1 { lib, pkgs, config, ... }:
3 adminer = pkgs.callPackage ./adminer.nix {
4 inherit (pkgs.webapps) adminer;
6 ympd = pkgs.callPackage ./ympd.nix {
7 env = config.myEnv.tools.ympd;
9 ttrss = pkgs.callPackage ./ttrss.nix {
10 inherit (pkgs.webapps) ttrss ttrss-plugins;
11 env = config.myEnv.tools.ttrss;
14 kanboard = pkgs.callPackage ./kanboard.nix {
15 env = config.myEnv.tools.kanboard;
17 wallabag = pkgs.callPackage ./wallabag.nix {
18 wallabag = pkgs.webapps.wallabag.override { composerEnv = pkgs.composerEnv.override { php = pkgs.php72; }; };
19 env = config.myEnv.tools.wallabag;
21 yourls = pkgs.callPackage ./yourls.nix {
22 inherit (pkgs.webapps) yourls yourls-plugins;
23 env = config.myEnv.tools.yourls;
25 rompr = pkgs.callPackage ./rompr.nix {
26 inherit (pkgs.webapps) rompr;
27 env = config.myEnv.tools.rompr;
29 shaarli = pkgs.callPackage ./shaarli.nix {
30 env = config.myEnv.tools.shaarli;
32 dokuwiki = pkgs.callPackage ./dokuwiki.nix {
33 inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
35 ldap = pkgs.callPackage ./ldap.nix {
36 inherit (pkgs.webapps) phpldapadmin;
37 env = config.myEnv.tools.phpldapadmin;
39 grocy = pkgs.callPackage ./grocy.nix {
40 grocy = pkgs.webapps.grocy.override { composerEnv = pkgs.composerEnv.override { php = pkgs.php72; }; };
42 phpbb = pkgs.callPackage ./phpbb.nix {
43 phpbb = (pkgs.webapps.phpbb.withLangs (l: [ l.fr ])).withExts (e: [
44 e.alfredoramos.markdown e.davidiq.mailinglist e.dmzx.mchat
45 e.empteintesduweb.monitoranswers e.lr94.autosubscribe
46 e.phpbbmodders.adduser ]);
48 webhooks = pkgs.callPackage ./webhooks.nix {
49 env = config.myEnv.tools.webhooks;
51 dmarc-reports = pkgs.callPackage ./dmarc_reports.nix {
52 env = config.myEnv.tools.dmarc_reports;
55 landing = pkgs.callPackage ./landing.nix {};
57 cfg = config.myServices.websites.tools.tools;
58 pcfg = config.services.phpfpm.pools;
60 options.myServices.websites.tools.tools = {
61 enable = lib.mkEnableOption "enable tools website";
64 config = lib.mkIf cfg.enable {
75 services.duplyBackup.profiles = {
76 dokuwiki = dokuwiki.backups;
77 grocy = grocy.backups;
78 kanboard = kanboard.backups;
79 rompr = rompr.backups;
80 shaarli = shaarli.backups;
81 ttrss = ttrss.backups;
82 wallabag = wallabag.backups;
83 phpbb = phpbb.backups;
86 services.websites.env.tools.modules =
88 ++ adminer.apache.modules
89 ++ ympd.apache.modules
90 ++ ttrss.apache.modules
91 ++ wallabag.apache.modules
92 ++ yourls.apache.modules
93 ++ rompr.apache.modules
94 ++ shaarli.apache.modules
95 ++ dokuwiki.apache.modules
96 ++ dmarc-reports.apache.modules
97 ++ phpbb.apache.modules
98 ++ ldap.apache.modules
99 ++ kanboard.apache.modules;
101 services.websites.env.integration.vhostConfs.devtools = {
102 certName = "integration";
103 certMainHost = "devtools.immae.eu";
105 hosts = [ "devtools.immae.eu" ];
106 root = "/var/lib/ftp/devtools.immae.eu";
111 <Directory "/var/lib/ftp/devtools.immae.eu">
112 DirectoryIndex index.php index.htm index.html
115 <FilesMatch "\.php$">
116 SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
123 services.websites.env.tools.vhostConfs.tools = {
124 certName = "eldiron";
126 hosts = ["tools.immae.eu" ];
130 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
131 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
132 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
134 <Directory "${landing}">
135 DirectoryIndex index.html
139 <FilesMatch "\.php$">
140 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
144 (adminer.apache.vhostConf pcfg.adminer.socket)
145 ympd.apache.vhostConf
146 (ttrss.apache.vhostConf pcfg.ttrss.socket)
147 (wallabag.apache.vhostConf pcfg.wallabag.socket)
148 (yourls.apache.vhostConf pcfg.yourls.socket)
149 (rompr.apache.vhostConf pcfg.rompr.socket)
150 (shaarli.apache.vhostConf pcfg.shaarli.socket)
151 (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
152 (ldap.apache.vhostConf pcfg.ldap.socket)
153 (kanboard.apache.vhostConf pcfg.kanboard.socket)
154 (grocy.apache.vhostConf pcfg.grocy.socket)
155 (phpbb.apache.vhostConf pcfg.phpbb.socket)
156 (dmarc-reports.apache.vhostConf pcfg.dmarc-reports.socket)
158 Alias /paste /var/lib/fiche
159 <Directory "/var/lib/fiche">
160 DirectoryIndex index.txt index.html
166 Alias /BIP39 /var/lib/buildbot/outputs/bip39
167 <Directory "/var/lib/buildbot/outputs/bip39">
168 DirectoryIndex index.html
173 Alias /webhooks ${config.secrets.location}/webapps/webhooks
174 <Directory "${config.secrets.location}/webapps/webhooks">
178 <FilesMatch "\.php$">
179 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
186 services.websites.env.tools.vhostConfs.outils = {
187 certName = "eldiron";
189 hosts = [ "outils.immae.eu" ];
193 RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
195 RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
197 RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
198 RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
200 RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
201 RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
202 RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
203 RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
205 RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
207 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
209 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
211 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
213 RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
220 after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
221 wants = dokuwiki.phpFpm.serviceDeps;
224 after = lib.mkAfter phpbb.phpFpm.serviceDeps;
225 wants = phpbb.phpFpm.serviceDeps;
228 after = lib.mkAfter kanboard.phpFpm.serviceDeps;
229 wants = kanboard.phpFpm.serviceDeps;
232 after = lib.mkAfter ldap.phpFpm.serviceDeps;
233 wants = ldap.phpFpm.serviceDeps;
236 after = lib.mkAfter shaarli.phpFpm.serviceDeps;
237 wants = shaarli.phpFpm.serviceDeps;
240 after = lib.mkAfter ttrss.phpFpm.serviceDeps;
241 wants = ttrss.phpFpm.serviceDeps;
244 after = lib.mkAfter wallabag.phpFpm.serviceDeps;
245 wants = wallabag.phpFpm.serviceDeps;
246 preStart = lib.mkAfter wallabag.phpFpm.preStart;
249 after = lib.mkAfter yourls.phpFpm.serviceDeps;
250 wants = yourls.phpFpm.serviceDeps;
253 description = "Standalone MPD Web GUI written in C";
254 wantedBy = [ "multi-user.target" ];
256 export MPD_PASSWORD=$(cat /var/secrets/mpd)
257 ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
261 description = "Tiny Tiny RSS feeds update daemon";
264 ExecStart = "${pkgs.php72}/bin/php ${ttrss.webRoot}/update.php --daemon";
265 StandardOutput = "syslog";
266 StandardError = "syslog";
267 PermissionsStartOnly = true;
270 wantedBy = [ "multi-user.target" ];
271 requires = ["postgresql.service"];
272 after = ["network.target" "postgresql.service"];
276 services.filesWatcher.ympd = {
278 paths = [ "/var/secrets/mpd" ];
281 services.phpfpm.pools = {
286 "listen.owner" = "wwwrun";
287 "listen.group" = "wwwrun";
289 "pm.max_children" = "60";
290 "pm.start_servers" = "2";
291 "pm.min_spare_servers" = "1";
292 "pm.max_spare_servers" = "10";
294 # Needed to avoid clashes in browser cookies (same domain)
295 "php_value[session.name]" = "ToolsPHPSESSID";
296 "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
297 "/run/wrappers/bin/sendmail" landing "/tmp"
298 "${config.secrets.location}/webapps/webhooks"
302 CONTACT_EMAIL = config.myEnv.tools.contact;
304 phpPackage = pkgs.php72;
310 "listen.owner" = "wwwrun";
311 "listen.group" = "wwwrun";
313 "pm.max_children" = "60";
314 "pm.start_servers" = "2";
315 "pm.min_spare_servers" = "1";
316 "pm.max_spare_servers" = "10";
318 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
320 phpOptions = config.services.phpfpm.phpOptions + ''
321 extension=${pkgs.php72}/lib/php/extensions/mysqli.so
322 extension=${pkgs.php72Packages.redis}/lib/php/extensions/redis.so
323 extension=${pkgs.php72Packages.apcu}/lib/php/extensions/apcu.so
324 zend_extension=${pkgs.php72}/lib/php/extensions/opcache.so
326 phpPackage = pkgs.php72;
328 adminer = adminer.phpFpm;
332 settings = ttrss.phpFpm.pool;
333 phpPackage = pkgs.php72;
338 settings = wallabag.phpFpm.pool;
339 phpPackage = pkgs.php72;
344 settings = yourls.phpFpm.pool;
345 phpPackage = pkgs.php72;
350 settings = rompr.phpFpm.pool;
351 phpPackage = pkgs.php72;
356 settings = shaarli.phpFpm.pool;
357 phpPackage = pkgs.php72;
362 settings = dmarc-reports.phpFpm.pool;
363 phpEnv = dmarc-reports.phpFpm.phpEnv;
364 phpOptions = config.services.phpfpm.phpOptions + ''
365 extension=${pkgs.php72}/lib/php/extensions/mysqli.so
367 phpPackage = pkgs.php72;
372 settings = dokuwiki.phpFpm.pool;
373 phpPackage = pkgs.php72;
378 settings = phpbb.phpFpm.pool;
379 phpPackage = pkgs.php72;
384 settings = ldap.phpFpm.pool;
385 phpPackage = pkgs.php72;
390 settings = kanboard.phpFpm.pool;
391 phpPackage = pkgs.php72;
396 settings = grocy.phpFpm.pool;
397 phpPackage = pkgs.php72;
401 system.activationScripts = {
402 adminer = adminer.activationScript;
403 grocy = grocy.activationScript;
404 ttrss = ttrss.activationScript;
405 wallabag = wallabag.activationScript;
406 yourls = yourls.activationScript;
407 rompr = rompr.activationScript;
408 shaarli = shaarli.activationScript;
409 dokuwiki = dokuwiki.activationScript;
410 phpbb = phpbb.activationScript;
411 kanboard = kanboard.activationScript;
412 ldap = ldap.activationScript;
415 services.websites.webappDirs = {
416 _adminer = adminer.webRoot;
417 "${dmarc-reports.apache.webappName}" = dmarc-reports.webRoot;
418 "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
419 "${phpbb.apache.webappName}" = phpbb.webRoot;
420 "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
421 "${rompr.apache.webappName}" = rompr.webRoot;
422 "${shaarli.apache.webappName}" = shaarli.webRoot;
423 "${ttrss.apache.webappName}" = ttrss.webRoot;
424 "${wallabag.apache.webappName}" = wallabag.webRoot;
425 "${yourls.apache.webappName}" = yourls.webRoot;
426 "${kanboard.apache.webappName}" = kanboard.webRoot;
427 "${grocy.apache.webappName}" = grocy.webRoot;
430 services.websites.env.tools.watchPaths = [
431 "/var/secrets/webapps/tools-shaarli"
433 services.filesWatcher.phpfpm-wallabag = {
435 paths = [ "/var/secrets/webapps/tools-wallabag" ];
440 port = config.myEnv.ports.fiche;
441 domain = "tools.immae.eu/paste";