X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Ftools%2Fttrss.nix;h=05c8cab04452831878754e25e9594892105b4c8b;hp=e6cad5693864a643de6df71bf7aca990a101accb;hb=86663f1789aecdb62e44a4be46e0ed111b795a09;hpb=fffbbb5623649ca7c7b32b74558a26ec5cf11abb

diff --git a/nixops/modules/websites/tools/tools/ttrss.nix b/nixops/modules/websites/tools/tools/ttrss.nix
index e6cad56..05c8cab 100644
--- a/nixops/modules/websites/tools/tools/ttrss.nix
+++ b/nixops/modules/websites/tools/tools/ttrss.nix
@@ -1,181 +1,131 @@
-{ lib, php, env, writeText, stdenv, fetchedGit, fetchedGithub }:
-let
-  ttrss = let
-    plugins = {
-      auth_ldap = stdenv.mkDerivation (fetchedGithub ./ttrss-auth-ldap.json // rec {
-        installPhase = ''
-          mkdir $out
-          cp plugins/auth_ldap/init.php $out
-        '';
-      });
-      af_feedmod = stdenv.mkDerivation (fetchedGithub ./ttrss-af_feedmod.json // rec {
-        patches = [ ./ttrss-af-feedmod_type_replace.patch ];
-        installPhase = ''
-          mkdir $out
-          cp init.php $out
-        '';
-      });
-      feediron = stdenv.mkDerivation (fetchedGithub ./ttrss-feediron.json // rec {
-        patches = [ ./ttrss-feediron_json_reformat.patch ];
-        installPhase = ''
-          mkdir $out
-          cp -a . $out
-        '';
-      });
-      ff_instagram = stdenv.mkDerivation (fetchedGithub ./ttrss-ff_instagram.json // rec {
-        installPhase = ''
-          mkdir $out
-          cp -a . $out
-        '';
-      });
-      tumblr_gdpr_ua = stdenv.mkDerivation (fetchedGithub ./ttrss-tumblr_gdpr_ua.json // rec {
-        installPhase = ''
-          mkdir $out
-          cp -a . $out
-        '';
-      });
-    };
-  in rec {
-    varDir = "/var/lib/ttrss";
-    activationScript = {
-      deps = [ "wrappers" ];
-      text = ''
-        install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
-          ${varDir}/lock ${varDir}/cache ${varDir}/feed-icons
-        install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}/cache/export/ \
-          ${varDir}/cache/feeds/ \
-          ${varDir}/cache/images/ \
-          ${varDir}/cache/js/ \
-          ${varDir}/cache/simplepie/ \
-          ${varDir}/cache/upload/
-        touch ${varDir}/feed-icons/index.html
-        install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
+{ php, env, ttrss, ttrss-plugins }:
+rec {
+  varDir = "/var/lib/ttrss";
+  activationScript = {
+    deps = [ "wrappers" ];
+    text = ''
+      install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
+        ${varDir}/lock ${varDir}/cache ${varDir}/feed-icons
+      install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}/cache/export/ \
+        ${varDir}/cache/feeds/ \
+        ${varDir}/cache/images/ \
+        ${varDir}/cache/js/ \
+        ${varDir}/cache/simplepie/ \
+        ${varDir}/cache/upload/
+      touch ${varDir}/feed-icons/index.html
+      install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
+    '';
+  };
+  keys = [{
+    dest = "webapps/tools-ttrss";
+    user = apache.user;
+    group = apache.group;
+    permissions = "0400";
+    text = ''
+      <?php
+
+        define('PHP_EXECUTABLE', '${php}/bin/php');
+
+        define('LOCK_DIRECTORY', 'lock');
+        define('CACHE_DIR', 'cache');
+        define('ICONS_DIR', 'feed-icons');
+        define('ICONS_URL', 'feed-icons');
+        define('SELF_URL_PATH', 'https://tools.immae.eu/ttrss/');
+
+        define('MYSQL_CHARSET', 'UTF8');
+
+        define('DB_TYPE', 'pgsql');
+        define('DB_HOST', '${env.postgresql.socket}');
+        define('DB_USER', '${env.postgresql.user}');
+        define('DB_NAME', '${env.postgresql.database}');
+        define('DB_PASS', '${env.postgresql.password}');
+        define('DB_PORT', '${env.postgresql.port}');
+
+        define('AUTH_AUTO_CREATE', true);
+        define('AUTH_AUTO_LOGIN', true);
+
+        define('SINGLE_USER_MODE', false);
+
+        define('SIMPLE_UPDATE_MODE', false);
+        define('CHECK_FOR_UPDATES', true);
+
+        define('FORCE_ARTICLE_PURGE', 0);
+        define('SESSION_COOKIE_LIFETIME', 60*60*24*120);
+        define('ENABLE_GZIP_OUTPUT', false);
+
+        define('PLUGINS', 'auth_ldap, note, instances');
+
+        define('LOG_DESTINATION', ''');
+        define('CONFIG_VERSION', 26);
+
+
+        define('SPHINX_SERVER', 'localhost:9312');
+        define('SPHINX_INDEX', 'ttrss, delta');
+
+        define('ENABLE_REGISTRATION', false);
+        define('REG_NOTIFY_ADDRESS', 'ttrss@tools.immae.eu');
+        define('REG_MAX_USERS', 10);
+
+        define('SMTP_FROM_NAME', 'Tiny Tiny RSS');
+        define('SMTP_FROM_ADDRESS', 'ttrss@tools.immae.eu');
+        define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours');
+
+        define('LDAP_AUTH_SERVER_URI', 'ldap://ldap.immae.eu:389/');
+        define('LDAP_AUTH_USETLS', TRUE);
+        define('LDAP_AUTH_ALLOW_UNTRUSTED_CERT', TRUE);
+        define('LDAP_AUTH_BASEDN', 'dc=immae,dc=eu');
+        define('LDAP_AUTH_ANONYMOUSBEFOREBIND', FALSE);
+        define('LDAP_AUTH_SEARCHFILTER', '(&(memberOf=cn=users,cn=ttrss,ou=services,dc=immae,dc=eu)(|(cn=???)(uid=???)(&(uid:dn:=???)(ou=ttrss))))');
+
+        define('LDAP_AUTH_BINDDN', 'cn=ttrss,ou=services,dc=immae,dc=eu');
+        define('LDAP_AUTH_BINDPW', '${env.ldap.password}');
+        define('LDAP_AUTH_LOGIN_ATTRIB', 'immaeTtrssLogin');
+
+        define('LDAP_AUTH_LOG_ATTEMPTS', FALSE);
+        define('LDAP_AUTH_DEBUG', FALSE);
       '';
-    };
-    keys = [{
-      dest = "webapps/tools-ttrss";
-      user = apache.user;
-      group = apache.group;
-      permissions = "0400";
-      text = ''
-        <?php
-
-          define('PHP_EXECUTABLE', '${php}/bin/php');
-
-          define('LOCK_DIRECTORY', 'lock');
-          define('CACHE_DIR', 'cache');
-          define('ICONS_DIR', 'feed-icons');
-          define('ICONS_URL', 'feed-icons');
-          define('SELF_URL_PATH', 'https://tools.immae.eu/ttrss/');
-
-          define('MYSQL_CHARSET', 'UTF8');
-
-          define('DB_TYPE', 'pgsql');
-          define('DB_HOST', '${env.postgresql.socket}');
-          define('DB_USER', '${env.postgresql.user}');
-          define('DB_NAME', '${env.postgresql.database}');
-          define('DB_PASS', '${env.postgresql.password}');
-          define('DB_PORT', '${env.postgresql.port}');
-
-          define('AUTH_AUTO_CREATE', true);
-          define('AUTH_AUTO_LOGIN', true);
-
-          define('SINGLE_USER_MODE', false);
-
-          define('SIMPLE_UPDATE_MODE', false);
-          define('CHECK_FOR_UPDATES', true);
-
-          define('FORCE_ARTICLE_PURGE', 0);
-          define('SESSION_COOKIE_LIFETIME', 60*60*24*120);
-          define('ENABLE_GZIP_OUTPUT', false);
-
-          define('PLUGINS', 'auth_ldap, note, instances');
-
-          define('LOG_DESTINATION', ''');
-          define('CONFIG_VERSION', 26);
-
-
-          define('SPHINX_SERVER', 'localhost:9312');
-          define('SPHINX_INDEX', 'ttrss, delta');
-
-          define('ENABLE_REGISTRATION', false);
-          define('REG_NOTIFY_ADDRESS', 'ttrss@tools.immae.eu');
-          define('REG_MAX_USERS', 10);
-
-          define('SMTP_FROM_NAME', 'Tiny Tiny RSS');
-          define('SMTP_FROM_ADDRESS', 'ttrss@tools.immae.eu');
-          define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours');
-
-          define('LDAP_AUTH_SERVER_URI', 'ldap://ldap.immae.eu:389/');
-          define('LDAP_AUTH_USETLS', TRUE);
-          define('LDAP_AUTH_ALLOW_UNTRUSTED_CERT', TRUE);
-          define('LDAP_AUTH_BASEDN', 'dc=immae,dc=eu');
-          define('LDAP_AUTH_ANONYMOUSBEFOREBIND', FALSE);
-          define('LDAP_AUTH_SEARCHFILTER', '(&(memberOf=cn=users,cn=ttrss,ou=services,dc=immae,dc=eu)(|(cn=???)(uid=???)(&(uid:dn:=???)(ou=ttrss))))');
-
-          define('LDAP_AUTH_BINDDN', 'cn=ttrss,ou=services,dc=immae,dc=eu');
-          define('LDAP_AUTH_BINDPW', '${env.ldap.password}');
-          define('LDAP_AUTH_LOGIN_ATTRIB', 'immaeTtrssLogin');
-
-          define('LDAP_AUTH_LOG_ATTEMPTS', FALSE);
-          define('LDAP_AUTH_DEBUG', FALSE);
-        '';
-    }];
-    webRoot = stdenv.mkDerivation (fetchedGit ./tt-rss.json // rec {
-      buildPhase = ''
-        rm -rf lock feed-icons cache
-        ln -sf ${varDir}/{lock,feed-icons,cache} .
+  }];
+  webRoot = (ttrss.override { ttrss_config = "/var/secrets/webapps/tools-ttrss"; }).withPlugins (builtins.attrValues ttrss-plugins);
+  apache = rec {
+    user = "wwwrun";
+    group = "wwwrun";
+    modules = [ "proxy_fcgi" ];
+    webappName = "tools_ttrss";
+    root = "/run/current-system/webapps/${webappName}";
+    vhostConf = ''
+      Alias /ttrss "${root}"
+      <Directory "${root}">
+        DirectoryIndex index.php
+        <FilesMatch "\.php$">
+          SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+        </FilesMatch>
+
+        AllowOverride All
+        Options FollowSymlinks
+        Require all granted
+      </Directory>
       '';
-      installPhase = ''
-        cp -a . $out
-        ln -s /var/secrets/webapps/tools-ttrss $out/config.php
-        ${builtins.concatStringsSep "\n" (
-          lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/plugins/${name}") plugins
-        )}
+  };
+  phpFpm = rec {
+    serviceDeps = [ "postgresql.service" "openldap.service" ];
+    basedir = builtins.concatStringsSep ":" (
+      [ webRoot "/var/secrets/webapps/tools-ttrss" varDir ]
+      ++ webRoot.plugins);
+    socket = "/var/run/phpfpm/ttrss.sock";
+    pool = ''
+      listen = ${socket}
+      user = ${apache.user}
+      group = ${apache.group}
+      listen.owner = ${apache.user}
+      listen.group = ${apache.group}
+      pm = ondemand
+      pm.max_children = 60
+      pm.process_idle_timeout = 60
+
+      ; Needed to avoid clashes in browser cookies (same domain)
+      php_value[session.name] = TtrssPHPSESSID
+      php_admin_value[open_basedir] = "${basedir}:/tmp"
+      php_admin_value[session.save_path] = "${varDir}/phpSessions"
       '';
-    });
-    apache = rec {
-      user = "wwwrun";
-      group = "wwwrun";
-      modules = [ "proxy_fcgi" ];
-      webappName = "tools_ttrss";
-      root = "/run/current-system/webapps/${webappName}";
-      vhostConf = ''
-        Alias /ttrss "${root}"
-        <Directory "${root}">
-          DirectoryIndex index.php
-          <FilesMatch "\.php$">
-            SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
-          </FilesMatch>
-
-          AllowOverride All
-          Options FollowSymlinks
-          Require all granted
-        </Directory>
-        '';
-    };
-    phpFpm = rec {
-      serviceDeps = [ "postgresql.service" "openldap.service" ];
-      basedir = builtins.concatStringsSep ":" (
-        [ webRoot "/var/secrets/webapps/tools-ttrss" varDir ]
-        ++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
-      socket = "/var/run/phpfpm/ttrss.sock";
-      pool = ''
-        listen = ${socket}
-        user = ${apache.user}
-        group = ${apache.group}
-        listen.owner = ${apache.user}
-        listen.group = ${apache.group}
-        pm = ondemand
-        pm.max_children = 60
-        pm.process_idle_timeout = 60
-
-        ; Needed to avoid clashes in browser cookies (same domain)
-        php_value[session.name] = TtrssPHPSESSID
-        php_admin_value[open_basedir] = "${basedir}:/tmp"
-        php_admin_value[session.save_path] = "${varDir}/phpSessions"
-        '';
-    };
   };
-in 
-  ttrss
+}