Migrate phpbb and remove manual tools pages

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2020-04-25 15:49:40 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2020-04-25 15:49:40 +0200
commit: a8ef1adb4a90c2524ac09a85463598e5d41d2a4a (patch)
tree: 28e11151a96e9842f79474923c957c30e548c59b /modules
parent: 251c0a135a4153453030dc0e2c132e57934c0095 (diff)
download: Nix-a8ef1adb4a90c2524ac09a85463598e5d41d2a4a.tar.gz
Nix-a8ef1adb4a90c2524ac09a85463598e5d41d2a4a.tar.zst
Nix-a8ef1adb4a90c2524ac09a85463598e5d41d2a4a.zip
2 files changed, 82 insertions, 18 deletions
diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix
index dbd65e6..0cb7a10 100644
--- a/modules/private/websites/tools/tools/default.nix
+++ b/modules/private/websites/tools/tools/default.nix
@@ -38,6 +38,12 @@ let
  grocy = pkgs.callPackage ./grocy.nix {
    inherit (pkgs.webapps) grocy;
  };
+  phpbb = pkgs.callPackage ./phpbb.nix {
+    phpbb = (pkgs.webapps.phpbb.withLangs (l: [ l.fr ])).withExts (e: [
+      e.alfredoramos.markdown e.davidiq.mailinglist e.dmzx.mchat
+      e.empteintesduweb.monitoranswers e.lr94.autosubscribe
+      e.phpbbmodders.adduser ]);
+  };
  webhooks = pkgs.callPackage ./webhooks.nix {
    env = config.myEnv.tools.webhooks;
  };
@@ -69,6 +75,7 @@ in {
      shaarli = shaarli.backups;
      ttrss = ttrss.backups;
      wallabag = wallabag.backups;
+      phpbb = phpbb.backups;
    };
    services.websites.env.tools.modules =
@@ -81,6 +88,7 @@ in {
      ++ rompr.apache.modules
      ++ shaarli.apache.modules
      ++ dokuwiki.apache.modules
+      ++ phpbb.apache.modules
      ++ ldap.apache.modules
      ++ kanboard.apache.modules;
@@ -110,14 +118,13 @@ in {
      certName    = "eldiron";
      addToCerts  = true;
      hosts       = ["tools.immae.eu" ];
-      root        = "/var/lib/ftp/tools.immae.eu";
+      root        = landing;
      extraConfig = [
        ''
          RedirectMatch 301 ^/vpn(.*)$         https://vpn.immae.eu$1
          RedirectMatch 301 ^/roundcube(.*)$   https://mail.immae.eu/roundcube$1
          RedirectMatch 301 ^/jappix(.*)$      https://im.immae.fr/converse
-          Alias /landing ${landing}
          <Directory "${landing}">
            DirectoryIndex index.html
            AllowOverride None
@@ -127,20 +134,6 @@ in {
              SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
            </FilesMatch>
          </Directory>
-          <Directory "/var/lib/ftp/tools.immae.eu">
-            DirectoryIndex index.php index.htm index.html
-            AllowOverride all
-            Require all granted
-            <FilesMatch "\.php$">
-              SetHandler "proxy:unix:${pcfg.tools.socket}|fcgi://localhost"
-            </FilesMatch>
-            RewriteEngine On
-            RewriteCond ${landing}%{REQUEST_URI} -f
-            RewriteRule ^(.*)$ /landing/$1 [L]
-            RewriteRule ^$ /landing/ [L]
-          </Directory>
          ''
        (adminer.apache.vhostConf pcfg.adminer.socket)
        ympd.apache.vhostConf
@@ -153,6 +146,7 @@ in {
        (ldap.apache.vhostConf pcfg.ldap.socket)
        (kanboard.apache.vhostConf pcfg.kanboard.socket)
        (grocy.apache.vhostConf pcfg.grocy.socket)
+        (phpbb.apache.vhostConf pcfg.phpbb.socket)
        ''
          Alias /paste /var/lib/fiche
          <Directory "/var/lib/fiche">
@@ -219,6 +213,10 @@ in {
        after = lib.mkAfter dokuwiki.phpFpm.serviceDeps;
        wants = dokuwiki.phpFpm.serviceDeps;
      };
+      phpfpm-phpbb = {
+        after = lib.mkAfter phpbb.phpFpm.serviceDeps;
+        wants = phpbb.phpFpm.serviceDeps;
+      };
      phpfpm-kanboard = {
        after = lib.mkAfter kanboard.phpFpm.serviceDeps;
        wants = kanboard.phpFpm.serviceDeps;
@@ -289,8 +287,8 @@ in {
          # Needed to avoid clashes in browser cookies (same domain)
          "php_value[session.name]" = "ToolsPHPSESSID";
          "php_admin_value[open_basedir]" = builtins.concatStringsSep ":" [
-            "/run/wrappers/bin/sendmail" "/var/lib/ftp/tools.immae.eu"
+            "/run/wrappers/bin/sendmail" landing "/tmp"
-            landing "/tmp" "${config.secrets.location}/webapps/webhooks"
+            "${config.secrets.location}/webapps/webhooks"
          ];
        };
        phpEnv = {
@@ -349,6 +347,11 @@ in {
        group = "wwwrun";
        settings = dokuwiki.phpFpm.pool;
      };
+      phpbb = {
+        user = "wwwrun";
+        group = "wwwrun";
+        settings = phpbb.phpFpm.pool;
+      };
      ldap = {
        user = "wwwrun";
        group = "wwwrun";
@@ -376,6 +379,7 @@ in {
      rompr = rompr.activationScript;
      shaarli = shaarli.activationScript;
      dokuwiki = dokuwiki.activationScript;
+      phpbb = phpbb.activationScript;
      kanboard = kanboard.activationScript;
      ldap = ldap.activationScript;
    };
@@ -383,6 +387,7 @@ in {
    services.websites.webappDirs = {
      _adminer = adminer.webRoot;
      "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
+      "${phpbb.apache.webappName}" = phpbb.webRoot;
      "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
      "${rompr.apache.webappName}" = rompr.webRoot;
      "${shaarli.apache.webappName}" = shaarli.webRoot;
diff --git a/modules/private/websites/tools/tools/phpbb.nix b/modules/private/websites/tools/tools/phpbb.nix
new file mode 100644
index 0000000..fa26069
--- /dev/null
+++ b/modules/private/websites/tools/tools/phpbb.nix
@@ -0,0 +1,59 @@
+{ lib, phpbb, gnused }:
+rec {
+  backups = {
+    rootDir = varDir;
+  };
+  varDir = "/var/lib/phpbb";
+  activationScript = {
+    deps = [ "wrappers" ];
+    text = ''
+      if [ ! -d ${varDir} ]; then
+        install -m 0755 -o ${apache.user} -g ${apache.user} -d ${varDir}
+        cp -a ${phpbb}/vars/* ${varDir}
+        chown -R ${apache.user}:${apache.user} ${varDir}
+      fi
+      install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
+    '';
+  };
+  webRoot = phpbb;
+  apache = rec {
+    user = "wwwrun";
+    group = "wwwrun";
+    modules = [ "proxy_fcgi" ];
+    webappName = "tools_phpbb";
+    root = "/run/current-system/webapps/${webappName}";
+    vhostConf = socket: ''
+      Alias /forum "${root}"
+      <Directory "${root}">
+        DirectoryIndex index.php
+        <FilesMatch "\.php$">
+          SetHandler "proxy:unix:${socket}|fcgi://localhost"
+        </FilesMatch>
+        AllowOverride All
+        Options FollowSymlinks
+        Require all granted
+      </Directory>
+      # add instal to the list after install
+      <LocationMatch "^/(cache|files|install|store)>
+        Require all denied
+      </LocationMatch>
+    '';
+  };
+  phpFpm = rec {
+    serviceDeps = [ "postgresql.service" ];
+    basedir = builtins.concatStringsSep ":" [ "/run/wrappers/bin/sendmail" phpbb varDir ];
+    pool = {
+      "listen.owner" = apache.user;
+      "listen.group" = apache.group;
+      "pm" = "ondemand";
+      "pm.max_children" = "60";
+      "pm.process_idle_timeout" = "60";
+          # Needed to avoid clashes in browser cookies (same domain)
+      "php_value[session.name]" = "PhpBBPHPSESSID";
+      "php_admin_value[open_basedir]" = "${basedir}:/tmp";
+      "php_admin_value[session.save_path]" = "${varDir}/phpSessions";
+    };
+  };
+}
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2020-04-25 15:49:40 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2020-04-25 15:49:40 +0200
commit	a8ef1adb4a90c2524ac09a85463598e5d41d2a4a (patch)
tree	28e11151a96e9842f79474923c957c30e548c59b /modules
parent	251c0a135a4153453030dc0e2c132e57934c0095 (diff)
download	Nix-a8ef1adb4a90c2524ac09a85463598e5d41d2a4a.tar.gz Nix-a8ef1adb4a90c2524ac09a85463598e5d41d2a4a.tar.zst Nix-a8ef1adb4a90c2524ac09a85463598e5d41d2a4a.zip