-{ lib, pkgs, config, myconfig, ... }:
+{ lib, pkgs, config, ... }:
let
- env = myconfig.env.tools.etherpad-lite;
+ env = config.myEnv.tools.etherpad-lite;
cfg = config.myServices.websites.tools.etherpad-lite;
# Make sure we’re not rebuilding whole libreoffice just because of a
# dependency
};
config = lib.mkIf cfg.enable {
+ services.duplyBackup.profiles.etherpad-lite = {
+ rootDir = "/var/lib/private/etherpad-lite";
+ };
secrets.keys = [
{
dest = "webapps/tools-etherpad-apikey";
{
"title": "Etherpad",
"favicon": "favicon.ico",
+ "skinName": "colibris",
+ "skinVariants": "dark-toolbar light-background super-light-editor full-width-editor",
"ip": "",
"port" : "${ecfg.sockets.node}",
"rtl": false,
"alwaysShowChat": false,
"chatAndUsers": false,
- "lang": "en-gb"
+ "lang": "fr"
},
"suppressErrorsInPadText" : false,
"maxAge" : 21600,
"abiword" : null,
"soffice" : "${libreoffice}/bin/soffice",
- "tidyHtml" : "${pkgs.html-tidy}/bin/tidy",
+ "tidyHtml" : "",
"allowUnknownFileEnds" : true,
"requireAuthentication" : false,
"requireAuthorization" : false,
},
"users": {
"ldapauth": {
+ "hash": "invalid",
"url": "ldaps://${env.ldap.host}",
"accountBase": "${env.ldap.base}",
- "accountPattern": "(&(memberOf=cn=users,cn=etherpad,ou=services,dc=immae,dc=eu)(uid={{username}}))",
+ "accountPattern": "${env.ldap.filter}",
"displayNameAttribute": "cn",
- "searchDN": "cn=etherpad,ou=services,dc=immae,dc=eu",
+ "searchDN": "${env.ldap.dn}",
"searchPWD": "${env.ldap.password}",
"groupSearchBase": "${env.ldap.base}",
"groupAttribute": "member",
"groupAttributeIsDN": true,
"searchScope": "sub",
- "groupSearch": "(memberOf=cn=groups,cn=etherpad,ou=services,dc=immae,dc=eu)",
+ "groupSearch": "${env.ldap.group_filter}",
"anonymousReadonly": false
}
},
};
systemd.services.etherpad-lite.serviceConfig.SupplementaryGroups = "keys";
+ # Needed so that they get in the closure
+ systemd.services.etherpad-lite.path = [ libreoffice pkgs.html-tidy ];
+
+ services.filesWatcher.etherpad-lite = {
+ restart = true;
+ paths = [ ecfg.sessionKeyFile ecfg.apiKeyFile ecfg.configFile ];
+ };
- services.websites.tools.modules = [
+ services.websites.env.tools.modules = [
"headers" "proxy" "proxy_http" "proxy_wstunnel"
];
- services.websites.tools.vhostConfs.etherpad-lite = {
+ services.websites.env.tools.vhostConfs.etherpad-lite = {
certName = "eldiron";
addToCerts = true;
hosts = [ "ether.immae.eu" ];
RewriteEngine On
- RewriteMap redirects "txt:${pkgs.writeText "redirects.txt" myconfig.env.tools.etherpad-lite.redirects}"
+ RewriteMap redirects "txt:${pkgs.writeText "redirects.txt" config.myEnv.tools.etherpad-lite.redirects}"
RewriteCond %{QUERY_STRING} "!noredirect"
RewriteCond %{REQUEST_URI} "^(.*)$"
RewriteCond ''${redirects:$1|Unknown} "!Unknown"