env = myconfig.env.tools.ttrss;
};
roundcubemail = pkgs.callPackage ./roundcubemail.nix { env = myconfig.env.tools.roundcubemail; };
+ rainloop = pkgs.callPackage ./rainloop.nix {};
kanboard = pkgs.callPackage ./kanboard.nix {
inherit (mylibs) fetchedGithub;
env = myconfig.env.tools.kanboard;
config = lib.mkIf cfg.enable {
security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null;
+ security.acme.certs."eldiron".extraDomains."devtools.immae.eu" = null;
+
+ services.myWebsites.integration.modules =
+ rainloop.apache.modules;
services.myWebsites.tools.modules =
[ "proxy_fcgi" ]
services.ympd = ympd.config // { enable = true; };
+ services.myWebsites.integration.vhostConfs.devtools = {
+ certName = "eldiron";
+ hosts = ["devtools.immae.eu" ];
+ root = null;
+ extraConfig = [
+ rainloop.apache.vhostConf
+ ];
+ };
+
services.myWebsites.tools.vhostConfs.tools = {
certName = "eldiron";
hosts = ["tools.immae.eu" ];
shaarli = shaarli.phpFpm.pool;
dokuwiki = dokuwiki.phpFpm.pool;
ldap = ldap.phpFpm.pool;
+ rainloop = rainloop.phpFpm.pool;
kanboard = kanboard.phpFpm.pool;
tools = ''
listen = /var/run/phpfpm/tools.sock
rompr = rompr.activationScript;
shaarli = shaarli.activationScript;
dokuwiki = dokuwiki.activationScript;
+ rainloop = rainloop.activationScript;
kanboard = kanboard.activationScript;
};
ln -s ${ttrss.webRoot} $out/webapps/${ttrss.apache.webappName}
ln -s ${wallabag.webRoot} $out/webapps/${wallabag.apache.webappName}
ln -s ${yourls.webRoot} $out/webapps/${yourls.apache.webappName}
+ ln -s ${rainloop.webRoot} $out/webapps/${rainloop.apache.webappName}
ln -s ${kanboard.webRoot} $out/webapps/${kanboard.apache.webappName}
'';
--- /dev/null
+{ lib, pkgs, writeText, stdenv, fetchurl }:
+rec {
+ varDir = "/var/lib/rainloop";
+ activationScript = {
+ deps = [ "wrappers" ];
+ text = ''
+ install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}
+ install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
+ install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/data
+ '';
+ };
+ webRoot = pkgs.rainloop-community.overrideAttrs(old: {
+ installPhase = old.installPhase + ''
+ ln -sf ${varDir}/data $out/data
+ '';
+ });
+ apache = rec {
+ user = "wwwrun";
+ group = "wwwrun";
+ modules = [ "proxy_fcgi" ];
+ webappName = "tools_rainloop";
+ root = "/run/current-system/webapps/${webappName}";
+ vhostConf = ''
+ Alias /rainloop "${root}"
+ <Directory "${root}">
+ DirectoryIndex index.php
+ AllowOverride All
+ Options -FollowSymlinks
+ Require all granted
+
+ <FilesMatch "\.php$">
+ SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+ </FilesMatch>
+ </Directory>
+
+ <DirectoryMatch "${root}/data">
+ Require all denied
+ </DirectoryMatch>
+ '';
+ };
+ phpFpm = rec {
+ basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
+ socket = "/var/run/phpfpm/rainloop.sock";
+ pool = ''
+ listen = ${socket}
+ user = ${apache.user}
+ group = ${apache.group}
+ listen.owner = ${apache.user}
+ listen.group = ${apache.group}
+ pm = ondemand
+ pm.max_children = 60
+ pm.process_idle_timeout = 60
+
+ ; Needed to avoid clashes in browser cookies (same domain)
+ php_value[session.name] = RainloopPHPSESSID
+ php_admin_value[upload_max_filesize] = 200M
+ php_admin_value[post_max_size] = 200M
+ php_admin_value[open_basedir] = "${basedir}:/tmp"
+ php_admin_value[session.save_path] = "${varDir}/phpSessions"
+ '';
+ };
+}
projects / perso / Immae / Config / Nix.git / commitdiff
