From: Ismaƫl Bouya Date: Sat, 12 Jan 2019 11:41:23 +0000 (+0100) Subject: Refactor websites. X-Git-Tag: nur_publish~329 X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=commitdiff_plain;h=108891744eaa7410e305871212d5b81c1b67a095 Refactor websites. This commit refactors websites into module per "vhost". --- diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix index cefef70..0970521 100644 --- a/virtual/eldiron.nix +++ b/virtual/eldiron.nix @@ -9,11 +9,6 @@ # rsync -e "ssh -i /root/.ssh/id_charon_vpn" -aAXvz --delete --numeric-ids --super --rsync-path="sudo rsync" /var/lib/* immae@immae.eu: eldiron = { config, pkgs, mylibs, myconfig, ... }: with mylibs; - let - mypkgs = pkgs.callPackage ./packages.nix { - inherit checkEnv fetchedGit fetchedGithub; - }; - in { _module.args = { mylibs = import ../libs.nix; @@ -28,22 +23,20 @@ imports = [ ./modules/certificates.nix - ./modules/gitolite.nix - ./modules/gitweb - ./modules/databases.nix + ./modules/gitolite + ./modules/databases ./modules/websites - ./modules/websites/phpfpm ]; services.myGitolite.enable = true; - services.myGitweb.enable = true; services.myDatabases.enable = true; services.myWebsites.production.enable = true; services.myWebsites.integration.enable = true; + services.myWebsites.tools.enable = true; networking = { firewall = { enable = true; - allowedTCPPorts = [ 22 9418 ]; + allowedTCPPorts = [ 22 ]; }; }; @@ -67,74 +60,17 @@ }; }; - environment.systemPackages = let - # FIXME: move it to nextcloud - occ = pkgs.writeScriptBin "nextcloud-occ" '' - #! ${pkgs.stdenv.shell} - cd ${mypkgs.nextcloud.webRoot} - NEXTCLOUD_CONFIG_DIR="${mypkgs.nextcloud.webRoot}/config" \ - exec \ - ${pkgs.php}/bin/php \ - -c ${pkgs.php}/etc/php.ini \ - occ $* - ''; - in [ + environment.systemPackages = [ pkgs.telnet pkgs.htop pkgs.vim - occ ]; - security.acme.certs."eldiron".extraDomains = { - "db-1.immae.eu" = null; - "tools.immae.eu" = null; - "cloud.immae.eu" = null; - "dav.immae.eu" = null; - }; - services.openssh.extraConfig = '' AuthorizedKeysCommand /etc/ssh/ldap_authorized_keys AuthorizedKeysCommandUser nobody ''; - services.ympd = mypkgs.ympd.config // { enable = false; }; - - services.myPhpfpm = { - phpPackage = pkgs.php; - phpOptions = '' - session.save_path = "/var/lib/php/sessions" - session.gc_maxlifetime = 60*60*24*15 - session.cache_expire = 60*24*30 - ''; - extraConfig = '' - log_level = notice - ''; - poolPhpConfigs = { - nextcloud = mypkgs.nextcloud.phpFpm.phpConfig; - }; - poolConfigs = { - adminer = mypkgs.adminer.phpFpm.pool; - nextcloud = mypkgs.nextcloud.phpFpm.pool; - mantisbt = mypkgs.mantisbt.phpFpm.pool; - ttrss = mypkgs.ttrss.phpFpm.pool; - roundcubemail = mypkgs.roundcubemail.phpFpm.pool; - davical = mypkgs.davical.phpFpm.pool; - }; - }; - - system.activationScripts = { - nextcloud = mypkgs.nextcloud.activationScript; - ttrss = mypkgs.ttrss.activationScript; - roundcubemail = mypkgs.roundcubemail.activationScript; - httpd = '' - install -d -m 0755 /var/lib/acme/acme-challenge - install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions - install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer - install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt - install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical - ''; - }; - environment.etc."ssh/ldap_authorized_keys" = let ldap_authorized_keys = assert checkEnv "NIXOPS_SSHD_LDAP_PASSWORD"; @@ -155,19 +91,5 @@ source = ldap_authorized_keys; }; - systemd.services.tt-rss = { - description = "Tiny Tiny RSS feeds update daemon"; - serviceConfig = { - User = "wwwrun"; - ExecStart = "${pkgs.php}/bin/php ${mypkgs.ttrss.webRoot}/update.php --daemon"; - StandardOutput = "syslog"; - StandardError = "syslog"; - PermissionsStartOnly = true; - }; - - wantedBy = [ "multi-user.target" ]; - requires = ["postgresql.service"]; - after = ["network.target" "postgresql.service"]; - }; }; } diff --git a/virtual/modules/databases.nix b/virtual/modules/databases/default.nix similarity index 100% rename from virtual/modules/databases.nix rename to virtual/modules/databases/default.nix diff --git a/virtual/modules/postgresql_run_socket_path.patch b/virtual/modules/databases/postgresql_run_socket_path.patch similarity index 100% rename from virtual/modules/postgresql_run_socket_path.patch rename to virtual/modules/databases/postgresql_run_socket_path.patch diff --git a/virtual/modules/gitolite.nix b/virtual/modules/gitolite/default.nix similarity index 96% rename from virtual/modules/gitolite.nix rename to virtual/modules/gitolite/default.nix index d6b9c79..78691fa 100644 --- a/virtual/modules/gitolite.nix +++ b/virtual/modules/gitolite/default.nix @@ -24,6 +24,8 @@ in { }); }; + networking.firewall.allowedTCPPorts = [ 9418 ]; + services.gitDaemon = { enable = true; user = "gitolite"; @@ -36,7 +38,7 @@ in { let gitolite_ldap_groups = mylibs.wrap { name = "gitolite_ldap_groups.sh"; - file = ./gitolite/gitolite_ldap_groups.sh; + file = ./gitolite_ldap_groups.sh; vars = { LDAP_PASS = builtins.getEnv "NIXOPS_GITOLITE_LDAP_PASSWORD"; }; diff --git a/virtual/modules/gitweb/default.nix b/virtual/modules/gitweb/default.nix deleted file mode 100644 index 2a860ba..0000000 --- a/virtual/modules/gitweb/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ lib, pkgs, config, mylibs, ... }: -let - # FIXME: add buildbot - gitweb = pkgs.callPackage ./gitweb.nix { gitoliteDir = config.services.myGitolite.gitoliteDir; }; - cfg = config.services.myGitweb; -in { - options.services.myGitweb = { - enable = lib.mkEnableOption "my gitweb service"; - }; - - config = lib.mkIf cfg.enable { - security.acme.certs."eldiron".extraDomains."git.immae.eu" = null; - - nixpkgs.config.packageOverrides = oldpkgs: rec { - gitweb = oldpkgs.gitweb.overrideAttrs(old: { - installPhase = old.installPhase + '' - cp -r ${./theme} $out/gitweb-theme; - ''; - }); - }; - - services.myWebsites.tools.modules = gitweb.apache.modules; - services.myWebsites.tools.vhostConfs.git = { - certName = "eldiron"; - hosts = ["git.immae.eu" ]; - root = gitweb.webRoot; - extraConfig = [ gitweb.apache.vhostConf ]; - }; - }; -} diff --git a/virtual/packages/adminer.nix b/virtual/modules/websites/commons/adminer.nix similarity index 100% rename from virtual/packages/adminer.nix rename to virtual/modules/websites/commons/adminer.nix diff --git a/virtual/modules/websites/default.nix b/virtual/modules/websites/default.nix index b027b81..6b31381 100644 --- a/virtual/modules/websites/default.nix +++ b/virtual/modules/websites/default.nix @@ -91,11 +91,18 @@ in ./aten ./piedsjaloux ./connexionswing + ./tools/db + ./tools/tools + ./tools/dav + ./tools/cloud + ./tools/git # built using: # sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix # And removed users / groups ./apache/httpd_prod.nix ./apache/httpd_inte.nix + # Adapted from base phpfpm + ./phpfpm ]; options.services.myWebsites = { @@ -155,6 +162,12 @@ in phpPackages = oldpkgs.php72Packages.override { inherit php; }; }; + services.myWebsites.tools.databases.enable = true; + services.myWebsites.tools.tools.enable = true; + services.myWebsites.tools.dav.enable = true; + services.myWebsites.tools.cloud.enable = true; + services.myWebsites.tools.git.enable = true; + services.myWebsites.Chloe.production.enable = cfg.production.enable; services.myWebsites.Ludivine.production.enable = cfg.production.enable; services.myWebsites.Aten.production.enable = cfg.production.enable; @@ -227,6 +240,28 @@ in }; }; + system.activationScripts = { + httpd = '' + install -d -m 0755 /var/lib/acme/acme-challenge + install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions + install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer + install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt + install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical + ''; + }; + + services.myPhpfpm = { + phpPackage = pkgs.php; + phpOptions = '' + session.save_path = "/var/lib/php/sessions" + session.gc_maxlifetime = 60*60*24*15 + session.cache_expire = 60*24*30 + ''; + extraConfig = '' + log_level = notice + ''; + }; + # FIXME: logrotate # FIXME: ipv6 services.httpdProd = makeService "production" config.services.myWebsites.production; @@ -238,63 +273,7 @@ in services.myWebsites.integration.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig)); services.httpd = makeService "tools" config.services.myWebsites.tools; - services.myWebsites.tools.modules = - mypkgs.adminer.apache.modules ++ - mypkgs.nextcloud.apache.modules ++ - mypkgs.ympd.apache.modules ++ - mypkgs.mantisbt.apache.modules ++ - mypkgs.ttrss.apache.modules ++ - mypkgs.roundcubemail.apache.modules ++ - pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig); + services.myWebsites.tools.modules = pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig); services.myWebsites.tools.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig)); - # FIXME: move them all to separate modules - services.myWebsites.tools.vhostConfs.eldiron = { - certName = "eldiron"; - hosts = ["eldiron.immae.eu" ]; - root = ../../www; - extraConfig = [ "DirectoryIndex index.htm" ]; - }; - services.myWebsites.tools.vhostConfs.db-1 = { - certName = "eldiron"; - hosts = ["db-1.immae.eu" ]; - root = null; - extraConfig = [ mypkgs.adminer.apache.vhostConf ]; - }; - services.myWebsites.tools.vhostConfs.tools = { - certName = "eldiron"; - hosts = ["tools.immae.eu" ]; - root = null; - extraConfig = [ - mypkgs.adminer.apache.vhostConf - mypkgs.ympd.apache.vhostConf - mypkgs.ttrss.apache.vhostConf - mypkgs.roundcubemail.apache.vhostConf - ]; - }; - services.myWebsites.tools.vhostConfs.dav = { - certName = "eldiron"; - hosts = ["dav.immae.eu" ]; - root = null; - extraConfig = [ - mypkgs.infcloud.apache.vhostConf - mypkgs.davical.apache.vhostConf - ]; - }; - services.myWebsites.tools.vhostConfs.cloud = { - certName = "eldiron"; - hosts = ["cloud.immae.eu" ]; - root = mypkgs.nextcloud.webRoot; - extraConfig = [ - mypkgs.nextcloud.apache.vhostConf - ]; - }; - services.myWebsites.tools.vhostConfs.git.extraConfig = [ - mypkgs.mantisbt.apache.vhostConf - '' - RewriteEngine on - RewriteCond %{REQUEST_URI} ^/releases - RewriteRule /releases(.*) https://release.immae.eu$1 [P,L] - '' - ]; }; } diff --git a/virtual/modules/websites/tools/cloud/default.nix b/virtual/modules/websites/tools/cloud/default.nix new file mode 100644 index 0000000..7dd5c6e --- /dev/null +++ b/virtual/modules/websites/tools/cloud/default.nix @@ -0,0 +1,45 @@ +{ lib, pkgs, config, mylibs, ... }: +let + nextcloud = pkgs.callPackage ./nextcloud.nix { inherit (mylibs) checkEnv; }; + + cfg = config.services.myWebsites.tools.cloud; +in { + options.services.myWebsites.tools.cloud = { + enable = lib.mkEnableOption "enable cloud website"; + }; + + config = lib.mkIf cfg.enable { + security.acme.certs."eldiron".extraDomains."cloud.immae.eu" = null; + + services.myWebsites.tools.modules = nextcloud.apache.modules; + + services.myWebsites.tools.vhostConfs.cloud = { + certName = "eldiron"; + hosts = ["cloud.immae.eu" ]; + root = nextcloud.webRoot; + extraConfig = [ + nextcloud.apache.vhostConf + ]; + }; + + environment.systemPackages = let + occ = pkgs.writeScriptBin "nextcloud-occ" '' + #! ${pkgs.stdenv.shell} + cd ${nextcloud.webRoot} + NEXTCLOUD_CONFIG_DIR="${nextcloud.webRoot}/config" \ + exec \ + ${pkgs.php}/bin/php \ + -c ${pkgs.php}/etc/php.ini \ + occ $* + ''; + in [ occ ]; + + system.activationScripts.nextcloud = nextcloud.activationScript; + + services.myPhpfpm = { + poolPhpConfigs.nextcloud = nextcloud.phpFpm.phpConfig; + poolConfigs.nextcloud = nextcloud.phpFpm.pool; + }; + + }; +} diff --git a/virtual/packages/nextcloud-config/mimetypealiases.json b/virtual/modules/websites/tools/cloud/nextcloud-config/mimetypealiases.json similarity index 100% rename from virtual/packages/nextcloud-config/mimetypealiases.json rename to virtual/modules/websites/tools/cloud/nextcloud-config/mimetypealiases.json diff --git a/virtual/packages/nextcloud-config/mimetypemapping.json b/virtual/modules/websites/tools/cloud/nextcloud-config/mimetypemapping.json similarity index 100% rename from virtual/packages/nextcloud-config/mimetypemapping.json rename to virtual/modules/websites/tools/cloud/nextcloud-config/mimetypemapping.json diff --git a/virtual/packages/nextcloud.nix b/virtual/modules/websites/tools/cloud/nextcloud.nix similarity index 100% rename from virtual/packages/nextcloud.nix rename to virtual/modules/websites/tools/cloud/nextcloud.nix diff --git a/virtual/packages/davical.nix b/virtual/modules/websites/tools/dav/davical.nix similarity index 99% rename from virtual/packages/davical.nix rename to virtual/modules/websites/tools/dav/davical.nix index f539ba6..697bd60 100644 --- a/virtual/packages/davical.nix +++ b/virtual/modules/websites/tools/dav/davical.nix @@ -96,6 +96,7 @@ let apache = { user = "wwwrun"; group = "wwwrun"; + modules = [ "proxy_fcgi" ]; vhostConf = '' Alias /davical "${webRoot}" Alias /caldav.php "${webRoot}/caldav.php" diff --git a/virtual/packages/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch b/virtual/modules/websites/tools/dav/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch similarity index 100% rename from virtual/packages/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch rename to virtual/modules/websites/tools/dav/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch diff --git a/virtual/modules/websites/tools/dav/default.nix b/virtual/modules/websites/tools/dav/default.nix new file mode 100644 index 0000000..201da38 --- /dev/null +++ b/virtual/modules/websites/tools/dav/default.nix @@ -0,0 +1,33 @@ +{ lib, pkgs, config, mylibs, ... }: +let + infcloud = pkgs.callPackage ./infcloud.nix {}; + davical = pkgs.callPackage ./davical.nix { inherit (mylibs) checkEnv; }; + + cfg = config.services.myWebsites.tools.dav; +in { + options.services.myWebsites.tools.dav = { + enable = lib.mkEnableOption "enable dav website"; + }; + + config = lib.mkIf cfg.enable { + security.acme.certs."eldiron".extraDomains."dav.immae.eu" = null; + + services.myWebsites.tools.modules = davical.apache.modules; + + services.myWebsites.tools.vhostConfs.dav = { + certName = "eldiron"; + hosts = ["dav.immae.eu" ]; + root = null; + extraConfig = [ + infcloud.apache.vhostConf + davical.apache.vhostConf + ]; + }; + + services.myPhpfpm.poolConfigs = { + davical = davical.phpFpm.pool; + }; + + }; +} + diff --git a/virtual/packages/infcloud.nix b/virtual/modules/websites/tools/dav/infcloud.nix similarity index 100% rename from virtual/packages/infcloud.nix rename to virtual/modules/websites/tools/dav/infcloud.nix diff --git a/virtual/packages/infcloud_config.js b/virtual/modules/websites/tools/dav/infcloud_config.js similarity index 100% rename from virtual/packages/infcloud_config.js rename to virtual/modules/websites/tools/dav/infcloud_config.js diff --git a/virtual/modules/websites/tools/db/default.nix b/virtual/modules/websites/tools/db/default.nix new file mode 100644 index 0000000..20f77c7 --- /dev/null +++ b/virtual/modules/websites/tools/db/default.nix @@ -0,0 +1,23 @@ +{ lib, pkgs, config, mylibs, ... }: +let + adminer = pkgs.callPackage ../../commons/adminer.nix {}; + + cfg = config.services.myWebsites.tools.databases; +in { + options.services.myWebsites.tools.databases = { + enable = lib.mkEnableOption "enable database's website"; + }; + + config = lib.mkIf cfg.enable { + # FIXME: include it in vhostConf ? + security.acme.certs."eldiron".extraDomains."db-1.immae.eu" = null; + + services.myWebsites.tools.modules = adminer.apache.modules; + services.myWebsites.tools.vhostConfs.db-1 = { + certName = "eldiron"; + hosts = ["db-1.immae.eu" ]; + root = null; + extraConfig = [ adminer.apache.vhostConf ]; + }; + }; +} diff --git a/virtual/modules/websites/tools/git/default.nix b/virtual/modules/websites/tools/git/default.nix new file mode 100644 index 0000000..0a63013 --- /dev/null +++ b/virtual/modules/websites/tools/git/default.nix @@ -0,0 +1,46 @@ +{ lib, pkgs, config, mylibs, ... }: +let + mantisbt = pkgs.callPackage ./mantisbt/mantisbt.nix { inherit (mylibs) checkEnv fetchedGithub; }; + gitweb = pkgs.callPackage ./gitweb/gitweb.nix { gitoliteDir = config.services.myGitolite.gitoliteDir; }; + + cfg = config.services.myWebsites.tools.git; +in { + options.services.myWebsites.tools.git = { + enable = lib.mkEnableOption "enable git's website"; + }; + + config = lib.mkIf cfg.enable { + # FIXME: include it in vhostConf ? + security.acme.certs."eldiron".extraDomains."git.immae.eu" = null; + + nixpkgs.config.packageOverrides = oldpkgs: rec { + gitweb = oldpkgs.gitweb.overrideAttrs(old: { + installPhase = old.installPhase + '' + cp -r ${./gitweb/theme} $out/gitweb-theme; + ''; + }); + }; + + services.myWebsites.tools.modules = + gitweb.apache.modules ++ + mantisbt.apache.modules; + + services.myWebsites.tools.vhostConfs.git = { + certName = "eldiron"; + hosts = ["git.immae.eu" ]; + root = gitweb.webRoot; + extraConfig = [ + gitweb.apache.vhostConf + mantisbt.apache.vhostConf + '' + RewriteEngine on + RewriteCond %{REQUEST_URI} ^/releases + RewriteRule /releases(.*) https://release.immae.eu$1 [P,L] + '' + ]; + }; + services.myPhpfpm.poolConfigs = { + mantisbt = mantisbt.phpFpm.pool; + }; + }; +} diff --git a/virtual/modules/gitweb/gitweb.nix b/virtual/modules/websites/tools/git/gitweb/gitweb.nix similarity index 100% rename from virtual/modules/gitweb/gitweb.nix rename to virtual/modules/websites/tools/git/gitweb/gitweb.nix diff --git a/virtual/modules/gitweb/theme/git-favicon.png b/virtual/modules/websites/tools/git/gitweb/theme/git-favicon.png similarity index 100% rename from virtual/modules/gitweb/theme/git-favicon.png rename to virtual/modules/websites/tools/git/gitweb/theme/git-favicon.png diff --git a/virtual/modules/gitweb/theme/git-logo.png b/virtual/modules/websites/tools/git/gitweb/theme/git-logo.png similarity index 100% rename from virtual/modules/gitweb/theme/git-logo.png rename to virtual/modules/websites/tools/git/gitweb/theme/git-logo.png diff --git a/virtual/modules/gitweb/theme/gitweb.css b/virtual/modules/websites/tools/git/gitweb/theme/gitweb.css similarity index 100% rename from virtual/modules/gitweb/theme/gitweb.css rename to virtual/modules/websites/tools/git/gitweb/theme/gitweb.css diff --git a/virtual/modules/gitweb/theme/gitweb.js b/virtual/modules/websites/tools/git/gitweb/theme/gitweb.js similarity index 100% rename from virtual/modules/gitweb/theme/gitweb.js rename to virtual/modules/websites/tools/git/gitweb/theme/gitweb.js diff --git a/virtual/packages/mantisbt-plugin-slack.json b/virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-slack.json similarity index 100% rename from virtual/packages/mantisbt-plugin-slack.json rename to virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-slack.json diff --git a/virtual/packages/mantisbt-plugin-source-integration.json b/virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration.json similarity index 100% rename from virtual/packages/mantisbt-plugin-source-integration.json rename to virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration.json diff --git a/virtual/packages/mantisbt-plugin-source-integration_Source.API.php.diff b/virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration_Source.API.php.diff similarity index 100% rename from virtual/packages/mantisbt-plugin-source-integration_Source.API.php.diff rename to virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration_Source.API.php.diff diff --git a/virtual/packages/mantisbt.nix b/virtual/modules/websites/tools/git/mantisbt/mantisbt.nix similarity index 95% rename from virtual/packages/mantisbt.nix rename to virtual/modules/websites/tools/git/mantisbt/mantisbt.nix index 335cb7d..009c902 100644 --- a/virtual/packages/mantisbt.nix +++ b/virtual/modules/websites/tools/git/mantisbt/mantisbt.nix @@ -64,10 +64,10 @@ let sha256 = "0jnrqz6r2hf53v0k1lh3il7hlfiphn61r9wgg6mzyywkjxwq07md"; }; patches = [ - ./mantisbt-patches/bug_report.php.diff - ./mantisbt-patches/bug_report_page.php.diff - ./mantisbt-patches/bugnote_add.php.diff - ./mantisbt-patches/bugnote_add_inc.php.diff + ./patches/bug_report.php.diff + ./patches/bug_report_page.php.diff + ./patches/bugnote_add.php.diff + ./patches/bugnote_add_inc.php.diff ]; installPhase = '' cp -a . $out diff --git a/virtual/packages/mantisbt-patches/bug_report.php.diff b/virtual/modules/websites/tools/git/mantisbt/patches/bug_report.php.diff similarity index 100% rename from virtual/packages/mantisbt-patches/bug_report.php.diff rename to virtual/modules/websites/tools/git/mantisbt/patches/bug_report.php.diff diff --git a/virtual/packages/mantisbt-patches/bug_report_page.php.diff b/virtual/modules/websites/tools/git/mantisbt/patches/bug_report_page.php.diff similarity index 100% rename from virtual/packages/mantisbt-patches/bug_report_page.php.diff rename to virtual/modules/websites/tools/git/mantisbt/patches/bug_report_page.php.diff diff --git a/virtual/packages/mantisbt-patches/bugnote_add.php.diff b/virtual/modules/websites/tools/git/mantisbt/patches/bugnote_add.php.diff similarity index 100% rename from virtual/packages/mantisbt-patches/bugnote_add.php.diff rename to virtual/modules/websites/tools/git/mantisbt/patches/bugnote_add.php.diff diff --git a/virtual/packages/mantisbt-patches/bugnote_add_inc.php.diff b/virtual/modules/websites/tools/git/mantisbt/patches/bugnote_add_inc.php.diff similarity index 100% rename from virtual/packages/mantisbt-patches/bugnote_add_inc.php.diff rename to virtual/modules/websites/tools/git/mantisbt/patches/bugnote_add_inc.php.diff diff --git a/virtual/modules/websites/tools/tools/default.nix b/virtual/modules/websites/tools/tools/default.nix new file mode 100644 index 0000000..f29ac11 --- /dev/null +++ b/virtual/modules/websites/tools/tools/default.nix @@ -0,0 +1,65 @@ +{ lib, pkgs, config, mylibs, ... }: +let + adminer = pkgs.callPackage ../../commons/adminer.nix {}; + ympd = pkgs.callPackage ./ympd.nix {}; + ttrss = pkgs.callPackage ./ttrss.nix { inherit (mylibs) checkEnv fetchedGithub fetchedGit; }; + roundcubemail = pkgs.callPackage ./roundcubemail.nix { inherit (mylibs) checkEnv; }; + + cfg = config.services.myWebsites.tools.tools; +in { + options.services.myWebsites.tools.tools = { + enable = lib.mkEnableOption "enable tools website"; + }; + + config = lib.mkIf cfg.enable { + security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null; + + services.myWebsites.tools.modules = + adminer.apache.modules + ++ ympd.apache.modules + ++ ttrss.apache.modules + ++ roundcubemail.apache.modules; + + services.ympd = ympd.config // { enable = false; }; + + services.myWebsites.tools.vhostConfs.tools = { + certName = "eldiron"; + hosts = ["tools.immae.eu" ]; + root = null; + extraConfig = [ + adminer.apache.vhostConf + ympd.apache.vhostConf + ttrss.apache.vhostConf + roundcubemail.apache.vhostConf + ]; + }; + + services.myPhpfpm.poolConfigs = { + adminer = adminer.phpFpm.pool; + ttrss = ttrss.phpFpm.pool; + roundcubemail = roundcubemail.phpFpm.pool; + }; + + system.activationScripts = { + ttrss = ttrss.activationScript; + roundcubemail = roundcubemail.activationScript; + }; + + systemd.services.tt-rss = { + description = "Tiny Tiny RSS feeds update daemon"; + serviceConfig = { + User = "wwwrun"; + ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon"; + StandardOutput = "syslog"; + StandardError = "syslog"; + PermissionsStartOnly = true; + }; + + wantedBy = [ "multi-user.target" ]; + requires = ["postgresql.service"]; + after = ["network.target" "postgresql.service"]; + }; + + }; +} + diff --git a/virtual/packages/roundcubemail.nix b/virtual/modules/websites/tools/tools/roundcubemail.nix similarity index 100% rename from virtual/packages/roundcubemail.nix rename to virtual/modules/websites/tools/tools/roundcubemail.nix diff --git a/virtual/packages/tt-rss.json b/virtual/modules/websites/tools/tools/tt-rss.json similarity index 100% rename from virtual/packages/tt-rss.json rename to virtual/modules/websites/tools/tools/tt-rss.json diff --git a/virtual/packages/ttrss-af-feedmod_type_replace.patch b/virtual/modules/websites/tools/tools/ttrss-af-feedmod_type_replace.patch similarity index 100% rename from virtual/packages/ttrss-af-feedmod_type_replace.patch rename to virtual/modules/websites/tools/tools/ttrss-af-feedmod_type_replace.patch diff --git a/virtual/packages/ttrss-af_feedmod.json b/virtual/modules/websites/tools/tools/ttrss-af_feedmod.json similarity index 100% rename from virtual/packages/ttrss-af_feedmod.json rename to virtual/modules/websites/tools/tools/ttrss-af_feedmod.json diff --git a/virtual/packages/ttrss-auth-ldap.json b/virtual/modules/websites/tools/tools/ttrss-auth-ldap.json similarity index 100% rename from virtual/packages/ttrss-auth-ldap.json rename to virtual/modules/websites/tools/tools/ttrss-auth-ldap.json diff --git a/virtual/packages/ttrss-feediron.json b/virtual/modules/websites/tools/tools/ttrss-feediron.json similarity index 100% rename from virtual/packages/ttrss-feediron.json rename to virtual/modules/websites/tools/tools/ttrss-feediron.json diff --git a/virtual/packages/ttrss-feediron_json_reformat.patch b/virtual/modules/websites/tools/tools/ttrss-feediron_json_reformat.patch similarity index 100% rename from virtual/packages/ttrss-feediron_json_reformat.patch rename to virtual/modules/websites/tools/tools/ttrss-feediron_json_reformat.patch diff --git a/virtual/packages/ttrss-ff_instagram.json b/virtual/modules/websites/tools/tools/ttrss-ff_instagram.json similarity index 100% rename from virtual/packages/ttrss-ff_instagram.json rename to virtual/modules/websites/tools/tools/ttrss-ff_instagram.json diff --git a/virtual/packages/ttrss-tumblr_gdpr_ua.json b/virtual/modules/websites/tools/tools/ttrss-tumblr_gdpr_ua.json similarity index 100% rename from virtual/packages/ttrss-tumblr_gdpr_ua.json rename to virtual/modules/websites/tools/tools/ttrss-tumblr_gdpr_ua.json diff --git a/virtual/packages/ttrss.nix b/virtual/modules/websites/tools/tools/ttrss.nix similarity index 100% rename from virtual/packages/ttrss.nix rename to virtual/modules/websites/tools/tools/ttrss.nix diff --git a/virtual/packages/ympd.nix b/virtual/modules/websites/tools/tools/ympd.nix similarity index 100% rename from virtual/packages/ympd.nix rename to virtual/modules/websites/tools/tools/ympd.nix diff --git a/virtual/packages.nix b/virtual/packages.nix deleted file mode 100644 index 1f01ba7..0000000 --- a/virtual/packages.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ callPackage, checkEnv, fetchedGit, fetchedGithub }: -let - nextcloud = callPackage ./packages/nextcloud.nix { inherit checkEnv; }; - adminer = callPackage ./packages/adminer.nix {}; - ympd = callPackage ./packages/ympd.nix {}; - mantisbt = callPackage ./packages/mantisbt.nix { inherit checkEnv fetchedGithub; }; - ttrss = callPackage ./packages/ttrss.nix { inherit checkEnv fetchedGithub fetchedGit; }; - roundcubemail = callPackage ./packages/roundcubemail.nix { inherit checkEnv; }; - infcloud = callPackage ./packages/infcloud.nix {}; - davical = callPackage ./packages/davical.nix { inherit checkEnv; }; -in - { - inherit adminer; - inherit ympd; - inherit nextcloud; - inherit mantisbt; - inherit ttrss; - inherit roundcubemail; - inherit infcloud; - inherit davical; - } diff --git a/virtual/packages/test_goaccess.conf b/virtual/packages/test_goaccess.conf deleted file mode 100644 index d4f243a..0000000 --- a/virtual/packages/test_goaccess.conf +++ /dev/null @@ -1,99 +0,0 @@ -time-format %H:%M:%S -date-format %d/%b/%Y - -#sur immae.eu -#log-format %v %h %^[%d:%t %^] "%r" %s %b "%R" "%u" $^ - -log-format VCOMBINED -#= %v:%^ %h %^[%d:%t %^] "%r" %s %b "%R" "%u" - -html-prefs {"theme":"bright","layout":"vertical"} - -exclude-ip 188.165.209.148 -exclude-ip 178.33.252.96 -exclude-ip 2001:41d0:2:9c94::1 -exclude-ip 2001:41d0:2:9c94:: -exclude-ip 176.9.151.89 -exclude-ip 2a01:4f8:160:3445:: -exclude-ip 82.255.56.72 - -no-query-string true - -keep-db-files true -load-from-disk true -db-path /var/lib/goaccess/cloud.immae.eu - -ignore-panel REFERRERS -ignore-panel KEYPHRASES - -static-file .css -static-file .js -static-file .jpg -static-file .png -static-file .gif -static-file .ico -static-file .jpeg -static-file .pdf -static-file .csv -static-file .mpeg -static-file .mpg -static-file .swf -static-file .woff -static-file .woff2 -static-file .xls -static-file .xlsx -static-file .doc -static-file .docx -static-file .ppt -static-file .pptx -static-file .txt -static-file .zip -static-file .ogg -static-file .mp3 -static-file .mp4 -static-file .exe -static-file .iso -static-file .gz -static-file .rar -static-file .svg -static-file .bmp -static-file .tar -static-file .tgz -static-file .tiff -static-file .tif -static-file .ttf -static-file .flv -#static-file .less -#static-file .ac3 -#static-file .avi -#static-file .bz2 -#static-file .class -#static-file .cue -#static-file .dae -#static-file .dat -#static-file .dts -#static-file .ejs -#static-file .eot -#static-file .eps -#static-file .img -#static-file .jar -#static-file .map -#static-file .mid -#static-file .midi -#static-file .ogv -#static-file .webm -#static-file .mkv -#static-file .odp -#static-file .ods -#static-file .odt -#static-file .otf -#static-file .pict -#static-file .pls -#static-file .ps -#static-file .qt -#static-file .rm -#static-file .svgz -#static-file .wav -#static-file .webp - -