1 { lib, pkgs, config, ... }:
3 adminer = pkgs.callPackage ./adminer.nix {
4 inherit (pkgs.webapps) adminer;
6 ympd = pkgs.callPackage ./ympd.nix {
7 env = config.myEnv.tools.ympd;
9 ttrss = pkgs.callPackage ./ttrss.nix {
10 inherit (pkgs.webapps) ttrss ttrss-plugins;
11 env = config.myEnv.tools.ttrss;
13 kanboard = pkgs.callPackage ./kanboard.nix {
14 env = config.myEnv.tools.kanboard;
16 wallabag = pkgs.callPackage ./wallabag.nix {
17 inherit (pkgs.webapps) wallabag;
18 env = config.myEnv.tools.wallabag;
20 yourls = pkgs.callPackage ./yourls.nix {
21 inherit (pkgs.webapps) yourls yourls-plugins;
22 env = config.myEnv.tools.yourls;
24 rompr = pkgs.callPackage ./rompr.nix {
25 inherit (pkgs.webapps) rompr;
26 env = config.myEnv.tools.rompr;
28 shaarli = pkgs.callPackage ./shaarli.nix {
29 env = config.myEnv.tools.shaarli;
31 dokuwiki = pkgs.callPackage ./dokuwiki.nix {
32 inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
34 ldap = pkgs.callPackage ./ldap.nix {
35 inherit (pkgs.webapps) phpldapadmin;
36 env = config.myEnv.tools.phpldapadmin;
38 grocy = pkgs.callPackage ./grocy.nix {
39 inherit (pkgs.webapps) grocy;
42 cfg = config.myServices.websites.tools.tools;
43 pcfg = config.services.phpfpm.pools;
45 options.myServices.websites.tools.tools = {
46 enable = lib.mkEnableOption "enable tools website";
49 config = lib.mkIf cfg.enable {
58 services.duplyBackup.profiles = {
59 dokuwiki = dokuwiki.backups;
60 grocy = grocy.backups;
61 kanboard = kanboard.backups;
62 rompr = rompr.backups;
63 shaarli = shaarli.backups;
64 ttrss = ttrss.backups;
65 wallabag = wallabag.backups;
68 services.websites.env.tools.modules =
70 ++ adminer.apache.modules
71 ++ ympd.apache.modules
72 ++ ttrss.apache.modules
73 ++ wallabag.apache.modules
74 ++ yourls.apache.modules
75 ++ rompr.apache.modules
76 ++ shaarli.apache.modules
77 ++ dokuwiki.apache.modules
78 ++ ldap.apache.modules
79 ++ kanboard.apache.modules;
81 services.websites.env.integration.vhostConfs.devtools = {
82 certName = "integration";
83 certMainHost = "devtools.immae.eu";
85 hosts = [ "devtools.immae.eu" ];
86 root = "/var/lib/ftp/devtools.immae.eu";
91 <Directory "/var/lib/ftp/devtools.immae.eu">
92 DirectoryIndex index.php index.htm index.html
96 SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
103 services.websites.env.tools.vhostConfs.tools = {
104 certName = "eldiron";
106 hosts = ["tools.immae.eu" ];
107 root = "/var/lib/ftp/tools.immae.eu";
110 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
111 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
112 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
114 <Directory "/var/lib/ftp/tools.immae.eu">
115 DirectoryIndex index.php index.htm index.html
118 <FilesMatch "\.php$">
119 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
123 (adminer.apache.vhostConf pcfg.adminer.socket)
124 ympd.apache.vhostConf
125 (ttrss.apache.vhostConf pcfg.ttrss.socket)
126 (wallabag.apache.vhostConf pcfg.wallabag.socket)
127 (yourls.apache.vhostConf pcfg.yourls.socket)
128 (rompr.apache.vhostConf pcfg.rompr.socket)
129 (shaarli.apache.vhostConf pcfg.shaarli.socket)
130 (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
131 (ldap.apache.vhostConf pcfg.ldap.socket)
132 (kanboard.apache.vhostConf pcfg.kanboard.socket)
133 (grocy.apache.vhostConf pcfg.grocy.socket)
137 services.websites.env.tools.vhostConfs.outils = {
138 certName = "eldiron";
140 hosts = [ "outils.immae.eu" ];
144 RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
146 RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
148 RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
149 RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
151 RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
152 RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
153 RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
154 RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
156 RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
158 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
160 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
162 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
164 RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
171 after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
172 wants = dokuwiki.phpFpm.serviceDeps;
175 after = lib.mkAfter kanboard.phpFpm.serviceDeps;
176 wants = kanboard.phpFpm.serviceDeps;
179 after = lib.mkAfter ldap.phpFpm.serviceDeps;
180 wants = ldap.phpFpm.serviceDeps;
183 after = lib.mkAfter shaarli.phpFpm.serviceDeps;
184 wants = shaarli.phpFpm.serviceDeps;
187 after = lib.mkAfter ttrss.phpFpm.serviceDeps;
188 wants = ttrss.phpFpm.serviceDeps;
191 after = lib.mkAfter wallabag.phpFpm.serviceDeps;
192 wants = wallabag.phpFpm.serviceDeps;
193 preStart = lib.mkAfter wallabag.phpFpm.preStart;
196 after = lib.mkAfter yourls.phpFpm.serviceDeps;
197 wants = yourls.phpFpm.serviceDeps;
200 description = "Standalone MPD Web GUI written in C";
201 wantedBy = [ "multi-user.target" ];
203 export MPD_PASSWORD=$(cat /var/secrets/mpd)
204 ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
208 description = "Tiny Tiny RSS feeds update daemon";
211 ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
212 StandardOutput = "syslog";
213 StandardError = "syslog";
214 PermissionsStartOnly = true;
217 wantedBy = [ "multi-user.target" ];
218 requires = ["postgresql.service"];
219 after = ["network.target" "postgresql.service"];
223 services.filesWatcher.ympd = {
225 paths = [ "/var/secrets/mpd" ];
228 services.phpfpm.pools = {
233 "listen.owner" = "wwwrun";
234 "listen.group" = "wwwrun";
236 "pm.max_children" = "60";
237 "pm.start_servers" = "2";
238 "pm.min_spare_servers" = "1";
239 "pm.max_spare_servers" = "10";
241 # Needed to avoid clashes in browser cookies (same domain)
242 "php_value[session.name]" = "ToolsPHPSESSID";
243 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp";
250 "listen.owner" = "wwwrun";
251 "listen.group" = "wwwrun";
253 "pm.max_children" = "60";
254 "pm.start_servers" = "2";
255 "pm.min_spare_servers" = "1";
256 "pm.max_spare_servers" = "10";
258 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
260 phpOptions = config.services.phpfpm.phpOptions + ''
261 extension=${pkgs.php}/lib/php/extensions/mysqli.so
262 extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
263 extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
264 zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
267 adminer = adminer.phpFpm;
271 settings = ttrss.phpFpm.pool;
276 settings = wallabag.phpFpm.pool;
281 settings = yourls.phpFpm.pool;
286 settings = rompr.phpFpm.pool;
291 settings = shaarli.phpFpm.pool;
296 settings = dokuwiki.phpFpm.pool;
301 settings = ldap.phpFpm.pool;
306 settings = kanboard.phpFpm.pool;
311 settings = grocy.phpFpm.pool;
315 system.activationScripts = {
316 adminer = adminer.activationScript;
317 grocy = grocy.activationScript;
318 ttrss = ttrss.activationScript;
319 wallabag = wallabag.activationScript;
320 yourls = yourls.activationScript;
321 rompr = rompr.activationScript;
322 shaarli = shaarli.activationScript;
323 dokuwiki = dokuwiki.activationScript;
324 kanboard = kanboard.activationScript;
325 ldap = ldap.activationScript;
328 myServices.websites.webappDirs = {
329 _adminer = adminer.webRoot;
330 "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
331 "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
332 "${rompr.apache.webappName}" = rompr.webRoot;
333 "${shaarli.apache.webappName}" = shaarli.webRoot;
334 "${ttrss.apache.webappName}" = ttrss.webRoot;
335 "${wallabag.apache.webappName}" = wallabag.webRoot;
336 "${yourls.apache.webappName}" = yourls.webRoot;
337 "${kanboard.apache.webappName}" = kanboard.webRoot;
338 "${grocy.apache.webappName}" = grocy.webRoot;
341 services.websites.env.tools.watchPaths = [
342 "/var/secrets/webapps/tools-shaarli"
344 services.filesWatcher.phpfpm-wallabag = {
346 paths = [ "/var/secrets/webapps/tools-wallabag" ];