ttrss = pkgs.callPackage ./ttrss.nix {
inherit (pkgs.webapps) ttrss ttrss-plugins;
env = config.myEnv.tools.ttrss;
+ php = pkgs.php72;
};
kanboard = pkgs.callPackage ./kanboard.nix {
env = config.myEnv.tools.kanboard;
};
wallabag = pkgs.callPackage ./wallabag.nix {
- inherit (pkgs.webapps) wallabag;
+ wallabag = pkgs.webapps.wallabag.override { composerEnv = pkgs.composerEnv.override { php = pkgs.php72; }; };
env = config.myEnv.tools.wallabag;
};
yourls = pkgs.callPackage ./yourls.nix {
env = config.myEnv.tools.phpldapadmin;
};
grocy = pkgs.callPackage ./grocy.nix {
- inherit (pkgs.webapps) grocy;
+ grocy = pkgs.webapps.grocy.override { composerEnv = pkgs.composerEnv.override { php = pkgs.php72; }; };
+ };
+ phpbb = pkgs.callPackage ./phpbb.nix {
+ phpbb = (pkgs.webapps.phpbb.withLangs (l: [ l.fr ])).withExts (e: [
+ e.alfredoramos.markdown e.davidiq.mailinglist e.dmzx.mchat
+ e.empteintesduweb.monitoranswers e.lr94.autosubscribe
+ e.phpbbmodders.adduser ]);
+ };
+ webhooks = pkgs.callPackage ./webhooks.nix {
+ env = config.myEnv.tools.webhooks;
+ };
+ dmarc-reports = pkgs.callPackage ./dmarc_reports.nix {
+ env = config.myEnv.tools.dmarc_reports;
};
+ landing = pkgs.callPackage ./landing.nix {};
+
cfg = config.myServices.websites.tools.tools;
+ pcfg = config.services.phpfpm.pools;
in {
options.myServices.websites.tools.tools = {
enable = lib.mkEnableOption "enable tools website";
++ shaarli.keys
++ ttrss.keys
++ wallabag.keys
- ++ yourls.keys;
+ ++ yourls.keys
+ ++ dmarc-reports.keys
+ ++ webhooks.keys;
services.duplyBackup.profiles = {
dokuwiki = dokuwiki.backups;
shaarli = shaarli.backups;
ttrss = ttrss.backups;
wallabag = wallabag.backups;
+ phpbb = phpbb.backups;
};
services.websites.env.tools.modules =
++ rompr.apache.modules
++ shaarli.apache.modules
++ dokuwiki.apache.modules
+ ++ dmarc-reports.apache.modules
+ ++ phpbb.apache.modules
++ ldap.apache.modules
++ kanboard.apache.modules;
AllowOverride all
Require all granted
<FilesMatch "\.php$">
- SetHandler "proxy:unix:/var/run/phpfpm/devtools.sock|fcgi://localhost"
+ SetHandler "proxy:unix:${pcfg.devtools.socket}|fcgi://localhost"
</FilesMatch>
</Directory>
''
certName = "eldiron";
addToCerts = true;
hosts = ["tools.immae.eu" ];
- root = "/var/lib/ftp/tools.immae.eu";
+ root = landing;
extraConfig = [
''
RedirectMatch 301 ^/vpn(.*)$ https://vpn.immae.eu$1
RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
RedirectMatch 301 ^/jappix(.*)$ https://im.immae.fr/converse
- <Directory "/var/lib/ftp/tools.immae.eu">
- DirectoryIndex index.php index.htm index.html
- AllowOverride all
+ <Directory "${landing}">
+ DirectoryIndex index.html
+ AllowOverride None
Require all granted
+
<FilesMatch "\.php$">
- SetHandler "proxy:unix:/var/run/phpfpm/tools.sock|fcgi://localhost"
+ SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
</FilesMatch>
</Directory>
''
- adminer.apache.vhostConf
+ (adminer.apache.vhostConf pcfg.adminer.socket)
ympd.apache.vhostConf
- ttrss.apache.vhostConf
- wallabag.apache.vhostConf
- yourls.apache.vhostConf
- rompr.apache.vhostConf
- shaarli.apache.vhostConf
- dokuwiki.apache.vhostConf
- ldap.apache.vhostConf
- kanboard.apache.vhostConf
- grocy.apache.vhostConf
+ (ttrss.apache.vhostConf pcfg.ttrss.socket)
+ (wallabag.apache.vhostConf pcfg.wallabag.socket)
+ (yourls.apache.vhostConf pcfg.yourls.socket)
+ (rompr.apache.vhostConf pcfg.rompr.socket)
+ (shaarli.apache.vhostConf pcfg.shaarli.socket)
+ (dokuwiki.apache.vhostConf pcfg.dokuwiki.socket)
+ (ldap.apache.vhostConf pcfg.ldap.socket)
+ (kanboard.apache.vhostConf pcfg.kanboard.socket)
+ (grocy.apache.vhostConf pcfg.grocy.socket)
+ (phpbb.apache.vhostConf pcfg.phpbb.socket)
+ (dmarc-reports.apache.vhostConf pcfg.dmarc-reports.socket)
+ ''
+ Alias /paste /var/lib/fiche
+ <Directory "/var/lib/fiche">
+ DirectoryIndex index.txt index.html
+ AllowOverride None
+ Require all granted
+ Options -Indexes
+ </Directory>
+
+ Alias /BIP39 /var/lib/buildbot/outputs/bip39
+ <Directory "/var/lib/buildbot/outputs/bip39">
+ DirectoryIndex index.html
+ AllowOverride None
+ Require all granted
+ </Directory>
+
+ Alias /webhooks ${config.secrets.location}/webapps/webhooks
+ <Directory "${config.secrets.location}/webapps/webhooks">
+ Options -Indexes
+ Require all granted
+ AllowOverride None
+ <FilesMatch "\.php$">
+ SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
+ </FilesMatch>
+ </Directory>
+ ''
];
};
after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
wants = dokuwiki.phpFpm.serviceDeps;
};
+ phpfpm-phpbb = {
+ after = lib.mkAfter phpbb.phpFpm.serviceDeps;
+ wants = phpbb.phpFpm.serviceDeps;
+ };
phpfpm-kanboard = {
after = lib.mkAfter kanboard.phpFpm.serviceDeps;
wants = kanboard.phpFpm.serviceDeps;
description = "Tiny Tiny RSS feeds update daemon";
serviceConfig = {
User = "wwwrun";
- ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
+ ExecStart = "${pkgs.php72}/bin/php ${ttrss.webRoot}/update.php --daemon";
StandardOutput = "syslog";
StandardError = "syslog";
PermissionsStartOnly = true;
paths = [ "/var/secrets/mpd" ];
};
- services.phpfpm.pools.devtools = {
- listen = "/var/run/phpfpm/devtools.sock";
- extraConfig = ''
- user = wwwrun
- group = wwwrun
- listen.owner = wwwrun
- listen.group = wwwrun
- pm = dynamic
- pm.max_children = 60
- pm.start_servers = 2
- pm.min_spare_servers = 1
- pm.max_spare_servers = 10
+ services.phpfpm.pools = {
+ tools = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = {
+ "listen.owner" = "wwwrun";
+ "listen.group" = "wwwrun";
+ "pm" = "dynamic";
+ "pm.max_children" = "60";
+ "pm.start_servers" = "2";
+ "pm.min_spare_servers" = "1";
+ "pm.max_spare_servers" = "10";
- php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"
- '';
- phpOptions = config.services.phpfpm.phpOptions + ''
- extension=${pkgs.php}/lib/php/extensions/mysqli.so
- extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
- extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
- zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
- '';
- };
-
- services.phpfpm.poolConfigs = {
- adminer = adminer.phpFpm.pool;
- ttrss = ttrss.phpFpm.pool;
- wallabag = wallabag.phpFpm.pool;
- yourls = yourls.phpFpm.pool;
- rompr = rompr.phpFpm.pool;
- shaarli = shaarli.phpFpm.pool;
- dokuwiki = dokuwiki.phpFpm.pool;
- ldap = ldap.phpFpm.pool;
- kanboard = kanboard.phpFpm.pool;
- grocy = grocy.phpFpm.pool;
- tools = ''
- listen = /var/run/phpfpm/tools.sock
- user = wwwrun
- group = wwwrun
- listen.owner = wwwrun
- listen.group = wwwrun
- pm = dynamic
- pm.max_children = 60
- pm.start_servers = 2
- pm.min_spare_servers = 1
- pm.max_spare_servers = 10
+ # Needed to avoid clashes in browser cookies (same domain)
+ "php_value[session.name]" = "ToolsPHPSESSID";
+ "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
+ "/run/wrappers/bin/sendmail" landing "/tmp"
+ "${config.secrets.location}/webapps/webhooks"
+ ];
+ };
+ phpEnv = {
+ CONTACT_EMAIL = config.myEnv.tools.contact;
+ };
+ phpPackage = pkgs.php72;
+ };
+ devtools = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = {
+ "listen.owner" = "wwwrun";
+ "listen.group" = "wwwrun";
+ "pm" = "dynamic";
+ "pm.max_children" = "60";
+ "pm.start_servers" = "2";
+ "pm.min_spare_servers" = "1";
+ "pm.max_spare_servers" = "10";
- ; Needed to avoid clashes in browser cookies (same domain)
- php_value[session.name] = ToolsPHPSESSID
- php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/tools.immae.eu:/tmp"
- '';
+ "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
+ };
+ phpPackage = pkgs.php72.withExtensions(e: pkgs.php72.enabledExtensions ++ [e.mysqli e.redis e.apcu e.opcache ]);
+ };
+ adminer = adminer.phpFpm;
+ ttrss = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = ttrss.phpFpm.pool;
+ phpPackage = pkgs.php72;
+ };
+ wallabag = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = wallabag.phpFpm.pool;
+ phpPackage = pkgs.php72;
+ };
+ yourls = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = yourls.phpFpm.pool;
+ phpPackage = pkgs.php72;
+ };
+ rompr = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = rompr.phpFpm.pool;
+ phpPackage = pkgs.php72;
+ };
+ shaarli = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = shaarli.phpFpm.pool;
+ phpPackage = pkgs.php72;
+ };
+ dmarc-reports = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = dmarc-reports.phpFpm.pool;
+ phpEnv = dmarc-reports.phpFpm.phpEnv;
+ phpPackage = pkgs.php72;
+ };
+ dokuwiki = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = dokuwiki.phpFpm.pool;
+ phpPackage = pkgs.php72;
+ };
+ phpbb = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = phpbb.phpFpm.pool;
+ phpPackage = pkgs.php72;
+ };
+ ldap = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = ldap.phpFpm.pool;
+ phpPackage = pkgs.php72;
+ };
+ kanboard = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = kanboard.phpFpm.pool;
+ phpPackage = pkgs.php72;
+ };
+ grocy = {
+ user = "wwwrun";
+ group = "wwwrun";
+ settings = grocy.phpFpm.pool;
+ phpPackage = pkgs.php72;
+ };
};
system.activationScripts = {
rompr = rompr.activationScript;
shaarli = shaarli.activationScript;
dokuwiki = dokuwiki.activationScript;
+ phpbb = phpbb.activationScript;
kanboard = kanboard.activationScript;
ldap = ldap.activationScript;
};
- myServices.websites.webappDirs = {
+ services.websites.webappDirs = {
_adminer = adminer.webRoot;
+ "${dmarc-reports.apache.webappName}" = dmarc-reports.webRoot;
"${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
+ "${phpbb.apache.webappName}" = phpbb.webRoot;
"${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
"${rompr.apache.webappName}" = rompr.webRoot;
"${shaarli.apache.webappName}" = shaarli.webRoot;
restart = true;
paths = [ "/var/secrets/webapps/tools-wallabag" ];
};
+
+ services.fiche = {
+ enable = true;
+ port = config.myEnv.ports.fiche;
+ domain = "tools.immae.eu/paste";
+ https = true;
+ };
};
}
projects / perso / Immae / Config / Nix.git / blobdiff