diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-07 09:06:29 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-05-07 10:19:52 +0200 |
commit | b44b42a15197813060bf9405d5a07b8b2c699af5 (patch) | |
tree | 4f424a145aa0064653f62de04ddba6bb2c31f49a /nixops/modules/websites/tools | |
parent | 6213b17b751fcc6ccd7df9a773dc29d9e8f22c21 (diff) | |
download | Nix-b44b42a15197813060bf9405d5a07b8b2c699af5.tar.gz Nix-b44b42a15197813060bf9405d5a07b8b2c699af5.tar.zst Nix-b44b42a15197813060bf9405d5a07b8b2c699af5.zip |
Move yourls to pkgs
Diffstat (limited to 'nixops/modules/websites/tools')
-rw-r--r-- | nixops/modules/websites/tools/tools/default.nix | 2 | ||||
-rw-r--r-- | nixops/modules/websites/tools/tools/yourls-ldap-plugin.json | 15 | ||||
-rw-r--r-- | nixops/modules/websites/tools/tools/yourls.json | 15 | ||||
-rw-r--r-- | nixops/modules/websites/tools/tools/yourls.nix | 191 |
4 files changed, 86 insertions, 137 deletions
diff --git a/nixops/modules/websites/tools/tools/default.nix b/nixops/modules/websites/tools/tools/default.nix index 262e558..746119b 100644 --- a/nixops/modules/websites/tools/tools/default.nix +++ b/nixops/modules/websites/tools/tools/default.nix | |||
@@ -18,7 +18,7 @@ let | |||
18 | }; | 18 | }; |
19 | wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; }; | 19 | wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; }; |
20 | yourls = pkgs.callPackage ./yourls.nix { | 20 | yourls = pkgs.callPackage ./yourls.nix { |
21 | inherit (mylibs) fetchedGithub; | 21 | inherit (pkgs.webapps) yourls yourls-plugins; |
22 | env = myconfig.env.tools.yourls; | 22 | env = myconfig.env.tools.yourls; |
23 | }; | 23 | }; |
24 | rompr = pkgs.callPackage ./rompr.nix { | 24 | rompr = pkgs.callPackage ./rompr.nix { |
diff --git a/nixops/modules/websites/tools/tools/yourls-ldap-plugin.json b/nixops/modules/websites/tools/tools/yourls-ldap-plugin.json deleted file mode 100644 index 9411e4a..0000000 --- a/nixops/modules/websites/tools/tools/yourls-ldap-plugin.json +++ /dev/null | |||
@@ -1,15 +0,0 @@ | |||
1 | { | ||
2 | "tag": "2a3cb03-master", | ||
3 | "meta": { | ||
4 | "name": "yourls-ldap-plugin", | ||
5 | "url": "https://github.com/k3a/yourls-ldap-plugin", | ||
6 | "branch": "master" | ||
7 | }, | ||
8 | "github": { | ||
9 | "owner": "k3a", | ||
10 | "repo": "yourls-ldap-plugin", | ||
11 | "rev": "2a3cb0334b8a6b81b284a7196e614bbd2b2b1615", | ||
12 | "sha256": "0cchbnli77d295lzf7kjmn4dcxj2bmdqa9qc3f8l8qgmp4n5n0gh", | ||
13 | "fetchSubmodules": true | ||
14 | } | ||
15 | } | ||
diff --git a/nixops/modules/websites/tools/tools/yourls.json b/nixops/modules/websites/tools/tools/yourls.json deleted file mode 100644 index 0a79b18..0000000 --- a/nixops/modules/websites/tools/tools/yourls.json +++ /dev/null | |||
@@ -1,15 +0,0 @@ | |||
1 | { | ||
2 | "tag": "1.7.3", | ||
3 | "meta": { | ||
4 | "name": "yourls", | ||
5 | "url": "https://github.com/YOURLS/YOURLS", | ||
6 | "branch": "refs/tags/1.7.3" | ||
7 | }, | ||
8 | "github": { | ||
9 | "owner": "YOURLS", | ||
10 | "repo": "YOURLS", | ||
11 | "rev": "077018822d3594229daa8343310d0b40804b9ddc", | ||
12 | "sha256": "1av6h619rwqn0yn0kjn2s2h3gmrhmxaaa9hd5ns4ralxgg731imd", | ||
13 | "fetchSubmodules": true | ||
14 | } | ||
15 | } | ||
diff --git a/nixops/modules/websites/tools/tools/yourls.nix b/nixops/modules/websites/tools/tools/yourls.nix index 470fb7b..df1b3a2 100644 --- a/nixops/modules/websites/tools/tools/yourls.nix +++ b/nixops/modules/websites/tools/tools/yourls.nix | |||
@@ -1,111 +1,90 @@ | |||
1 | { lib, env, writeText, stdenv, fetchedGithub }: | 1 | { env, yourls, yourls-plugins }: |
2 | let | 2 | rec { |
3 | yourls = let | 3 | activationScript = '' |
4 | plugins = { | 4 | install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/yourls |
5 | ldap = stdenv.mkDerivation (fetchedGithub ./yourls-ldap-plugin.json // rec { | 5 | ''; |
6 | installPhase = '' | 6 | keys = [{ |
7 | mkdir -p $out | 7 | dest = "webapps/tools-yourls"; |
8 | cp plugin.php $out/ | 8 | user = apache.user; |
9 | ''; | 9 | group = apache.group; |
10 | }); | 10 | permissions = "0400"; |
11 | }; | 11 | text = '' |
12 | in rec { | 12 | <?php |
13 | activationScript = '' | 13 | define( 'YOURLS_DB_USER', '${env.mysql.user}' ); |
14 | install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/yourls | 14 | define( 'YOURLS_DB_PASS', '${env.mysql.password}' ); |
15 | ''; | 15 | define( 'YOURLS_DB_NAME', '${env.mysql.database}' ); |
16 | keys = [{ | 16 | define( 'YOURLS_DB_HOST', '${env.mysql.host}' ); |
17 | dest = "webapps/tools-yourls"; | 17 | define( 'YOURLS_DB_PREFIX', 'yourls_' ); |
18 | user = apache.user; | 18 | define( 'YOURLS_SITE', 'https://tools.immae.eu/url' ); |
19 | group = apache.group; | 19 | define( 'YOURLS_HOURS_OFFSET', 0 ); |
20 | permissions = "0400"; | 20 | define( 'YOURLS_LANG', ''' ); |
21 | text = '' | 21 | define( 'YOURLS_UNIQUE_URLS', true ); |
22 | <?php | 22 | define( 'YOURLS_PRIVATE', true ); |
23 | define( 'YOURLS_DB_USER', '${env.mysql.user}' ); | 23 | define( 'YOURLS_COOKIEKEY', '${env.cookieKey}' ); |
24 | define( 'YOURLS_DB_PASS', '${env.mysql.password}' ); | 24 | $yourls_user_passwords = array(); |
25 | define( 'YOURLS_DB_NAME', '${env.mysql.database}' ); | 25 | define( 'YOURLS_DEBUG', false ); |
26 | define( 'YOURLS_DB_HOST', '${env.mysql.host}' ); | 26 | define( 'YOURLS_URL_CONVERT', 36 ); |
27 | define( 'YOURLS_DB_PREFIX', 'yourls_' ); | 27 | $yourls_reserved_URL = array(); |
28 | define( 'YOURLS_SITE', 'https://tools.immae.eu/url' ); | 28 | define( 'LDAPAUTH_HOST', 'ldaps://ldap.immae.eu' ); |
29 | define( 'YOURLS_HOURS_OFFSET', 0 ); | 29 | define( 'LDAPAUTH_PORT', '636' ); |
30 | define( 'YOURLS_LANG', ''' ); | 30 | define( 'LDAPAUTH_BASE', 'dc=immae,dc=eu' ); |
31 | define( 'YOURLS_UNIQUE_URLS', true ); | 31 | define( 'LDAPAUTH_SEARCH_USER', 'cn=yourls,ou=services,dc=immae,dc=eu' ); |
32 | define( 'YOURLS_PRIVATE', true ); | 32 | define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' ); |
33 | define( 'YOURLS_COOKIEKEY', '${env.cookieKey}' ); | ||
34 | $yourls_user_passwords = array(); | ||
35 | define( 'YOURLS_DEBUG', false ); | ||
36 | define( 'YOURLS_URL_CONVERT', 36 ); | ||
37 | $yourls_reserved_URL = array(); | ||
38 | define( 'LDAPAUTH_HOST', 'ldaps://ldap.immae.eu' ); | ||
39 | define( 'LDAPAUTH_PORT', '636' ); | ||
40 | define( 'LDAPAUTH_BASE', 'dc=immae,dc=eu' ); | ||
41 | define( 'LDAPAUTH_SEARCH_USER', 'cn=yourls,ou=services,dc=immae,dc=eu' ); | ||
42 | define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' ); | ||
43 | 33 | ||
44 | define( 'LDAPAUTH_GROUP_ATTR', 'memberof' ); | 34 | define( 'LDAPAUTH_GROUP_ATTR', 'memberof' ); |
45 | define( 'LDAPAUTH_GROUP_REQ', 'cn=admin,cn=yourls,ou=services,dc=immae,dc=eu'); | 35 | define( 'LDAPAUTH_GROUP_REQ', 'cn=admin,cn=yourls,ou=services,dc=immae,dc=eu'); |
46 | 36 | ||
47 | define( 'LDAPAUTH_USERCACHE_TYPE', 0); | 37 | define( 'LDAPAUTH_USERCACHE_TYPE', 0); |
48 | ''; | 38 | ''; |
49 | }]; | 39 | }]; |
50 | webRoot = stdenv.mkDerivation (fetchedGithub ./yourls.json // rec { | 40 | webRoot = (yourls.override { yourls_config = "/var/secrets/webapps/tools-yourls"; }).withPlugins |
51 | installPhase = '' | 41 | (builtins.attrValues yourls-plugins); |
52 | mkdir -p $out | 42 | apache = rec { |
53 | cp -a */ *.php $out/ | 43 | user = "wwwrun"; |
54 | cp sample-robots.txt $out/robots.txt | 44 | group = "wwwrun"; |
55 | ln -sf /var/secrets/webapps/tools-yourls $out/includes/config.php | 45 | modules = [ "proxy_fcgi" ]; |
56 | ${builtins.concatStringsSep "\n" ( | 46 | webappName = "tools_yourls"; |
57 | lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/user/plugins/${name}") plugins | 47 | root = "/run/current-system/webapps/${webappName}"; |
58 | )} | 48 | vhostConf = '' |
59 | ''; | 49 | Alias /url "${root}" |
60 | }); | 50 | <Directory "${root}"> |
61 | apache = rec { | 51 | <FilesMatch "\.php$"> |
62 | user = "wwwrun"; | 52 | SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" |
63 | group = "wwwrun"; | 53 | </FilesMatch> |
64 | modules = [ "proxy_fcgi" ]; | ||
65 | webappName = "tools_yourls"; | ||
66 | root = "/run/current-system/webapps/${webappName}"; | ||
67 | vhostConf = '' | ||
68 | Alias /url "${root}" | ||
69 | <Directory "${root}"> | ||
70 | <FilesMatch "\.php$"> | ||
71 | SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" | ||
72 | </FilesMatch> | ||
73 | 54 | ||
74 | AllowOverride None | 55 | AllowOverride None |
75 | Require all granted | 56 | Require all granted |
76 | <IfModule mod_rewrite.c> | 57 | <IfModule mod_rewrite.c> |
77 | RewriteEngine On | 58 | RewriteEngine On |
78 | RewriteBase /url/ | 59 | RewriteBase /url/ |
79 | RewriteCond %{REQUEST_FILENAME} !-f | 60 | RewriteCond %{REQUEST_FILENAME} !-f |
80 | RewriteCond %{REQUEST_FILENAME} !-d | 61 | RewriteCond %{REQUEST_FILENAME} !-d |
81 | RewriteRule ^.*$ /url/yourls-loader.php [L] | 62 | RewriteRule ^.*$ /url/yourls-loader.php [L] |
82 | </IfModule> | 63 | </IfModule> |
83 | DirectoryIndex index.php | 64 | DirectoryIndex index.php |
84 | </Directory> | 65 | </Directory> |
85 | ''; | 66 | ''; |
86 | }; | 67 | }; |
87 | phpFpm = rec { | 68 | phpFpm = rec { |
88 | serviceDeps = [ "mysql.service" "openldap.service" ]; | 69 | serviceDeps = [ "mysql.service" "openldap.service" ]; |
89 | basedir = builtins.concatStringsSep ":" ( | 70 | basedir = builtins.concatStringsSep ":" ( |
90 | [ webRoot "/var/secrets/webapps/tools-yourls" ] | 71 | [ webRoot "/var/secrets/webapps/tools-yourls" ] |
91 | ++ lib.attrsets.mapAttrsToList (name: value: value) plugins); | 72 | ++ webRoot.plugins); |
92 | socket = "/var/run/phpfpm/yourls.sock"; | 73 | socket = "/var/run/phpfpm/yourls.sock"; |
93 | pool = '' | 74 | pool = '' |
94 | listen = ${socket} | 75 | listen = ${socket} |
95 | user = ${apache.user} | 76 | user = ${apache.user} |
96 | group = ${apache.group} | 77 | group = ${apache.group} |
97 | listen.owner = ${apache.user} | 78 | listen.owner = ${apache.user} |
98 | listen.group = ${apache.group} | 79 | listen.group = ${apache.group} |
99 | pm = ondemand | 80 | pm = ondemand |
100 | pm.max_children = 60 | 81 | pm.max_children = 60 |
101 | pm.process_idle_timeout = 60 | 82 | pm.process_idle_timeout = 60 |
102 | 83 | ||
103 | ; Needed to avoid clashes in browser cookies (same domain) | 84 | ; Needed to avoid clashes in browser cookies (same domain) |
104 | php_value[session.name] = YourlsPHPSESSID | 85 | php_value[session.name] = YourlsPHPSESSID |
105 | php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/yourls" | 86 | php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/yourls" |
106 | php_admin_value[session.save_path] = "/var/lib/php/sessions/yourls" | 87 | php_admin_value[session.save_path] = "/var/lib/php/sessions/yourls" |
107 | ''; | 88 | ''; |
108 | }; | ||
109 | }; | 89 | }; |
110 | in | 90 | } |
111 | yourls | ||