From d9998b44feff669636822b694b9a9327e3ecc925 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Isma=C3=ABl=20Bouya?= Date: Wed, 9 Jan 2019 12:36:23 +0100 Subject: [PATCH] Add davical --- virtual/eldiron.nix | 2 + virtual/packages.nix | 2 + virtual/packages/davical.nix | 163 ++++++++++++++++++ ...79ebf9250e5f339675319902458c40ed1755.patch | 26 +++ virtual/packages/infcloud_config.js | 2 +- virtual/packages/test_goaccess.conf | 99 +++++++++++ 6 files changed, 293 insertions(+), 1 deletion(-) create mode 100644 virtual/packages/davical.nix create mode 100644 virtual/packages/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch create mode 100644 virtual/packages/test_goaccess.conf diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix index 68b791a..506e29d 100644 --- a/virtual/eldiron.nix +++ b/virtual/eldiron.nix @@ -257,6 +257,7 @@ mantisbt = mypkgs.mantisbt.phpFpm.pool; ttrss = mypkgs.ttrss.phpFpm.pool; roundcubemail = mypkgs.roundcubemail.phpFpm.pool; + davical = mypkgs.davical.phpFpm.pool; }; }; @@ -465,6 +466,7 @@ mypkgs.ttrss.apache.vhostConf mypkgs.roundcubemail.apache.vhostConf mypkgs.infcloud.apache.vhostConf + mypkgs.davical.apache.vhostConf ]; }) (withConf "eldiron" // { diff --git a/virtual/packages.nix b/virtual/packages.nix index 8c5592f..80c0957 100644 --- a/virtual/packages.nix +++ b/virtual/packages.nix @@ -13,6 +13,7 @@ let ttrss = callPackage ./packages/ttrss.nix { inherit checkEnv fetchedGithub fetchedGit; }; roundcubemail = callPackage ./packages/roundcubemail.nix { inherit checkEnv; }; infcloud = callPackage ./packages/infcloud.nix {}; + davical = callPackage ./packages/davical.nix { inherit checkEnv; }; in { inherit adminer; @@ -32,6 +33,7 @@ in inherit ttrss; inherit roundcubemail; inherit infcloud; + inherit davical; # FIXME: add buildbot git = { web = gitweb; }; } diff --git a/virtual/packages/davical.nix b/virtual/packages/davical.nix new file mode 100644 index 0000000..f539ba6 --- /dev/null +++ b/virtual/packages/davical.nix @@ -0,0 +1,163 @@ +{ stdenv, fetchurl, gettext, writeText, checkEnv }: +let + awl = stdenv.mkDerivation rec { + version = "0.59"; + name = "awl-${version}"; + src = fetchurl { + url = "https://www.davical.org/downloads/awl_${version}.orig.tar.xz"; + sha256 = "01b7km7ga3ggbpp8axkc55nizgk5c35fl2z93iydb3hwbxmsvnjp"; + }; + unpackCmd = '' + tar --one-top-level -xf $curSrc + ''; + installPhase = '' + mkdir -p $out + cp -ra dba docs inc scripts tests $out + ''; + }; + # FIXME: e-mail sending + davical = rec { + config = + assert checkEnv "NIXOPS_DAVICAL_DB_PASSWORD"; + assert checkEnv "NIXOPS_DAVICAL_LDAP_PASSWORD"; + writeText "davical_config.php" '' + pg_connect[] = "dbname=davical user=davical_app host=db-1.immae.eu password=${builtins.getEnv "NIXOPS_DAVICAL_DB_PASSWORD"}"; + + $c->readonly_webdav_collections = false; + + $c->admin_email ='davical@immae.eu'; + + $c->restrict_setup_to_admin = true; + + $c->collections_always_exist = false; + + $c->external_refresh = 60; + + $c->enable_scheduling = true; + + $c->iMIP = (object) array("send_email" => true); + + $c->authenticate_hook['optional'] = false; + $c->authenticate_hook['call'] = 'LDAP_check'; + $c->authenticate_hook['config'] = array( + 'host' => 'ldap.immae.eu', + 'port' => '389', + 'startTLS' => 'yes', + 'bindDN'=> 'cn=davical,ou=services,dc=immae,dc=eu', + 'passDN'=> '${builtins.getEnv "NIXOPS_DAVICAL_LDAP_PASSWORD"}', + 'protocolVersion' => '3', + 'baseDNUsers'=> array('ou=users,dc=immae,dc=eu', 'ou=group_users,dc=immae,dc=eu'), + 'filterUsers' => 'memberOf=cn=users,cn=davical,ou=services,dc=immae,dc=eu', + 'baseDNGroups' => 'ou=groups,dc=immae,dc=eu', + 'filterGroups' => 'memberOf=cn=groups,cn=davical,ou=services,dc=immae,dc=eu', + 'mapping_field' => array( + "username" => "uid", + "fullname" => "cn", + "email" => "mail", + "modified" => "modifyTimestamp", + ), + 'format_updated'=> array('Y' => array(0,4),'m' => array(4,2),'d'=> array(6,2),'H' => array(8,2),'M'=>array(10,2),'S' => array(12,2)), + /** used to set default value for all users, will be overcharged by ldap if defined also in mapping_field **/ + // 'default_value' => array("date_format_type" => "E","locale" => "fr_FR"), + 'group_mapping_field' => array( + "username" => "cn", + "updated" => "modifyTimestamp", + "fullname" => "givenName", + "displayname" => "givenName", + "members" => "memberUid", + "email" => "mail", + ), + ); + + $c->do_not_sync_from_ldap = array('admin' => true); + include('drivers_ldap.php'); + ''; + webapp = stdenv.mkDerivation rec { + version = "1.1.7"; + name = "davical-${version}"; + src = fetchurl { + url = "https://www.davical.org/downloads/davical_${version}.orig.tar.xz"; + sha256 = "1ar5m2dxr92b204wkdi8z33ir9vz2jbh5k1p74icpv9ywifvjjp9"; + }; + unpackCmd = '' + tar --one-top-level -xf $curSrc + ''; + makeFlags = "all"; + patches = [ ./davical_19eb79ebf9250e5f339675319902458c40ed1755.patch ]; + installPhase = '' + mkdir -p $out + cp -ra config dba docs htdocs inc locale po scripts testing zonedb $out + ln -s ${config} $out/config/config.php + ''; + buildInputs = [ gettext ]; + }; + webRoot = "${webapp}/htdocs"; + apache = { + user = "wwwrun"; + group = "wwwrun"; + vhostConf = '' + Alias /davical "${webRoot}" + Alias /caldav.php "${webRoot}/caldav.php" + + DirectoryIndex index.php index.html + AcceptPathInfo On + AllowOverride None + Require all granted + + + CGIPassAuth on + SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" + + + RewriteEngine On + + Header unset Access-Control-Allow-Origin + Header unset Access-Control-Allow-Methods + Header unset Access-Control-Allow-Headers + Header unset Access-Control-Allow-Credentials + Header unset Access-Control-Expose-Headers + + Header always set Access-Control-Allow-Origin "*" + Header always set Access-Control-Allow-Methods "GET,POST,OPTIONS,PROPFIND,PROPPATCH,REPORT,PUT,MOVE,DELETE,LOCK,UNLOCK" + Header always set Access-Control-Allow-Headers "User-Agent,Authorization,Content-type,Depth,If-match,If-None-Match,Lock-Token,Timeout,Destination,Overwrite,Prefer,X-client,X-Requested-With" + Header always set Access-Control-Allow-Credentials false + Header always set Access-Control-Expose-Headers "Etag,Preference-Applied" + + RewriteCond %{HTTP:Access-Control-Request-Method} !^$ + RewriteCond %{REQUEST_METHOD} OPTIONS + RewriteRule ^(.*)$ $1 [R=200,L] + + + ''; + }; + phpFpm = rec { + basedir = builtins.concatStringsSep ":" [ webapp config awl ]; + socket = "/var/run/phpfpm/davical.sock"; + pool = '' + listen = ${socket} + user = ${apache.user} + group = ${apache.group} + listen.owner = ${apache.user} + listen.group = ${apache.group} + pm = dynamic + pm.max_children = 60 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 10 + + ; Needed to avoid clashes in browser cookies (same domain) + php_value[session.name] = DavicalPHPSESSID + php_admin_value[open_basedir] = "${basedir}:/tmp" + php_admin_value[include_path] = "${awl}/inc:${webapp}/inc" + php_admin_value[session.save_path] = "/var/lib/php/sessions/davical" + php_flag[magic_quotes_gpc] = Off + php_flag[register_globals] = Off + php_admin_value[error_reporting] = "E_ALL & ~E_NOTICE" + php_admin_value[default_charset] = "utf-8" + php_flag[magic_quotes_runtime] = Off + ''; + }; + }; +in + davical diff --git a/virtual/packages/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch b/virtual/packages/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch new file mode 100644 index 0000000..2a08a5c --- /dev/null +++ b/virtual/packages/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch @@ -0,0 +1,26 @@ +diff --git a/inc/ui/collection-edit.php b/inc/ui/collection-edit.php +index 3af9edd3b8c4ad9074113273175098841af6a28e..8c1d84012b035f7bc7faedcb24916581a02a5d3e 100644 +--- a/inc/ui/collection-edit.php ++++ b/inc/ui/collection-edit.php +@@ -190,7 +190,7 @@ $privilege_xlate = array( + * @param dbrow $row The row object we read from the database. + * @return string The formatted privileges. + */ +-function collection_privilege_format_function( $value, $column, $row ) { ++function collection_privilege_format_function( $value, $column = NULL, $row = NULL ) { + global $privilege_xlate; + + $privs = bits_to_privilege($value, 'calendar'); +diff --git a/inc/ui/principal-edit.php b/inc/ui/principal-edit.php +index 20dee7fa4ca2235ff2f74be0dfb52cbe937ef822..2e37cd596b597bcce1e59d7c02a1c5fc2a7f88ce 100644 +--- a/inc/ui/principal-edit.php ++++ b/inc/ui/principal-edit.php +@@ -454,7 +454,7 @@ EOTEMPLATE; + * @param dbrow $row The row object we read from the database. + * @return string The formatted privileges. + */ +-function principal_privilege_format_function( $value, $column, $row ) { ++function principal_privilege_format_function( $value, $column = NULL, $row = NULL ) { + global $privilege_xlate; + + $privs = bits_to_privilege($value,'*'); diff --git a/virtual/packages/infcloud_config.js b/virtual/packages/infcloud_config.js index f2182d0..ba73860 100644 --- a/virtual/packages/infcloud_config.js +++ b/virtual/packages/infcloud_config.js @@ -332,7 +332,7 @@ along with this program. If not, see . // port, ... (client installed into Davical "htdocs" subdirectory; // works "out of the box", no additional setup required): var globalNetworkCheckSettings={ - href: location.protocol+'//'+"outils.immae.eu"+ + href: location.protocol+'//'+location.hostname+ (location.port ? ':'+location.port: '')+ location.pathname.replace(RegExp('/+[^/]+/*(index\.html)?$'),'')+ '/caldav.php/', diff --git a/virtual/packages/test_goaccess.conf b/virtual/packages/test_goaccess.conf new file mode 100644 index 0000000..d4f243a --- /dev/null +++ b/virtual/packages/test_goaccess.conf @@ -0,0 +1,99 @@ +time-format %H:%M:%S +date-format %d/%b/%Y + +#sur immae.eu +#log-format %v %h %^[%d:%t %^] "%r" %s %b "%R" "%u" $^ + +log-format VCOMBINED +#= %v:%^ %h %^[%d:%t %^] "%r" %s %b "%R" "%u" + +html-prefs {"theme":"bright","layout":"vertical"} + +exclude-ip 188.165.209.148 +exclude-ip 178.33.252.96 +exclude-ip 2001:41d0:2:9c94::1 +exclude-ip 2001:41d0:2:9c94:: +exclude-ip 176.9.151.89 +exclude-ip 2a01:4f8:160:3445:: +exclude-ip 82.255.56.72 + +no-query-string true + +keep-db-files true +load-from-disk true +db-path /var/lib/goaccess/cloud.immae.eu + +ignore-panel REFERRERS +ignore-panel KEYPHRASES + +static-file .css +static-file .js +static-file .jpg +static-file .png +static-file .gif +static-file .ico +static-file .jpeg +static-file .pdf +static-file .csv +static-file .mpeg +static-file .mpg +static-file .swf +static-file .woff +static-file .woff2 +static-file .xls +static-file .xlsx +static-file .doc +static-file .docx +static-file .ppt +static-file .pptx +static-file .txt +static-file .zip +static-file .ogg +static-file .mp3 +static-file .mp4 +static-file .exe +static-file .iso +static-file .gz +static-file .rar +static-file .svg +static-file .bmp +static-file .tar +static-file .tgz +static-file .tiff +static-file .tif +static-file .ttf +static-file .flv +#static-file .less +#static-file .ac3 +#static-file .avi +#static-file .bz2 +#static-file .class +#static-file .cue +#static-file .dae +#static-file .dat +#static-file .dts +#static-file .ejs +#static-file .eot +#static-file .eps +#static-file .img +#static-file .jar +#static-file .map +#static-file .mid +#static-file .midi +#static-file .ogv +#static-file .webm +#static-file .mkv +#static-file .odp +#static-file .ods +#static-file .odt +#static-file .otf +#static-file .pict +#static-file .pls +#static-file .ps +#static-file .qt +#static-file .rm +#static-file .svgz +#static-file .wav +#static-file .webp + + -- 2.41.0