X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Ftools%2Fdefault.nix;h=7a14e12c44edbe9fd581a42900c0b067987b6d9c;hp=5db7d3eb5a3e7d4127922ae49186a83fdc7fcd26;hb=1a7188052f235fb632700478fad0108e4306107d;hpb=f80772dc1f1ffb3e6d36ea0b96f71c875bb9b2cd
diff --git a/nixops/modules/websites/tools/tools/default.nix b/nixops/modules/websites/tools/tools/default.nix
index 5db7d3e..7a14e12 100644
--- a/nixops/modules/websites/tools/tools/default.nix
+++ b/nixops/modules/websites/tools/tools/default.nix
@@ -5,26 +5,37 @@ let
env = myconfig.env.tools.ympd;
};
ttrss = pkgs.callPackage ./ttrss.nix {
- inherit (mylibs) fetchedGithub fetchedGit;
+ inherit (pkgs.webapps) ttrss ttrss-plugins;
env = myconfig.env.tools.ttrss;
};
- roundcubemail = pkgs.callPackage ./roundcubemail.nix { env = myconfig.env.tools.roundcubemail; };
- wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; };
+ roundcubemail = pkgs.callPackage ./roundcubemail.nix {
+ inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins;
+ env = myconfig.env.tools.roundcubemail;
+ };
+ rainloop = pkgs.callPackage ./rainloop.nix {};
+ kanboard = pkgs.callPackage ./kanboard.nix {
+ env = myconfig.env.tools.kanboard;
+ };
+ wallabag = pkgs.callPackage ./wallabag.nix {
+ inherit (pkgs.webapps) wallabag;
+ env = myconfig.env.tools.wallabag;
+ };
yourls = pkgs.callPackage ./yourls.nix {
- inherit (mylibs) fetchedGithub;
+ inherit (pkgs.webapps) yourls yourls-plugins;
env = myconfig.env.tools.yourls;
};
rompr = pkgs.callPackage ./rompr.nix {
- inherit (mylibs) fetchedGithub;
+ inherit (pkgs.webapps) rompr;
env = myconfig.env.tools.rompr;
};
shaarli = pkgs.callPackage ./shaarli.nix {
env = myconfig.env.tools.shaarli;
};
dokuwiki = pkgs.callPackage ./dokuwiki.nix {
- inherit (mylibs) fetchedGithub;
+ inherit (pkgs.webapps) dokuwiki dokuwiki-plugins;
};
ldap = pkgs.callPackage ./ldap.nix {
+ inherit (pkgs.webapps) phpldapadmin;
env = myconfig.env.tools.phpldapadmin;
};
@@ -36,6 +47,19 @@ in {
config = lib.mkIf cfg.enable {
security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null;
+ security.acme.certs."eldiron".extraDomains."devtools.immae.eu" = null;
+
+ secrets.keys =
+ kanboard.keys
+ ++ ldap.keys
+ ++ roundcubemail.keys
+ ++ shaarli.keys
+ ++ ttrss.keys
+ ++ wallabag.keys
+ ++ yourls.keys;
+
+ services.myWebsites.integration.modules =
+ rainloop.apache.modules;
services.myWebsites.tools.modules =
[ "proxy_fcgi" ]
@@ -48,9 +72,36 @@ in {
++ rompr.apache.modules
++ shaarli.apache.modules
++ dokuwiki.apache.modules
- ++ ldap.apache.modules;
+ ++ ldap.apache.modules
+ ++ kanboard.apache.modules;
+
+ systemd.services.ympd = {
+ description = "Standalone MPD Web GUI written in C";
+ wantedBy = [ "multi-user.target" ];
+ script = ''
+ export MPD_PASSWORD=$(cat /var/secrets/mpd)
+ ${pkgs.ympd}/bin/ympd --host ${ympd.config.host} --port ${toString ympd.config.port} --webport ${ympd.config.webPort} --user nobody
+ '';
+ };
- services.ympd = ympd.config // { enable = true; };
+ services.myWebsites.integration.vhostConfs.devtools = {
+ certName = "eldiron";
+ hosts = ["devtools.immae.eu" ];
+ root = "/var/lib/ftp/devtools.immae.eu";
+ extraConfig = [
+ ''
+
+ DirectoryIndex index.php index.htm index.html
+ AllowOverride all
+ Require all granted
+
+ SetHandler "proxy:unix:/var/run/phpfpm/devtools.sock|fcgi://localhost"
+
+
+ ''
+ rainloop.apache.vhostConf
+ ];
+ };
services.myWebsites.tools.vhostConfs.tools = {
certName = "eldiron";
@@ -59,6 +110,7 @@ in {
extraConfig = [
''
+ DirectoryIndex index.php index.htm index.html
AllowOverride all
Require all granted
@@ -76,9 +128,59 @@ in {
shaarli.apache.vhostConf
dokuwiki.apache.vhostConf
ldap.apache.vhostConf
+ kanboard.apache.vhostConf
+ ];
+ };
+
+ security.acme.certs."eldiron".extraDomains."outils.immae.eu" = null;
+ services.myWebsites.tools.vhostConfs.outils = {
+ certName = "eldiron";
+ hosts = [ "outils.immae.eu" ];
+ root = null;
+ extraConfig = [
+ ''
+ RedirectMatch 301 ^/mediagoblin(.*)$ https://mgoblin.immae.eu$1
+
+ RedirectMatch 301 ^/ether(.*)$ https://ether.immae.eu$1
+
+ RedirectMatch 301 ^/nextcloud(.*)$ https://cloud.immae.eu$1
+ RedirectMatch 301 ^/owncloud(.*)$ https://cloud.immae.eu$1
+
+ RedirectMatch 301 ^/carddavmate(.*)$ https://dav.immae.eu/infcloud$1
+ RedirectMatch 301 ^/caldavzap(.*)$ https://dav.immae.eu/infcloud$1
+ RedirectMatch 301 ^/caldav.php(.*)$ https://dav.immae.eu/caldav.php$1
+ RedirectMatch 301 ^/davical(.*)$ https://dav.immae.eu/davical$1
+
+ RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
+
+ RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
+ ''
];
};
+ services.myPhpfpm.serviceDependencies = {
+ dokuwiki = dokuwiki.phpFpm.serviceDeps;
+ kanboard = kanboard.phpFpm.serviceDeps;
+ ldap = ldap.phpFpm.serviceDeps;
+ rainloop = rainloop.phpFpm.serviceDeps;
+ roundcubemail = roundcubemail.phpFpm.serviceDeps;
+ shaarli = shaarli.phpFpm.serviceDeps;
+ ttrss = ttrss.phpFpm.serviceDeps;
+ wallabag = wallabag.phpFpm.serviceDeps;
+ yourls = yourls.phpFpm.serviceDeps;
+ };
+
+ services.myPhpfpm.poolPhpConfigs = {
+ devtools = ''
+ extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
+ extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
+ zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
+ '';
+ roundcubemail = roundcubemail.phpFpm.phpConfig;
+ };
+ services.myPhpfpm.preStart = {
+ wallabag = wallabag.phpFpm.preStart;
+ };
services.myPhpfpm.poolConfigs = {
adminer = adminer.phpFpm.pool;
ttrss = ttrss.phpFpm.pool;
@@ -89,6 +191,22 @@ in {
shaarli = shaarli.phpFpm.pool;
dokuwiki = dokuwiki.phpFpm.pool;
ldap = ldap.phpFpm.pool;
+ rainloop = rainloop.phpFpm.pool;
+ kanboard = kanboard.phpFpm.pool;
+ devtools = ''
+ listen = /var/run/phpfpm/devtools.sock
+ user = wwwrun
+ group = wwwrun
+ listen.owner = wwwrun
+ listen.group = wwwrun
+ pm = dynamic
+ pm.max_children = 60
+ pm.start_servers = 2
+ pm.min_spare_servers = 1
+ pm.max_spare_servers = 10
+
+ php_admin_value[open_basedir] = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"
+ '';
tools = ''
listen = /var/run/phpfpm/tools.sock
user = wwwrun
@@ -115,8 +233,24 @@ in {
rompr = rompr.activationScript;
shaarli = shaarli.activationScript;
dokuwiki = dokuwiki.activationScript;
+ rainloop = rainloop.activationScript;
+ kanboard = kanboard.activationScript;
};
+ system.extraSystemBuilderCmds = ''
+ mkdir -p $out/webapps
+ ln -s ${dokuwiki.webRoot} $out/webapps/${dokuwiki.apache.webappName}
+ ln -s ${ldap.webRoot}/htdocs $out/webapps/${ldap.apache.webappName}
+ ln -s ${rompr.webRoot} $out/webapps/${rompr.apache.webappName}
+ ln -s ${roundcubemail.webRoot} $out/webapps/${roundcubemail.apache.webappName}
+ ln -s ${shaarli.webRoot} $out/webapps/${shaarli.apache.webappName}
+ ln -s ${ttrss.webRoot} $out/webapps/${ttrss.apache.webappName}
+ ln -s ${wallabag.webRoot} $out/webapps/${wallabag.apache.webappName}
+ ln -s ${yourls.webRoot} $out/webapps/${yourls.apache.webappName}
+ ln -s ${rainloop.webRoot} $out/webapps/${rainloop.apache.webappName}
+ ln -s ${kanboard.webRoot} $out/webapps/${kanboard.apache.webappName}
+ '';
+
systemd.services.tt-rss = {
description = "Tiny Tiny RSS feeds update daemon";
serviceConfig = {