Migrate mantisbt to pkgs

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-06 14:06:31 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-06 14:06:31 +0200
commit: 43dac87fef530d52961cb7df5fdb01aa651d802c (patch)
tree: 341a5111afa74eae4070e109dd0a2b30e1ca6162 /nixops
parent: 7f9bc878c96b4e40b72c907cded326fc6bdee38a (diff)
download: Nix-43dac87fef530d52961cb7df5fdb01aa651d802c.tar.gz
Nix-43dac87fef530d52961cb7df5fdb01aa651d802c.tar.zst
Nix-43dac87fef530d52961cb7df5fdb01aa651d802c.zip
11 files changed, 93 insertions, 317 deletions
diff --git a/nixops/modules/websites/tools/git/default.nix b/nixops/modules/websites/tools/git/default.nix
index dc44049..e7dbd6f 100644
--- a/nixops/modules/websites/tools/git/default.nix
+++ b/nixops/modules/websites/tools/git/default.nix
@@ -1,10 +1,11 @@
 { lib, pkgs, config, myconfig, mylibs, ... }:
 let
-    mantisbt = pkgs.callPackage ./mantisbt/mantisbt.nix {
+    mantisbt = pkgs.callPackage ./mantisbt.nix {
      inherit (mylibs) fetchedGithub;
+      inherit (pkgs.webapps) mantisbt_2 mantisbt_2-plugins;
      env = myconfig.env.tools.mantisbt;
    };
-    gitweb = pkgs.callPackage ./gitweb/gitweb.nix { gitoliteDir = config.services.myGitolite.gitoliteDir; };
+    gitweb = pkgs.callPackage ./gitweb.nix { gitoliteDir = config.services.myGitolite.gitoliteDir; };
    cfg = config.services.myWebsites.tools.git;
 in {
diff --git a/nixops/modules/websites/tools/git/gitweb/gitweb.nix b/nixops/modules/websites/tools/git/gitweb.nix
index 2ee7a63..2ee7a63 100644
--- a/nixops/modules/websites/tools/git/gitweb/gitweb.nix
+++ b/nixops/modules/websites/tools/git/gitweb.nix
diff --git a/nixops/modules/websites/tools/git/mantisbt.nix b/nixops/modules/websites/tools/git/mantisbt.nix
new file mode 100644
index 0000000..36193a7
--- /dev/null
+++ b/nixops/modules/websites/tools/git/mantisbt.nix
@@ -0,0 +1,90 @@
+{ lib, env, mantisbt_2, mantisbt_2-plugins, writeText, stdenv, fetchurl, fetchedGithub }:
+rec {
+  keys = [{
+    dest = "webapps/tools-mantisbt";
+    user = apache.user;
+    group = apache.group;
+    permissions = "0400";
+    text = ''
+      <?php
+      $g_hostname              = '${env.postgresql.socket}';
+      $g_db_username           = '${env.postgresql.user}';
+      $g_db_password           = '${env.postgresql.password}';
+      $g_database_name         = '${env.postgresql.database}';
+      $g_db_type               = 'pgsql';
+      $g_crypto_master_salt    = '${env.master_salt}';
+      $g_allow_signup          = OFF;
+      $g_allow_anonymous_login = ON;
+      $g_anonymous_account     = 'anonymous';
+      $g_phpMailer_method       = PHPMAILER_METHOD_SENDMAIL;
+      $g_smtp_host              = 'localhost';
+      $g_smtp_username          = ''';
+      $g_smtp_password          = ''';
+      $g_webmaster_email        = 'mantisbt@tools.immae.eu';
+      $g_from_email             = 'mantisbt@tools.immae.eu';
+      $g_return_path_email      = 'mantisbt@tools.immae.eu';
+      $g_from_name              = 'Mantis Bug Tracker at git.immae.eu';
+      $g_email_receive_own      = OFF;
+      # --- LDAP ---
+      $g_login_method = LDAP;
+      $g_ldap_protocol_version = 3;
+      $g_ldap_server = 'ldaps://ldap.immae.eu:636';
+      $g_ldap_root_dn = 'ou=users,dc=immae,dc=eu';
+      $g_ldap_bind_dn = 'cn=mantisbt,ou=services,dc=immae,dc=eu';
+      $g_ldap_bind_passwd = '${env.ldap.password}';
+      $g_use_ldap_email = ON;
+      $g_use_ldap_realname = ON;
+      $g_ldap_uid_field = 'uid';
+      $g_ldap_realname_field = 'cn';
+      $g_ldap_organization = '(memberOf=cn=users,cn=mantisbt,ou=services,dc=immae,dc=eu)';
+    '';
+  }];
+  webRoot = (mantisbt_2.override { mantis_config = "/var/secrets/webapps/tools-mantisbt"; }).withPlugins (builtins.attrValues mantisbt_2-plugins);
+  apache = rec {
+    user = "wwwrun";
+    group = "wwwrun";
+    modules = [ "proxy_fcgi" ];
+    webappName = "tools_mantisbt";
+    root = "/run/current-system/webapps/${webappName}";
+    vhostConf = ''
+      Alias /mantisbt "${root}"
+      <Directory "${root}">
+        DirectoryIndex index.php
+        <FilesMatch "\.php$">
+          SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+        </FilesMatch>
+        AllowOverride All
+        Options FollowSymlinks
+        Require all granted
+      </Directory>
+      <Directory "${root}/admin">
+        #Reenable during upgrade
+        Require all denied
+      </Directory>
+      '';
+  };
+  phpFpm = rec {
+    serviceDeps = [ "postgresql.service" "openldap.service" ];
+    basedir = builtins.concatStringsSep ":" (
+      [ webRoot "/var/secrets/webapps/tools-mantisbt" ]
+      ++ webRoot.plugins);
+    socket = "/var/run/phpfpm/mantisbt.sock";
+    pool = ''
+      listen = ${socket}
+      user = ${apache.user}
+      group = ${apache.group}
+      listen.owner = ${apache.user}
+      listen.group = ${apache.group}
+      pm = ondemand
+      pm.max_children = 60
+      pm.process_idle_timeout = 60
+      php_admin_value[upload_max_filesize] = 5000000
+      php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/mantisbt"
+      php_admin_value[session.save_path] = "/var/lib/php/sessions/mantisbt"
+      '';
+  };
+}
diff --git a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-slack.json b/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-slack.json
deleted file mode 100644
index 54ea38b..0000000
--- a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-slack.json
+++ /dev/null
@@ -1,15 +0,0 @@
-{
-  "tag": "9286d2e-master",
-  "meta": {
-    "name": "mantisbt-plugin-slack",
-    "url": "https://github.com/mantisbt-plugins/Slack",
-    "branch": "master"
-  },
-  "github": {
-    "owner": "mantisbt-plugins",
-    "repo": "Slack",
-    "rev": "9286d2eeeb8a986ed949e378711fef5f0bf182dc",
-    "sha256": "0nn0v4jc967giilkzrppi5svd04m2hnals75xxp0iabcdjnih0mn",
-    "fetchSubmodules": true
-  }
-}
diff --git a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration.json b/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration.json
deleted file mode 100644
index e36a68c..0000000
--- a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration.json
+++ /dev/null
@@ -1,15 +0,0 @@
-{
-  "tag": "v2.1.5",
-  "meta": {
-    "name": "mantisbt-plugin-source-integration",
-    "url": "https://github.com/mantisbt-plugins/source-integration",
-    "branch": "refs/tags/v2.1.5"
-  },
-  "github": {
-    "owner": "mantisbt-plugins",
-    "repo": "source-integration",
-    "rev": "a48039a20abc50864e0e68c0c843b27058404386",
-    "sha256": "07g6q3hivmnd94r47pp0snk5bv4pa3piwclc9qhj612i4wnsazsk",
-    "fetchSubmodules": true
-  }
-}
diff --git a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration_Source.API.php.diff b/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration_Source.API.php.diff
deleted file mode 100644
index c355144..0000000
--- a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration_Source.API.php.diff
+++ /dev/null
@@ -1,12 +0,0 @@
--- b/Source/Source.API.php     2017-09-18 00:50:32.000000000 +0200
-+++ a/Source/Source.API.php     2018-03-04 19:00:25.578889039 +0100
-@@ -452,6 +452,9 @@
-        # Allow other plugins to post-process commit data
-        event_signal( 'EVENT_SOURCE_COMMITS', array( $p_changesets ) );
-        event_signal( 'EVENT_SOURCE_FIXED', array( $t_fixed_bugs ) );
-+       foreach( $t_fixed_bugs as $t_bug_id => $t_changeset ) {
-+          event_signal( 'EVENT_BUG_ACTION', array('RESOLVE', $t_bug_id) );
-+        }
- }
- 
- /**
diff --git a/nixops/modules/websites/tools/git/mantisbt/mantisbt.nix b/nixops/modules/websites/tools/git/mantisbt/mantisbt.nix
deleted file mode 100644
index 41c5e90..0000000
--- a/nixops/modules/websites/tools/git/mantisbt/mantisbt.nix
+++ /dev/null
@@ -1,128 +0,0 @@
-{ lib, env, writeText, stdenv, fetchurl, fetchedGithub }:
-let
-  mantisbt = let
-    plugins = {
-      slack = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-slack.json // rec {
-        installPhase = ''
-          sed -i -e "s/return '@' . \\\$username;/return \\\$username;/" Slack.php
-          cp -a . $out
-          '';
-      });
-      source-integration = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-source-integration.json // rec {
-        installPhase = ''
-          mkdir $out
-          patch -p1 < ${./mantisbt-plugin-source-integration_Source.API.php.diff}
-          cp -a Source* $out/
-        '';
-      });
-    };
-  in rec {
-    keys = [{
-      dest = "webapps/tools-mantisbt";
-      user = apache.user;
-      group = apache.group;
-      permissions = "0400";
-      text = ''
-        <?php
-        $g_hostname              = '${env.postgresql.socket}';
-        $g_db_username           = '${env.postgresql.user}';
-        $g_db_password           = '${env.postgresql.password}';
-        $g_database_name         = '${env.postgresql.database}';
-        $g_db_type               = 'pgsql';
-        $g_crypto_master_salt    = '${env.master_salt}';
-        $g_allow_signup          = OFF;
-        $g_allow_anonymous_login = ON;
-        $g_anonymous_account     = 'anonymous';
-        $g_phpMailer_method     = PHPMAILER_METHOD_SENDMAIL;
-        $g_smtp_host            = 'localhost';
-        $g_smtp_username                = ''';
-        $g_smtp_password                = ''';
-        $g_webmaster_email      = 'mantisbt@tools.immae.eu';
-        $g_from_email           = 'mantisbt@tools.immae.eu';
-        $g_return_path_email    = 'mantisbt@tools.immae.eu';
-        $g_from_name            = 'Mantis Bug Tracker at git.immae.eu';
-        $g_email_receive_own    = OFF;
-        # --- LDAP ---
-        $g_login_method = LDAP;
-        $g_ldap_protocol_version = 3;
-        $g_ldap_server = 'ldaps://ldap.immae.eu:636';
-        $g_ldap_root_dn = 'ou=users,dc=immae,dc=eu';
-        $g_ldap_bind_dn = 'cn=mantisbt,ou=services,dc=immae,dc=eu';
-        $g_ldap_bind_passwd = '${env.ldap.password}';
-        $g_use_ldap_email = ON;
-        $g_use_ldap_realname = ON;
-        $g_ldap_uid_field = 'uid';
-        $g_ldap_realname_field = 'cn';
-        $g_ldap_organization = '(memberOf=cn=users,cn=mantisbt,ou=services,dc=immae,dc=eu)';
-      '';
-    }];
-    webRoot = stdenv.mkDerivation rec {
-      name = "mantisbt-${version}";
-      version = "2.11.1";
-      src = fetchurl {
-        url = "https://downloads.sourceforge.net/project/mantisbt/mantis-stable/${version}/${name}.tar.gz";
-        sha256 = "0jnrqz6r2hf53v0k1lh3il7hlfiphn61r9wgg6mzyywkjxwq07md";
-      };
-      patches = [
-        ./patches/bug_report.php.diff
-        ./patches/bug_report_page.php.diff
-        ./patches/bugnote_add.php.diff
-        ./patches/bugnote_add_inc.php.diff
-        ];
-      installPhase = ''
-        cp -a . $out
-        ln -s /var/secrets/webapps/tools-mantisbt $out/config/config_inc.php
-        ln -s ${plugins.slack} $out/plugins/Slack
-        ln -s ${plugins.source-integration}/Source* $out/plugins/
-      '';
-    };
-    apache = rec {
-      user = "wwwrun";
-      group = "wwwrun";
-      modules = [ "proxy_fcgi" ];
-      webappName = "tools_mantisbt";
-      root = "/run/current-system/webapps/${webappName}";
-      vhostConf = ''
-        Alias /mantisbt "${root}"
-        <Directory "${root}">
-          DirectoryIndex index.php
-          <FilesMatch "\.php$">
-            SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
-          </FilesMatch>
-          AllowOverride All
-          Options FollowSymlinks
-          Require all granted
-        </Directory>
-        <Directory "${root}/admin">
-          #Reenable during upgrade
-          Require all denied
-        </Directory>
-        '';
-    };
-    phpFpm = rec {
-      serviceDeps = [ "postgresql.service" "openldap.service" ];
-      basedir = builtins.concatStringsSep ":" (
-        [ webRoot "/var/secrets/webapps/tools-mantisbt" ]
-        ++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
-      socket = "/var/run/phpfpm/mantisbt.sock";
-      pool = ''
-        listen = ${socket}
-        user = ${apache.user}
-        group = ${apache.group}
-        listen.owner = ${apache.user}
-        listen.group = ${apache.group}
-        pm = ondemand
-        pm.max_children = 60
-        pm.process_idle_timeout = 60
-        php_admin_value[upload_max_filesize] = 5000000
-        php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/mantisbt"
-        php_admin_value[session.save_path] = "/var/lib/php/sessions/mantisbt"
-        '';
-    };
-  };
-in
-  mantisbt
diff --git a/nixops/modules/websites/tools/git/mantisbt/patches/bug_report.php.diff b/nixops/modules/websites/tools/git/mantisbt/patches/bug_report.php.diff
deleted file mode 100644
index a520043..0000000
--- a/nixops/modules/websites/tools/git/mantisbt/patches/bug_report.php.diff
+++ /dev/null
@@ -1,20 +0,0 @@
--- a/bug_report.php    2018-02-10 21:29:27.000000000 +0100
-+++ b/bug_report.php    2018-03-03 15:04:19.622499678 +0100
-@@ -149,6 +149,17 @@
-        access_ensure_project_level( config_get( 'update_bug_assign_threshold' ) );
- }
- 
-+# begin captcha check for anon user
-+if ( current_user_is_anonymous() && get_gd_version() > 0 ) {
-+  $f_captcha = gpc_get_string( 'captcha', '' );
-+  $f_captcha = utf8_strtolower( trim( $f_captcha ) );
-+
-+  $t_securimage = new Securimage();
-+  if( $t_securimage->check( $f_captcha ) == false ) {
-+    trigger_error( ERROR_SIGNUP_NOT_MATCHING_CAPTCHA, ERROR );
-+  }
-+}
-+
- # if a profile was selected then let's use that information
- if( 0 != $t_bug_data->profile_id ) {
-        if( profile_is_global( $t_bug_data->profile_id ) ) {
diff --git a/nixops/modules/websites/tools/git/mantisbt/patches/bug_report_page.php.diff b/nixops/modules/websites/tools/git/mantisbt/patches/bug_report_page.php.diff
deleted file mode 100644
index 80dea91..0000000
--- a/nixops/modules/websites/tools/git/mantisbt/patches/bug_report_page.php.diff
+++ /dev/null
@@ -1,53 +0,0 @@
--- a/bug_report_page.php       2018-02-10 21:29:27.000000000 +0100
-+++ b/bug_report_page.php       2018-03-03 15:04:19.622499678 +0100
-@@ -708,7 +708,50 @@
-                                <span class="lbl padding-6"><?php echo lang_get( 'check_report_more_bugs' ) ?></span>
-                        </label>
-                </td>
-        </tr>
-+<?php
-+       # captcha image requires GD library and related option to ON
-+       if( current_user_is_anonymous() && get_gd_version() > 0 ) {
-+               $t_securimage_path = 'vendor/dapphp/securimage';
-+               $t_securimage_show = $t_securimage_path . '/securimage_show.php';
-+               $t_securimage_play = $t_securimage_path . '/securimage_play.swf?'
-+                       . http_build_query( array(
-+                               'audio_file' => $t_securimage_path . '/securimage_play.php',
-+                               'bgColor1=' => '#fff',
-+                               'bgColor2=' => '#fff',
-+                               'iconColor=' => '#777',
-+                               'borderWidth=' => 1,
-+                               'borderColor=' => '#000',
-+                       ) );
-+?>
-+       <tr>
-+               <th class="category">CAPTCHA</th>
-+               <td>
-+
-+                               <label for="captcha-field" class="block clearfix">
-+                                       <strong><?php echo lang_get( 'signup_captcha_request_label' ); ?></strong>
-+                               </label>
-+                               <span id="captcha-input" class="input">
-+                                       <?php print_captcha_input( 'captcha' ); ?>
-+
-+                                       <span id="captcha-image" class="captcha-image" style="padding-right:3px;">
-+                                               <img src="<?php echo $t_securimage_show; ?>" alt="visual captcha" />
-+                                               <ul id="captcha-refresh"><li><a href="#"><?php
-+                                                       echo lang_get( 'signup_captcha_refresh' );
-+                                               ?></a></li></ul>
-+                                       </span>
-+
-+                                       <object type="application/x-shockwave-flash" width="19" height="19"
-+                                               data="<?php echo $t_securimage_play; ?>">
-+                                               <param name="movie" value="<?php echo $t_securimage_play; ?>" />
-+                                       </object>
-+                               </span>
-+                </td>
-+        </tr>
-+<?php
-+                       }
-+?>
-+
- </table>
- </div>
- </div>
diff --git a/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add.php.diff b/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add.php.diff
deleted file mode 100644
index 4509f0a..0000000
--- a/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add.php.diff
+++ /dev/null
@@ -1,20 +0,0 @@
--- a/bugnote_add.php   2018-02-10 21:29:27.000000000 +0100
-+++ b/bugnote_add.php   2018-03-03 15:13:12.439919511 +0100
-@@ -44,6 +44,17 @@
- 
- $t_query = array( 'issue_id' => $f_bug_id );
- 
-+# begin captcha check for anon user
-+if ( current_user_is_anonymous() && get_gd_version() > 0 ) {
-+  $f_captcha = gpc_get_string( 'captcha', '' );
-+  $f_captcha = utf8_strtolower( trim( $f_captcha ) );
-+
-+  $t_securimage = new Securimage();
-+  if( $t_securimage->check( $f_captcha ) == false ) {
-+    trigger_error( ERROR_SIGNUP_NOT_MATCHING_CAPTCHA, ERROR );
-+  }
-+}
-+
- if( count( $f_files ) > 0 && is_blank( $f_text ) && helper_duration_to_minutes( $f_duration ) == 0 ) {
-        $t_payload = array(
-                'files' => helper_array_transpose( $f_files )
diff --git a/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add_inc.php.diff b/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add_inc.php.diff
deleted file mode 100644
index a8589c7..0000000
--- a/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add_inc.php.diff
+++ /dev/null
@@ -1,52 +0,0 @@
--- a/bugnote_add_inc.php       2018-02-10 21:29:27.000000000 +0100
-+++ b/bugnote_add_inc.php       2018-03-03 15:14:27.332428557 +0100
-@@ -119,6 +119,49 @@
-                                        <textarea name="bugnote_text" id="bugnote_text" class="<?php echo $t_bugnote_class ?>" rows="7"></textarea>
-                                </td>
-                        </tr>
-+<?php
-+       # captcha image requires GD library and related option to ON
-+       if( current_user_is_anonymous() && get_gd_version() > 0 ) {
-+               $t_securimage_path = 'vendor/dapphp/securimage';
-+               $t_securimage_show = $t_securimage_path . '/securimage_show.php';
-+               $t_securimage_play = $t_securimage_path . '/securimage_play.swf?'
-+                       . http_build_query( array(
-+                               'audio_file' => $t_securimage_path . '/securimage_play.php',
-+                               'bgColor1=' => '#fff',
-+                               'bgColor2=' => '#fff',
-+                               'iconColor=' => '#777',
-+                               'borderWidth=' => 1,
-+                               'borderColor=' => '#000',
-+                       ) );
-+?>
-+       <tr>
-+               <th class="category">CAPTCHA</th>
-+               <td>
-+
-+                               <label for="captcha-field" class="block clearfix">
-+                                       <strong><?php echo lang_get( 'signup_captcha_request_label' ); ?></strong>
-+                               </label>
-+                               <span id="captcha-input" class="input">
-+                                       <?php print_captcha_input( 'captcha' ); ?>
-+
-+                                       <span id="captcha-image" class="captcha-image" style="padding-right:3px;">
-+                                               <img src="<?php echo $t_securimage_show; ?>" alt="visual captcha" />
-+                                               <ul id="captcha-refresh"><li><a href="#"><?php
-+                                                       echo lang_get( 'signup_captcha_refresh' );
-+                                               ?></a></li></ul>
-+                                       </span>
-+
-+                                       <object type="application/x-shockwave-flash" width="19" height="19"
-+                                               data="<?php echo $t_securimage_play; ?>">
-+                                               <param name="movie" value="<?php echo $t_securimage_play; ?>" />
-+                                       </object>
-+                               </span>
-+                </td>
-+        </tr>
-+<?php
-+                       }
-+?>
-+
- 
- <?php
-        if( config_get( 'time_tracking_enabled' ) ) {
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-06 14:06:31 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-06 14:06:31 +0200
commit	43dac87fef530d52961cb7df5fdb01aa651d802c (patch)
tree	341a5111afa74eae4070e109dd0a2b30e1ca6162 /nixops
parent	7f9bc878c96b4e40b72c907cded326fc6bdee38a (diff)
download	Nix-43dac87fef530d52961cb7df5fdb01aa651d802c.tar.gz Nix-43dac87fef530d52961cb7df5fdb01aa651d802c.tar.zst Nix-43dac87fef530d52961cb7df5fdb01aa651d802c.zip

diff --git a/nixops/modules/websites/tools/git/default.nix b/nixops/modules/websites/tools/git/default.nix index dc44049..e7dbd6f 100644 --- a/nixops/modules/websites/tools/git/default.nix +++ b/nixops/modules/websites/tools/git/default.nix
@@ -1,10 +1,11 @@
1	{ lib, pkgs, config, myconfig, mylibs, ... }:	1	{ lib, pkgs, config, myconfig, mylibs, ... }:
2	let	2	let
3	mantisbt = pkgs.callPackage ./mantisbt/mantisbt.nix {	3	mantisbt = pkgs.callPackage ./mantisbt.nix {
4	inherit (mylibs) fetchedGithub;	4	inherit (mylibs) fetchedGithub;
		5	inherit (pkgs.webapps) mantisbt_2 mantisbt_2-plugins;
5	env = myconfig.env.tools.mantisbt;	6	env = myconfig.env.tools.mantisbt;
6	};	7	};
7	gitweb = pkgs.callPackage ./gitweb/gitweb.nix { gitoliteDir = config.services.myGitolite.gitoliteDir; };	8	gitweb = pkgs.callPackage ./gitweb.nix { gitoliteDir = config.services.myGitolite.gitoliteDir; };
8		9
9	cfg = config.services.myWebsites.tools.git;	10	cfg = config.services.myWebsites.tools.git;
10	in {	11	in {


diff --git a/nixops/modules/websites/tools/git/gitweb/gitweb.nix b/nixops/modules/websites/tools/git/gitweb.nix index 2ee7a63..2ee7a63 100644 --- a/nixops/modules/websites/tools/git/gitweb/gitweb.nix +++ b/nixops/modules/websites/tools/git/gitweb.nix


diff --git a/nixops/modules/websites/tools/git/mantisbt.nix b/nixops/modules/websites/tools/git/mantisbt.nix new file mode 100644 index 0000000..36193a7 --- /dev/null +++ b/nixops/modules/websites/tools/git/mantisbt.nix
@@ -0,0 +1,90 @@
		1	{ lib, env, mantisbt_2, mantisbt_2-plugins, writeText, stdenv, fetchurl, fetchedGithub }:
		2	rec {
		3	keys = [{
		4	dest = "webapps/tools-mantisbt";
		5	user = apache.user;
		6	group = apache.group;
		7	permissions = "0400";
		8	text = ''
		9	<?php
		10	$g_hostname = '${env.postgresql.socket}';
		11	$g_db_username = '${env.postgresql.user}';
		12	$g_db_password = '${env.postgresql.password}';
		13	$g_database_name = '${env.postgresql.database}';
		14	$g_db_type = 'pgsql';
		15	$g_crypto_master_salt = '${env.master_salt}';
		16	$g_allow_signup = OFF;
		17	$g_allow_anonymous_login = ON;
		18	$g_anonymous_account = 'anonymous';
		19
		20	$g_phpMailer_method = PHPMAILER_METHOD_SENDMAIL;
		21	$g_smtp_host = 'localhost';
		22	$g_smtp_username = ''';
		23	$g_smtp_password = ''';
		24	$g_webmaster_email = 'mantisbt@tools.immae.eu';
		25	$g_from_email = 'mantisbt@tools.immae.eu';
		26	$g_return_path_email = 'mantisbt@tools.immae.eu';
		27	$g_from_name = 'Mantis Bug Tracker at git.immae.eu';
		28	$g_email_receive_own = OFF;
		29	# --- LDAP ---
		30	$g_login_method = LDAP;
		31	$g_ldap_protocol_version = 3;
		32	$g_ldap_server = 'ldaps://ldap.immae.eu:636';
		33	$g_ldap_root_dn = 'ou=users,dc=immae,dc=eu';
		34	$g_ldap_bind_dn = 'cn=mantisbt,ou=services,dc=immae,dc=eu';
		35	$g_ldap_bind_passwd = '${env.ldap.password}';
		36	$g_use_ldap_email = ON;
		37	$g_use_ldap_realname = ON;
		38	$g_ldap_uid_field = 'uid';
		39	$g_ldap_realname_field = 'cn';
		40	$g_ldap_organization = '(memberOf=cn=users,cn=mantisbt,ou=services,dc=immae,dc=eu)';
		41	'';
		42	}];
		43	webRoot = (mantisbt_2.override { mantis_config = "/var/secrets/webapps/tools-mantisbt"; }).withPlugins (builtins.attrValues mantisbt_2-plugins);
		44	apache = rec {
		45	user = "wwwrun";
		46	group = "wwwrun";
		47	modules = [ "proxy_fcgi" ];
		48	webappName = "tools_mantisbt";
		49	root = "/run/current-system/webapps/${webappName}";
		50	vhostConf = ''
		51	Alias /mantisbt "${root}"
		52	<Directory "${root}">
		53	DirectoryIndex index.php
		54	<FilesMatch "\.php$">
		55	SetHandler "proxy:unix:${phpFpm.socket}\|fcgi://localhost"
		56	</FilesMatch>
		57
		58	AllowOverride All
		59	Options FollowSymlinks
		60	Require all granted
		61	</Directory>
		62	<Directory "${root}/admin">
		63	#Reenable during upgrade
		64	Require all denied
		65	</Directory>
		66	'';
		67	};
		68	phpFpm = rec {
		69	serviceDeps = [ "postgresql.service" "openldap.service" ];
		70	basedir = builtins.concatStringsSep ":" (
		71	[ webRoot "/var/secrets/webapps/tools-mantisbt" ]
		72	++ webRoot.plugins);
		73	socket = "/var/run/phpfpm/mantisbt.sock";
		74	pool = ''
		75	listen = ${socket}
		76	user = ${apache.user}
		77	group = ${apache.group}
		78	listen.owner = ${apache.user}
		79	listen.group = ${apache.group}
		80	pm = ondemand
		81	pm.max_children = 60
		82	pm.process_idle_timeout = 60
		83
		84	php_admin_value[upload_max_filesize] = 5000000
		85
		86	php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/mantisbt"
		87	php_admin_value[session.save_path] = "/var/lib/php/sessions/mantisbt"
		88	'';
		89	};
		90	}


diff --git a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-slack.json b/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-slack.json deleted file mode 100644 index 54ea38b..0000000 --- a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-slack.json +++ /dev/null
@@ -1,15 +0,0 @@
1	{
2	"tag": "9286d2e-master",
3	"meta": {
4	"name": "mantisbt-plugin-slack",
5	"url": "https://github.com/mantisbt-plugins/Slack",
6	"branch": "master"
7	},
8	"github": {
9	"owner": "mantisbt-plugins",
10	"repo": "Slack",
11	"rev": "9286d2eeeb8a986ed949e378711fef5f0bf182dc",
12	"sha256": "0nn0v4jc967giilkzrppi5svd04m2hnals75xxp0iabcdjnih0mn",
13	"fetchSubmodules": true
14	}
15	}


diff --git a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration.json b/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration.json deleted file mode 100644 index e36a68c..0000000 --- a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration.json +++ /dev/null
@@ -1,15 +0,0 @@
1	{
2	"tag": "v2.1.5",
3	"meta": {
4	"name": "mantisbt-plugin-source-integration",
5	"url": "https://github.com/mantisbt-plugins/source-integration",
6	"branch": "refs/tags/v2.1.5"
7	},
8	"github": {
9	"owner": "mantisbt-plugins",
10	"repo": "source-integration",
11	"rev": "a48039a20abc50864e0e68c0c843b27058404386",
12	"sha256": "07g6q3hivmnd94r47pp0snk5bv4pa3piwclc9qhj612i4wnsazsk",
13	"fetchSubmodules": true
14	}
15	}


diff --git a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration_Source.API.php.diff b/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration_Source.API.php.diff deleted file mode 100644 index c355144..0000000 --- a/nixops/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration_Source.API.php.diff +++ /dev/null
@@ -1,12 +0,0 @@
1	--- b/Source/Source.API.php 2017-09-18 00:50:32.000000000 +0200
2	+++ a/Source/Source.API.php 2018-03-04 19:00:25.578889039 +0100
3	@@ -452,6 +452,9 @@
4	# Allow other plugins to post-process commit data
5	event_signal( 'EVENT_SOURCE_COMMITS', array( $p_changesets ) );
6	event_signal( 'EVENT_SOURCE_FIXED', array( $t_fixed_bugs ) );
7	+ foreach( $t_fixed_bugs as $t_bug_id => $t_changeset ) {
8	+ event_signal( 'EVENT_BUG_ACTION', array('RESOLVE', $t_bug_id) );
9	+ }
10	}
11
12	/**


diff --git a/nixops/modules/websites/tools/git/mantisbt/mantisbt.nix b/nixops/modules/websites/tools/git/mantisbt/mantisbt.nix deleted file mode 100644 index 41c5e90..0000000 --- a/nixops/modules/websites/tools/git/mantisbt/mantisbt.nix +++ /dev/null
@@ -1,128 +0,0 @@
1	{ lib, env, writeText, stdenv, fetchurl, fetchedGithub }:
2	let
3	mantisbt = let
4	plugins = {
5	slack = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-slack.json // rec {
6	installPhase = ''
7	sed -i -e "s/return '@' . \\\$username;/return \\\$username;/" Slack.php
8	cp -a . $out
9	'';
10	});
11	source-integration = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-source-integration.json // rec {
12	installPhase = ''
13	mkdir $out
14	patch -p1 < ${./mantisbt-plugin-source-integration_Source.API.php.diff}
15	cp -a Source* $out/
16	'';
17	});
18	};
19	in rec {
20	keys = [{
21	dest = "webapps/tools-mantisbt";
22	user = apache.user;
23	group = apache.group;
24	permissions = "0400";
25	text = ''
26	<?php
27	$g_hostname = '${env.postgresql.socket}';
28	$g_db_username = '${env.postgresql.user}';
29	$g_db_password = '${env.postgresql.password}';
30	$g_database_name = '${env.postgresql.database}';
31	$g_db_type = 'pgsql';
32	$g_crypto_master_salt = '${env.master_salt}';
33	$g_allow_signup = OFF;
34	$g_allow_anonymous_login = ON;
35	$g_anonymous_account = 'anonymous';
36
37	$g_phpMailer_method = PHPMAILER_METHOD_SENDMAIL;
38	$g_smtp_host = 'localhost';
39	$g_smtp_username = ''';
40	$g_smtp_password = ''';
41	$g_webmaster_email = 'mantisbt@tools.immae.eu';
42	$g_from_email = 'mantisbt@tools.immae.eu';
43	$g_return_path_email = 'mantisbt@tools.immae.eu';
44	$g_from_name = 'Mantis Bug Tracker at git.immae.eu';
45	$g_email_receive_own = OFF;
46	# --- LDAP ---
47	$g_login_method = LDAP;
48	$g_ldap_protocol_version = 3;
49	$g_ldap_server = 'ldaps://ldap.immae.eu:636';
50	$g_ldap_root_dn = 'ou=users,dc=immae,dc=eu';
51	$g_ldap_bind_dn = 'cn=mantisbt,ou=services,dc=immae,dc=eu';
52	$g_ldap_bind_passwd = '${env.ldap.password}';
53	$g_use_ldap_email = ON;
54	$g_use_ldap_realname = ON;
55	$g_ldap_uid_field = 'uid';
56	$g_ldap_realname_field = 'cn';
57	$g_ldap_organization = '(memberOf=cn=users,cn=mantisbt,ou=services,dc=immae,dc=eu)';
58	'';
59	}];
60	webRoot = stdenv.mkDerivation rec {
61	name = "mantisbt-${version}";
62	version = "2.11.1";
63	src = fetchurl {
64	url = "https://downloads.sourceforge.net/project/mantisbt/mantis-stable/${version}/${name}.tar.gz";
65	sha256 = "0jnrqz6r2hf53v0k1lh3il7hlfiphn61r9wgg6mzyywkjxwq07md";
66	};
67	patches = [
68	./patches/bug_report.php.diff
69	./patches/bug_report_page.php.diff
70	./patches/bugnote_add.php.diff
71	./patches/bugnote_add_inc.php.diff
72	];
73	installPhase = ''
74	cp -a . $out
75	ln -s /var/secrets/webapps/tools-mantisbt $out/config/config_inc.php
76	ln -s ${plugins.slack} $out/plugins/Slack
77	ln -s ${plugins.source-integration}/Source* $out/plugins/
78	'';
79	};
80	apache = rec {
81	user = "wwwrun";
82	group = "wwwrun";
83	modules = [ "proxy_fcgi" ];
84	webappName = "tools_mantisbt";
85	root = "/run/current-system/webapps/${webappName}";
86	vhostConf = ''
87	Alias /mantisbt "${root}"
88	<Directory "${root}">
89	DirectoryIndex index.php
90	<FilesMatch "\.php$">
91	SetHandler "proxy:unix:${phpFpm.socket}\|fcgi://localhost"
92	</FilesMatch>
93
94	AllowOverride All
95	Options FollowSymlinks
96	Require all granted
97	</Directory>
98	<Directory "${root}/admin">
99	#Reenable during upgrade
100	Require all denied
101	</Directory>
102	'';
103	};
104	phpFpm = rec {
105	serviceDeps = [ "postgresql.service" "openldap.service" ];
106	basedir = builtins.concatStringsSep ":" (
107	[ webRoot "/var/secrets/webapps/tools-mantisbt" ]
108	++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
109	socket = "/var/run/phpfpm/mantisbt.sock";
110	pool = ''
111	listen = ${socket}
112	user = ${apache.user}
113	group = ${apache.group}
114	listen.owner = ${apache.user}
115	listen.group = ${apache.group}
116	pm = ondemand
117	pm.max_children = 60
118	pm.process_idle_timeout = 60
119
120	php_admin_value[upload_max_filesize] = 5000000
121
122	php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/mantisbt"
123	php_admin_value[session.save_path] = "/var/lib/php/sessions/mantisbt"
124	'';
125	};
126	};
127	in
128	mantisbt


diff --git a/nixops/modules/websites/tools/git/mantisbt/patches/bug_report.php.diff b/nixops/modules/websites/tools/git/mantisbt/patches/bug_report.php.diff deleted file mode 100644 index a520043..0000000 --- a/nixops/modules/websites/tools/git/mantisbt/patches/bug_report.php.diff +++ /dev/null
@@ -1,20 +0,0 @@
1	--- a/bug_report.php 2018-02-10 21:29:27.000000000 +0100
2	+++ b/bug_report.php 2018-03-03 15:04:19.622499678 +0100
3	@@ -149,6 +149,17 @@
4	access_ensure_project_level( config_get( 'update_bug_assign_threshold' ) );
5	}
6
7	+# begin captcha check for anon user
8	+if ( current_user_is_anonymous() && get_gd_version() > 0 ) {
9	+ $f_captcha = gpc_get_string( 'captcha', '' );
10	+ $f_captcha = utf8_strtolower( trim( $f_captcha ) );
11	+
12	+ $t_securimage = new Securimage();
13	+ if( $t_securimage->check( $f_captcha ) == false ) {
14	+ trigger_error( ERROR_SIGNUP_NOT_MATCHING_CAPTCHA, ERROR );
15	+ }
16	+}
17	+
18	# if a profile was selected then let's use that information
19	if( 0 != $t_bug_data->profile_id ) {
20	if( profile_is_global( $t_bug_data->profile_id ) ) {


diff --git a/nixops/modules/websites/tools/git/mantisbt/patches/bug_report_page.php.diff b/nixops/modules/websites/tools/git/mantisbt/patches/bug_report_page.php.diff deleted file mode 100644 index 80dea91..0000000 --- a/nixops/modules/websites/tools/git/mantisbt/patches/bug_report_page.php.diff +++ /dev/null
@@ -1,53 +0,0 @@
1	--- a/bug_report_page.php 2018-02-10 21:29:27.000000000 +0100
2	+++ b/bug_report_page.php 2018-03-03 15:04:19.622499678 +0100
3	@@ -708,7 +708,50 @@
4	<span class="lbl padding-6"><?php echo lang_get( 'check_report_more_bugs' ) ?></span>
5	</label>
6	</td>
7	</tr>
8	+<?php
9	+ # captcha image requires GD library and related option to ON
10	+ if( current_user_is_anonymous() && get_gd_version() > 0 ) {
11	+ $t_securimage_path = 'vendor/dapphp/securimage';
12	+ $t_securimage_show = $t_securimage_path . '/securimage_show.php';
13	+ $t_securimage_play = $t_securimage_path . '/securimage_play.swf?'
14	+ . http_build_query( array(
15	+ 'audio_file' => $t_securimage_path . '/securimage_play.php',
16	+ 'bgColor1=' => '#fff',
17	+ 'bgColor2=' => '#fff',
18	+ 'iconColor=' => '#777',
19	+ 'borderWidth=' => 1,
20	+ 'borderColor=' => '#000',
21	+ ) );
22	+?>
23	+ <tr>
24	+ <th class="category">CAPTCHA</th>
25	+ <td>
26	+
27	+ <label for="captcha-field" class="block clearfix">
28	+ <strong><?php echo lang_get( 'signup_captcha_request_label' ); ?></strong>
29	+ </label>
30	+ <span id="captcha-input" class="input">
31	+ <?php print_captcha_input( 'captcha' ); ?>
32	+
33	+ <span id="captcha-image" class="captcha-image" style="padding-right:3px;">
34	+ <img src="<?php echo $t_securimage_show; ?>" alt="visual captcha" />
35	+ <ul id="captcha-refresh"><li><a href="#"><?php
36	+ echo lang_get( 'signup_captcha_refresh' );
37	+ ?></a></li></ul>
38	+ </span>
39	+
40	+ <object type="application/x-shockwave-flash" width="19" height="19"
41	+ data="<?php echo $t_securimage_play; ?>">
42	+ <param name="movie" value="<?php echo $t_securimage_play; ?>" />
43	+ </object>
44	+ </span>
45	+ </td>
46	+ </tr>
47	+<?php
48	+ }
49	+?>
50	+
51	</table>
52	</div>
53	</div>


diff --git a/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add.php.diff b/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add.php.diff deleted file mode 100644 index 4509f0a..0000000 --- a/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add.php.diff +++ /dev/null
@@ -1,20 +0,0 @@
1	--- a/bugnote_add.php 2018-02-10 21:29:27.000000000 +0100
2	+++ b/bugnote_add.php 2018-03-03 15:13:12.439919511 +0100
3	@@ -44,6 +44,17 @@
4
5	$t_query = array( 'issue_id' => $f_bug_id );
6
7	+# begin captcha check for anon user
8	+if ( current_user_is_anonymous() && get_gd_version() > 0 ) {
9	+ $f_captcha = gpc_get_string( 'captcha', '' );
10	+ $f_captcha = utf8_strtolower( trim( $f_captcha ) );
11	+
12	+ $t_securimage = new Securimage();
13	+ if( $t_securimage->check( $f_captcha ) == false ) {
14	+ trigger_error( ERROR_SIGNUP_NOT_MATCHING_CAPTCHA, ERROR );
15	+ }
16	+}
17	+
18	if( count( $f_files ) > 0 && is_blank( $f_text ) && helper_duration_to_minutes( $f_duration ) == 0 ) {
19	$t_payload = array(
20	'files' => helper_array_transpose( $f_files )


diff --git a/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add_inc.php.diff b/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add_inc.php.diff deleted file mode 100644 index a8589c7..0000000 --- a/nixops/modules/websites/tools/git/mantisbt/patches/bugnote_add_inc.php.diff +++ /dev/null
@@ -1,52 +0,0 @@
1	--- a/bugnote_add_inc.php 2018-02-10 21:29:27.000000000 +0100
2	+++ b/bugnote_add_inc.php 2018-03-03 15:14:27.332428557 +0100
3	@@ -119,6 +119,49 @@
4	<textarea name="bugnote_text" id="bugnote_text" class="<?php echo $t_bugnote_class ?>" rows="7"></textarea>
5	</td>
6	</tr>
7	+<?php
8	+ # captcha image requires GD library and related option to ON
9	+ if( current_user_is_anonymous() && get_gd_version() > 0 ) {
10	+ $t_securimage_path = 'vendor/dapphp/securimage';
11	+ $t_securimage_show = $t_securimage_path . '/securimage_show.php';
12	+ $t_securimage_play = $t_securimage_path . '/securimage_play.swf?'
13	+ . http_build_query( array(
14	+ 'audio_file' => $t_securimage_path . '/securimage_play.php',
15	+ 'bgColor1=' => '#fff',
16	+ 'bgColor2=' => '#fff',
17	+ 'iconColor=' => '#777',
18	+ 'borderWidth=' => 1,
19	+ 'borderColor=' => '#000',
20	+ ) );
21	+?>
22	+ <tr>
23	+ <th class="category">CAPTCHA</th>
24	+ <td>
25	+
26	+ <label for="captcha-field" class="block clearfix">
27	+ <strong><?php echo lang_get( 'signup_captcha_request_label' ); ?></strong>
28	+ </label>
29	+ <span id="captcha-input" class="input">
30	+ <?php print_captcha_input( 'captcha' ); ?>
31	+
32	+ <span id="captcha-image" class="captcha-image" style="padding-right:3px;">
33	+ <img src="<?php echo $t_securimage_show; ?>" alt="visual captcha" />
34	+ <ul id="captcha-refresh"><li><a href="#"><?php
35	+ echo lang_get( 'signup_captcha_refresh' );
36	+ ?></a></li></ul>
37	+ </span>
38	+
39	+ <object type="application/x-shockwave-flash" width="19" height="19"
40	+ data="<?php echo $t_securimage_play; ?>">
41	+ <param name="movie" value="<?php echo $t_securimage_play; ?>" />
42	+ </object>
43	+ </span>
44	+ </td>
45	+ </tr>
46	+<?php
47	+ }
48	+?>
49	+
50
51	<?php
52	if( config_get( 'time_tracking_enabled' ) ) {