1 { lib, pkgs, config, ... }:
3 adminer = pkgs.callPackage ./adminer.nix {
4 inherit (pkgs.webapps) adminer;
6 ympd = pkgs.callPackage ./ympd.nix {
7 env = config.myEnv.tools.ympd;
9 ttrss = pkgs.callPackage ./ttrss.nix {
10 inherit (pkgs.webapps) ttrss ttrss-plugins;
11 env = config.myEnv.tools.ttrss;
13 kanboard = pkgs.callPackage ./kanboard.nix {
14 env = config.myEnv.tools.kanboard;
16 wallabag = pkgs.callPackage ./wallabag.nix {
17 inherit (pkgs.webapps) wallabag;
18 env = config.myEnv.tools.wallabag;
20 yourls = pkgs.callPackage ./yourls.nix {
21 inherit (pkgs.webapps) yourls yourls-plugins;
22 env = config.myEnv.tools.yourls;
24 rompr = pkgs.callPackage ./rompr.nix {
25 inherit (pkgs.webapps) rompr;
26 env = config.myEnv.tools.rompr;
28 shaarli = pkgs.callPackage ./shaarli.nix {
29 env = config.myEnv.tools.shaarli;
31 dokuwiki = pkgs.callPackage ./dokuwiki.nix {
32 inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
34 ldap = pkgs.callPackage ./ldap.nix {
35 inherit (pkgs.webapps) phpldapadmin;
36 env = config.myEnv.tools.phpldapadmin;
38 grocy = pkgs.callPackage ./grocy.nix {
39 inherit (pkgs.webapps) grocy;
41 webhooks = pkgs.callPackage ./webhooks.nix {
42 env = config.myEnv.tools.webhooks;
45 landing = pkgs.callPackage ./landing.nix {};
47 cfg = config.myServices.websites.tools.tools;
48 pcfg = config.services.phpfpm.pools;
50 options.myServices.websites.tools.tools = {
51 enable = lib.mkEnableOption "enable tools website";
54 config = lib.mkIf cfg.enable {
64 services.duplyBackup.profiles = {
65 dokuwiki = dokuwiki.backups;
66 grocy = grocy.backups;
67 kanboard = kanboard.backups;
68 rompr = rompr.backups;
69 shaarli = shaarli.backups;
70 ttrss = ttrss.backups;
71 wallabag = wallabag.backups;
74 services.websites.env.tools.modules =
76 ++ adminer.apache.modules
77 ++ ympd.apache.modules
78 ++ ttrss.apache.modules
79 ++ wallabag.apache.modules
80 ++ yourls.apache.modules
81 ++ rompr.apache.modules
82 ++ shaarli.apache.modules
83 ++ dokuwiki.apache.modules
84 ++ ldap.apache.modules
85 ++ kanboard.apache.modules;
87 services.websites.env.integration.vhostConfs.devtools = {
88 certName = "integration";
89 certMainHost = "devtools.immae.eu";
91 hosts = [ "devtools.immae.eu" ];
92 root = "/var/lib/ftp/devtools.immae.eu";
97 <Directory "/var/lib/ftp/devtools.immae.eu">
98 DirectoryIndex index.php index.htm index.html
101 <FilesMatch "\.php$">
102 SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
109 services.websites.env.tools.vhostConfs.tools = {
110 certName = "eldiron";
112 hosts = ["tools.immae.eu" ];
113 root = "/var/lib/ftp/tools.immae.eu";
116 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
117 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
118 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
120 Alias /landing ${landing}
121 <Directory "${landing}">
122 DirectoryIndex index.html
126 <FilesMatch "\.php$">
127 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
131 <Directory "/var/lib/ftp/tools.immae.eu">
132 DirectoryIndex index.php index.htm index.html
135 <FilesMatch "\.php$">
136 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
140 RewriteCond ${landing}%{REQUEST_URI} -f
141 RewriteRule ^(.*)$ /landing/$1 [L]
142 RewriteRule ^$ /landing/ [L]
145 (adminer.apache.vhostConf pcfg.adminer.socket)
146 ympd.apache.vhostConf
147 (ttrss.apache.vhostConf pcfg.ttrss.socket)
148 (wallabag.apache.vhostConf pcfg.wallabag.socket)
149 (yourls.apache.vhostConf pcfg.yourls.socket)
150 (rompr.apache.vhostConf pcfg.rompr.socket)
151 (shaarli.apache.vhostConf pcfg.shaarli.socket)
152 (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
153 (ldap.apache.vhostConf pcfg.ldap.socket)
154 (kanboard.apache.vhostConf pcfg.kanboard.socket)
155 (grocy.apache.vhostConf pcfg.grocy.socket)
157 Alias /paste /var/lib/fiche
158 <Directory "/var/lib/fiche">
159 DirectoryIndex index.txt index.html
165 Alias /BIP39 /var/lib/buildbot/outputs/bip39
166 <Directory "/var/lib/buildbot/outputs/bip39">
167 DirectoryIndex index.html
172 Alias /webhooks ${config.secrets.location}/webapps/webhooks
173 <Directory "${config.secrets.location}/webapps/webhooks">
177 <FilesMatch "\.php$">
178 SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
185 services.websites.env.tools.vhostConfs.outils = {
186 certName = "eldiron";
188 hosts = [ "outils.immae.eu" ];
192 RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
194 RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
196 RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
197 RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
199 RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
200 RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
201 RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
202 RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
204 RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
206 RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
208 RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
210 RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
212 RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
219 after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
220 wants = dokuwiki.phpFpm.serviceDeps;
223 after = lib.mkAfter kanboard.phpFpm.serviceDeps;
224 wants = kanboard.phpFpm.serviceDeps;
227 after = lib.mkAfter ldap.phpFpm.serviceDeps;
228 wants = ldap.phpFpm.serviceDeps;
231 after = lib.mkAfter shaarli.phpFpm.serviceDeps;
232 wants = shaarli.phpFpm.serviceDeps;
235 after = lib.mkAfter ttrss.phpFpm.serviceDeps;
236 wants = ttrss.phpFpm.serviceDeps;
239 after = lib.mkAfter wallabag.phpFpm.serviceDeps;
240 wants = wallabag.phpFpm.serviceDeps;
241 preStart = lib.mkAfter wallabag.phpFpm.preStart;
244 after = lib.mkAfter yourls.phpFpm.serviceDeps;
245 wants = yourls.phpFpm.serviceDeps;
248 description = "Standalone MPD Web GUI written in C";
249 wantedBy = [ "multi-user.target" ];
251 export MPD_PASSWORD=$(cat /var/secrets/mpd)
252 ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
256 description = "Tiny Tiny RSS feeds update daemon";
259 ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
260 StandardOutput = "syslog";
261 StandardError = "syslog";
262 PermissionsStartOnly = true;
265 wantedBy = [ "multi-user.target" ];
266 requires = ["postgresql.service"];
267 after = ["network.target" "postgresql.service"];
271 services.filesWatcher.ympd = {
273 paths = [ "/var/secrets/mpd" ];
276 services.phpfpm.pools = {
281 "listen.owner" = "wwwrun";
282 "listen.group" = "wwwrun";
284 "pm.max_children" = "60";
285 "pm.start_servers" = "2";
286 "pm.min_spare_servers" = "1";
287 "pm.max_spare_servers" = "10";
289 # Needed to avoid clashes in browser cookies (same domain)
290 "php_value[session.name]" = "ToolsPHPSESSID";
291 "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
292 "/run/wrappers/bin/sendmail" "/var/lib/ftp/tools.immae.eu"
293 landing "/tmp" "${config.secrets.location}/webapps/webhooks"
297 CONTACT_EMAIL = config.myEnv.tools.contact;
304 "listen.owner" = "wwwrun";
305 "listen.group" = "wwwrun";
307 "pm.max_children" = "60";
308 "pm.start_servers" = "2";
309 "pm.min_spare_servers" = "1";
310 "pm.max_spare_servers" = "10";
312 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
314 phpOptions = config.services.phpfpm.phpOptions + ''
315 extension=${pkgs.php}/lib/php/extensions/mysqli.so
316 extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
317 extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
318 zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
321 adminer = adminer.phpFpm;
325 settings = ttrss.phpFpm.pool;
330 settings = wallabag.phpFpm.pool;
335 settings = yourls.phpFpm.pool;
340 settings = rompr.phpFpm.pool;
345 settings = shaarli.phpFpm.pool;
350 settings = dokuwiki.phpFpm.pool;
355 settings = ldap.phpFpm.pool;
356 phpPackage = pkgs.php72;
361 settings = kanboard.phpFpm.pool;
366 settings = grocy.phpFpm.pool;
370 system.activationScripts = {
371 adminer = adminer.activationScript;
372 grocy = grocy.activationScript;
373 ttrss = ttrss.activationScript;
374 wallabag = wallabag.activationScript;
375 yourls = yourls.activationScript;
376 rompr = rompr.activationScript;
377 shaarli = shaarli.activationScript;
378 dokuwiki = dokuwiki.activationScript;
379 kanboard = kanboard.activationScript;
380 ldap = ldap.activationScript;
383 services.websites.webappDirs = {
384 _adminer = adminer.webRoot;
385 "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
386 "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
387 "${rompr.apache.webappName}" = rompr.webRoot;
388 "${shaarli.apache.webappName}" = shaarli.webRoot;
389 "${ttrss.apache.webappName}" = ttrss.webRoot;
390 "${wallabag.apache.webappName}" = wallabag.webRoot;
391 "${yourls.apache.webappName}" = yourls.webRoot;
392 "${kanboard.apache.webappName}" = kanboard.webRoot;
393 "${grocy.apache.webappName}" = grocy.webRoot;
396 services.websites.env.tools.watchPaths = [
397 "/var/secrets/webapps/tools-shaarli"
399 services.filesWatcher.phpfpm-wallabag = {
401 paths = [ "/var/secrets/webapps/tools-wallabag" ];
406 port = config.myEnv.ports.fiche;
407 domain = "tools.immae.eu/paste";