1 { lib, pkgs, config, ... }:
3 adminer = pkgs.callPackage ./adminer.nix {
4 inherit (pkgs.webapps) adminer;
6 ympd = pkgs.callPackage ./ympd.nix {
7 env = config.myEnv.tools.ympd;
9 ttrss = pkgs.callPackage ./ttrss.nix {
10 inherit (pkgs.webapps) ttrss ttrss-plugins;
11 env = config.myEnv.tools.ttrss;
13 kanboard = pkgs.callPackage ./kanboard.nix {
14 env = config.myEnv.tools.kanboard;
16 wallabag = pkgs.callPackage ./wallabag.nix {
17 inherit (pkgs.webapps) wallabag;
18 env = config.myEnv.tools.wallabag;
20 yourls = pkgs.callPackage ./yourls.nix {
21 inherit (pkgs.webapps) yourls yourls-plugins;
22 env = config.myEnv.tools.yourls;
24 rompr = pkgs.callPackage ./rompr.nix {
25 inherit (pkgs.webapps) rompr;
26 env = config.myEnv.tools.rompr;
28 shaarli = pkgs.callPackage ./shaarli.nix {
29 env = config.myEnv.tools.shaarli;
31 dokuwiki = pkgs.callPackage ./dokuwiki.nix {
32 inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
34 ldap = pkgs.callPackage ./ldap.nix {
35 inherit (pkgs.webapps) phpldapadmin;
36 env = config.myEnv.tools.phpldapadmin;
38 grocy = pkgs.callPackage ./grocy.nix {
39 inherit (pkgs.webapps) grocy;
41 phpbb = pkgs.callPackage ./phpbb.nix {
42 phpbb = (pkgs.webapps.phpbb.withLangs (l: [ l.fr ])).withExts (e: [
43 e.alfredoramos.markdown e.davidiq.mailinglist e.dmzx.mchat
44 e.empteintesduweb.monitoranswers e.lr94.autosubscribe
45 e.phpbbmodders.adduser ]);
47 webhooks = pkgs.callPackage ./webhooks.nix {
48 env = config.myEnv.tools.webhooks;
51 landing = pkgs.callPackage ./landing.nix {};
53 cfg = config.myServices.websites.tools.tools;
54 pcfg = config.services.phpfpm.pools;
56 options.myServices.websites.tools.tools = {
57 enable = lib.mkEnableOption "enable tools website";
60 config = lib.mkIf cfg.enable {
70 services.duplyBackup.profiles = {
71 dokuwiki = dokuwiki.backups;
72 grocy = grocy.backups;
73 kanboard = kanboard.backups;
74 rompr = rompr.backups;
75 shaarli = shaarli.backups;
76 ttrss = ttrss.backups;
77 wallabag = wallabag.backups;
78 phpbb = phpbb.backups;
81 services.websites.env.tools.modules =
83 ++ adminer.apache.modules
84 ++ ympd.apache.modules
85 ++ ttrss.apache.modules
86 ++ wallabag.apache.modules
87 ++ yourls.apache.modules
88 ++ rompr.apache.modules
89 ++ shaarli.apache.modules
90 ++ dokuwiki.apache.modules
91 ++ phpbb.apache.modules
92 ++ ldap.apache.modules
93 ++ kanboard.apache.modules;
95 services.websites.env.integration.vhostConfs.devtools = {
96 certName = "integration";
97 certMainHost = "devtools.immae.eu";
99 hosts = [ "devtools.immae.eu" ];
100 root = "/var/lib/ftp/devtools.immae.eu";
105 <Directory "/var/lib/ftp/devtools.immae.eu">
106 DirectoryIndex index.php index.htm index.html
109 <FilesMatch "\.php$">
110 SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
117 services.websites.env.tools.vhostConfs.tools = {
118 certName = "eldiron";
120 hosts = ["tools.immae.eu" ];
124 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
125 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
126 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
128 <Directory "${landing}">
129 DirectoryIndex index.html
133 <FilesMatch "\.php$">
134 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
138 (adminer.apache.vhostConf pcfg.adminer.socket)
139 ympd.apache.vhostConf
140 (ttrss.apache.vhostConf pcfg.ttrss.socket)
141 (wallabag.apache.vhostConf pcfg.wallabag.socket)
142 (yourls.apache.vhostConf pcfg.yourls.socket)
143 (rompr.apache.vhostConf pcfg.rompr.socket)
144 (shaarli.apache.vhostConf pcfg.shaarli.socket)
145 (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
146 (ldap.apache.vhostConf pcfg.ldap.socket)
147 (kanboard.apache.vhostConf pcfg.kanboard.socket)
148 (grocy.apache.vhostConf pcfg.grocy.socket)
149 (phpbb.apache.vhostConf pcfg.phpbb.socket)
151 Alias /paste /var/lib/fiche
152 <Directory "/var/lib/fiche">
153 DirectoryIndex index.txt index.html
159 Alias /BIP39 /var/lib/buildbot/outputs/bip39
160 <Directory "/var/lib/buildbot/outputs/bip39">
161 DirectoryIndex index.html
166 Alias /webhooks ${config.secrets.location}/webapps/webhooks
167 <Directory "${config.secrets.location}/webapps/webhooks">
171 <FilesMatch "\.php$">
172 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
179 services.websites.env.tools.vhostConfs.outils = {
180 certName = "eldiron";
182 hosts = [ "outils.immae.eu" ];
186 RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
188 RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
190 RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
191 RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
193 RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
194 RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
195 RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
196 RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
198 RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
200 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
202 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
204 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
206 RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
213 after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
214 wants = dokuwiki.phpFpm.serviceDeps;
217 after = lib.mkAfter phpbb.phpFpm.serviceDeps;
218 wants = phpbb.phpFpm.serviceDeps;
221 after = lib.mkAfter kanboard.phpFpm.serviceDeps;
222 wants = kanboard.phpFpm.serviceDeps;
225 after = lib.mkAfter ldap.phpFpm.serviceDeps;
226 wants = ldap.phpFpm.serviceDeps;
229 after = lib.mkAfter shaarli.phpFpm.serviceDeps;
230 wants = shaarli.phpFpm.serviceDeps;
233 after = lib.mkAfter ttrss.phpFpm.serviceDeps;
234 wants = ttrss.phpFpm.serviceDeps;
237 after = lib.mkAfter wallabag.phpFpm.serviceDeps;
238 wants = wallabag.phpFpm.serviceDeps;
239 preStart = lib.mkAfter wallabag.phpFpm.preStart;
242 after = lib.mkAfter yourls.phpFpm.serviceDeps;
243 wants = yourls.phpFpm.serviceDeps;
246 description = "Standalone MPD Web GUI written in C";
247 wantedBy = [ "multi-user.target" ];
249 export MPD_PASSWORD=$(cat /var/secrets/mpd)
250 ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
254 description = "Tiny Tiny RSS feeds update daemon";
257 ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
258 StandardOutput = "syslog";
259 StandardError = "syslog";
260 PermissionsStartOnly = true;
263 wantedBy = [ "multi-user.target" ];
264 requires = ["postgresql.service"];
265 after = ["network.target" "postgresql.service"];
269 services.filesWatcher.ympd = {
271 paths = [ "/var/secrets/mpd" ];
274 services.phpfpm.pools = {
279 "listen.owner" = "wwwrun";
280 "listen.group" = "wwwrun";
282 "pm.max_children" = "60";
283 "pm.start_servers" = "2";
284 "pm.min_spare_servers" = "1";
285 "pm.max_spare_servers" = "10";
287 # Needed to avoid clashes in browser cookies (same domain)
288 "php_value[session.name]" = "ToolsPHPSESSID";
289 "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
290 "/run/wrappers/bin/sendmail" landing "/tmp"
291 "${config.secrets.location}/webapps/webhooks"
295 CONTACT_EMAIL = config.myEnv.tools.contact;
302 "listen.owner" = "wwwrun";
303 "listen.group" = "wwwrun";
305 "pm.max_children" = "60";
306 "pm.start_servers" = "2";
307 "pm.min_spare_servers" = "1";
308 "pm.max_spare_servers" = "10";
310 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
312 phpOptions = config.services.phpfpm.phpOptions + ''
313 extension=${pkgs.php}/lib/php/extensions/mysqli.so
314 extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
315 extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
316 zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
319 adminer = adminer.phpFpm;
323 settings = ttrss.phpFpm.pool;
328 settings = wallabag.phpFpm.pool;
333 settings = yourls.phpFpm.pool;
338 settings = rompr.phpFpm.pool;
343 settings = shaarli.phpFpm.pool;
348 settings = dokuwiki.phpFpm.pool;
353 settings = phpbb.phpFpm.pool;
358 settings = ldap.phpFpm.pool;
359 phpPackage = pkgs.php72;
364 settings = kanboard.phpFpm.pool;
369 settings = grocy.phpFpm.pool;
373 system.activationScripts = {
374 adminer = adminer.activationScript;
375 grocy = grocy.activationScript;
376 ttrss = ttrss.activationScript;
377 wallabag = wallabag.activationScript;
378 yourls = yourls.activationScript;
379 rompr = rompr.activationScript;
380 shaarli = shaarli.activationScript;
381 dokuwiki = dokuwiki.activationScript;
382 phpbb = phpbb.activationScript;
383 kanboard = kanboard.activationScript;
384 ldap = ldap.activationScript;
387 services.websites.webappDirs = {
388 _adminer = adminer.webRoot;
389 "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
390 "${phpbb.apache.webappName}" = phpbb.webRoot;
391 "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
392 "${rompr.apache.webappName}" = rompr.webRoot;
393 "${shaarli.apache.webappName}" = shaarli.webRoot;
394 "${ttrss.apache.webappName}" = ttrss.webRoot;
395 "${wallabag.apache.webappName}" = wallabag.webRoot;
396 "${yourls.apache.webappName}" = yourls.webRoot;
397 "${kanboard.apache.webappName}" = kanboard.webRoot;
398 "${grocy.apache.webappName}" = grocy.webRoot;
401 services.websites.env.tools.watchPaths = [
402 "/var/secrets/webapps/tools-shaarli"
404 services.filesWatcher.phpfpm-wallabag = {
406 paths = [ "/var/secrets/webapps/tools-wallabag" ];
411 port = config.myEnv.ports.fiche;
412 domain = "tools.immae.eu/paste";