	62	AllowOverride all
	63	Require all granted
	64	<FilesMatch "\.php$">
	65	SetHandler "proxy:unix:/var/run/phpfpm/tools.sock\|fcgi://localhost"
	66	</FilesMatch>
	67	</Directory>
	68	''
10889174 IB	69	adminer.apache.vhostConf
	70	ympd.apache.vhostConf
	71	ttrss.apache.vhostConf
	72	roundcubemail.apache.vhostConf
aebd817b	73	wallabag.apache.vhostConf
133ebaee	74	yourls.apache.vhostConf
bfe3c9c9	75	rompr.apache.vhostConf
95b20e17	76	shaarli.apache.vhostConf
b892dcbe	77	dokuwiki.apache.vhostConf
f80772dc	78	ldap.apache.vhostConf
10889174 IB	79	];
	80	};
	81
	82	services.myPhpfpm.poolConfigs = {
	83	adminer = adminer.phpFpm.pool;
	84	ttrss = ttrss.phpFpm.pool;
	85	roundcubemail = roundcubemail.phpFpm.pool;
aebd817b	86	wallabag = wallabag.phpFpm.pool;
133ebaee	87	yourls = yourls.phpFpm.pool;
bfe3c9c9	88	rompr = rompr.phpFpm.pool;
95b20e17	89	shaarli = shaarli.phpFpm.pool;
b892dcbe	90	dokuwiki = dokuwiki.phpFpm.pool;
f80772dc	91	ldap = ldap.phpFpm.pool;
1922655a IB	92	tools = ''
	93	listen = /var/run/phpfpm/tools.sock
	94	user = wwwrun
	95	group = wwwrun
	96	listen.owner = wwwrun
	97	listen.group = wwwrun
	98	pm = dynamic
	99	pm.max_children = 60
	100	pm.start_servers = 2
	101	pm.min_spare_servers = 1
	102	pm.max_spare_servers = 10
	103
	104	; Needed to avoid clashes in browser cookies (same domain)
	105	php_value[session.name] = ToolsPHPSESSID
	106	php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp"
	107	'';
10889174 IB	108	};
	109
	110	system.activationScripts = {
	111	ttrss = ttrss.activationScript;
	112	roundcubemail = roundcubemail.activationScript;
aebd817b	113	wallabag = wallabag.activationScript;
133ebaee	114	yourls = yourls.activationScript;
bfe3c9c9	115	rompr = rompr.activationScript;
95b20e17	116	shaarli = shaarli.activationScript;
b892dcbe	117	dokuwiki = dokuwiki.activationScript;
10889174 IB	118	};
	119
	120	systemd.services.tt-rss = {
	121	description = "Tiny Tiny RSS feeds update daemon";
	122	serviceConfig = {
	123	User = "wwwrun";
	124	ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
	125	StandardOutput = "syslog";
	126	StandardError = "syslog";
	127	PermissionsStartOnly = true;
	128	};
	129
	130	wantedBy = [ "multi-user.target" ];
	131	requires = ["postgresql.service"];
	132	after = ["network.target" "postgresql.service"];
	133	};
	134
	135	};
	136	}
	137