From: Ismaƫl Bouya Date: Sat, 16 Feb 2019 14:31:07 +0000 (+0100) Subject: Move tools websites to stable web directories X-Git-Tag: nur_publish~233 X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=commitdiff_plain;h=a95ab089420d6edf24f22500dabf7876d329dc91 Move tools websites to stable web directories --- diff --git a/nixops/modules/websites/tools/cloud/default.nix b/nixops/modules/websites/tools/cloud/default.nix index f014776..360d52c 100644 --- a/nixops/modules/websites/tools/cloud/default.nix +++ b/nixops/modules/websites/tools/cloud/default.nix @@ -18,7 +18,7 @@ in { services.myWebsites.tools.vhostConfs.cloud = { certName = "eldiron"; hosts = ["cloud.immae.eu" ]; - root = nextcloud.webRoot; + root = nextcloud.apache.root; extraConfig = [ nextcloud.apache.vhostConf ]; @@ -37,6 +37,10 @@ in { in [ occ ]; system.activationScripts.nextcloud = nextcloud.activationScript; + system.extraSystemBuilderCmds = '' + mkdir -p $out/webapps + ln -s ${nextcloud.webRoot} $out/webapps/${nextcloud.apache.webappName} + ''; services.myPhpfpm = { poolPhpConfigs.nextcloud = nextcloud.phpFpm.phpConfig; diff --git a/nixops/modules/websites/tools/cloud/nextcloud.nix b/nixops/modules/websites/tools/cloud/nextcloud.nix index ac77920..d9e0be0 100644 --- a/nixops/modules/websites/tools/cloud/nextcloud.nix +++ b/nixops/modules/websites/tools/cloud/nextcloud.nix @@ -214,13 +214,15 @@ let fi ''; }; - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; + webappName = "tools_nextcloud"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 - + AcceptPathInfo On DirectoryIndex index.php Options FollowSymlinks diff --git a/nixops/modules/websites/tools/dav/davical.nix b/nixops/modules/websites/tools/dav/davical.nix index 3f43607..6668fa1 100644 --- a/nixops/modules/websites/tools/dav/davical.nix +++ b/nixops/modules/websites/tools/dav/davical.nix @@ -89,14 +89,16 @@ let buildInputs = [ gettext ]; }; webRoot = "${webapp}/htdocs"; - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; + webappName = "tools_davical"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' - Alias /davical "${webRoot}" - Alias /caldav.php "${webRoot}/caldav.php" - + Alias /davical "${root}" + Alias /caldav.php "${root}/caldav.php" + DirectoryIndex index.php index.html AcceptPathInfo On AllowOverride None diff --git a/nixops/modules/websites/tools/dav/default.nix b/nixops/modules/websites/tools/dav/default.nix index ef9735e..5b5d21e 100644 --- a/nixops/modules/websites/tools/dav/default.nix +++ b/nixops/modules/websites/tools/dav/default.nix @@ -30,6 +30,11 @@ in { davical = davical.phpFpm.pool; }; + system.extraSystemBuilderCmds = '' + mkdir -p $out/webapps + ln -s ${davical.webRoot} $out/webapps/${davical.apache.webappName} + ln -s ${infcloud.webRoot} $out/webapps/${infcloud.apache.webappName} + ''; }; } diff --git a/nixops/modules/websites/tools/dav/infcloud.nix b/nixops/modules/websites/tools/dav/infcloud.nix index 876578b..f1204ab 100644 --- a/nixops/modules/websites/tools/dav/infcloud.nix +++ b/nixops/modules/websites/tools/dav/infcloud.nix @@ -18,14 +18,16 @@ let ''; buildInputs = [ ed ]; }; - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; + webappName = "tools_infcloud"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' - Alias /carddavmate ${webRoot} - Alias /caldavzap ${webRoot} - Alias /infcloud ${webRoot} - + Alias /carddavmate ${root} + Alias /caldavzap ${root} + Alias /infcloud ${root} + AllowOverride All Options FollowSymlinks Require all granted diff --git a/nixops/modules/websites/tools/diaspora/default.nix b/nixops/modules/websites/tools/diaspora/default.nix index 87faee8..cd35385 100644 --- a/nixops/modules/websites/tools/diaspora/default.nix +++ b/nixops/modules/websites/tools/diaspora/default.nix @@ -5,6 +5,7 @@ let env = myconfig.env.tools.diaspora; }; + root = "/run/current-system/webapps/tools_diaspora"; cfg = config.services.myWebsites.tools.diaspora; in { options.services.myWebsites.tools.diaspora = { @@ -80,10 +81,14 @@ in { "headers" "proxy" "proxy_http" ]; security.acme.certs."eldiron".extraDomains."diaspora.immae.eu" = null; + system.extraSystemBuilderCmds = '' + mkdir -p $out/webapps + ln -s ${diaspora.railsRoot}/public/ $out/webapps/tools_diaspora + ''; services.myWebsites.tools.vhostConfs.diaspora = { certName = "eldiron"; hosts = [ "diaspora.immae.eu" ]; - root = "${diaspora.railsRoot}/public/"; + root = root; extraConfig = [ '' RewriteEngine On RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f @@ -98,7 +103,7 @@ in { Require all granted - + Require all granted Options -MultiViews diff --git a/nixops/modules/websites/tools/git/default.nix b/nixops/modules/websites/tools/git/default.nix index 91aa1d0..2aa86cd 100644 --- a/nixops/modules/websites/tools/git/default.nix +++ b/nixops/modules/websites/tools/git/default.nix @@ -26,11 +26,16 @@ in { services.myWebsites.tools.modules = gitweb.apache.modules ++ mantisbt.apache.modules; + system.extraSystemBuilderCmds = '' + mkdir -p $out/webapps + ln -s ${gitweb.webRoot} $out/webapps/${gitweb.apache.webappName} + ln -s ${mantisbt.webRoot} $out/webapps/${mantisbt.apache.webappName} + ''; services.myWebsites.tools.vhostConfs.git = { certName = "eldiron"; hosts = ["git.immae.eu" ]; - root = gitweb.webRoot; + root = gitweb.apache.root; extraConfig = [ gitweb.apache.vhostConf mantisbt.apache.vhostConf diff --git a/nixops/modules/websites/tools/git/gitweb/gitweb.nix b/nixops/modules/websites/tools/git/gitweb/gitweb.nix index 22c70f2..2ee7a63 100644 --- a/nixops/modules/websites/tools/git/gitweb/gitweb.nix +++ b/nixops/modules/websites/tools/git/gitweb/gitweb.nix @@ -29,10 +29,12 @@ rec { $project_list_default_category = "__Others__"; $highlight_bin = "${highlight}/bin/highlight"; ''; - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "cgid" ]; + webappName = "tools_gitweb"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' SetEnv GIT_PROJECT_ROOT ${varDir}/repositories/ ScriptAliasMatch \ @@ -44,13 +46,10 @@ rec { git-(upload|receive)-pack))$" \ ${git}/libexec/git-core/git-http-backend/$1 - - Require all granted - Require all granted - + DirectoryIndex gitweb.cgi Require all granted AllowOverride None diff --git a/nixops/modules/websites/tools/git/mantisbt/mantisbt.nix b/nixops/modules/websites/tools/git/mantisbt/mantisbt.nix index b1837eb..9bb8476 100644 --- a/nixops/modules/websites/tools/git/mantisbt/mantisbt.nix +++ b/nixops/modules/websites/tools/git/mantisbt/mantisbt.nix @@ -72,13 +72,15 @@ let ln -s ${plugins.source-integration}/Source* $out/plugins/ ''; }; - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; + webappName = "tools_mantisbt"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' - Alias /mantisbt "${webRoot}" - + Alias /mantisbt "${root}" + DirectoryIndex index.php SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" @@ -88,7 +90,7 @@ let Options FollowSymlinks Require all granted - + #Reenable during upgrade Require all denied diff --git a/nixops/modules/websites/tools/mastodon/default.nix b/nixops/modules/websites/tools/mastodon/default.nix index 0aaff70..6e34280 100644 --- a/nixops/modules/websites/tools/mastodon/default.nix +++ b/nixops/modules/websites/tools/mastodon/default.nix @@ -5,6 +5,7 @@ let env = myconfig.env.tools.mastodon; }; + root = "/run/current-system/webapps/tools_mastodon"; cfg = config.services.myWebsites.tools.mastodon; in { options.services.myWebsites.tools.mastodon = { @@ -138,10 +139,14 @@ in { "headers" "proxy" "proxy_wstunnel" "proxy_http" ]; security.acme.certs."eldiron".extraDomains."mastodon.immae.eu" = null; + system.extraSystemBuilderCmds = '' + mkdir -p $out/webapps + ln -s ${mastodon.railsRoot}/public/ $out/webapps/tools_mastodon + ''; services.myWebsites.tools.vhostConfs.mastodon = { certName = "eldiron"; hosts = ["mastodon.immae.eu" ]; - root = "${mastodon.railsRoot}/public/"; + root = root; extraConfig = [ '' Header always set Referrer-Policy "strict-origin-when-cross-origin" Header always set Strict-Transport-Security "max-age=31536000" @@ -178,7 +183,7 @@ in { Options -MultiViews - + Require all granted Options -MultiViews +FollowSymlinks diff --git a/nixops/modules/websites/tools/tools/default.nix b/nixops/modules/websites/tools/tools/default.nix index 2060c79..7781928 100644 --- a/nixops/modules/websites/tools/tools/default.nix +++ b/nixops/modules/websites/tools/tools/default.nix @@ -118,6 +118,18 @@ in { dokuwiki = dokuwiki.activationScript; }; + system.extraSystemBuilderCmds = '' + mkdir -p $out/webapps + ln -s ${dokuwiki.webRoot} $out/webapps/${dokuwiki.apache.webappName} + ln -s ${ldap.webRoot}/htdocs $out/webapps/${ldap.apache.webappName} + ln -s ${rompr.webRoot} $out/webapps/${rompr.apache.webappName} + ln -s ${roundcubemail.webRoot} $out/webapps/${roundcubemail.apache.webappName} + ln -s ${shaarli.webRoot} $out/webapps/${shaarli.apache.webappName} + ln -s ${ttrss.webRoot} $out/webapps/${ttrss.apache.webappName} + ln -s ${wallabag.webRoot} $out/webapps/${wallabag.apache.webappName} + ln -s ${yourls.webRoot} $out/webapps/${yourls.apache.webappName} + ''; + nixpkgs.config.packageOverrides = oldpkgs: rec { ympd = oldpkgs.ympd.overrideAttrs(old: mylibs.fetchedGithub ./ympd.json); }; diff --git a/nixops/modules/websites/tools/tools/dokuwiki.nix b/nixops/modules/websites/tools/tools/dokuwiki.nix index 5affddb..ad1497f 100644 --- a/nixops/modules/websites/tools/tools/dokuwiki.nix +++ b/nixops/modules/websites/tools/tools/dokuwiki.nix @@ -55,13 +55,15 @@ let )} ''; }); - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; + webappName = "tools_dokuwiki"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' - Alias /dokuwiki "${webRoot}" - + Alias /dokuwiki "${root}" + DirectoryIndex index.php SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" diff --git a/nixops/modules/websites/tools/tools/ldap.nix b/nixops/modules/websites/tools/tools/ldap.nix index 82615a7..6cde881 100644 --- a/nixops/modules/websites/tools/tools/ldap.nix +++ b/nixops/modules/websites/tools/tools/ldap.nix @@ -42,13 +42,15 @@ rec { ln -sf ${config} $out/config/config.php ''; }; - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; + webappName = "tools_ldap"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' - Alias /ldap "${webRoot}/htdocs" - + Alias /ldap "${root}" + DirectoryIndex index.php SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" diff --git a/nixops/modules/websites/tools/tools/rompr.nix b/nixops/modules/websites/tools/tools/rompr.nix index 98c48a7..baee2eb 100644 --- a/nixops/modules/websites/tools/tools/rompr.nix +++ b/nixops/modules/websites/tools/tools/rompr.nix @@ -14,14 +14,16 @@ let ln -sf ../../../../../../${varDir}/albumart $out/albumart ''; }); - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "headers" "mime" "proxy_fcgi" ]; + webappName = "tools_rompr"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' - Alias /rompr ${webRoot} + Alias /rompr ${root} - + Options Indexes FollowSymLinks DirectoryIndex index.php AllowOverride all @@ -36,12 +38,12 @@ let - + Header Set Cache-Control "max-age=0, no-store" Header Set Cache-Control "no-cache, must-revalidate" - + Header Set Cache-Control "max-age=0, no-store" Header Set Cache-Control "no-cache, must-revalidate" diff --git a/nixops/modules/websites/tools/tools/roundcubemail.nix b/nixops/modules/websites/tools/tools/roundcubemail.nix index 877ea8b..c0a1125 100644 --- a/nixops/modules/websites/tools/tools/roundcubemail.nix +++ b/nixops/modules/websites/tools/tools/roundcubemail.nix @@ -61,13 +61,15 @@ let )} ''; }; - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; + webappName = "tools_roundcubemail"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' - Alias /roundcube "${webRoot}" - + Alias /roundcube "${root}" + DirectoryIndex index.php AllowOverride All Options FollowSymlinks diff --git a/nixops/modules/websites/tools/tools/shaarli.nix b/nixops/modules/websites/tools/tools/shaarli.nix index 9f3779f..a43d677 100644 --- a/nixops/modules/websites/tools/tools/shaarli.nix +++ b/nixops/modules/websites/tools/tools/shaarli.nix @@ -40,14 +40,16 @@ in rec { ${varDir}/phpSessions ''; webRoot = shaarli; - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" "rewrite" "env" ]; + webappName = "tools_shaarli"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' - Alias /Shaarli "${webRoot}" + Alias /Shaarli "${root}" - + SetEnv SHAARLI_LDAP_PASSWORD "${env.ldap.password}" SetEnv SHAARLI_LDAP_DN "${env.ldap.dn}" SetEnv SHAARLI_LDAP_HOST "ldaps://${env.ldap.host}" diff --git a/nixops/modules/websites/tools/tools/ttrss.nix b/nixops/modules/websites/tools/tools/ttrss.nix index 9e6f98d..c66b99d 100644 --- a/nixops/modules/websites/tools/tools/ttrss.nix +++ b/nixops/modules/websites/tools/tools/ttrss.nix @@ -128,13 +128,15 @@ let )} ''; }); - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; + webappName = "tools_ttrss"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' - Alias /ttrss "${webRoot}" - + Alias /ttrss "${root}" + DirectoryIndex index.php SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" diff --git a/nixops/modules/websites/tools/tools/wallabag.nix b/nixops/modules/websites/tools/tools/wallabag.nix index 1c08bbf..cd38e19 100644 --- a/nixops/modules/websites/tools/tools/wallabag.nix +++ b/nixops/modules/websites/tools/tools/wallabag.nix @@ -125,13 +125,15 @@ let webRoot = "${webappDir}/web"; # Domain migration: Table wallabag_entry contains whole # https://tools.immae.eu/wallabag domain name in preview_picture - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; + webappName = "tools_wallabag"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' - Alias /wallabag "${webRoot}" - + Alias /wallabag "${root}" + AllowOverride None Require all granted # For OAuth (apps) @@ -148,7 +150,7 @@ let RewriteRule ^(.*)$ app.php [QSA,L] - + RewriteEngine Off diff --git a/nixops/modules/websites/tools/tools/yourls.nix b/nixops/modules/websites/tools/tools/yourls.nix index 66dd2fd..b12edfa 100644 --- a/nixops/modules/websites/tools/tools/yourls.nix +++ b/nixops/modules/websites/tools/tools/yourls.nix @@ -52,13 +52,15 @@ let )} ''; }); - apache = { + apache = rec { user = "wwwrun"; group = "wwwrun"; modules = [ "proxy_fcgi" ]; + webappName = "tools_yourls"; + root = "/run/current-system/webapps/${webappName}"; vhostConf = '' - Alias /url "${webRoot}" - + Alias /url "${root}" + SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"