Add rompr

Fixes https://git.immae.eu/mantisbt/view.php?id=70
author: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-01-25 14:21:34 +0100
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-01-25 14:21:34 +0100
commit: bfe3c9c9df0c5112bc8806483292b55ed0f7e02d (patch)
tree: f5b9ffbdab585a99f33feb4f719ae54edd1539db /virtual/modules
parent: 133ebaee701a52a74fc6897498f44f006ea3c3d8 (diff)
download: Nix-bfe3c9c9df0c5112bc8806483292b55ed0f7e02d.tar.gz
Nix-bfe3c9c9df0c5112bc8806483292b55ed0f7e02d.tar.zst
Nix-bfe3c9c9df0c5112bc8806483292b55ed0f7e02d.zip
5 files changed, 119 insertions, 11 deletions
diff --git a/virtual/modules/websites/tools/ether/etherpad_lite.nix b/virtual/modules/websites/tools/ether/etherpad_lite.nix
index f5f05b7..02071f1 100644
--- a/virtual/modules/websites/tools/ether/etherpad_lite.nix
+++ b/virtual/modules/websites/tools/ether/etherpad_lite.nix
@@ -1,6 +1,6 @@
 { env, fetchedGithub, fetchurl, stdenv, writeText, pkgs, cacert }:
 let
-  listenPort = "18001";
+  listenPort = env.listenPort;
  sessionkey = writeText "SESSIONKEY.txt" env.session_key;
  apikey = writeText "APIKEY.txt" env.api_key;
  jquery = fetchurl {
@@ -41,7 +41,7 @@ let
        "favicon": "favicon.ico",
        "ip": "127.0.0.1",
-        "port" : ${listenPort},
+        "port" : ${env.listenPort},
        "showSettingsInAdminPage" : false,
        "dbType" : "postgres",
        "dbSettings" : {
diff --git a/virtual/modules/websites/tools/tools/default.nix b/virtual/modules/websites/tools/tools/default.nix
index 7fb4974..333ffb0 100644
--- a/virtual/modules/websites/tools/tools/default.nix
+++ b/virtual/modules/websites/tools/tools/default.nix
@@ -1,7 +1,9 @@
 { lib, pkgs, config, myconfig, mylibs, ... }:
 let
    adminer = pkgs.callPackage ../../commons/adminer.nix {};
-    ympd = pkgs.callPackage ./ympd.nix {};
+    ympd = pkgs.callPackage ./ympd.nix {
+      env = myconfig.env.tools.ympd;
+    };
    ttrss = pkgs.callPackage ./ttrss.nix {
      inherit (mylibs) fetchedGithub fetchedGit;
      env = myconfig.env.tools.ttrss;
@@ -12,6 +14,10 @@ let
      inherit (mylibs) fetchedGithub;
      env = myconfig.env.tools.yourls;
    };
+    rompr = pkgs.callPackage ./rompr.nix {
+      inherit (mylibs) fetchedGithub;
+      env = myconfig.env.tools.rompr;
+    };
    cfg = config.services.myWebsites.tools.tools;
 in {
@@ -28,9 +34,10 @@ in {
      ++ ttrss.apache.modules
      ++ roundcubemail.apache.modules
      ++ wallabag.apache.modules
-      ++ yourls.apache.modules;
+      ++ yourls.apache.modules
+      ++ rompr.apache.modules;
-    services.ympd = ympd.config // { enable = false; };
+    services.ympd = ympd.config // { enable = true; };
    services.myWebsites.tools.vhostConfs.tools = {
      certName    = "eldiron";
@@ -43,6 +50,7 @@ in {
        roundcubemail.apache.vhostConf
        wallabag.apache.vhostConf
        yourls.apache.vhostConf
+        rompr.apache.vhostConf
      ];
    };
@@ -52,6 +60,7 @@ in {
      roundcubemail = roundcubemail.phpFpm.pool;
      wallabag = wallabag.phpFpm.pool;
      yourls = yourls.phpFpm.pool;
+      rompr = rompr.phpFpm.pool;
    };
    system.activationScripts = {
@@ -59,6 +68,7 @@ in {
      roundcubemail = roundcubemail.activationScript;
      wallabag = wallabag.activationScript;
      yourls = yourls.activationScript;
+      rompr = rompr.activationScript;
    };
    systemd.services.tt-rss = {
diff --git a/virtual/modules/websites/tools/tools/rompr.json b/virtual/modules/websites/tools/tools/rompr.json
new file mode 100644
index 0000000..778d915
--- /dev/null
+++ b/virtual/modules/websites/tools/tools/rompr.json
@@ -0,0 +1,15 @@
+{
+  "tag": "1.24",
+  "meta": {
+    "name": "rompr",
+    "url": "https://github.com/fatg3erman/RompR",
+    "branch": "refs/tags/1.24"
+  },
+  "github": {
+    "owner": "fatg3erman",
+    "repo": "RompR",
+    "rev": "0d8f597027ac71b320963fe3f33f461a136312ad",
+    "sha256": "13p3c4whhmvz1vvh9fva5gdx4xji288k108hjdi8b1yn506lzix2",
+    "fetchSubmodules": true
+  }
+}
diff --git a/virtual/modules/websites/tools/tools/rompr.nix b/virtual/modules/websites/tools/tools/rompr.nix
new file mode 100644
index 0000000..055334e
--- /dev/null
+++ b/virtual/modules/websites/tools/tools/rompr.nix
@@ -0,0 +1,86 @@
+{ lib, env, stdenv, fetchedGithub }:
+let
+  rompr = let
+  in rec {
+    varDir = "/var/lib/rompr";
+    activationScript = ''
+      install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
+        ${varDir}/prefs ${varDir}/albumart ${varDir}/phpSessions
+    '';
+    webRoot = stdenv.mkDerivation (fetchedGithub ./rompr.json // rec {
+      installPhase = ''
+        cp -a . $out
+        ln -sf ../../../../../../${varDir}/prefs $out/prefs
+        ln -sf ../../../../../../${varDir}/albumart $out/albumart
+      '';
+    });
+    apache = {
+      user = "wwwrun";
+      group = "wwwrun";
+      modules = [ "headers" "mime" "proxy_fcgi" ];
+      vhostConf = ''
+        Alias /rompr ${webRoot}
+        <Directory ${webRoot}>
+          Options Indexes FollowSymLinks
+          DirectoryIndex index.php
+          AllowOverride all
+          Require all granted
+          Order allow,deny
+          Allow from all
+          ErrorDocument 404 /rompr/404.php
+          AddType image/x-icon .ico
+          <FilesMatch "\.php$">
+            SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+          </FilesMatch>
+        </Directory>
+        <Directory ${webRoot}/albumart/small>
+            Header Set Cache-Control "max-age=0, no-store"
+            Header Set Cache-Control "no-cache, must-revalidate"
+        </Directory>
+        <Directory ${webRoot}/albumart/asdownloaded>
+            Header Set Cache-Control "max-age=0, no-store"
+            Header Set Cache-Control "no-cache, must-revalidate"
+        </Directory>
+        <LocationMatch "^/rompr">
+          Use LDAPConnect
+          Require ldap-group   cn=users,cn=mpd,ou=services,dc=immae,dc=eu
+          Require local
+        </LocationMatch>
+        '';
+    };
+    phpFpm = rec {
+      basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
+      socket = "/var/run/phpfpm/rompr.sock";
+      pool = ''
+        listen = ${socket}
+        user = ${apache.user}
+        group = ${apache.group}
+        listen.owner = ${apache.user}
+        listen.group = ${apache.group}
+        pm = ondemand
+        pm.max_children = 60
+        pm.process_idle_timeout = 60
+        ; Needed to avoid clashes in browser cookies (same domain)
+        php_value[session.name] = RomprPHPSESSID
+        php_admin_value[open_basedir] = "${basedir}:/tmp"
+        php_admin_value[session.save_path] = "${varDir}/phpSessions"
+        php_flag[magic_quotes_gpc] = Off
+        php_flag[track_vars] = On
+        php_flag[register_globals] = Off
+        php_admin_flag[allow_url_fopen] = On
+        php_value[include_path] = ${webRoot}
+        php_admin_value[upload_tmp_dir] = "${varDir}/prefs"
+        php_admin_value[post_max_size] = 32M
+        php_admin_value[upload_max_filesize] = 32M
+        php_admin_value[memory_limit] = 256M
+        '';
+    };
+  };
+in
+  rompr
diff --git a/virtual/modules/websites/tools/tools/ympd.nix b/virtual/modules/websites/tools/tools/ympd.nix
index 74bf2e5..5744360 100644
--- a/virtual/modules/websites/tools/tools/ympd.nix
+++ b/virtual/modules/websites/tools/tools/ympd.nix
@@ -1,12 +1,9 @@
-{}:
+{ env }:
 let
  ympd = rec {
    config = {
-      webPort = "localhost:18001";
+      webPort = "localhost:${env.listenPort}";
-      mpd = {
+      mpd = env.mpd;
-        host = "malige.home.immae.eu";
-        port = 6600;
-      };
    };
    apache = {
      modules = [
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-01-25 14:21:34 +0100
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-01-25 14:21:34 +0100
commit	bfe3c9c9df0c5112bc8806483292b55ed0f7e02d (patch)
tree	f5b9ffbdab585a99f33feb4f719ae54edd1539db /virtual/modules
parent	133ebaee701a52a74fc6897498f44f006ea3c3d8 (diff)
download	Nix-bfe3c9c9df0c5112bc8806483292b55ed0f7e02d.tar.gz Nix-bfe3c9c9df0c5112bc8806483292b55ed0f7e02d.tar.zst Nix-bfe3c9c9df0c5112bc8806483292b55ed0f7e02d.zip

diff --git a/virtual/modules/websites/tools/ether/etherpad_lite.nix b/virtual/modules/websites/tools/ether/etherpad_lite.nix index f5f05b7..02071f1 100644 --- a/virtual/modules/websites/tools/ether/etherpad_lite.nix +++ b/virtual/modules/websites/tools/ether/etherpad_lite.nix
@@ -1,6 +1,6 @@
1	{ env, fetchedGithub, fetchurl, stdenv, writeText, pkgs, cacert }:	1	{ env, fetchedGithub, fetchurl, stdenv, writeText, pkgs, cacert }:
2	let	2	let
3	listenPort = "18001";	3	listenPort = env.listenPort;
4	sessionkey = writeText "SESSIONKEY.txt" env.session_key;	4	sessionkey = writeText "SESSIONKEY.txt" env.session_key;
5	apikey = writeText "APIKEY.txt" env.api_key;	5	apikey = writeText "APIKEY.txt" env.api_key;
6	jquery = fetchurl {	6	jquery = fetchurl {
@@ -41,7 +41,7 @@ let
41	"favicon": "favicon.ico",	41	"favicon": "favicon.ico",
42		42
43	"ip": "127.0.0.1",	43	"ip": "127.0.0.1",
44	"port" : ${listenPort},	44	"port" : ${env.listenPort},
45	"showSettingsInAdminPage" : false,	45	"showSettingsInAdminPage" : false,
46	"dbType" : "postgres",	46	"dbType" : "postgres",
47	"dbSettings" : {	47	"dbSettings" : {


diff --git a/virtual/modules/websites/tools/tools/default.nix b/virtual/modules/websites/tools/tools/default.nix index 7fb4974..333ffb0 100644 --- a/virtual/modules/websites/tools/tools/default.nix +++ b/virtual/modules/websites/tools/tools/default.nix
@@ -1,7 +1,9 @@
1	{ lib, pkgs, config, myconfig, mylibs, ... }:	1	{ lib, pkgs, config, myconfig, mylibs, ... }:
2	let	2	let
3	adminer = pkgs.callPackage ../../commons/adminer.nix {};	3	adminer = pkgs.callPackage ../../commons/adminer.nix {};
4	ympd = pkgs.callPackage ./ympd.nix {};	4	ympd = pkgs.callPackage ./ympd.nix {
		5	env = myconfig.env.tools.ympd;
		6	};
5	ttrss = pkgs.callPackage ./ttrss.nix {	7	ttrss = pkgs.callPackage ./ttrss.nix {
6	inherit (mylibs) fetchedGithub fetchedGit;	8	inherit (mylibs) fetchedGithub fetchedGit;
7	env = myconfig.env.tools.ttrss;	9	env = myconfig.env.tools.ttrss;
@@ -12,6 +14,10 @@ let
12	inherit (mylibs) fetchedGithub;	14	inherit (mylibs) fetchedGithub;
13	env = myconfig.env.tools.yourls;	15	env = myconfig.env.tools.yourls;
14	};	16	};
		17	rompr = pkgs.callPackage ./rompr.nix {
		18	inherit (mylibs) fetchedGithub;
		19	env = myconfig.env.tools.rompr;
		20	};
15		21
16	cfg = config.services.myWebsites.tools.tools;	22	cfg = config.services.myWebsites.tools.tools;
17	in {	23	in {
@@ -28,9 +34,10 @@ in {
28	++ ttrss.apache.modules	34	++ ttrss.apache.modules
29	++ roundcubemail.apache.modules	35	++ roundcubemail.apache.modules
30	++ wallabag.apache.modules	36	++ wallabag.apache.modules
31	++ yourls.apache.modules;	37	++ yourls.apache.modules
		38	++ rompr.apache.modules;
32		39
33	services.ympd = ympd.config // { enable = false; };	40	services.ympd = ympd.config // { enable = true; };
34		41
35	services.myWebsites.tools.vhostConfs.tools = {	42	services.myWebsites.tools.vhostConfs.tools = {
36	certName = "eldiron";	43	certName = "eldiron";
@@ -43,6 +50,7 @@ in {
43	roundcubemail.apache.vhostConf	50	roundcubemail.apache.vhostConf
44	wallabag.apache.vhostConf	51	wallabag.apache.vhostConf
45	yourls.apache.vhostConf	52	yourls.apache.vhostConf
		53	rompr.apache.vhostConf
46	];	54	];
47	};	55	};
48		56
@@ -52,6 +60,7 @@ in {
52	roundcubemail = roundcubemail.phpFpm.pool;	60	roundcubemail = roundcubemail.phpFpm.pool;
53	wallabag = wallabag.phpFpm.pool;	61	wallabag = wallabag.phpFpm.pool;
54	yourls = yourls.phpFpm.pool;	62	yourls = yourls.phpFpm.pool;
		63	rompr = rompr.phpFpm.pool;
55	};	64	};
56		65
57	system.activationScripts = {	66	system.activationScripts = {
@@ -59,6 +68,7 @@ in {
59	roundcubemail = roundcubemail.activationScript;	68	roundcubemail = roundcubemail.activationScript;
60	wallabag = wallabag.activationScript;	69	wallabag = wallabag.activationScript;
61	yourls = yourls.activationScript;	70	yourls = yourls.activationScript;
		71	rompr = rompr.activationScript;
62	};	72	};
63		73
64	systemd.services.tt-rss = {	74	systemd.services.tt-rss = {


diff --git a/virtual/modules/websites/tools/tools/rompr.json b/virtual/modules/websites/tools/tools/rompr.json new file mode 100644 index 0000000..778d915 --- /dev/null +++ b/virtual/modules/websites/tools/tools/rompr.json
@@ -0,0 +1,15 @@
		1	{
		2	"tag": "1.24",
		3	"meta": {
		4	"name": "rompr",
		5	"url": "https://github.com/fatg3erman/RompR",
		6	"branch": "refs/tags/1.24"
		7	},
		8	"github": {
		9	"owner": "fatg3erman",
		10	"repo": "RompR",
		11	"rev": "0d8f597027ac71b320963fe3f33f461a136312ad",
		12	"sha256": "13p3c4whhmvz1vvh9fva5gdx4xji288k108hjdi8b1yn506lzix2",
		13	"fetchSubmodules": true
		14	}
		15	}


diff --git a/virtual/modules/websites/tools/tools/rompr.nix b/virtual/modules/websites/tools/tools/rompr.nix new file mode 100644 index 0000000..055334e --- /dev/null +++ b/virtual/modules/websites/tools/tools/rompr.nix
@@ -0,0 +1,86 @@
		1	{ lib, env, stdenv, fetchedGithub }:
		2	let
		3	rompr = let
		4	in rec {
		5	varDir = "/var/lib/rompr";
		6	activationScript = ''
		7	install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
		8	${varDir}/prefs ${varDir}/albumart ${varDir}/phpSessions
		9	'';
		10	webRoot = stdenv.mkDerivation (fetchedGithub ./rompr.json // rec {
		11	installPhase = ''
		12	cp -a . $out
		13	ln -sf ../../../../../../${varDir}/prefs $out/prefs
		14	ln -sf ../../../../../../${varDir}/albumart $out/albumart
		15	'';
		16	});
		17	apache = {
		18	user = "wwwrun";
		19	group = "wwwrun";
		20	modules = [ "headers" "mime" "proxy_fcgi" ];
		21	vhostConf = ''
		22	Alias /rompr ${webRoot}
		23
		24	<Directory ${webRoot}>
		25	Options Indexes FollowSymLinks
		26	DirectoryIndex index.php
		27	AllowOverride all
		28	Require all granted
		29	Order allow,deny
		30	Allow from all
		31	ErrorDocument 404 /rompr/404.php
		32	AddType image/x-icon .ico
		33
		34	<FilesMatch "\.php$">
		35	SetHandler "proxy:unix:${phpFpm.socket}\|fcgi://localhost"
		36	</FilesMatch>
		37	</Directory>
		38
		39	<Directory ${webRoot}/albumart/small>
		40	Header Set Cache-Control "max-age=0, no-store"
		41	Header Set Cache-Control "no-cache, must-revalidate"
		42	</Directory>
		43
		44	<Directory ${webRoot}/albumart/asdownloaded>
		45	Header Set Cache-Control "max-age=0, no-store"
		46	Header Set Cache-Control "no-cache, must-revalidate"
		47	</Directory>
		48
		49	<LocationMatch "^/rompr">
		50	Use LDAPConnect
		51	Require ldap-group cn=users,cn=mpd,ou=services,dc=immae,dc=eu
		52	Require local
		53	</LocationMatch>
		54	'';
		55	};
		56	phpFpm = rec {
		57	basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
		58	socket = "/var/run/phpfpm/rompr.sock";
		59	pool = ''
		60	listen = ${socket}
		61	user = ${apache.user}
		62	group = ${apache.group}
		63	listen.owner = ${apache.user}
		64	listen.group = ${apache.group}
		65	pm = ondemand
		66	pm.max_children = 60
		67	pm.process_idle_timeout = 60
		68
		69	; Needed to avoid clashes in browser cookies (same domain)
		70	php_value[session.name] = RomprPHPSESSID
		71	php_admin_value[open_basedir] = "${basedir}:/tmp"
		72	php_admin_value[session.save_path] = "${varDir}/phpSessions"
		73	php_flag[magic_quotes_gpc] = Off
		74	php_flag[track_vars] = On
		75	php_flag[register_globals] = Off
		76	php_admin_flag[allow_url_fopen] = On
		77	php_value[include_path] = ${webRoot}
		78	php_admin_value[upload_tmp_dir] = "${varDir}/prefs"
		79	php_admin_value[post_max_size] = 32M
		80	php_admin_value[upload_max_filesize] = 32M
		81	php_admin_value[memory_limit] = 256M
		82	'';
		83	};
		84	};
		85	in
		86	rompr


diff --git a/virtual/modules/websites/tools/tools/ympd.nix b/virtual/modules/websites/tools/tools/ympd.nix index 74bf2e5..5744360 100644 --- a/virtual/modules/websites/tools/tools/ympd.nix +++ b/virtual/modules/websites/tools/tools/ympd.nix
@@ -1,12 +1,9 @@
1	{}:	1	{ env }:
2	let	2	let
3	ympd = rec {	3	ympd = rec {
4	config = {	4	config = {
5	webPort = "localhost:18001";	5	webPort = "localhost:${env.listenPort}";
6	mpd = {	6	mpd = env.mpd;
7	host = "malige.home.immae.eu";
8	port = 6600;
9	};
10	};	7	};
11	apache = {	8	apache = {
12	modules = [	9	modules = [