aboutsummaryrefslogtreecommitdiff
path: root/modules/private
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2020-05-08 00:43:13 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2020-05-08 00:43:13 +0200
commitf5761aac8dbfb4af91c232f2b52d1353c899abda (patch)
treede7b4dea5c75b5c34943e2b75980c7bf040676df /modules/private
parentdcac3ec730176549cd52a9a42db2001dc652c30d (diff)
downloadNix-f5761aac8dbfb4af91c232f2b52d1353c899abda.tar.gz
Nix-f5761aac8dbfb4af91c232f2b52d1353c899abda.tar.zst
Nix-f5761aac8dbfb4af91c232f2b52d1353c899abda.zip
Upgrade to latest nixos
Diffstat (limited to 'modules/private')
-rw-r--r--modules/private/certificates.nix3
-rw-r--r--modules/private/mail/sympa.nix6
-rw-r--r--modules/private/websites/chloe/integration.nix3
-rw-r--r--modules/private/websites/chloe/production.nix3
-rw-r--r--modules/private/websites/default.nix18
-rw-r--r--modules/private/websites/isabelle/aten_app/default.nix2
-rw-r--r--modules/private/websites/isabelle/iridologie.nix3
-rw-r--r--modules/private/websites/jerome/naturaloutil.nix3
-rw-r--r--modules/private/websites/papa/maison_bbc.nix3
-rw-r--r--modules/private/websites/richie/production.nix1
-rw-r--r--modules/private/websites/telio_tortay/production.nix3
-rw-r--r--modules/private/websites/tools/cloud/default.nix10
-rw-r--r--modules/private/websites/tools/mail/default.nix3
-rw-r--r--modules/private/websites/tools/tools/default.nix11
14 files changed, 12 insertions, 60 deletions
diff --git a/modules/private/certificates.nix b/modules/private/certificates.nix
index c564d34..bbe4c3b 100644
--- a/modules/private/certificates.nix
+++ b/modules/private/certificates.nix
@@ -12,6 +12,7 @@
12 (lib.optionalString config.services.httpd.Inte.enable "systemctl reload httpdInte.service") 12 (lib.optionalString config.services.httpd.Inte.enable "systemctl reload httpdInte.service")
13 (lib.optionalString config.services.nginx.enable "systemctl reload nginx.service") 13 (lib.optionalString config.services.nginx.enable "systemctl reload nginx.service")
14 ]; 14 ];
15 extraLegoRenewFlags = [ "--reuse-key" ];
15 }; 16 };
16 description = "Default configuration for certificates"; 17 description = "Default configuration for certificates";
17 }; 18 };
@@ -77,7 +78,7 @@
77 # https://github.com/NixOS/nixpkgs/issues/84633 78 # https://github.com/NixOS/nixpkgs/issues/84633
78 serviceConfig.RemainAfterExit = lib.mkForce false; 79 serviceConfig.RemainAfterExit = lib.mkForce false;
79 serviceConfig.WorkingDirectory = lib.mkForce "/var/lib/acme/${k}/.lego"; 80 serviceConfig.WorkingDirectory = lib.mkForce "/var/lib/acme/${k}/.lego";
80 serviceConfig.StateDirectory = lib.mkForce "acme/${k}/.lego acme/${k}"; 81 serviceConfig.StateDirectory = lib.mkForce "acme/${k}/.lego acme/${k} acme/.lego/${k} acme/.lego/accounts";
81 serviceConfig.ExecStartPost = 82 serviceConfig.ExecStartPost =
82 let 83 let
83 keyName = builtins.replaceStrings ["*"] ["_"] data.domain; 84 keyName = builtins.replaceStrings ["*"] ["_"] data.domain;
diff --git a/modules/private/mail/sympa.nix b/modules/private/mail/sympa.nix
index 9bd5a57..669c710 100644
--- a/modules/private/mail/sympa.nix
+++ b/modules/private/mail/sympa.nix
@@ -83,7 +83,7 @@ in
83 -F 2 \ 83 -F 2 \
84 -P /run/sympa/wwsympa.pid \ 84 -P /run/sympa/wwsympa.pid \
85 -s /run/sympa/wwsympa.socket \ 85 -s /run/sympa/wwsympa.socket \
86 -- ${pkgs.sympa}/bin/wwsympa.fcgi 86 -- ${pkgs.sympa}/lib/sympa/cgi/wwsympa.fcgi
87 ''; 87 '';
88 StateDirectory = "sympa"; 88 StateDirectory = "sympa";
89 ProtectHome = true; 89 ProtectHome = true;
@@ -130,7 +130,7 @@ in
130 args = [ 130 args = [
131 "flags=hqRu" 131 "flags=hqRu"
132 "user=sympa" 132 "user=sympa"
133 "argv=${pkgs.sympa}/bin/queue" 133 "argv=${pkgs.sympa}/libexec/queue"
134 "\${nexthop}" 134 "\${nexthop}"
135 ]; 135 ];
136 }; 136 };
@@ -142,7 +142,7 @@ in
142 args = [ 142 args = [
143 "flags=hqRu" 143 "flags=hqRu"
144 "user=sympa" 144 "user=sympa"
145 "argv=${pkgs.sympa}/bin/bouncequeue" 145 "argv=${pkgs.sympa}/libexec/bouncequeue"
146 "\${nexthop}" 146 "\${nexthop}"
147 ]; 147 ];
148 }; 148 };
diff --git a/modules/private/websites/chloe/integration.nix b/modules/private/websites/chloe/integration.nix
index e07c5bb..ffae6ec 100644
--- a/modules/private/websites/chloe/integration.nix
+++ b/modules/private/websites/chloe/integration.nix
@@ -55,9 +55,6 @@ in {
55 "pm.max_children" = "5"; 55 "pm.max_children" = "5";
56 "pm.process_idle_timeout" = "60"; 56 "pm.process_idle_timeout" = "60";
57 }; 57 };
58 phpOptions = config.services.phpfpm.phpOptions + ''
59 extension=${pkgs.php72}/lib/php/extensions/mysqli.so
60 '';
61 phpPackage = pkgs.php72; 58 phpPackage = pkgs.php72;
62 }; 59 };
63 system.activationScripts.chloe_integration = { 60 system.activationScripts.chloe_integration = {
diff --git a/modules/private/websites/chloe/production.nix b/modules/private/websites/chloe/production.nix
index 5cfc40c..b5233c6 100644
--- a/modules/private/websites/chloe/production.nix
+++ b/modules/private/websites/chloe/production.nix
@@ -59,9 +59,6 @@ in {
59 "pm.min_spare_servers" = "1"; 59 "pm.min_spare_servers" = "1";
60 "pm.max_spare_servers" = "3"; 60 "pm.max_spare_servers" = "3";
61 }; 61 };
62 phpOptions = config.services.phpfpm.phpOptions + ''
63 extension=${pkgs.php72}/lib/php/extensions/mysqli.so
64 '';
65 phpPackage = pkgs.php72; 62 phpPackage = pkgs.php72;
66 }; 63 };
67 system.activationScripts.chloe_production = { 64 system.activationScripts.chloe_production = {
diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix
index 186a155..f192b3b 100644
--- a/modules/private/websites/default.nix
+++ b/modules/private/websites/default.nix
@@ -100,24 +100,6 @@ in
100 users.users.wwwrun.extraGroups = [ "keys" ]; 100 users.users.wwwrun.extraGroups = [ "keys" ];
101 networking.firewall.allowedTCPPorts = [ 80 443 ]; 101 networking.firewall.allowedTCPPorts = [ 80 443 ];
102 102
103 nixpkgs.overlays = [ (self: super: rec {
104 php72 = (super.php72.override {
105 config.php.mysqlnd = true;
106 config.php.mysqli = false;
107 config.php.mhash = true; # Is it needed?
108 }).overrideAttrs(old: rec {
109 # Didn't manage to build with mysqli + mysql_config connector
110 configureFlags = old.configureFlags ++ [
111 "--with-mysqli=shared,mysqlnd"
112 ];
113 # preConfigure = (old.preConfigure or "") + ''
114 # export CPPFLAGS="$CPPFLAGS -I${pkgs.mariadb}/include/mysql/server";
115 # sed -i -e 's/#include "mysqli_priv.h"/#include "mysqli_priv.h"\n#include <mysql_version.h>/' \
116 # ext/mysqli/mysqli.c ext/mysqli/mysqli_prop.c
117 # '';
118 });
119 }) ];
120
121 secrets.keys = [{ 103 secrets.keys = [{
122 dest = "apache-ldap"; 104 dest = "apache-ldap";
123 user = "wwwrun"; 105 user = "wwwrun";
diff --git a/modules/private/websites/isabelle/aten_app/default.nix b/modules/private/websites/isabelle/aten_app/default.nix
index 1f54ba2..ba98394 100644
--- a/modules/private/websites/isabelle/aten_app/default.nix
+++ b/modules/private/websites/isabelle/aten_app/default.nix
@@ -19,7 +19,7 @@ let
19 postInstall = let 19 postInstall = let
20 nodeHeaders = fetchurl { 20 nodeHeaders = fetchurl {
21 url = "https://nodejs.org/download/release/v${nodejs.version}/node-v${nodejs.version}-headers.tar.gz"; 21 url = "https://nodejs.org/download/release/v${nodejs.version}/node-v${nodejs.version}-headers.tar.gz";
22 sha256 = "1df3yhlwlvai0m9kvjyknjg11hnw0kj0rnhyzbwvsfjnmr6z8r76"; 22 sha256 = "1prvrcvbyal39k9axfwjixs4wfgs1m8xy4prsl0kq0s0n7r7nxzj";
23 }; 23 };
24 in 24 in
25 '' 25 ''
diff --git a/modules/private/websites/isabelle/iridologie.nix b/modules/private/websites/isabelle/iridologie.nix
index 740a3c6..5fa87ce 100644
--- a/modules/private/websites/isabelle/iridologie.nix
+++ b/modules/private/websites/isabelle/iridologie.nix
@@ -61,9 +61,6 @@ in {
61 "pm.min_spare_servers" = "1"; 61 "pm.min_spare_servers" = "1";
62 "pm.max_spare_servers" = "3"; 62 "pm.max_spare_servers" = "3";
63 }; 63 };
64 phpOptions = config.services.phpfpm.phpOptions + ''
65 extension=${pkgs.php72}/lib/php/extensions/mysqli.so
66 '';
67 phpPackage = pkgs.php72; 64 phpPackage = pkgs.php72;
68 }; 65 };
69 system.activationScripts.isabelle_iridologie = { 66 system.activationScripts.isabelle_iridologie = {
diff --git a/modules/private/websites/jerome/naturaloutil.nix b/modules/private/websites/jerome/naturaloutil.nix
index fd853bc..95d7e78 100644
--- a/modules/private/websites/jerome/naturaloutil.nix
+++ b/modules/private/websites/jerome/naturaloutil.nix
@@ -61,9 +61,6 @@ in {
61 phpEnv = { 61 phpEnv = {
62 BDD_CONNECT = secretsPath; 62 BDD_CONNECT = secretsPath;
63 }; 63 };
64 phpOptions = config.services.phpfpm.phpOptions + ''
65 extension=${pkgs.php72}/lib/php/extensions/mysqli.so
66 '';
67 phpPackage = pkgs.php72; 64 phpPackage = pkgs.php72;
68 }; 65 };
69 services.websites.env.production.modules = adminer.apache.modules ++ [ "proxy_fcgi" ]; 66 services.websites.env.production.modules = adminer.apache.modules ++ [ "proxy_fcgi" ];
diff --git a/modules/private/websites/papa/maison_bbc.nix b/modules/private/websites/papa/maison_bbc.nix
index ec5673b..5fbc62f 100644
--- a/modules/private/websites/papa/maison_bbc.nix
+++ b/modules/private/websites/papa/maison_bbc.nix
@@ -25,8 +25,7 @@ in {
25 }; 25 };
26 phpOptions = config.services.phpfpm.phpOptions + '' 26 phpOptions = config.services.phpfpm.phpOptions + ''
27 date.timezone = 'Europe/Paris' 27 date.timezone = 'Europe/Paris'
28 extension=${pkgs.php72}/lib/php/extensions/mysqli.so 28 '';
29 '';
30 phpPackage = pkgs.php72; 29 phpPackage = pkgs.php72;
31 }; 30 };
32 31
diff --git a/modules/private/websites/richie/production.nix b/modules/private/websites/richie/production.nix
index 94c0ca0..d7da458 100644
--- a/modules/private/websites/richie/production.nix
+++ b/modules/private/websites/richie/production.nix
@@ -72,7 +72,6 @@ in
72 }; 72 };
73 phpOptions = config.services.phpfpm.phpOptions + '' 73 phpOptions = config.services.phpfpm.phpOptions + ''
74 date.timezone = 'Europe/Paris' 74 date.timezone = 'Europe/Paris'
75 extension=${pkgs.php72}/lib/php/extensions/mysqli.so
76 ''; 75 '';
77 phpPackage = pkgs.php72; 76 phpPackage = pkgs.php72;
78 }; 77 };
diff --git a/modules/private/websites/telio_tortay/production.nix b/modules/private/websites/telio_tortay/production.nix
index 2338f91..16eca74 100644
--- a/modules/private/websites/telio_tortay/production.nix
+++ b/modules/private/websites/telio_tortay/production.nix
@@ -39,8 +39,7 @@ in {
39 }; 39 };
40 phpOptions = config.services.phpfpm.phpOptions + '' 40 phpOptions = config.services.phpfpm.phpOptions + ''
41 disable_functions = "mail" 41 disable_functions = "mail"
42 extension=${pkgs.php72}/lib/php/extensions/mysqli.so 42 '';
43 '';
44 phpPackage = pkgs.php72; 43 phpPackage = pkgs.php72;
45 }; 44 };
46 services.websites.env.production.modules = adminer.apache.modules ++ [ "proxy_fcgi" ]; 45 services.websites.env.production.modules = adminer.apache.modules ++ [ "proxy_fcgi" ];
diff --git a/modules/private/websites/tools/cloud/default.nix b/modules/private/websites/tools/cloud/default.nix
index 73a837f..0c6bf0d 100644
--- a/modules/private/websites/tools/cloud/default.nix
+++ b/modules/private/websites/tools/cloud/default.nix
@@ -10,11 +10,6 @@ let
10 basedir = builtins.concatStringsSep ":" ( 10 basedir = builtins.concatStringsSep ":" (
11 [ nextcloud varDir ] 11 [ nextcloud varDir ]
12 ++ builtins.attrValues pkgs.webapps.nextcloud-apps); 12 ++ builtins.attrValues pkgs.webapps.nextcloud-apps);
13 phpConfig = ''
14 extension=${pkgs.php72Packages.redis}/lib/php/extensions/redis.so
15 extension=${pkgs.php72Packages.apcu}/lib/php/extensions/apcu.so
16 zend_extension=${pkgs.php72}/lib/php/extensions/opcache.so
17 '';
18 pool = { 13 pool = {
19 "listen.owner" = "wwwrun"; 14 "listen.owner" = "wwwrun";
20 "listen.group" = "wwwrun"; 15 "listen.group" = "wwwrun";
@@ -38,7 +33,7 @@ let
38 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:${basedir}:/proc/meminfo:/dev/urandom:/proc/self/fd:/tmp"; 33 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:${basedir}:/proc/meminfo:/dev/urandom:/proc/self/fd:/tmp";
39 "php_admin_value[session.save_path]" = "${varDir}/phpSessions"; 34 "php_admin_value[session.save_path]" = "${varDir}/phpSessions";
40 }; 35 };
41 phpPackage = pkgs.php72; 36 phpPackage = pkgs.php72.withExtensions(e: pkgs.php72.enabledExtensions ++ [ e.redis e.apcu e.opcache ]);
42 }; 37 };
43in { 38in {
44 options.myServices.websites.tools.cloud = { 39 options.myServices.websites.tools.cloud = {
@@ -172,8 +167,7 @@ in {
172 user = "wwwrun"; 167 user = "wwwrun";
173 group = "wwwrun"; 168 group = "wwwrun";
174 settings = phpFpm.pool; 169 settings = phpFpm.pool;
175 phpOptions = config.services.phpfpm.phpOptions + phpFpm.phpConfig; 170 phpPackage = pkgs.php72.withExtensions(e: pkgs.php72.enabledExtensions ++ [ e.redis e.apcu e.opcache ]);
176 phpPackage = pkgs.php72;
177 }; 171 };
178 172
179 services.cron = { 173 services.cron = {
diff --git a/modules/private/websites/tools/mail/default.nix b/modules/private/websites/tools/mail/default.nix
index 217ef1a..7d7904f 100644
--- a/modules/private/websites/tools/mail/default.nix
+++ b/modules/private/websites/tools/mail/default.nix
@@ -64,9 +64,8 @@ in
64 settings = roundcubemail.phpFpm.pool; 64 settings = roundcubemail.phpFpm.pool;
65 phpOptions = config.services.phpfpm.phpOptions + '' 65 phpOptions = config.services.phpfpm.phpOptions + ''
66 date.timezone = 'CET' 66 date.timezone = 'CET'
67 extension=${pkgs.php72Packages.imagick}/lib/php/extensions/imagick.so
68 ''; 67 '';
69 phpPackage = pkgs.php72; 68 phpPackage = pkgs.php72.withExtensions(e: pkgs.php72.enabledExtensions ++ [ e.imagick ]);
70 }; 69 };
71 services.phpfpm.pools.rainloop = { 70 services.phpfpm.pools.rainloop = {
72 user = "wwwrun"; 71 user = "wwwrun";
diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix
index dcda15a..bffcf84 100644
--- a/modules/private/websites/tools/tools/default.nix
+++ b/modules/private/websites/tools/tools/default.nix
@@ -317,13 +317,7 @@ in {
317 317
318 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp"; 318 "php_admin_value[open_basedir]" = "/run/wrappers/bin/sendmail:/var/lib/ftp/devtools.immae.eu:/tmp";
319 }; 319 };
320 phpOptions = config.services.phpfpm.phpOptions + '' 320 phpPackage = pkgs.php72.withExtensions(e: pkgs.php72.enabledExtensions ++ [e.mysqli e.redis e.apcu e.opcache ]);
321 extension=${pkgs.php72}/lib/php/extensions/mysqli.so
322 extension=${pkgs.php72Packages.redis}/lib/php/extensions/redis.so
323 extension=${pkgs.php72Packages.apcu}/lib/php/extensions/apcu.so
324 zend_extension=${pkgs.php72}/lib/php/extensions/opcache.so
325 '';
326 phpPackage = pkgs.php72;
327 }; 321 };
328 adminer = adminer.phpFpm; 322 adminer = adminer.phpFpm;
329 ttrss = { 323 ttrss = {
@@ -361,9 +355,6 @@ in {
361 group = "wwwrun"; 355 group = "wwwrun";
362 settings = dmarc-reports.phpFpm.pool; 356 settings = dmarc-reports.phpFpm.pool;
363 phpEnv = dmarc-reports.phpFpm.phpEnv; 357 phpEnv = dmarc-reports.phpFpm.phpEnv;
364 phpOptions = config.services.phpfpm.phpOptions + ''
365 extension=${pkgs.php72}/lib/php/extensions/mysqli.so
366 '';
367 phpPackage = pkgs.php72; 358 phpPackage = pkgs.php72;
368 }; 359 };
369 dokuwiki = { 360 dokuwiki = {