aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--virtual/eldiron.nix24
-rw-r--r--virtual/packages.nix15
-rw-r--r--virtual/packages/adminer.nix9
-rw-r--r--virtual/packages/connexionswing.nix15
-rw-r--r--virtual/packages/gitweb.nix122
-rw-r--r--virtual/packages/mantisbt.nix7
-rw-r--r--virtual/packages/nextcloud.nix17
-rw-r--r--virtual/packages/ympd.nix3
8 files changed, 103 insertions, 109 deletions
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index 30face7..63106d6 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -5,8 +5,16 @@
5 }; 5 };
6 6
7 eldiron = { config, pkgs, ... }: 7 eldiron = { config, pkgs, ... }:
8 let mypkgs = import ./packages.nix; 8 with import ../libs.nix;
9 mylibs = import ../libs.nix; 9 let
10 mypkgs = nixpkgs_unstable.callPackage ./packages.nix {
11 inherit checkEnv fetchedGitPrivate fetchedGithub;
12 gitwebOverride = nixpkgs_unstable.gitweb.overrideAttrs(old: {
13 installPhase = old.installPhase + ''
14 cp -r ${./packages/gitweb} $out/gitweb-theme;
15 '';
16 });
17 };
10 in 18 in
11 { 19 {
12 # FIXME: they are not overriden in packages.nix 20 # FIXME: they are not overriden in packages.nix
@@ -171,9 +179,9 @@
171 chown redis /run/redis 179 chown redis /run/redis
172 ''; 180 '';
173 gitolite = 181 gitolite =
174 assert mylibs.checkEnv "NIXOPS_GITOLITE_LDAP_PASSWORD"; 182 assert checkEnv "NIXOPS_GITOLITE_LDAP_PASSWORD";
175 let 183 let
176 gitolite_ldap_groups = mylibs.wrap { 184 gitolite_ldap_groups = wrap {
177 name = "gitolite_ldap_groups.sh"; 185 name = "gitolite_ldap_groups.sh";
178 file = ./packages/gitolite_ldap_groups.sh; 186 file = ./packages/gitolite_ldap_groups.sh;
179 vars = { 187 vars = {
@@ -197,8 +205,8 @@
197 205
198 environment.etc."ssh/ldap_authorized_keys" = let 206 environment.etc."ssh/ldap_authorized_keys" = let
199 ldap_authorized_keys = 207 ldap_authorized_keys =
200 assert mylibs.checkEnv "NIXOPS_SSHD_LDAP_PASSWORD"; 208 assert checkEnv "NIXOPS_SSHD_LDAP_PASSWORD";
201 mylibs.wrap { 209 wrap {
202 name = "ldap_authorized_keys"; 210 name = "ldap_authorized_keys";
203 file = ./ldap_authorized_keys.sh; 211 file = ./ldap_authorized_keys.sh;
204 vars = { 212 vars = {
@@ -238,7 +246,7 @@
238 }; 246 };
239 ldap = { 247 ldap = {
240 modules = [ "ldap" "authnz_ldap" ]; 248 modules = [ "ldap" "authnz_ldap" ];
241 extraConfig = assert mylibs.checkEnv "NIXOPS_HTTP_LDAP_PASSWORD"; '' 249 extraConfig = assert checkEnv "NIXOPS_HTTP_LDAP_PASSWORD"; ''
242 <IfModule ldap_module> 250 <IfModule ldap_module>
243 LDAPSharedCacheSize 500000 251 LDAPSharedCacheSize 500000
244 LDAPCacheEntries 1024 252 LDAPCacheEntries 1024
@@ -370,7 +378,7 @@
370 378
371 security.pam.services = let 379 security.pam.services = let
372 pam_ldap = pkgs.pam_ldap; 380 pam_ldap = pkgs.pam_ldap;
373 pam_ldap_mysql = assert mylibs.checkEnv "NIXOPS_MYSQL_PAM_PASSWORD"; 381 pam_ldap_mysql = assert checkEnv "NIXOPS_MYSQL_PAM_PASSWORD";
374 pkgs.writeText "mysql.conf" '' 382 pkgs.writeText "mysql.conf" ''
375 host ldap.immae.eu 383 host ldap.immae.eu
376 base dc=immae,dc=eu 384 base dc=immae,dc=eu
diff --git a/virtual/packages.nix b/virtual/packages.nix
index a115693..f3689b6 100644
--- a/virtual/packages.nix
+++ b/virtual/packages.nix
@@ -1,12 +1,11 @@
1with import ../libs.nix; 1{ callPackage, checkEnv, fetchedGitPrivate, fetchedGithub, gitwebOverride }:
2with nixpkgs_unstable;
3let 2let
4 connexionswing = import ./packages/connexionswing.nix; 3 connexionswing = callPackage ./packages/connexionswing.nix { inherit checkEnv fetchedGitPrivate; };
5 nextcloud = import ./packages/nextcloud.nix; 4 nextcloud = callPackage ./packages/nextcloud.nix { inherit checkEnv; };
6 adminer = import ./packages/adminer.nix; 5 adminer = callPackage ./packages/adminer.nix {};
7 ympd = import ./packages/ympd.nix; 6 ympd = callPackage ./packages/ympd.nix {};
8 gitweb = import ./packages/gitweb.nix; 7 gitweb = callPackage ./packages/gitweb.nix { gitweb = gitwebOverride; };
9 mantisbt = import ./packages/mantisbt.nix; 8 mantisbt = callPackage ./packages/mantisbt.nix { inherit checkEnv fetchedGithub; };
10in 9in
11 { 10 {
12 inherit adminer; 11 inherit adminer;
diff --git a/virtual/packages/adminer.nix b/virtual/packages/adminer.nix
index 35fa791..034f0d4 100644
--- a/virtual/packages/adminer.nix
+++ b/virtual/packages/adminer.nix
@@ -1,11 +1,10 @@
1with import ../../libs.nix; 1{ stdenv, fetchurl, nginx }:
2with nixpkgs_unstable;
3let 2let
4 adminer = rec { 3 adminer = rec {
5 webRoot = pkgs.stdenv.mkDerivation rec { 4 webRoot = stdenv.mkDerivation rec {
6 version = "4.7.0"; 5 version = "4.7.0";
7 name = "adminer-${version}"; 6 name = "adminer-${version}";
8 src = pkgs.fetchurl { 7 src = fetchurl {
9 url = "https://www.adminer.org/static/download/${version}/${name}.php"; 8 url = "https://www.adminer.org/static/download/${version}/${name}.php";
10 sha256 = "1qq2g7rbfh2vrqfm3g0bz0qs057b049n0mhabnsbd1sgnpvnc5z7"; 9 sha256 = "1qq2g7rbfh2vrqfm3g0bz0qs057b049n0mhabnsbd1sgnpvnc5z7";
11 }; 10 };
@@ -48,7 +47,7 @@ let
48 alias = webRoot; 47 alias = webRoot;
49 index = "index.php"; 48 index = "index.php";
50 extraConfig = '' 49 extraConfig = ''
51 include ${pkgs.nginx}/conf/fastcgi.conf; 50 include ${nginx}/conf/fastcgi.conf;
52 fastcgi_split_path_info ^(.+?\.php)(/.*)$; 51 fastcgi_split_path_info ^(.+?\.php)(/.*)$;
53 fastcgi_param HTTP_PROXY ""; 52 fastcgi_param HTTP_PROXY "";
54 fastcgi_param SCRIPT_FILENAME ${webRoot}/index.php; 53 fastcgi_param SCRIPT_FILENAME ${webRoot}/index.php;
diff --git a/virtual/packages/connexionswing.nix b/virtual/packages/connexionswing.nix
index 4c1da36..f178e49 100644
--- a/virtual/packages/connexionswing.nix
+++ b/virtual/packages/connexionswing.nix
@@ -1,5 +1,4 @@
1with import ../../libs.nix; 1{ lib, checkEnv, writeText, fetchedGitPrivate, stdenv, php, git, cacert }:
2with nixpkgs_unstable;
3let 2let
4 connexionswing = { environment ? "dev" }: rec { 3 connexionswing = { environment ? "dev" }: rec {
5 varDir = "/var/lib/connexionswing_${environment}"; 4 varDir = "/var/lib/connexionswing_${environment}";
@@ -11,7 +10,7 @@ let
11 assert checkEnv "NIXOPS_CONNEXIONSWING_${envName}_MYSQL_NAME"; 10 assert checkEnv "NIXOPS_CONNEXIONSWING_${envName}_MYSQL_NAME";
12 assert checkEnv "NIXOPS_CONNEXIONSWING_${envName}_SECRET"; 11 assert checkEnv "NIXOPS_CONNEXIONSWING_${envName}_SECRET";
13 assert checkEnv "NIXOPS_CONNEXIONSWING_${envName}_EMAIL"; 12 assert checkEnv "NIXOPS_CONNEXIONSWING_${envName}_EMAIL";
14 pkgs.writeText "parameters.yml" '' 13 writeText "parameters.yml" ''
15 # This file is auto-generated during the composer install 14 # This file is auto-generated during the composer install
16 parameters: 15 parameters:
17 database_host: db-1.immae.eu 16 database_host: db-1.immae.eu
@@ -139,15 +138,15 @@ let
139 fi 138 fi
140 ''; 139 '';
141 }; 140 };
142 webappDir = pkgs.stdenv.mkDerivation (fetchedGitPrivate ./connexionswing_master.json // rec { 141 webappDir = stdenv.mkDerivation (fetchedGitPrivate ./connexionswing_master.json // rec {
143 # FIXME: can we do better than symlink? 142 # FIXME: can we do better than symlink?
144 # FIXME: imagick optional 143 # FIXME: imagick optional
145 # FIXME: initial sync 144 # FIXME: initial sync
146 # FIXME: backup 145 # FIXME: backup
147 # FIXME: replace with pkgs.phpPackages.composer 146 # FIXME: replace with pkgs.phpPackages.composer
148 buildPhase = '' 147 buildPhase = ''
149 export GIT_SSL_CAINFO=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt 148 export GIT_SSL_CAINFO=${cacert}/etc/ssl/certs/ca-bundle.crt
150 export SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt 149 export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
151 150
152 ln -sf ../../../../../${varDir}/{medias,uploads} web/images/ 151 ln -sf ../../../../../${varDir}/{medias,uploads} web/images/
153 ln -sf ${configRoot} app/config/parameters.yml 152 ln -sf ${configRoot} app/config/parameters.yml
@@ -162,10 +161,10 @@ let
162 cp -a . $out 161 cp -a . $out
163 ''; 162 '';
164 buildInputs = [ 163 buildInputs = [
165 pkgs.php pkgs.git pkgs.cacert 164 php git cacert
166 ]; 165 ];
167 }); 166 });
168 webRoot = "${webappDir}/web"; 167 webRoot = "${webappDir}/web";
169 }; 168 };
170in 169in
171 connexionswing 170 connexionswing
diff --git a/virtual/packages/gitweb.nix b/virtual/packages/gitweb.nix
index 437a11a..1c2430a 100644
--- a/virtual/packages/gitweb.nix
+++ b/virtual/packages/gitweb.nix
@@ -1,72 +1,64 @@
1with import ../../libs.nix; 1{ gitweb, writeText, gitolite, git }:
2with nixpkgs_unstable; 2rec {
3let 3 varDir = "/var/lib/gitolite";
4 gitweb = rec { 4 webRoot = gitweb;
5 varDir = "/var/lib/gitolite"; 5 config = writeText "gitweb.conf" ''
6 webRoot = pkgs.gitweb.overrideAttrs(old: { 6 $git_temp = "/tmp";
7 installPhase = old.installPhase + ''
8 cp -r ${./gitweb} $out/gitweb-theme;
9 '';
10 });
11 config = pkgs.writeText "gitweb.conf" ''
12 $git_temp = "/tmp";
13 7
14 # The directories where your projects are. Must not end with a 8 # The directories where your projects are. Must not end with a
15 # slash. 9 # slash.
16 $projectroot = "${varDir}/repositories"; 10 $projectroot = "${varDir}/repositories";
17 11
18 $projects_list = "${varDir}/projects.list"; 12 $projects_list = "${varDir}/projects.list";
19 $strict_export = "true"; 13 $strict_export = "true";
20 14
21 # Base URLs for links displayed in the web interface. 15 # Base URLs for links displayed in the web interface.
22 our @git_base_url_list = qw(ssh://gitolite@git.immae.eu https://git.immae.eu); 16 our @git_base_url_list = qw(ssh://gitolite@git.immae.eu https://git.immae.eu);
23 17
24 $feature{'blame'}{'default'} = [1]; 18 $feature{'blame'}{'default'} = [1];
25 $feature{'avatar'}{'default'} = ['gravatar']; 19 $feature{'avatar'}{'default'} = ['gravatar'];
26 $feature{'highlight'}{'default'} = [1]; 20 $feature{'highlight'}{'default'} = [1];
27 21
28 @stylesheets = ("gitweb-theme/gitweb.css"); 22 @stylesheets = ("gitweb-theme/gitweb.css");
29 $logo = "gitweb-theme/git-logo.png"; 23 $logo = "gitweb-theme/git-logo.png";
30 $favicon = "gitweb-theme/git-favicon.png"; 24 $favicon = "gitweb-theme/git-favicon.png";
31 $javascript = "gitweb-theme/gitweb.js"; 25 $javascript = "gitweb-theme/gitweb.js";
32 $logo_url = "https://git.immae.eu/"; 26 $logo_url = "https://git.immae.eu/";
33 $projects_list_group_categories = "true"; 27 $projects_list_group_categories = "true";
34 $projects_list_description_width = 60; 28 $projects_list_description_width = 60;
35 $project_list_default_category = "__Others__"; 29 $project_list_default_category = "__Others__";
36 ''; 30 '';
37 apache = { 31 apache = {
38 user = "wwwrun"; 32 user = "wwwrun";
39 group = "wwwrun"; 33 group = "wwwrun";
40 modules = [ "cgid" ]; 34 modules = [ "cgid" ];
41 vhostConf = '' 35 vhostConf = ''
42 SetEnv GIT_PROJECT_ROOT ${varDir}/repositories/ 36 SetEnv GIT_PROJECT_ROOT ${varDir}/repositories/
43 ScriptAliasMatch \ 37 ScriptAliasMatch \
44 "(?x)^/(.*/(HEAD | \ 38 "(?x)^/(.*/(HEAD | \
45 info/refs | \ 39 info/refs | \
46 objects/(info/[^/]+ | \ 40 objects/(info/[^/]+ | \
47 [0-9a-f]{2}/[0-9a-f]{38} | \ 41 [0-9a-f]{2}/[0-9a-f]{38} | \
48 pack/pack-[0-9a-f]{40}\.(pack|idx)) | \ 42 pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
49 git-(upload|receive)-pack))$" \ 43 git-(upload|receive)-pack))$" \
50 ${pkgs.git}/libexec/git-core/git-http-backend/$1 44 ${git}/libexec/git-core/git-http-backend/$1
51 45
52 <Directory "${pkgs.gitolite}"> 46 <Directory "${gitolite}">
53 Require all granted 47 Require all granted
54 </Directory> 48 </Directory>
55 <Directory "${pkgs.git}/libexec/git-core"> 49 <Directory "${git}/libexec/git-core">
56 Require all granted 50 Require all granted
57 </Directory> 51 </Directory>
58 <Directory "${webRoot}"> 52 <Directory "${webRoot}">
59 DirectoryIndex gitweb.cgi 53 DirectoryIndex gitweb.cgi
60 Require all granted 54 Require all granted
61 AllowOverride None 55 AllowOverride None
62 Options ExecCGI FollowSymLinks 56 Options ExecCGI FollowSymLinks
63 <Files gitweb.cgi> 57 <Files gitweb.cgi>
64 SetHandler cgi-script 58 SetHandler cgi-script
65 SetEnv GITWEB_CONFIG "${config}" 59 SetEnv GITWEB_CONFIG "${config}"
66 </Files> 60 </Files>
67 </Directory> 61 </Directory>
68 ''; 62 '';
69 }; 63 };
70}; 64}
71in
72 gitweb
diff --git a/virtual/packages/mantisbt.nix b/virtual/packages/mantisbt.nix
index f136ea5..82fc8ad 100644
--- a/virtual/packages/mantisbt.nix
+++ b/virtual/packages/mantisbt.nix
@@ -1,5 +1,4 @@
1with import ../../libs.nix; 1{ lib, checkEnv, writeText, stdenv, fetchurl, fetchedGithub }:
2with nixpkgs_unstable;
3let 2let
4 # FIXME: check that source-integration and slack still work 3 # FIXME: check that source-integration and slack still work
5 mantisbt = let 4 mantisbt = let
@@ -23,7 +22,7 @@ let
23 assert checkEnv "NIXOPS_MANTISBT_DB_PASSWORD"; 22 assert checkEnv "NIXOPS_MANTISBT_DB_PASSWORD";
24 assert checkEnv "NIXOPS_MANTISBT_MASTER_SALT"; 23 assert checkEnv "NIXOPS_MANTISBT_MASTER_SALT";
25 assert checkEnv "NIXOPS_MANTISBT_LDAP_PASSWORD"; 24 assert checkEnv "NIXOPS_MANTISBT_LDAP_PASSWORD";
26 pkgs.writeText "config_inc.php" '' 25 writeText "config_inc.php" ''
27 <?php 26 <?php
28 $g_hostname = 'db-1.immae.eu'; 27 $g_hostname = 'db-1.immae.eu';
29 $g_db_username = 'mantisbt'; 28 $g_db_username = 'mantisbt';
@@ -102,7 +101,7 @@ let
102 phpFpm = rec { 101 phpFpm = rec {
103 basedir = builtins.concatStringsSep ":" ( 102 basedir = builtins.concatStringsSep ":" (
104 [ webRoot config ] 103 [ webRoot config ]
105 ++ pkgs.lib.attrsets.mapAttrsToList (name: value: value) plugins); 104 ++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
106 socket = "/var/run/phpfpm/mantisbt.sock"; 105 socket = "/var/run/phpfpm/mantisbt.sock";
107 pool = '' 106 pool = ''
108 listen = ${socket} 107 listen = ${socket}
diff --git a/virtual/packages/nextcloud.nix b/virtual/packages/nextcloud.nix
index ff4b923..d332a10 100644
--- a/virtual/packages/nextcloud.nix
+++ b/virtual/packages/nextcloud.nix
@@ -1,11 +1,10 @@
1with import ../../libs.nix; 1{ stdenv, fetchurl, checkEnv, writeText, lib }:
2with nixpkgs_unstable;
3let 2let
4 nextcloud = let 3 nextcloud = let
5 # FIXME: initial sync 4 # FIXME: initial sync
6 # FIXME: backup 5 # FIXME: backup
7 buildApp = { appName, version, url, sha256, installPhase ? "mkdir -p $out && cp -R . $out/" }: 6 buildApp = { appName, version, url, sha256, installPhase ? "mkdir -p $out && cp -R . $out/" }:
8 pkgs.stdenv.mkDerivation rec { 7 stdenv.mkDerivation rec {
9 name = "nextcloud-app-${appName}-${version}"; 8 name = "nextcloud-app-${appName}-${version}";
10 inherit version; 9 inherit version;
11 phases = "unpackPhase installPhase"; 10 phases = "unpackPhase installPhase";
@@ -106,7 +105,7 @@ let
106 assert checkEnv "NIXOPS_NEXTCLOUD_INSTANCE_ID"; 105 assert checkEnv "NIXOPS_NEXTCLOUD_INSTANCE_ID";
107 assert checkEnv "NIXOPS_NEXTCLOUD_SECRET"; 106 assert checkEnv "NIXOPS_NEXTCLOUD_SECRET";
108 assert checkEnv "NIXOPS_NEXTCLOUD_REDIS_DB_INDEX"; 107 assert checkEnv "NIXOPS_NEXTCLOUD_REDIS_DB_INDEX";
109 pkgs.writeText "config.php" '' 108 writeText "config.php" ''
110 <?php 109 <?php
111 $CONFIG = array ( 110 $CONFIG = array (
112 'instanceid' => '${builtins.getEnv "NIXOPS_NEXTCLOUD_INSTANCE_ID"}', 111 'instanceid' => '${builtins.getEnv "NIXOPS_NEXTCLOUD_INSTANCE_ID"}',
@@ -183,16 +182,16 @@ let
183 rm -r $out/config 182 rm -r $out/config
184 ln -sf ${config} $out/config 183 ln -sf ${config} $out/config
185 ${builtins.concatStringsSep "\n" ( 184 ${builtins.concatStringsSep "\n" (
186 pkgs.lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/apps/${name}") apps 185 lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/apps/${name}") apps
187 )} 186 )}
188 ''; 187 '';
189 188
190 meta = { 189 meta = {
191 description = "Sharing solution for files, calendars, contacts and more"; 190 description = "Sharing solution for files, calendars, contacts and more";
192 homepage = https://nextcloud.com; 191 homepage = https://nextcloud.com;
193 maintainers = with stdenv.lib.maintainers; [ schneefux bachp globin fpletz ]; 192 maintainers = with lib.maintainers; [ schneefux bachp globin fpletz ];
194 license = stdenv.lib.licenses.agpl3Plus; 193 license = lib.licenses.agpl3Plus;
195 platforms = with stdenv.lib.platforms; unix; 194 platforms = with lib.platforms; unix;
196 }; 195 };
197 }; 196 };
198 activationScript = { 197 activationScript = {
@@ -229,7 +228,7 @@ let
229 phpFpm = rec { 228 phpFpm = rec {
230 basedir = builtins.concatStringsSep ":" ( 229 basedir = builtins.concatStringsSep ":" (
231 [ webRoot varDir config ] 230 [ webRoot varDir config ]
232 ++ pkgs.lib.attrsets.mapAttrsToList (name: value: value) apps); 231 ++ lib.attrsets.mapAttrsToList (name: value: value) apps);
233 socket = "/var/run/phpfpm/nextcloud.sock"; 232 socket = "/var/run/phpfpm/nextcloud.sock";
234 pool = '' 233 pool = ''
235 listen = ${socket} 234 listen = ${socket}
diff --git a/virtual/packages/ympd.nix b/virtual/packages/ympd.nix
index 643c860..74bf2e5 100644
--- a/virtual/packages/ympd.nix
+++ b/virtual/packages/ympd.nix
@@ -1,5 +1,4 @@
1with import ../../libs.nix; 1{}:
2with nixpkgs_unstable;
3let 2let
4 ympd = rec { 3 ympd = rec {
5 config = { 4 config = {