aboutsummaryrefslogtreecommitdiff
path: root/virtual
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2019-01-12 12:41:23 +0100
committerIsmaël Bouya <ismael.bouya@normalesup.org>2019-01-12 21:59:41 +0100
commit108891744eaa7410e305871212d5b81c1b67a095 (patch)
tree90e3f1a87573532ed1c14e233ad7348904ce47f8 /virtual
parent950ca5ee979ae2467f3471216140de2c1d572f4b (diff)
downloadNix-108891744eaa7410e305871212d5b81c1b67a095.tar.gz
Nix-108891744eaa7410e305871212d5b81c1b67a095.tar.zst
Nix-108891744eaa7410e305871212d5b81c1b67a095.zip
Refactor websites.
This commit refactors websites into module per "vhost".
Diffstat (limited to 'virtual')
-rw-r--r--virtual/eldiron.nix88
-rw-r--r--virtual/modules/databases/default.nix (renamed from virtual/modules/databases.nix)0
-rw-r--r--virtual/modules/databases/postgresql_run_socket_path.patch (renamed from virtual/modules/postgresql_run_socket_path.patch)0
-rw-r--r--virtual/modules/gitolite/default.nix (renamed from virtual/modules/gitolite.nix)4
-rw-r--r--virtual/modules/gitweb/default.nix30
-rw-r--r--virtual/modules/websites/commons/adminer.nix (renamed from virtual/packages/adminer.nix)0
-rw-r--r--virtual/modules/websites/default.nix93
-rw-r--r--virtual/modules/websites/tools/cloud/default.nix45
-rw-r--r--virtual/modules/websites/tools/cloud/nextcloud-config/mimetypealiases.json (renamed from virtual/packages/nextcloud-config/mimetypealiases.json)0
-rw-r--r--virtual/modules/websites/tools/cloud/nextcloud-config/mimetypemapping.json (renamed from virtual/packages/nextcloud-config/mimetypemapping.json)0
-rw-r--r--virtual/modules/websites/tools/cloud/nextcloud.nix (renamed from virtual/packages/nextcloud.nix)0
-rw-r--r--virtual/modules/websites/tools/dav/davical.nix (renamed from virtual/packages/davical.nix)1
-rw-r--r--virtual/modules/websites/tools/dav/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch (renamed from virtual/packages/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch)0
-rw-r--r--virtual/modules/websites/tools/dav/default.nix33
-rw-r--r--virtual/modules/websites/tools/dav/infcloud.nix (renamed from virtual/packages/infcloud.nix)0
-rw-r--r--virtual/modules/websites/tools/dav/infcloud_config.js (renamed from virtual/packages/infcloud_config.js)0
-rw-r--r--virtual/modules/websites/tools/db/default.nix23
-rw-r--r--virtual/modules/websites/tools/git/default.nix46
-rw-r--r--virtual/modules/websites/tools/git/gitweb/gitweb.nix (renamed from virtual/modules/gitweb/gitweb.nix)0
-rw-r--r--virtual/modules/websites/tools/git/gitweb/theme/git-favicon.png (renamed from virtual/modules/gitweb/theme/git-favicon.png)bin1125 -> 1125 bytes
-rw-r--r--virtual/modules/websites/tools/git/gitweb/theme/git-logo.png (renamed from virtual/modules/gitweb/theme/git-logo.png)bin2412 -> 2412 bytes
-rw-r--r--virtual/modules/websites/tools/git/gitweb/theme/gitweb.css (renamed from virtual/modules/gitweb/theme/gitweb.css)0
-rw-r--r--virtual/modules/websites/tools/git/gitweb/theme/gitweb.js (renamed from virtual/modules/gitweb/theme/gitweb.js)0
-rw-r--r--virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-slack.json (renamed from virtual/packages/mantisbt-plugin-slack.json)0
-rw-r--r--virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration.json (renamed from virtual/packages/mantisbt-plugin-source-integration.json)0
-rw-r--r--virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration_Source.API.php.diff (renamed from virtual/packages/mantisbt-plugin-source-integration_Source.API.php.diff)0
-rw-r--r--virtual/modules/websites/tools/git/mantisbt/mantisbt.nix (renamed from virtual/packages/mantisbt.nix)8
-rw-r--r--virtual/modules/websites/tools/git/mantisbt/patches/bug_report.php.diff (renamed from virtual/packages/mantisbt-patches/bug_report.php.diff)0
-rw-r--r--virtual/modules/websites/tools/git/mantisbt/patches/bug_report_page.php.diff (renamed from virtual/packages/mantisbt-patches/bug_report_page.php.diff)0
-rw-r--r--virtual/modules/websites/tools/git/mantisbt/patches/bugnote_add.php.diff (renamed from virtual/packages/mantisbt-patches/bugnote_add.php.diff)0
-rw-r--r--virtual/modules/websites/tools/git/mantisbt/patches/bugnote_add_inc.php.diff (renamed from virtual/packages/mantisbt-patches/bugnote_add_inc.php.diff)0
-rw-r--r--virtual/modules/websites/tools/tools/default.nix65
-rw-r--r--virtual/modules/websites/tools/tools/roundcubemail.nix (renamed from virtual/packages/roundcubemail.nix)0
-rw-r--r--virtual/modules/websites/tools/tools/tt-rss.json (renamed from virtual/packages/tt-rss.json)0
-rw-r--r--virtual/modules/websites/tools/tools/ttrss-af-feedmod_type_replace.patch (renamed from virtual/packages/ttrss-af-feedmod_type_replace.patch)0
-rw-r--r--virtual/modules/websites/tools/tools/ttrss-af_feedmod.json (renamed from virtual/packages/ttrss-af_feedmod.json)0
-rw-r--r--virtual/modules/websites/tools/tools/ttrss-auth-ldap.json (renamed from virtual/packages/ttrss-auth-ldap.json)0
-rw-r--r--virtual/modules/websites/tools/tools/ttrss-feediron.json (renamed from virtual/packages/ttrss-feediron.json)0
-rw-r--r--virtual/modules/websites/tools/tools/ttrss-feediron_json_reformat.patch (renamed from virtual/packages/ttrss-feediron_json_reformat.patch)0
-rw-r--r--virtual/modules/websites/tools/tools/ttrss-ff_instagram.json (renamed from virtual/packages/ttrss-ff_instagram.json)0
-rw-r--r--virtual/modules/websites/tools/tools/ttrss-tumblr_gdpr_ua.json (renamed from virtual/packages/ttrss-tumblr_gdpr_ua.json)0
-rw-r--r--virtual/modules/websites/tools/tools/ttrss.nix (renamed from virtual/packages/ttrss.nix)0
-rw-r--r--virtual/modules/websites/tools/tools/ympd.nix (renamed from virtual/packages/ympd.nix)0
-rw-r--r--virtual/packages.nix21
-rw-r--r--virtual/packages/test_goaccess.conf99
45 files changed, 261 insertions, 295 deletions
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index cefef70..0970521 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -9,11 +9,6 @@
9 # rsync -e "ssh -i /root/.ssh/id_charon_vpn" -aAXvz --delete --numeric-ids --super --rsync-path="sudo rsync" /var/lib/* immae@immae.eu: 9 # rsync -e "ssh -i /root/.ssh/id_charon_vpn" -aAXvz --delete --numeric-ids --super --rsync-path="sudo rsync" /var/lib/* immae@immae.eu:
10 eldiron = { config, pkgs, mylibs, myconfig, ... }: 10 eldiron = { config, pkgs, mylibs, myconfig, ... }:
11 with mylibs; 11 with mylibs;
12 let
13 mypkgs = pkgs.callPackage ./packages.nix {
14 inherit checkEnv fetchedGit fetchedGithub;
15 };
16 in
17 { 12 {
18 _module.args = { 13 _module.args = {
19 mylibs = import ../libs.nix; 14 mylibs = import ../libs.nix;
@@ -28,22 +23,20 @@
28 23
29 imports = [ 24 imports = [
30 ./modules/certificates.nix 25 ./modules/certificates.nix
31 ./modules/gitolite.nix 26 ./modules/gitolite
32 ./modules/gitweb 27 ./modules/databases
33 ./modules/databases.nix
34 ./modules/websites 28 ./modules/websites
35 ./modules/websites/phpfpm
36 ]; 29 ];
37 services.myGitolite.enable = true; 30 services.myGitolite.enable = true;
38 services.myGitweb.enable = true;
39 services.myDatabases.enable = true; 31 services.myDatabases.enable = true;
40 services.myWebsites.production.enable = true; 32 services.myWebsites.production.enable = true;
41 services.myWebsites.integration.enable = true; 33 services.myWebsites.integration.enable = true;
34 services.myWebsites.tools.enable = true;
42 35
43 networking = { 36 networking = {
44 firewall = { 37 firewall = {
45 enable = true; 38 enable = true;
46 allowedTCPPorts = [ 22 9418 ]; 39 allowedTCPPorts = [ 22 ];
47 }; 40 };
48 }; 41 };
49 42
@@ -67,74 +60,17 @@
67 }; 60 };
68 }; 61 };
69 62
70 environment.systemPackages = let 63 environment.systemPackages = [
71 # FIXME: move it to nextcloud
72 occ = pkgs.writeScriptBin "nextcloud-occ" ''
73 #! ${pkgs.stdenv.shell}
74 cd ${mypkgs.nextcloud.webRoot}
75 NEXTCLOUD_CONFIG_DIR="${mypkgs.nextcloud.webRoot}/config" \
76 exec \
77 ${pkgs.php}/bin/php \
78 -c ${pkgs.php}/etc/php.ini \
79 occ $*
80 '';
81 in [
82 pkgs.telnet 64 pkgs.telnet
83 pkgs.htop 65 pkgs.htop
84 pkgs.vim 66 pkgs.vim
85 occ
86 ]; 67 ];
87 68
88 security.acme.certs."eldiron".extraDomains = {
89 "db-1.immae.eu" = null;
90 "tools.immae.eu" = null;
91 "cloud.immae.eu" = null;
92 "dav.immae.eu" = null;
93 };
94
95 services.openssh.extraConfig = '' 69 services.openssh.extraConfig = ''
96 AuthorizedKeysCommand /etc/ssh/ldap_authorized_keys 70 AuthorizedKeysCommand /etc/ssh/ldap_authorized_keys
97 AuthorizedKeysCommandUser nobody 71 AuthorizedKeysCommandUser nobody
98 ''; 72 '';
99 73
100 services.ympd = mypkgs.ympd.config // { enable = false; };
101
102 services.myPhpfpm = {
103 phpPackage = pkgs.php;
104 phpOptions = ''
105 session.save_path = "/var/lib/php/sessions"
106 session.gc_maxlifetime = 60*60*24*15
107 session.cache_expire = 60*24*30
108 '';
109 extraConfig = ''
110 log_level = notice
111 '';
112 poolPhpConfigs = {
113 nextcloud = mypkgs.nextcloud.phpFpm.phpConfig;
114 };
115 poolConfigs = {
116 adminer = mypkgs.adminer.phpFpm.pool;
117 nextcloud = mypkgs.nextcloud.phpFpm.pool;
118 mantisbt = mypkgs.mantisbt.phpFpm.pool;
119 ttrss = mypkgs.ttrss.phpFpm.pool;
120 roundcubemail = mypkgs.roundcubemail.phpFpm.pool;
121 davical = mypkgs.davical.phpFpm.pool;
122 };
123 };
124
125 system.activationScripts = {
126 nextcloud = mypkgs.nextcloud.activationScript;
127 ttrss = mypkgs.ttrss.activationScript;
128 roundcubemail = mypkgs.roundcubemail.activationScript;
129 httpd = ''
130 install -d -m 0755 /var/lib/acme/acme-challenge
131 install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions
132 install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer
133 install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt
134 install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical
135 '';
136 };
137
138 environment.etc."ssh/ldap_authorized_keys" = let 74 environment.etc."ssh/ldap_authorized_keys" = let
139 ldap_authorized_keys = 75 ldap_authorized_keys =
140 assert checkEnv "NIXOPS_SSHD_LDAP_PASSWORD"; 76 assert checkEnv "NIXOPS_SSHD_LDAP_PASSWORD";
@@ -155,19 +91,5 @@
155 source = ldap_authorized_keys; 91 source = ldap_authorized_keys;
156 }; 92 };
157 93
158 systemd.services.tt-rss = {
159 description = "Tiny Tiny RSS feeds update daemon";
160 serviceConfig = {
161 User = "wwwrun";
162 ExecStart = "${pkgs.php}/bin/php ${mypkgs.ttrss.webRoot}/update.php --daemon";
163 StandardOutput = "syslog";
164 StandardError = "syslog";
165 PermissionsStartOnly = true;
166 };
167
168 wantedBy = [ "multi-user.target" ];
169 requires = ["postgresql.service"];
170 after = ["network.target" "postgresql.service"];
171 };
172 }; 94 };
173} 95}
diff --git a/virtual/modules/databases.nix b/virtual/modules/databases/default.nix
index de4ace6..de4ace6 100644
--- a/virtual/modules/databases.nix
+++ b/virtual/modules/databases/default.nix
diff --git a/virtual/modules/postgresql_run_socket_path.patch b/virtual/modules/databases/postgresql_run_socket_path.patch
index b558c7b..b558c7b 100644
--- a/virtual/modules/postgresql_run_socket_path.patch
+++ b/virtual/modules/databases/postgresql_run_socket_path.patch
diff --git a/virtual/modules/gitolite.nix b/virtual/modules/gitolite/default.nix
index d6b9c79..78691fa 100644
--- a/virtual/modules/gitolite.nix
+++ b/virtual/modules/gitolite/default.nix
@@ -24,6 +24,8 @@ in {
24 }); 24 });
25 }; 25 };
26 26
27 networking.firewall.allowedTCPPorts = [ 9418 ];
28
27 services.gitDaemon = { 29 services.gitDaemon = {
28 enable = true; 30 enable = true;
29 user = "gitolite"; 31 user = "gitolite";
@@ -36,7 +38,7 @@ in {
36 let 38 let
37 gitolite_ldap_groups = mylibs.wrap { 39 gitolite_ldap_groups = mylibs.wrap {
38 name = "gitolite_ldap_groups.sh"; 40 name = "gitolite_ldap_groups.sh";
39 file = ./gitolite/gitolite_ldap_groups.sh; 41 file = ./gitolite_ldap_groups.sh;
40 vars = { 42 vars = {
41 LDAP_PASS = builtins.getEnv "NIXOPS_GITOLITE_LDAP_PASSWORD"; 43 LDAP_PASS = builtins.getEnv "NIXOPS_GITOLITE_LDAP_PASSWORD";
42 }; 44 };
diff --git a/virtual/modules/gitweb/default.nix b/virtual/modules/gitweb/default.nix
deleted file mode 100644
index 2a860ba..0000000
--- a/virtual/modules/gitweb/default.nix
+++ /dev/null
@@ -1,30 +0,0 @@
1{ lib, pkgs, config, mylibs, ... }:
2let
3 # FIXME: add buildbot
4 gitweb = pkgs.callPackage ./gitweb.nix { gitoliteDir = config.services.myGitolite.gitoliteDir; };
5 cfg = config.services.myGitweb;
6in {
7 options.services.myGitweb = {
8 enable = lib.mkEnableOption "my gitweb service";
9 };
10
11 config = lib.mkIf cfg.enable {
12 security.acme.certs."eldiron".extraDomains."git.immae.eu" = null;
13
14 nixpkgs.config.packageOverrides = oldpkgs: rec {
15 gitweb = oldpkgs.gitweb.overrideAttrs(old: {
16 installPhase = old.installPhase + ''
17 cp -r ${./theme} $out/gitweb-theme;
18 '';
19 });
20 };
21
22 services.myWebsites.tools.modules = gitweb.apache.modules;
23 services.myWebsites.tools.vhostConfs.git = {
24 certName = "eldiron";
25 hosts = ["git.immae.eu" ];
26 root = gitweb.webRoot;
27 extraConfig = [ gitweb.apache.vhostConf ];
28 };
29 };
30}
diff --git a/virtual/packages/adminer.nix b/virtual/modules/websites/commons/adminer.nix
index 7094e45..7094e45 100644
--- a/virtual/packages/adminer.nix
+++ b/virtual/modules/websites/commons/adminer.nix
diff --git a/virtual/modules/websites/default.nix b/virtual/modules/websites/default.nix
index b027b81..6b31381 100644
--- a/virtual/modules/websites/default.nix
+++ b/virtual/modules/websites/default.nix
@@ -91,11 +91,18 @@ in
91 ./aten 91 ./aten
92 ./piedsjaloux 92 ./piedsjaloux
93 ./connexionswing 93 ./connexionswing
94 ./tools/db
95 ./tools/tools
96 ./tools/dav
97 ./tools/cloud
98 ./tools/git
94 # built using: 99 # built using:
95 # sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix 100 # sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix
96 # And removed users / groups 101 # And removed users / groups
97 ./apache/httpd_prod.nix 102 ./apache/httpd_prod.nix
98 ./apache/httpd_inte.nix 103 ./apache/httpd_inte.nix
104 # Adapted from base phpfpm
105 ./phpfpm
99 ]; 106 ];
100 107
101 options.services.myWebsites = { 108 options.services.myWebsites = {
@@ -155,6 +162,12 @@ in
155 phpPackages = oldpkgs.php72Packages.override { inherit php; }; 162 phpPackages = oldpkgs.php72Packages.override { inherit php; };
156 }; 163 };
157 164
165 services.myWebsites.tools.databases.enable = true;
166 services.myWebsites.tools.tools.enable = true;
167 services.myWebsites.tools.dav.enable = true;
168 services.myWebsites.tools.cloud.enable = true;
169 services.myWebsites.tools.git.enable = true;
170
158 services.myWebsites.Chloe.production.enable = cfg.production.enable; 171 services.myWebsites.Chloe.production.enable = cfg.production.enable;
159 services.myWebsites.Ludivine.production.enable = cfg.production.enable; 172 services.myWebsites.Ludivine.production.enable = cfg.production.enable;
160 services.myWebsites.Aten.production.enable = cfg.production.enable; 173 services.myWebsites.Aten.production.enable = cfg.production.enable;
@@ -227,6 +240,28 @@ in
227 }; 240 };
228 }; 241 };
229 242
243 system.activationScripts = {
244 httpd = ''
245 install -d -m 0755 /var/lib/acme/acme-challenge
246 install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions
247 install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer
248 install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt
249 install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/davical
250 '';
251 };
252
253 services.myPhpfpm = {
254 phpPackage = pkgs.php;
255 phpOptions = ''
256 session.save_path = "/var/lib/php/sessions"
257 session.gc_maxlifetime = 60*60*24*15
258 session.cache_expire = 60*24*30
259 '';
260 extraConfig = ''
261 log_level = notice
262 '';
263 };
264
230 # FIXME: logrotate 265 # FIXME: logrotate
231 # FIXME: ipv6 266 # FIXME: ipv6
232 services.httpdProd = makeService "production" config.services.myWebsites.production; 267 services.httpdProd = makeService "production" config.services.myWebsites.production;
@@ -238,63 +273,7 @@ in
238 services.myWebsites.integration.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig)); 273 services.myWebsites.integration.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig));
239 274
240 services.httpd = makeService "tools" config.services.myWebsites.tools; 275 services.httpd = makeService "tools" config.services.myWebsites.tools;
241 services.myWebsites.tools.modules = 276 services.myWebsites.tools.modules = pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig);
242 mypkgs.adminer.apache.modules ++
243 mypkgs.nextcloud.apache.modules ++
244 mypkgs.ympd.apache.modules ++
245 mypkgs.mantisbt.apache.modules ++
246 mypkgs.ttrss.apache.modules ++
247 mypkgs.roundcubemail.apache.modules ++
248 pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules or []) cfg.apacheConfig);
249 services.myWebsites.tools.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig)); 277 services.myWebsites.tools.extraConfig = (builtins.filter (x: x != null) (pkgs.lib.attrsets.mapAttrsToList (n: v: v.extraConfig or null) cfg.apacheConfig));
250 # FIXME: move them all to separate modules
251 services.myWebsites.tools.vhostConfs.eldiron = {
252 certName = "eldiron";
253 hosts = ["eldiron.immae.eu" ];
254 root = ../../www;
255 extraConfig = [ "DirectoryIndex index.htm" ];
256 };
257 services.myWebsites.tools.vhostConfs.db-1 = {
258 certName = "eldiron";
259 hosts = ["db-1.immae.eu" ];
260 root = null;
261 extraConfig = [ mypkgs.adminer.apache.vhostConf ];
262 };
263 services.myWebsites.tools.vhostConfs.tools = {
264 certName = "eldiron";
265 hosts = ["tools.immae.eu" ];
266 root = null;
267 extraConfig = [
268 mypkgs.adminer.apache.vhostConf
269 mypkgs.ympd.apache.vhostConf
270 mypkgs.ttrss.apache.vhostConf
271 mypkgs.roundcubemail.apache.vhostConf
272 ];
273 };
274 services.myWebsites.tools.vhostConfs.dav = {
275 certName = "eldiron";
276 hosts = ["dav.immae.eu" ];
277 root = null;
278 extraConfig = [
279 mypkgs.infcloud.apache.vhostConf
280 mypkgs.davical.apache.vhostConf
281 ];
282 };
283 services.myWebsites.tools.vhostConfs.cloud = {
284 certName = "eldiron";
285 hosts = ["cloud.immae.eu" ];
286 root = mypkgs.nextcloud.webRoot;
287 extraConfig = [
288 mypkgs.nextcloud.apache.vhostConf
289 ];
290 };
291 services.myWebsites.tools.vhostConfs.git.extraConfig = [
292 mypkgs.mantisbt.apache.vhostConf
293 ''
294 RewriteEngine on
295 RewriteCond %{REQUEST_URI} ^/releases
296 RewriteRule /releases(.*) https://release.immae.eu$1 [P,L]
297 ''
298 ];
299 }; 278 };
300} 279}
diff --git a/virtual/modules/websites/tools/cloud/default.nix b/virtual/modules/websites/tools/cloud/default.nix
new file mode 100644
index 0000000..7dd5c6e
--- /dev/null
+++ b/virtual/modules/websites/tools/cloud/default.nix
@@ -0,0 +1,45 @@
1{ lib, pkgs, config, mylibs, ... }:
2let
3 nextcloud = pkgs.callPackage ./nextcloud.nix { inherit (mylibs) checkEnv; };
4
5 cfg = config.services.myWebsites.tools.cloud;
6in {
7 options.services.myWebsites.tools.cloud = {
8 enable = lib.mkEnableOption "enable cloud website";
9 };
10
11 config = lib.mkIf cfg.enable {
12 security.acme.certs."eldiron".extraDomains."cloud.immae.eu" = null;
13
14 services.myWebsites.tools.modules = nextcloud.apache.modules;
15
16 services.myWebsites.tools.vhostConfs.cloud = {
17 certName = "eldiron";
18 hosts = ["cloud.immae.eu" ];
19 root = nextcloud.webRoot;
20 extraConfig = [
21 nextcloud.apache.vhostConf
22 ];
23 };
24
25 environment.systemPackages = let
26 occ = pkgs.writeScriptBin "nextcloud-occ" ''
27 #! ${pkgs.stdenv.shell}
28 cd ${nextcloud.webRoot}
29 NEXTCLOUD_CONFIG_DIR="${nextcloud.webRoot}/config" \
30 exec \
31 ${pkgs.php}/bin/php \
32 -c ${pkgs.php}/etc/php.ini \
33 occ $*
34 '';
35 in [ occ ];
36
37 system.activationScripts.nextcloud = nextcloud.activationScript;
38
39 services.myPhpfpm = {
40 poolPhpConfigs.nextcloud = nextcloud.phpFpm.phpConfig;
41 poolConfigs.nextcloud = nextcloud.phpFpm.pool;
42 };
43
44 };
45}
diff --git a/virtual/packages/nextcloud-config/mimetypealiases.json b/virtual/modules/websites/tools/cloud/nextcloud-config/mimetypealiases.json
index 3806e53..3806e53 100644
--- a/virtual/packages/nextcloud-config/mimetypealiases.json
+++ b/virtual/modules/websites/tools/cloud/nextcloud-config/mimetypealiases.json
diff --git a/virtual/packages/nextcloud-config/mimetypemapping.json b/virtual/modules/websites/tools/cloud/nextcloud-config/mimetypemapping.json
index 2db4691..2db4691 100644
--- a/virtual/packages/nextcloud-config/mimetypemapping.json
+++ b/virtual/modules/websites/tools/cloud/nextcloud-config/mimetypemapping.json
diff --git a/virtual/packages/nextcloud.nix b/virtual/modules/websites/tools/cloud/nextcloud.nix
index b8d8e59..b8d8e59 100644
--- a/virtual/packages/nextcloud.nix
+++ b/virtual/modules/websites/tools/cloud/nextcloud.nix
diff --git a/virtual/packages/davical.nix b/virtual/modules/websites/tools/dav/davical.nix
index f539ba6..697bd60 100644
--- a/virtual/packages/davical.nix
+++ b/virtual/modules/websites/tools/dav/davical.nix
@@ -96,6 +96,7 @@ let
96 apache = { 96 apache = {
97 user = "wwwrun"; 97 user = "wwwrun";
98 group = "wwwrun"; 98 group = "wwwrun";
99 modules = [ "proxy_fcgi" ];
99 vhostConf = '' 100 vhostConf = ''
100 Alias /davical "${webRoot}" 101 Alias /davical "${webRoot}"
101 Alias /caldav.php "${webRoot}/caldav.php" 102 Alias /caldav.php "${webRoot}/caldav.php"
diff --git a/virtual/packages/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch b/virtual/modules/websites/tools/dav/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch
index 2a08a5c..2a08a5c 100644
--- a/virtual/packages/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch
+++ b/virtual/modules/websites/tools/dav/davical_19eb79ebf9250e5f339675319902458c40ed1755.patch
diff --git a/virtual/modules/websites/tools/dav/default.nix b/virtual/modules/websites/tools/dav/default.nix
new file mode 100644
index 0000000..201da38
--- /dev/null
+++ b/virtual/modules/websites/tools/dav/default.nix
@@ -0,0 +1,33 @@
1{ lib, pkgs, config, mylibs, ... }:
2let
3 infcloud = pkgs.callPackage ./infcloud.nix {};
4 davical = pkgs.callPackage ./davical.nix { inherit (mylibs) checkEnv; };
5
6 cfg = config.services.myWebsites.tools.dav;
7in {
8 options.services.myWebsites.tools.dav = {
9 enable = lib.mkEnableOption "enable dav website";
10 };
11
12 config = lib.mkIf cfg.enable {
13 security.acme.certs."eldiron".extraDomains."dav.immae.eu" = null;
14
15 services.myWebsites.tools.modules = davical.apache.modules;
16
17 services.myWebsites.tools.vhostConfs.dav = {
18 certName = "eldiron";
19 hosts = ["dav.immae.eu" ];
20 root = null;
21 extraConfig = [
22 infcloud.apache.vhostConf
23 davical.apache.vhostConf
24 ];
25 };
26
27 services.myPhpfpm.poolConfigs = {
28 davical = davical.phpFpm.pool;
29 };
30
31 };
32}
33
diff --git a/virtual/packages/infcloud.nix b/virtual/modules/websites/tools/dav/infcloud.nix
index 876578b..876578b 100644
--- a/virtual/packages/infcloud.nix
+++ b/virtual/modules/websites/tools/dav/infcloud.nix
diff --git a/virtual/packages/infcloud_config.js b/virtual/modules/websites/tools/dav/infcloud_config.js
index ba73860..ba73860 100644
--- a/virtual/packages/infcloud_config.js
+++ b/virtual/modules/websites/tools/dav/infcloud_config.js
diff --git a/virtual/modules/websites/tools/db/default.nix b/virtual/modules/websites/tools/db/default.nix
new file mode 100644
index 0000000..20f77c7
--- /dev/null
+++ b/virtual/modules/websites/tools/db/default.nix
@@ -0,0 +1,23 @@
1{ lib, pkgs, config, mylibs, ... }:
2let
3 adminer = pkgs.callPackage ../../commons/adminer.nix {};
4
5 cfg = config.services.myWebsites.tools.databases;
6in {
7 options.services.myWebsites.tools.databases = {
8 enable = lib.mkEnableOption "enable database's website";
9 };
10
11 config = lib.mkIf cfg.enable {
12 # FIXME: include it in vhostConf ?
13 security.acme.certs."eldiron".extraDomains."db-1.immae.eu" = null;
14
15 services.myWebsites.tools.modules = adminer.apache.modules;
16 services.myWebsites.tools.vhostConfs.db-1 = {
17 certName = "eldiron";
18 hosts = ["db-1.immae.eu" ];
19 root = null;
20 extraConfig = [ adminer.apache.vhostConf ];
21 };
22 };
23}
diff --git a/virtual/modules/websites/tools/git/default.nix b/virtual/modules/websites/tools/git/default.nix
new file mode 100644
index 0000000..0a63013
--- /dev/null
+++ b/virtual/modules/websites/tools/git/default.nix
@@ -0,0 +1,46 @@
1{ lib, pkgs, config, mylibs, ... }:
2let
3 mantisbt = pkgs.callPackage ./mantisbt/mantisbt.nix { inherit (mylibs) checkEnv fetchedGithub; };
4 gitweb = pkgs.callPackage ./gitweb/gitweb.nix { gitoliteDir = config.services.myGitolite.gitoliteDir; };
5
6 cfg = config.services.myWebsites.tools.git;
7in {
8 options.services.myWebsites.tools.git = {
9 enable = lib.mkEnableOption "enable git's website";
10 };
11
12 config = lib.mkIf cfg.enable {
13 # FIXME: include it in vhostConf ?
14 security.acme.certs."eldiron".extraDomains."git.immae.eu" = null;
15
16 nixpkgs.config.packageOverrides = oldpkgs: rec {
17 gitweb = oldpkgs.gitweb.overrideAttrs(old: {
18 installPhase = old.installPhase + ''
19 cp -r ${./gitweb/theme} $out/gitweb-theme;
20 '';
21 });
22 };
23
24 services.myWebsites.tools.modules =
25 gitweb.apache.modules ++
26 mantisbt.apache.modules;
27
28 services.myWebsites.tools.vhostConfs.git = {
29 certName = "eldiron";
30 hosts = ["git.immae.eu" ];
31 root = gitweb.webRoot;
32 extraConfig = [
33 gitweb.apache.vhostConf
34 mantisbt.apache.vhostConf
35 ''
36 RewriteEngine on
37 RewriteCond %{REQUEST_URI} ^/releases
38 RewriteRule /releases(.*) https://release.immae.eu$1 [P,L]
39 ''
40 ];
41 };
42 services.myPhpfpm.poolConfigs = {
43 mantisbt = mantisbt.phpFpm.pool;
44 };
45 };
46}
diff --git a/virtual/modules/gitweb/gitweb.nix b/virtual/modules/websites/tools/git/gitweb/gitweb.nix
index 7b4dcac..7b4dcac 100644
--- a/virtual/modules/gitweb/gitweb.nix
+++ b/virtual/modules/websites/tools/git/gitweb/gitweb.nix
diff --git a/virtual/modules/gitweb/theme/git-favicon.png b/virtual/modules/websites/tools/git/gitweb/theme/git-favicon.png
index 4fa44bb..4fa44bb 100644
--- a/virtual/modules/gitweb/theme/git-favicon.png
+++ b/virtual/modules/websites/tools/git/gitweb/theme/git-favicon.png
Binary files differ
diff --git a/virtual/modules/gitweb/theme/git-logo.png b/virtual/modules/websites/tools/git/gitweb/theme/git-logo.png
index fdaf7b7..fdaf7b7 100644
--- a/virtual/modules/gitweb/theme/git-logo.png
+++ b/virtual/modules/websites/tools/git/gitweb/theme/git-logo.png
Binary files differ
diff --git a/virtual/modules/gitweb/theme/gitweb.css b/virtual/modules/websites/tools/git/gitweb/theme/gitweb.css
index 83e0742..83e0742 100644
--- a/virtual/modules/gitweb/theme/gitweb.css
+++ b/virtual/modules/websites/tools/git/gitweb/theme/gitweb.css
diff --git a/virtual/modules/gitweb/theme/gitweb.js b/virtual/modules/websites/tools/git/gitweb/theme/gitweb.js
index 72f3cfa..72f3cfa 100644
--- a/virtual/modules/gitweb/theme/gitweb.js
+++ b/virtual/modules/websites/tools/git/gitweb/theme/gitweb.js
diff --git a/virtual/packages/mantisbt-plugin-slack.json b/virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-slack.json
index 54ea38b..54ea38b 100644
--- a/virtual/packages/mantisbt-plugin-slack.json
+++ b/virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-slack.json
diff --git a/virtual/packages/mantisbt-plugin-source-integration.json b/virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration.json
index e36a68c..e36a68c 100644
--- a/virtual/packages/mantisbt-plugin-source-integration.json
+++ b/virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration.json
diff --git a/virtual/packages/mantisbt-plugin-source-integration_Source.API.php.diff b/virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration_Source.API.php.diff
index c355144..c355144 100644
--- a/virtual/packages/mantisbt-plugin-source-integration_Source.API.php.diff
+++ b/virtual/modules/websites/tools/git/mantisbt/mantisbt-plugin-source-integration_Source.API.php.diff
diff --git a/virtual/packages/mantisbt.nix b/virtual/modules/websites/tools/git/mantisbt/mantisbt.nix
index 335cb7d..009c902 100644
--- a/virtual/packages/mantisbt.nix
+++ b/virtual/modules/websites/tools/git/mantisbt/mantisbt.nix
@@ -64,10 +64,10 @@ let
64 sha256 = "0jnrqz6r2hf53v0k1lh3il7hlfiphn61r9wgg6mzyywkjxwq07md"; 64 sha256 = "0jnrqz6r2hf53v0k1lh3il7hlfiphn61r9wgg6mzyywkjxwq07md";
65 }; 65 };
66 patches = [ 66 patches = [
67 ./mantisbt-patches/bug_report.php.diff 67 ./patches/bug_report.php.diff
68 ./mantisbt-patches/bug_report_page.php.diff 68 ./patches/bug_report_page.php.diff
69 ./mantisbt-patches/bugnote_add.php.diff 69 ./patches/bugnote_add.php.diff
70 ./mantisbt-patches/bugnote_add_inc.php.diff 70 ./patches/bugnote_add_inc.php.diff
71 ]; 71 ];
72 installPhase = '' 72 installPhase = ''
73 cp -a . $out 73 cp -a . $out
diff --git a/virtual/packages/mantisbt-patches/bug_report.php.diff b/virtual/modules/websites/tools/git/mantisbt/patches/bug_report.php.diff
index a520043..a520043 100644
--- a/virtual/packages/mantisbt-patches/bug_report.php.diff
+++ b/virtual/modules/websites/tools/git/mantisbt/patches/bug_report.php.diff
diff --git a/virtual/packages/mantisbt-patches/bug_report_page.php.diff b/virtual/modules/websites/tools/git/mantisbt/patches/bug_report_page.php.diff
index 80dea91..80dea91 100644
--- a/virtual/packages/mantisbt-patches/bug_report_page.php.diff
+++ b/virtual/modules/websites/tools/git/mantisbt/patches/bug_report_page.php.diff
diff --git a/virtual/packages/mantisbt-patches/bugnote_add.php.diff b/virtual/modules/websites/tools/git/mantisbt/patches/bugnote_add.php.diff
index 4509f0a..4509f0a 100644
--- a/virtual/packages/mantisbt-patches/bugnote_add.php.diff
+++ b/virtual/modules/websites/tools/git/mantisbt/patches/bugnote_add.php.diff
diff --git a/virtual/packages/mantisbt-patches/bugnote_add_inc.php.diff b/virtual/modules/websites/tools/git/mantisbt/patches/bugnote_add_inc.php.diff
index a8589c7..a8589c7 100644
--- a/virtual/packages/mantisbt-patches/bugnote_add_inc.php.diff
+++ b/virtual/modules/websites/tools/git/mantisbt/patches/bugnote_add_inc.php.diff
diff --git a/virtual/modules/websites/tools/tools/default.nix b/virtual/modules/websites/tools/tools/default.nix
new file mode 100644
index 0000000..f29ac11
--- /dev/null
+++ b/virtual/modules/websites/tools/tools/default.nix
@@ -0,0 +1,65 @@
1{ lib, pkgs, config, mylibs, ... }:
2let
3 adminer = pkgs.callPackage ../../commons/adminer.nix {};
4 ympd = pkgs.callPackage ./ympd.nix {};
5 ttrss = pkgs.callPackage ./ttrss.nix { inherit (mylibs) checkEnv fetchedGithub fetchedGit; };
6 roundcubemail = pkgs.callPackage ./roundcubemail.nix { inherit (mylibs) checkEnv; };
7
8 cfg = config.services.myWebsites.tools.tools;
9in {
10 options.services.myWebsites.tools.tools = {
11 enable = lib.mkEnableOption "enable tools website";
12 };
13
14 config = lib.mkIf cfg.enable {
15 security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null;
16
17 services.myWebsites.tools.modules =
18 adminer.apache.modules
19 ++ ympd.apache.modules
20 ++ ttrss.apache.modules
21 ++ roundcubemail.apache.modules;
22
23 services.ympd = ympd.config // { enable = false; };
24
25 services.myWebsites.tools.vhostConfs.tools = {
26 certName = "eldiron";
27 hosts = ["tools.immae.eu" ];
28 root = null;
29 extraConfig = [
30 adminer.apache.vhostConf
31 ympd.apache.vhostConf
32 ttrss.apache.vhostConf
33 roundcubemail.apache.vhostConf
34 ];
35 };
36
37 services.myPhpfpm.poolConfigs = {
38 adminer = adminer.phpFpm.pool;
39 ttrss = ttrss.phpFpm.pool;
40 roundcubemail = roundcubemail.phpFpm.pool;
41 };
42
43 system.activationScripts = {
44 ttrss = ttrss.activationScript;
45 roundcubemail = roundcubemail.activationScript;
46 };
47
48 systemd.services.tt-rss = {
49 description = "Tiny Tiny RSS feeds update daemon";
50 serviceConfig = {
51 User = "wwwrun";
52 ExecStart = "${pkgs.php}/bin/php ${ttrss.webRoot}/update.php --daemon";
53 StandardOutput = "syslog";
54 StandardError = "syslog";
55 PermissionsStartOnly = true;
56 };
57
58 wantedBy = [ "multi-user.target" ];
59 requires = ["postgresql.service"];
60 after = ["network.target" "postgresql.service"];
61 };
62
63 };
64}
65
diff --git a/virtual/packages/roundcubemail.nix b/virtual/modules/websites/tools/tools/roundcubemail.nix
index 1aa2d87..1aa2d87 100644
--- a/virtual/packages/roundcubemail.nix
+++ b/virtual/modules/websites/tools/tools/roundcubemail.nix
diff --git a/virtual/packages/tt-rss.json b/virtual/modules/websites/tools/tools/tt-rss.json
index e2731b0..e2731b0 100644
--- a/virtual/packages/tt-rss.json
+++ b/virtual/modules/websites/tools/tools/tt-rss.json
diff --git a/virtual/packages/ttrss-af-feedmod_type_replace.patch b/virtual/modules/websites/tools/tools/ttrss-af-feedmod_type_replace.patch
index d622577..d622577 100644
--- a/virtual/packages/ttrss-af-feedmod_type_replace.patch
+++ b/virtual/modules/websites/tools/tools/ttrss-af-feedmod_type_replace.patch
diff --git a/virtual/packages/ttrss-af_feedmod.json b/virtual/modules/websites/tools/tools/ttrss-af_feedmod.json
index e57fcce..e57fcce 100644
--- a/virtual/packages/ttrss-af_feedmod.json
+++ b/virtual/modules/websites/tools/tools/ttrss-af_feedmod.json
diff --git a/virtual/packages/ttrss-auth-ldap.json b/virtual/modules/websites/tools/tools/ttrss-auth-ldap.json
index c8aaab5..c8aaab5 100644
--- a/virtual/packages/ttrss-auth-ldap.json
+++ b/virtual/modules/websites/tools/tools/ttrss-auth-ldap.json
diff --git a/virtual/packages/ttrss-feediron.json b/virtual/modules/websites/tools/tools/ttrss-feediron.json
index 5dbec92..5dbec92 100644
--- a/virtual/packages/ttrss-feediron.json
+++ b/virtual/modules/websites/tools/tools/ttrss-feediron.json
diff --git a/virtual/packages/ttrss-feediron_json_reformat.patch b/virtual/modules/websites/tools/tools/ttrss-feediron_json_reformat.patch
index e1c44d9..e1c44d9 100644
--- a/virtual/packages/ttrss-feediron_json_reformat.patch
+++ b/virtual/modules/websites/tools/tools/ttrss-feediron_json_reformat.patch
diff --git a/virtual/packages/ttrss-ff_instagram.json b/virtual/modules/websites/tools/tools/ttrss-ff_instagram.json
index 1f241b9..1f241b9 100644
--- a/virtual/packages/ttrss-ff_instagram.json
+++ b/virtual/modules/websites/tools/tools/ttrss-ff_instagram.json
diff --git a/virtual/packages/ttrss-tumblr_gdpr_ua.json b/virtual/modules/websites/tools/tools/ttrss-tumblr_gdpr_ua.json
index eafbcfe..eafbcfe 100644
--- a/virtual/packages/ttrss-tumblr_gdpr_ua.json
+++ b/virtual/modules/websites/tools/tools/ttrss-tumblr_gdpr_ua.json
diff --git a/virtual/packages/ttrss.nix b/virtual/modules/websites/tools/tools/ttrss.nix
index f7b0f61..f7b0f61 100644
--- a/virtual/packages/ttrss.nix
+++ b/virtual/modules/websites/tools/tools/ttrss.nix
diff --git a/virtual/packages/ympd.nix b/virtual/modules/websites/tools/tools/ympd.nix
index 74bf2e5..74bf2e5 100644
--- a/virtual/packages/ympd.nix
+++ b/virtual/modules/websites/tools/tools/ympd.nix
diff --git a/virtual/packages.nix b/virtual/packages.nix
deleted file mode 100644
index 1f01ba7..0000000
--- a/virtual/packages.nix
+++ /dev/null
@@ -1,21 +0,0 @@
1{ callPackage, checkEnv, fetchedGit, fetchedGithub }:
2let
3 nextcloud = callPackage ./packages/nextcloud.nix { inherit checkEnv; };
4 adminer = callPackage ./packages/adminer.nix {};
5 ympd = callPackage ./packages/ympd.nix {};
6 mantisbt = callPackage ./packages/mantisbt.nix { inherit checkEnv fetchedGithub; };
7 ttrss = callPackage ./packages/ttrss.nix { inherit checkEnv fetchedGithub fetchedGit; };
8 roundcubemail = callPackage ./packages/roundcubemail.nix { inherit checkEnv; };
9 infcloud = callPackage ./packages/infcloud.nix {};
10 davical = callPackage ./packages/davical.nix { inherit checkEnv; };
11in
12 {
13 inherit adminer;
14 inherit ympd;
15 inherit nextcloud;
16 inherit mantisbt;
17 inherit ttrss;
18 inherit roundcubemail;
19 inherit infcloud;
20 inherit davical;
21 }
diff --git a/virtual/packages/test_goaccess.conf b/virtual/packages/test_goaccess.conf
deleted file mode 100644
index d4f243a..0000000
--- a/virtual/packages/test_goaccess.conf
+++ /dev/null
@@ -1,99 +0,0 @@
1time-format %H:%M:%S
2date-format %d/%b/%Y
3
4#sur immae.eu
5#log-format %v %h %^[%d:%t %^] "%r" %s %b "%R" "%u" $^
6
7log-format VCOMBINED
8#= %v:%^ %h %^[%d:%t %^] "%r" %s %b "%R" "%u"
9
10html-prefs {"theme":"bright","layout":"vertical"}
11
12exclude-ip 188.165.209.148
13exclude-ip 178.33.252.96
14exclude-ip 2001:41d0:2:9c94::1
15exclude-ip 2001:41d0:2:9c94::
16exclude-ip 176.9.151.89
17exclude-ip 2a01:4f8:160:3445::
18exclude-ip 82.255.56.72
19
20no-query-string true
21
22keep-db-files true
23load-from-disk true
24db-path /var/lib/goaccess/cloud.immae.eu
25
26ignore-panel REFERRERS
27ignore-panel KEYPHRASES
28
29static-file .css
30static-file .js
31static-file .jpg
32static-file .png
33static-file .gif
34static-file .ico
35static-file .jpeg
36static-file .pdf
37static-file .csv
38static-file .mpeg
39static-file .mpg
40static-file .swf
41static-file .woff
42static-file .woff2
43static-file .xls
44static-file .xlsx
45static-file .doc
46static-file .docx
47static-file .ppt
48static-file .pptx
49static-file .txt
50static-file .zip
51static-file .ogg
52static-file .mp3
53static-file .mp4
54static-file .exe
55static-file .iso
56static-file .gz
57static-file .rar
58static-file .svg
59static-file .bmp
60static-file .tar
61static-file .tgz
62static-file .tiff
63static-file .tif
64static-file .ttf
65static-file .flv
66#static-file .less
67#static-file .ac3
68#static-file .avi
69#static-file .bz2
70#static-file .class
71#static-file .cue
72#static-file .dae
73#static-file .dat
74#static-file .dts
75#static-file .ejs
76#static-file .eot
77#static-file .eps
78#static-file .img
79#static-file .jar
80#static-file .map
81#static-file .mid
82#static-file .midi
83#static-file .ogv
84#static-file .webm
85#static-file .mkv
86#static-file .odp
87#static-file .ods
88#static-file .odt
89#static-file .otf
90#static-file .pict
91#static-file .pls
92#static-file .ps
93#static-file .qt
94#static-file .rm
95#static-file .svgz
96#static-file .wav
97#static-file .webp
98
99