[perso/Immae/Config/Nix.git] / virtual / packages / mantisbt.nix

with import ../../libs.nix;
with nixpkgs_unstable;
let
  # FIXME: check that source-integration and slack still work
  mantisbt = let
    plugins = {
      slack = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-slack.json // rec {
        installPhase = ''
          sed -i -e "s/return '@' . \\\$username;/return \\\$username;/" Slack.php
          cp -a . $out
          '';
      });
      source-integration = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-source-integration.json // rec {
        installPhase = ''
          mkdir $out
          patch -p1 < ${./mantisbt-plugin-source-integration_Source.API.php.diff}
          cp -a Source* $out/
        '';
      });
    };
  in rec {
    config = 
      assert checkEnv "NIXOPS_MANTISBT_DB_PASSWORD";
      assert checkEnv "NIXOPS_MANTISBT_MASTER_SALT";
      assert checkEnv "NIXOPS_MANTISBT_LDAP_PASSWORD";
      pkgs.writeText "config_inc.php" ''
      <?php
      $g_hostname              = 'db-1.immae.eu';
      $g_db_username           = 'mantisbt';
      $g_db_password           = '${builtins.getEnv "NIXOPS_MANTISBT_DB_PASSWORD"}';
      $g_database_name         = 'mantisbt';
      $g_db_type               = 'pgsql';
      $g_crypto_master_salt    = '${builtins.getEnv "NIXOPS_MANTISBT_MASTER_SALT"}';
      $g_allow_signup          = OFF;
      $g_allow_anonymous_login = ON;
      $g_anonymous_account     = 'anonymous';

      $g_phpMailer_method	= PHPMAILER_METHOD_SMTP;
      $g_smtp_host		= 'mail.immae.eu';
      $g_smtp_username		= ''';
      $g_smtp_password		= ''';
      $g_webmaster_email	= 'webmaster@immae.eu';
      $g_from_email		= 'noreply@immae.eu';
      $g_return_path_email	= 'webmaster@immae.eu';
      $g_from_name		= 'Mantis Bug Tracker at immae.eu';
      $g_email_receive_own	= OFF;
      # --- LDAP ---
      $g_login_method = LDAP;
      $g_ldap_protocol_version = 3;
      $g_ldap_server = 'ldaps://ldap.immae.eu:636';
      $g_ldap_root_dn = 'ou=users,dc=immae,dc=eu';
      $g_ldap_bind_dn = 'cn=mantisbt,ou=services,dc=immae,dc=eu';
      $g_ldap_bind_passwd = '${builtins.getEnv "NIXOPS_MANTISBT_LDAP_PASSWORD"}';
      $g_use_ldap_email = ON;
      $g_use_ldap_realname = ON;
      $g_ldap_uid_field = 'uid'; 
      $g_ldap_realname_field = 'cn';
      $g_ldap_organization = '(memberOf=cn=users,cn=mantisbt,ou=services,dc=immae,dc=eu)';
      '';
    webRoot = stdenv.mkDerivation rec {
      name = "mantisbt-${version}";
      version = "2.11.1";
      src = fetchurl {
        url = "https://downloads.sourceforge.net/project/mantisbt/mantis-stable/${version}/${name}.tar.gz";
        sha256 = "0jnrqz6r2hf53v0k1lh3il7hlfiphn61r9wgg6mzyywkjxwq07md";
      };
      patches = [
        ./mantisbt-patches/bug_report.php.diff
        ./mantisbt-patches/bug_report_page.php.diff
        ./mantisbt-patches/bugnote_add.php.diff
        ./mantisbt-patches/bugnote_add_inc.php.diff
        ];
      installPhase = ''
        cp -a . $out
        ln -s ${config} $out/config/config_inc.php
        ln -s ${plugins.slack} $out/plugins/Slack
        ln -s ${plugins.source-integration}/Source* $out/plugins/
      '';
    };
    apache = {
      user = "wwwrun";
      group = "wwwrun";
      modules = [ "proxy_fcgi" ];
      vhostConf = ''
        Alias /mantisbt "${webRoot}"
        <Directory "${webRoot}">
          DirectoryIndex index.php
          <FilesMatch "\.php$">
            SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
          </FilesMatch>

          AllowOverride All
          Options FollowSymlinks
          Require all granted
        </Directory>
        <Directory "${webRoot}/admin">
          #Reenable during upgrade
          Require all denied
        </Directory>
        '';
    };
    phpFpm = rec {
      basedir = builtins.concatStringsSep ":" (
        [ webRoot config ]
        ++ pkgs.lib.attrsets.mapAttrsToList (name: value: value) plugins);
      socket = "/var/run/phpfpm/mantisbt.sock";
      pool = ''
        listen = ${socket}
        user = ${apache.user}
        group = ${apache.group}
        listen.owner = ${apache.user}
        listen.group = ${apache.group}
        pm = ondemand
        pm.max_children = 60
        pm.process_idle_timeout = 60

        php_admin_value[upload_max_filesize] = 5000000

        php_admin_value[open_basedir] = "${basedir}:/tmp"
        '';
    };
  };
in 
  mantisbt
Commit	Line	Data
50d8fa14 IB	1	with import ../../libs.nix;
	2	with nixpkgs_unstable;
	3	let
	4	# FIXME: check that source-integration and slack still work
	5	mantisbt = let
	6	plugins = {
	7	slack = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-slack.json // rec {
	8	installPhase = ''
	9	sed -i -e "s/return '@' . \\\$username;/return \\\$username;/" Slack.php
	10	cp -a . $out
	11	'';
	12	});
	13	source-integration = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-source-integration.json // rec {
	14	installPhase = ''
	15	mkdir $out
	16	patch -p1 < ${./mantisbt-plugin-source-integration_Source.API.php.diff}
	17	cp -a Source* $out/
	18	'';
	19	});
	20	};
	21	in rec {
	22	config =
	23	assert checkEnv "NIXOPS_MANTISBT_DB_PASSWORD";
	24	assert checkEnv "NIXOPS_MANTISBT_MASTER_SALT";
	25	assert checkEnv "NIXOPS_MANTISBT_LDAP_PASSWORD";
	26	pkgs.writeText "config_inc.php" ''
	27	<?php
	28	$g_hostname = 'db-1.immae.eu';
	29	$g_db_username = 'mantisbt';
	30	$g_db_password = '${builtins.getEnv "NIXOPS_MANTISBT_DB_PASSWORD"}';
	31	$g_database_name = 'mantisbt';
	32	$g_db_type = 'pgsql';
	33	$g_crypto_master_salt = '${builtins.getEnv "NIXOPS_MANTISBT_MASTER_SALT"}';
	34	$g_allow_signup = OFF;
	35	$g_allow_anonymous_login = ON;
	36	$g_anonymous_account = 'anonymous';
	37
	38	$g_phpMailer_method = PHPMAILER_METHOD_SMTP;
	39	$g_smtp_host = 'mail.immae.eu';
	40	$g_smtp_username = ''';
	41	$g_smtp_password = ''';
	42	$g_webmaster_email = 'webmaster@immae.eu';
	43	$g_from_email = 'noreply@immae.eu';
	44	$g_return_path_email = 'webmaster@immae.eu';
	45	$g_from_name = 'Mantis Bug Tracker at immae.eu';
	46	$g_email_receive_own = OFF;
	47	# --- LDAP ---
	48	$g_login_method = LDAP;
	49	$g_ldap_protocol_version = 3;
	50	$g_ldap_server = 'ldaps://ldap.immae.eu:636';
	51	$g_ldap_root_dn = 'ou=users,dc=immae,dc=eu';
	52	$g_ldap_bind_dn = 'cn=mantisbt,ou=services,dc=immae,dc=eu';
	53	$g_ldap_bind_passwd = '${builtins.getEnv "NIXOPS_MANTISBT_LDAP_PASSWORD"}';
	54	$g_use_ldap_email = ON;
	55	$g_use_ldap_realname = ON;
	56	$g_ldap_uid_field = 'uid';
	57	$g_ldap_realname_field = 'cn';
	58	$g_ldap_organization = '(memberOf=cn=users,cn=mantisbt,ou=services,dc=immae,dc=eu)';
	59	'';
	60	webRoot = stdenv.mkDerivation rec {
	61	name = "mantisbt-${version}";
	62	version = "2.11.1";
	63	src = fetchurl {
	64	url = "https://downloads.sourceforge.net/project/mantisbt/mantis-stable/${version}/${name}.tar.gz";
65	sha256 = "0jnrqz6r2hf53v0k1lh3il7hlfiphn61r9wgg6mzyywkjxwq07md";
66	};
67	patches = [
68	./mantisbt-patches/bug_report.php.diff
69	./mantisbt-patches/bug_report_page.php.diff
70	./mantisbt-patches/bugnote_add.php.diff
71	./mantisbt-patches/bugnote_add_inc.php.diff
72	];
73	installPhase = ''
74	cp -a . $out
75	ln -s ${config} $out/config/config_inc.php
76	ln -s ${plugins.slack} $out/plugins/Slack
77	ln -s ${plugins.source-integration}/Source* $out/plugins/
78	'';
79	};
80	apache = {
81	user = "wwwrun";
82	group = "wwwrun";
83	modules = [ "proxy_fcgi" ];
84	vhostConf = ''
85	Alias /mantisbt "${webRoot}"
86	<Directory "${webRoot}">
87	DirectoryIndex index.php
88	<FilesMatch "\.php$">
89	SetHandler "proxy:unix:${phpFpm.socket}\|fcgi://localhost"
90	</FilesMatch>
91
92	AllowOverride All
93	Options FollowSymlinks
94	Require all granted
95	</Directory>
96	<Directory "${webRoot}/admin">
97	#Reenable during upgrade
98	Require all denied
99	</Directory>
100	'';
101	};
102	phpFpm = rec {
103	basedir = builtins.concatStringsSep ":" (
104	[ webRoot config ]
105	++ pkgs.lib.attrsets.mapAttrsToList (name: value: value) plugins);
106	socket = "/var/run/phpfpm/mantisbt.sock";
107	pool = ''
108	listen = ${socket}
109	user = ${apache.user}
110	group = ${apache.group}
111	listen.owner = ${apache.user}
112	listen.group = ${apache.group}
113	pm = ondemand
114	pm.max_children = 60
115	pm.process_idle_timeout = 60
116
117	php_admin_value[upload_max_filesize] = 5000000
118
119	php_admin_value[open_basedir] = "${basedir}:/tmp"
120	'';
121	};
122	};
123	in
124	mantisbt