Upgrade nixos

[perso/Immae/Config/Nix.git] / modules / private / websites / tools / tools / wallabag.nix

diff --git a/modules/private/websites/tools/tools/wallabag.nix b/modules/private/websites/tools/tools/wallabag.nix
index d6e588285e19eaa4159d633237d04afdcca439ac..00e2dc9c00df80f300625063e7734ac34166cde3 100644 (file)
--- a/modules/private/websites/tools/tools/wallabag.nix
+++ b/modules/private/websites/tools/tools/wallabag.nix
@@ -1,5 +1,8 @@
-{ env, wallabag }:
+{ env, wallabag, mylibs }:
 rec {
+  backups = {
+    rootDir = varDir;
+  };
   varDir = "/var/lib/wallabag";
   keys = [{
     dest = "webapps/tools-wallabag";
@@ -45,16 +48,16 @@ rec {
           redis_password: null
           sites_credentials: {  }
           ldap_enabled: true
-          ldap_host: ldap.immae.eu
+          ldap_host: ${env.ldap.host}
           ldap_port: 636
           ldap_tls: false
           ldap_ssl: true
           ldap_bind_requires_dn: true
-          ldap_base: 'dc=immae,dc=eu'
-          ldap_manager_dn: 'cn=wallabag,ou=services,dc=immae,dc=eu'
+          ldap_base: '${env.ldap.base}'
+          ldap_manager_dn: '${env.ldap.dn}'
           ldap_manager_pw: ${env.ldap.password}
-          ldap_filter: '(&(memberOf=cn=users,cn=wallabag,ou=services,dc=immae,dc=eu))'
-          ldap_admin_filter: '(&(memberOf=cn=admins,cn=wallabag,ou=services,dc=immae,dc=eu)(uid=%s))'
+          ldap_filter: '${env.ldap.filter}'
+          ldap_admin_filter: '${env.ldap.admin_filter}'
           ldap_username_attribute: uid
           ldap_email_attribute: mail
           ldap_name_attribute: cn
@@ -79,7 +82,7 @@ rec {
     modules = [ "proxy_fcgi" ];
     webappName = "tools_wallabag";
     root = "/run/current-system/webapps/${webappName}";
-    vhostConf = ''
+    vhostConf = socket: ''
       Alias /wallabag "${root}"
       <Directory "${root}">
         AllowOverride None
@@ -88,7 +91,7 @@ rec {
         CGIPassAuth On
 
         <FilesMatch "\.php$">
-          SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+          SetHandler "proxy:unix:${socket}|fcgi://localhost"
         </FilesMatch>
 
         <IfModule mod_rewrite.c>
@@ -123,26 +126,22 @@ rec {
         echo -n "${webappDir}" > ${varDir}/currentWebappDir
         sha512sum /var/secrets/webapps/tools-wallabag > ${varDir}/currentKey
       fi
-      '';
+    '';
     serviceDeps = [ "postgresql.service" "openldap.service" ];
     basedir = builtins.concatStringsSep ":" [ webappDir "/var/secrets/webapps/tools-wallabag" varDir ];
-    socket = "/var/run/phpfpm/wallabag.sock";
-    pool = ''
-      listen = ${socket}
-      user = ${apache.user}
-      group = ${apache.group}
-      listen.owner = ${apache.user}
-      listen.group = ${apache.group}
-      pm = dynamic
-      pm.max_children = 60
-      pm.start_servers = 2
-      pm.min_spare_servers = 1
-      pm.max_spare_servers = 10
+    pool = {
+      "listen.owner" = apache.user;
+      "listen.group" = apache.group;
+      "pm" = "dynamic";
+      "pm.max_children" = "60";
+      "pm.start_servers" = "2";
+      "pm.min_spare_servers" = "1";
+      "pm.max_spare_servers" = "10";
 
-      ; Needed to avoid clashes in browser cookies (same domain)
-      php_value[session.name] = WallabagPHPSESSID
-      php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:${basedir}:/tmp"
-      php_value[max_execution_time] = 300
-      '';
+      # Needed to avoid clashes in browser cookies (same domain)
+      "php_value[session.name]" = "WallabagPHPSESSID";
+      "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:${basedir}:/tmp";
+      "php_value[max_execution_time]" = "300";
+    };
   };
 }