11 files changed, 325 insertions, 2 deletions
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index 6237e06..2152aff 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -8,7 +8,7 @@
    with import ../libs.nix;
    let
        mypkgs = pkgs.callPackage ./packages.nix {
-          inherit checkEnv fetchedGitPrivate fetchedGithub;
+          inherit checkEnv fetchedGit fetchedGitPrivate fetchedGithub;
        };
    in
  {
@@ -255,6 +255,7 @@
        aten_prod = mypkgs.aten_prod.phpFpm.pool;
        nextcloud = mypkgs.nextcloud.phpFpm.pool;
        mantisbt = mypkgs.mantisbt.phpFpm.pool;
+        ttrss = mypkgs.ttrss.phpFpm.pool;
      };
    };
@@ -270,11 +271,13 @@
      aten_dev  = mypkgs.aten_dev.activationScript;
      aten_prod = mypkgs.aten_prod.activationScript;
      nextcloud = mypkgs.nextcloud.activationScript;
+      ttrss = mypkgs.ttrss.activationScript;
      httpd = ''
        install -d -m 0755 /var/lib/acme/acme-challenge
        install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions
        install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer
        install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt
+        install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/ttrss
        '';
      redis = ''
        mkdir -p /run/redis
@@ -428,6 +431,7 @@
        mypkgs.ympd.apache.modules ++
        mypkgs.git.web.apache.modules ++
        mypkgs.mantisbt.apache.modules ++
+        mypkgs.ttrss.apache.modules ++
        pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++
        [ "macro" ]);
      extraConfig = builtins.concatStringsSep "\n"
@@ -453,6 +457,7 @@
          extraConfig = builtins.concatStringsSep "\n" [
            mypkgs.adminer.apache.vhostConf
            mypkgs.ympd.apache.vhostConf
+            mypkgs.ttrss.apache.vhostConf
          ];
        })
        (withConf "eldiron" // {
@@ -652,5 +657,20 @@
        "5 0 * * * root ${stats "osteopathe-cc.fr" ./packages/chloe_goaccess.conf}"
        ];
    };
+    systemd.services.tt-rss = {
+      description = "Tiny Tiny RSS feeds update daemon";
+      serviceConfig = {
+        User = "wwwrun";
+        ExecStart = "${pkgs.php}/bin/php ${mypkgs.ttrss.webRoot}/update.php --daemon";
+        StandardOutput = "syslog";
+        StandardError = "syslog";
+        PermissionsStartOnly = true;
+      };
+      wantedBy = [ "multi-user.target" ];
+      requires = ["postgresql.service"];
+      after = ["network.target" "postgresql.service"];
+    };
  };
 }
diff --git a/virtual/packages.nix b/virtual/packages.nix
index 88b4717..ee5dc15 100644
--- a/virtual/packages.nix
+++ b/virtual/packages.nix
@@ -1,4 +1,4 @@
-{ callPackage, checkEnv, fetchedGitPrivate, fetchedGithub }:
+{ callPackage, checkEnv, fetchedGit, fetchedGitPrivate, fetchedGithub }:
 let
  connexionswing = callPackage ./packages/connexionswing.nix { inherit checkEnv fetchedGitPrivate; };
  ludivinecassal = callPackage ./packages/ludivinecassal.nix { inherit checkEnv fetchedGitPrivate; };
@@ -10,6 +10,7 @@ let
  ympd = callPackage ./packages/ympd.nix {};
  gitweb = callPackage ./packages/gitweb.nix {};
  mantisbt = callPackage ./packages/mantisbt.nix { inherit checkEnv fetchedGithub; };
+  ttrss = callPackage ./packages/ttrss.nix { inherit checkEnv fetchedGithub fetchedGit; };
 in
  {
    inherit adminer;
@@ -26,6 +27,7 @@ in
    chloe_prod = chloe { environment = "prod"; };
    inherit nextcloud;
    inherit mantisbt;
+    inherit ttrss;
    # FIXME: add buildbot
    git = { web = gitweb; };
  }
diff --git a/virtual/packages/tt-rss.json b/virtual/packages/tt-rss.json
new file mode 100644
index 0000000..e2731b0
--- /dev/null
+++ b/virtual/packages/tt-rss.json
@@ -0,0 +1,14 @@
+{
+  "tag": "986ca25-master",
+  "meta": {
+    "name": "tt-rss",
+    "url": "https://git.tt-rss.org/fox/tt-rss.git",
+    "branch": "master"
+  },
+  "git": {
+    "url": "https://git.tt-rss.org/fox/tt-rss.git",
+    "rev": "986ca251f995f7754a0470d3e0c44538a545081f",
+    "sha256": "0xkafkh7l9zazm5d6snlq03kdfxfhkb4c8fdsb32wn8b9bhdzf5s",
+    "fetchSubmodules": true
+  }
+}
diff --git a/virtual/packages/ttrss-af-feedmod_type_replace.patch b/virtual/packages/ttrss-af-feedmod_type_replace.patch
new file mode 100644
index 0000000..d622577
--- /dev/null
+++ b/virtual/packages/ttrss-af-feedmod_type_replace.patch
@@ -0,0 +1,12 @@
+--- a/init.php  2014-06-16 14:21:06.995480038 +0200
+++ b/init.php  2014-06-16 14:22:00.151027654 +0200
+@@ -147,6 +147,9 @@
+                         }
+                     }
+                     break;
+                case 'replace':
+                    $article['content'] = preg_replace("/".$config['pattern']."/",$config['replacement'],$article['content']);
+                    break;
+ 
+                 default:
+                     // unknown type or invalid config
diff --git a/virtual/packages/ttrss-af_feedmod.json b/virtual/packages/ttrss-af_feedmod.json
new file mode 100644
index 0000000..e57fcce
--- /dev/null
+++ b/virtual/packages/ttrss-af_feedmod.json
@@ -0,0 +1,15 @@
+{
+  "tag": "0ea2092-master",
+  "meta": {
+    "name": "ttrss-af_feedmod",
+    "url": "https://github.com/mbirth/ttrss_plugin-af_feedmod",
+    "branch": "master"
+  },
+  "github": {
+    "owner": "mbirth",
+    "repo": "ttrss_plugin-af_feedmod",
+    "rev": "0ea2092dd34067ecd898802cfca3570023d1ecfe",
+    "sha256": "02ibf47zcrsc2rr45wsix8gxyyf371davj8n8i0gj1zdq95klvnv",
+    "fetchSubmodules": true
+  }
+}
diff --git a/virtual/packages/ttrss-auth-ldap.json b/virtual/packages/ttrss-auth-ldap.json
new file mode 100644
index 0000000..c8aaab5
--- /dev/null
+++ b/virtual/packages/ttrss-auth-ldap.json
@@ -0,0 +1,15 @@
+{
+  "tag": "4d751b0-master",
+  "meta": {
+    "name": "ttrss-auth-ldap",
+    "url": "https://github.com/hydrian/TTRSS-Auth-LDAP",
+    "branch": "master"
+  },
+  "github": {
+    "owner": "hydrian",
+    "repo": "TTRSS-Auth-LDAP",
+    "rev": "4d751b095c29a8dbe2dc7bb07777742956136e94",
+    "sha256": "0b9fl86acrzpcv41r7pj3bl8b3n72hpkdywzx9zjyfqv5pskxyim",
+    "fetchSubmodules": true
+  }
+}
diff --git a/virtual/packages/ttrss-feediron.json b/virtual/packages/ttrss-feediron.json
new file mode 100644
index 0000000..5dbec92
--- /dev/null
+++ b/virtual/packages/ttrss-feediron.json
@@ -0,0 +1,15 @@
+{
+  "tag": "407168c-master",
+  "meta": {
+    "name": "ttrss-feediron",
+    "url": "https://github.com/m42e/ttrss_plugin-feediron",
+    "branch": "master"
+  },
+  "github": {
+    "owner": "m42e",
+    "repo": "ttrss_plugin-feediron",
+    "rev": "407168c628880b5ced572cc549db6d50e866d3c8",
+    "sha256": "17b95ifpcph6m03hjd1mhi8gi1hw9yd3fnffmw66fqr5c9l3zd9r",
+    "fetchSubmodules": true
+  }
+}
diff --git a/virtual/packages/ttrss-feediron_json_reformat.patch b/virtual/packages/ttrss-feediron_json_reformat.patch
new file mode 100644
index 0000000..e1c44d9
--- /dev/null
+++ b/virtual/packages/ttrss-feediron_json_reformat.patch
@@ -0,0 +1,18 @@
+diff --git a/init.php b/init.php
+index 3c0f2f9..1aad146 100644
+--- a/init.php
+++ b/init.php
+@@ -600,10 +600,11 @@ class Feediron extends Plugin implements IHandler
+                        return false;
+                }
+ 
+-               $this->host->set($this, 'json_conf', Feediron_Json::format($json_conf));
+                $new_conf = json_encode(json_decode($json_conf), JSON_PRETTY_PRINT);
+                $this->host->set($this, 'json_conf', $new_conf);
+                $json_reply['success'] = true;
+                $json_reply['message'] = __('Configuration saved.');
+-               $json_reply['json_conf'] = Feediron_Json::format($json_conf);
+                $json_reply['json_conf'] = $new_conf;
+                echo json_encode($json_reply);
+        }
+ 
diff --git a/virtual/packages/ttrss-ff_instagram.json b/virtual/packages/ttrss-ff_instagram.json
new file mode 100644
index 0000000..1f241b9
--- /dev/null
+++ b/virtual/packages/ttrss-ff_instagram.json
@@ -0,0 +1,15 @@
+{
+  "tag": "0366ffb-master",
+  "meta": {
+    "name": "ttrss-ff_instagram",
+    "url": "https://github.com/wltb/ff_instagram",
+    "branch": "master"
+  },
+  "github": {
+    "owner": "wltb",
+    "repo": "ff_instagram",
+    "rev": "0366ffb18c4d490c8fbfba2f5f3367a5af23cfe8",
+    "sha256": "0vvzl6wi6jmrqknsfddvckjgsgfizz1d923d1nyrpzjfn6bda1vk",
+    "fetchSubmodules": true
+  }
+}
diff --git a/virtual/packages/ttrss-tumblr_gdpr_ua.json b/virtual/packages/ttrss-tumblr_gdpr_ua.json
new file mode 100644
index 0000000..eafbcfe
--- /dev/null
+++ b/virtual/packages/ttrss-tumblr_gdpr_ua.json
@@ -0,0 +1,15 @@
+{
+  "tag": "287c584-master",
+  "meta": {
+    "name": "ttrss-tumblr_gdpr_ua",
+    "url": "https://github.com/hkockerbeck/ttrss-tumblr-gdpr-ua",
+    "branch": "master"
+  },
+  "github": {
+    "owner": "hkockerbeck",
+    "repo": "ttrss-tumblr-gdpr-ua",
+    "rev": "287c584e68845d524f920156bff0b2eaa6f65117",
+    "sha256": "1fviawgcclqky4k4xv1sqzvpb8i74w9f0pclm09m78s8l85wh9py",
+    "fetchSubmodules": true
+  }
+}
diff --git a/virtual/packages/ttrss.nix b/virtual/packages/ttrss.nix
new file mode 100644
index 0000000..f7b0f61
--- /dev/null
+++ b/virtual/packages/ttrss.nix
@@ -0,0 +1,182 @@
+{ lib, php, checkEnv, writeText, stdenv, fetchedGit, fetchedGithub }:
+let
+  ttrss = let
+    plugins = {
+      auth_ldap = stdenv.mkDerivation (fetchedGithub ./ttrss-auth-ldap.json // rec {
+        installPhase = ''
+          mkdir $out
+          cp plugins/auth_ldap/init.php $out
+        '';
+      });
+      af_feedmod = stdenv.mkDerivation (fetchedGithub ./ttrss-af_feedmod.json // rec {
+        patches = [ ./ttrss-af-feedmod_type_replace.patch ];
+        installPhase = ''
+          mkdir $out
+          cp init.php $out
+        '';
+      });
+      feediron = stdenv.mkDerivation (fetchedGithub ./ttrss-feediron.json // rec {
+        patches = [ ./ttrss-feediron_json_reformat.patch ];
+        installPhase = ''
+          mkdir $out
+          cp -a . $out
+        '';
+      });
+      ff_instagram = stdenv.mkDerivation (fetchedGithub ./ttrss-ff_instagram.json // rec {
+        installPhase = ''
+          mkdir $out
+          cp -a . $out
+        '';
+      });
+      tumblr_gdpr_ua = stdenv.mkDerivation (fetchedGithub ./ttrss-tumblr_gdpr_ua.json // rec {
+        installPhase = ''
+          mkdir $out
+          cp -a . $out
+        '';
+      });
+    };
+  in rec {
+    varDir = "/var/lib/ttrss";
+    # FIXME: initial sync
+    activationScript = {
+      deps = [ "wrappers" ];
+      text = ''
+        install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
+          ${varDir}/lock ${varDir}/cache ${varDir}/feed-icons
+        install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}/cache/export/ \
+          ${varDir}/cache/feeds/ \
+          ${varDir}/cache/images/ \
+          ${varDir}/cache/js/ \
+          ${varDir}/cache/simplepie/ \
+          ${varDir}/cache/upload/
+        touch ${varDir}/feed-icons/index.html
+        install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
+      '';
+    };
+    config =
+      # FIXME: LOG_DESTINATION syslog?
+      assert checkEnv "NIXOPS_TTRSS_DB_PASSWORD";
+      assert checkEnv "NIXOPS_TTRSS_LDAP_PASSWORD";
+      writeText "config.php" ''
+      <?php
+        define('PHP_EXECUTABLE', '${php}/bin/php');
+        define('LOCK_DIRECTORY', 'lock');
+        define('CACHE_DIR', 'cache');
+        define('ICONS_DIR', 'feed-icons');
+        define('ICONS_URL', 'feed-icons');
+        define('SELF_URL_PATH', 'https://tools.immae.eu/ttrss/');
+        define('MYSQL_CHARSET', 'UTF8');
+        define('DB_TYPE', 'pgsql');
+        define('DB_HOST', 'db-1.immae.eu');
+        define('DB_USER', 'ttrss');
+        define('DB_NAME', 'ttrss');
+        define('DB_PASS', '${builtins.getEnv "NIXOPS_TTRSS_DB_PASSWORD"}');
+        define('DB_PORT', '5432');
+        define('AUTH_AUTO_CREATE', true);
+        define('AUTH_AUTO_LOGIN', true);
+        define('SINGLE_USER_MODE', false);
+        define('SIMPLE_UPDATE_MODE', false);
+        define('CHECK_FOR_UPDATES', true);
+        define('FORCE_ARTICLE_PURGE', 0);
+        define('SESSION_COOKIE_LIFETIME', 60*60*24*120);
+        define('ENABLE_GZIP_OUTPUT', false);
+        define('PLUGINS', 'auth_ldap, note, instances');
+        define('LOG_DESTINATION', ''');
+        define('CONFIG_VERSION', 26);
+        define('SPHINX_SERVER', 'localhost:9312');
+        define('SPHINX_INDEX', 'ttrss, delta');
+        define('ENABLE_REGISTRATION', false);
+        define('REG_NOTIFY_ADDRESS', 'outils@immae.eu');
+        define('REG_MAX_USERS', 10);
+        define('SMTP_SERVER', 'mail.immae.eu:25');
+        define('SMTP_LOGIN', ''');
+        define('SMTP_PASSWORD', ''');
+        define('SMTP_SECURE', 'tls');
+        define('SMTP_FROM_NAME', 'Tiny Tiny RSS');
+        define('SMTP_FROM_ADDRESS', 'outils@immae.eu');
+        define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours');
+        define('LDAP_AUTH_SERVER_URI', 'ldap://ldap.immae.eu:389/');
+        define('LDAP_AUTH_USETLS', TRUE);
+        define('LDAP_AUTH_ALLOW_UNTRUSTED_CERT', TRUE);
+        define('LDAP_AUTH_BASEDN', 'dc=immae,dc=eu');
+        define('LDAP_AUTH_ANONYMOUSBEFOREBIND', FALSE);
+        define('LDAP_AUTH_SEARCHFILTER', '(&(memberOf=cn=users,cn=ttrss,ou=services,dc=immae,dc=eu)(|(cn=???)(uid=???)(&(uid:dn:=???)(ou=ttrss))))');
+        define('LDAP_AUTH_BINDDN', 'cn=ttrss,ou=services,dc=immae,dc=eu');
+        define('LDAP_AUTH_BINDPW', '${builtins.getEnv "NIXOPS_TTRSS_LDAP_PASSWORD"}');
+        define('LDAP_AUTH_LOGIN_ATTRIB', 'immaeTtrssLogin');
+        define('LDAP_AUTH_LOG_ATTEMPTS', FALSE);
+        define('LDAP_AUTH_DEBUG', FALSE);
+      '';
+    webRoot = stdenv.mkDerivation (fetchedGit ./tt-rss.json // rec {
+      buildPhase = ''
+        rm -rf lock feed-icons cache
+        ln -sf ../../../../../${varDir}/{lock,feed-icons,cache} .
+      '';
+      installPhase = ''
+        cp -a . $out
+        ln -s ${config} $out/config.php
+        ${builtins.concatStringsSep "\n" (
+          lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/plugins/${name}") plugins
+        )}
+      '';
+    });
+    apache = {
+      user = "wwwrun";
+      group = "wwwrun";
+      modules = [ "proxy_fcgi" ];
+      vhostConf = ''
+        Alias /ttrss "${webRoot}"
+        <Directory "${webRoot}">
+          DirectoryIndex index.php
+          <FilesMatch "\.php$">
+            SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+          </FilesMatch>
+          AllowOverride All
+          Options FollowSymlinks
+          Require all granted
+        </Directory>
+        '';
+    };
+    phpFpm = rec {
+      basedir = builtins.concatStringsSep ":" (
+        [ webRoot config varDir ]
+        ++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
+      socket = "/var/run/phpfpm/ttrss.sock";
+      pool = ''
+        listen = ${socket}
+        user = ${apache.user}
+        group = ${apache.group}
+        listen.owner = ${apache.user}
+        listen.group = ${apache.group}
+        pm = ondemand
+        pm.max_children = 60
+        pm.process_idle_timeout = 60
+        ; Needed to avoid clashes in browser cookies (same domain)
+        php_value[session.name] = TtrssPHPSESSID
+        php_admin_value[open_basedir] = "${basedir}:/tmp"
+        php_admin_value[session.save_path] = "${varDir}/phpSessions"
+        '';
+    };
+  };
+in 
+  ttrss

diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix index 6237e06..2152aff 100644 --- a/virtual/eldiron.nix +++ b/virtual/eldiron.nix
@@ -8,7 +8,7 @@
8	with import ../libs.nix;	8	with import ../libs.nix;
9	let	9	let
10	mypkgs = pkgs.callPackage ./packages.nix {	10	mypkgs = pkgs.callPackage ./packages.nix {
11	inherit checkEnv fetchedGitPrivate fetchedGithub;	11	inherit checkEnv fetchedGit fetchedGitPrivate fetchedGithub;
12	};	12	};
13	in	13	in
14	{	14	{
@@ -255,6 +255,7 @@
255	aten_prod = mypkgs.aten_prod.phpFpm.pool;	255	aten_prod = mypkgs.aten_prod.phpFpm.pool;
256	nextcloud = mypkgs.nextcloud.phpFpm.pool;	256	nextcloud = mypkgs.nextcloud.phpFpm.pool;
257	mantisbt = mypkgs.mantisbt.phpFpm.pool;	257	mantisbt = mypkgs.mantisbt.phpFpm.pool;
		258	ttrss = mypkgs.ttrss.phpFpm.pool;
258	};	259	};
259	};	260	};
260		261
@@ -270,11 +271,13 @@
270	aten_dev = mypkgs.aten_dev.activationScript;	271	aten_dev = mypkgs.aten_dev.activationScript;
271	aten_prod = mypkgs.aten_prod.activationScript;	272	aten_prod = mypkgs.aten_prod.activationScript;
272	nextcloud = mypkgs.nextcloud.activationScript;	273	nextcloud = mypkgs.nextcloud.activationScript;
		274	ttrss = mypkgs.ttrss.activationScript;
273	httpd = ''	275	httpd = ''
274	install -d -m 0755 /var/lib/acme/acme-challenge	276	install -d -m 0755 /var/lib/acme/acme-challenge
275	install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions	277	install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions
276	install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer	278	install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/adminer
277	install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt	279	install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/mantisbt
		280	install -d -m 0750 -o wwwrun -g wwwrun /var/lib/php/sessions/ttrss
278	'';	281	'';
279	redis = ''	282	redis = ''
280	mkdir -p /run/redis	283	mkdir -p /run/redis
@@ -428,6 +431,7 @@
428	mypkgs.ympd.apache.modules ++	431	mypkgs.ympd.apache.modules ++
429	mypkgs.git.web.apache.modules ++	432	mypkgs.git.web.apache.modules ++
430	mypkgs.mantisbt.apache.modules ++	433	mypkgs.mantisbt.apache.modules ++
		434	mypkgs.ttrss.apache.modules ++
431	pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++	435	pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++
432	[ "macro" ]);	436	[ "macro" ]);
433	extraConfig = builtins.concatStringsSep "\n"	437	extraConfig = builtins.concatStringsSep "\n"
@@ -453,6 +457,7 @@
453	extraConfig = builtins.concatStringsSep "\n" [	457	extraConfig = builtins.concatStringsSep "\n" [
454	mypkgs.adminer.apache.vhostConf	458	mypkgs.adminer.apache.vhostConf
455	mypkgs.ympd.apache.vhostConf	459	mypkgs.ympd.apache.vhostConf
		460	mypkgs.ttrss.apache.vhostConf
456	];	461	];
457	})	462	})
458	(withConf "eldiron" // {	463	(withConf "eldiron" // {
@@ -652,5 +657,20 @@
652	"5 0 * * * root ${stats "osteopathe-cc.fr" ./packages/chloe_goaccess.conf}"	657	"5 0 * * * root ${stats "osteopathe-cc.fr" ./packages/chloe_goaccess.conf}"
653	];	658	];
654	};	659	};
		660
		661	systemd.services.tt-rss = {
		662	description = "Tiny Tiny RSS feeds update daemon";
		663	serviceConfig = {
		664	User = "wwwrun";
		665	ExecStart = "${pkgs.php}/bin/php ${mypkgs.ttrss.webRoot}/update.php --daemon";
		666	StandardOutput = "syslog";
		667	StandardError = "syslog";
		668	PermissionsStartOnly = true;
		669	};
		670
		671	wantedBy = [ "multi-user.target" ];
		672	requires = ["postgresql.service"];
		673	after = ["network.target" "postgresql.service"];
		674	};
655	};	675	};
656	}	676	}


diff --git a/virtual/packages.nix b/virtual/packages.nix index 88b4717..ee5dc15 100644 --- a/virtual/packages.nix +++ b/virtual/packages.nix
@@ -1,4 +1,4 @@
1	{ callPackage, checkEnv, fetchedGitPrivate, fetchedGithub }:	1	{ callPackage, checkEnv, fetchedGit, fetchedGitPrivate, fetchedGithub }:
2	let	2	let
3	connexionswing = callPackage ./packages/connexionswing.nix { inherit checkEnv fetchedGitPrivate; };	3	connexionswing = callPackage ./packages/connexionswing.nix { inherit checkEnv fetchedGitPrivate; };
4	ludivinecassal = callPackage ./packages/ludivinecassal.nix { inherit checkEnv fetchedGitPrivate; };	4	ludivinecassal = callPackage ./packages/ludivinecassal.nix { inherit checkEnv fetchedGitPrivate; };
@@ -10,6 +10,7 @@ let
10	ympd = callPackage ./packages/ympd.nix {};	10	ympd = callPackage ./packages/ympd.nix {};
11	gitweb = callPackage ./packages/gitweb.nix {};	11	gitweb = callPackage ./packages/gitweb.nix {};
12	mantisbt = callPackage ./packages/mantisbt.nix { inherit checkEnv fetchedGithub; };	12	mantisbt = callPackage ./packages/mantisbt.nix { inherit checkEnv fetchedGithub; };
		13	ttrss = callPackage ./packages/ttrss.nix { inherit checkEnv fetchedGithub fetchedGit; };
13	in	14	in
14	{	15	{
15	inherit adminer;	16	inherit adminer;
@@ -26,6 +27,7 @@ in
26	chloe_prod = chloe { environment = "prod"; };	27	chloe_prod = chloe { environment = "prod"; };
27	inherit nextcloud;	28	inherit nextcloud;
28	inherit mantisbt;	29	inherit mantisbt;
		30	inherit ttrss;
29	# FIXME: add buildbot	31	# FIXME: add buildbot
30	git = { web = gitweb; };	32	git = { web = gitweb; };
31	}	33	}


diff --git a/virtual/packages/tt-rss.json b/virtual/packages/tt-rss.json new file mode 100644 index 0000000..e2731b0 --- /dev/null +++ b/virtual/packages/tt-rss.json
@@ -0,0 +1,14 @@
		1	{
		2	"tag": "986ca25-master",
		3	"meta": {
		4	"name": "tt-rss",
		5	"url": "https://git.tt-rss.org/fox/tt-rss.git",
		6	"branch": "master"
		7	},
		8	"git": {
		9	"url": "https://git.tt-rss.org/fox/tt-rss.git",
		10	"rev": "986ca251f995f7754a0470d3e0c44538a545081f",
		11	"sha256": "0xkafkh7l9zazm5d6snlq03kdfxfhkb4c8fdsb32wn8b9bhdzf5s",
		12	"fetchSubmodules": true
		13	}
		14	}


diff --git a/virtual/packages/ttrss-af-feedmod_type_replace.patch b/virtual/packages/ttrss-af-feedmod_type_replace.patch new file mode 100644 index 0000000..d622577 --- /dev/null +++ b/virtual/packages/ttrss-af-feedmod_type_replace.patch
@@ -0,0 +1,12 @@
		1	--- a/init.php 2014-06-16 14:21:06.995480038 +0200
		2	+++ b/init.php 2014-06-16 14:22:00.151027654 +0200
		3	@@ -147,6 +147,9 @@
		4	}
		5	}
		6	break;
		7	+ case 'replace':
		8	+ $article['content'] = preg_replace("/".$config['pattern']."/",$config['replacement'],$article['content']);
		9	+ break;
		10
		11	default:
		12	// unknown type or invalid config


diff --git a/virtual/packages/ttrss-af_feedmod.json b/virtual/packages/ttrss-af_feedmod.json new file mode 100644 index 0000000..e57fcce --- /dev/null +++ b/virtual/packages/ttrss-af_feedmod.json
@@ -0,0 +1,15 @@
		1	{
		2	"tag": "0ea2092-master",
		3	"meta": {
		4	"name": "ttrss-af_feedmod",
		5	"url": "https://github.com/mbirth/ttrss_plugin-af_feedmod",
		6	"branch": "master"
		7	},
		8	"github": {
		9	"owner": "mbirth",
		10	"repo": "ttrss_plugin-af_feedmod",
		11	"rev": "0ea2092dd34067ecd898802cfca3570023d1ecfe",
		12	"sha256": "02ibf47zcrsc2rr45wsix8gxyyf371davj8n8i0gj1zdq95klvnv",
		13	"fetchSubmodules": true
		14	}
		15	}


diff --git a/virtual/packages/ttrss-auth-ldap.json b/virtual/packages/ttrss-auth-ldap.json new file mode 100644 index 0000000..c8aaab5 --- /dev/null +++ b/virtual/packages/ttrss-auth-ldap.json
@@ -0,0 +1,15 @@
		1	{
		2	"tag": "4d751b0-master",
		3	"meta": {
		4	"name": "ttrss-auth-ldap",
		5	"url": "https://github.com/hydrian/TTRSS-Auth-LDAP",
		6	"branch": "master"
		7	},
		8	"github": {
		9	"owner": "hydrian",
		10	"repo": "TTRSS-Auth-LDAP",
		11	"rev": "4d751b095c29a8dbe2dc7bb07777742956136e94",
		12	"sha256": "0b9fl86acrzpcv41r7pj3bl8b3n72hpkdywzx9zjyfqv5pskxyim",
		13	"fetchSubmodules": true
		14	}
		15	}


diff --git a/virtual/packages/ttrss-feediron.json b/virtual/packages/ttrss-feediron.json new file mode 100644 index 0000000..5dbec92 --- /dev/null +++ b/virtual/packages/ttrss-feediron.json
@@ -0,0 +1,15 @@
		1	{
		2	"tag": "407168c-master",
		3	"meta": {
		4	"name": "ttrss-feediron",
		5	"url": "https://github.com/m42e/ttrss_plugin-feediron",
		6	"branch": "master"
		7	},
		8	"github": {
		9	"owner": "m42e",
		10	"repo": "ttrss_plugin-feediron",
		11	"rev": "407168c628880b5ced572cc549db6d50e866d3c8",
		12	"sha256": "17b95ifpcph6m03hjd1mhi8gi1hw9yd3fnffmw66fqr5c9l3zd9r",
		13	"fetchSubmodules": true
		14	}
		15	}


diff --git a/virtual/packages/ttrss-feediron_json_reformat.patch b/virtual/packages/ttrss-feediron_json_reformat.patch new file mode 100644 index 0000000..e1c44d9 --- /dev/null +++ b/virtual/packages/ttrss-feediron_json_reformat.patch
@@ -0,0 +1,18 @@
		1	diff --git a/init.php b/init.php
		2	index 3c0f2f9..1aad146 100644
		3	--- a/init.php
		4	+++ b/init.php
		5	@@ -600,10 +600,11 @@ class Feediron extends Plugin implements IHandler
		6	return false;
		7	}
		8
		9	- $this->host->set($this, 'json_conf', Feediron_Json::format($json_conf));
		10	+ $new_conf = json_encode(json_decode($json_conf), JSON_PRETTY_PRINT);
		11	+ $this->host->set($this, 'json_conf', $new_conf);
		12	$json_reply['success'] = true;
		13	$json_reply['message'] = __('Configuration saved.');
		14	- $json_reply['json_conf'] = Feediron_Json::format($json_conf);
		15	+ $json_reply['json_conf'] = $new_conf;
		16	echo json_encode($json_reply);
		17	}
		18


diff --git a/virtual/packages/ttrss-ff_instagram.json b/virtual/packages/ttrss-ff_instagram.json new file mode 100644 index 0000000..1f241b9 --- /dev/null +++ b/virtual/packages/ttrss-ff_instagram.json
@@ -0,0 +1,15 @@
		1	{
		2	"tag": "0366ffb-master",
		3	"meta": {
		4	"name": "ttrss-ff_instagram",
		5	"url": "https://github.com/wltb/ff_instagram",
		6	"branch": "master"
		7	},
		8	"github": {
		9	"owner": "wltb",
		10	"repo": "ff_instagram",
		11	"rev": "0366ffb18c4d490c8fbfba2f5f3367a5af23cfe8",
		12	"sha256": "0vvzl6wi6jmrqknsfddvckjgsgfizz1d923d1nyrpzjfn6bda1vk",
		13	"fetchSubmodules": true
		14	}
		15	}


diff --git a/virtual/packages/ttrss-tumblr_gdpr_ua.json b/virtual/packages/ttrss-tumblr_gdpr_ua.json new file mode 100644 index 0000000..eafbcfe --- /dev/null +++ b/virtual/packages/ttrss-tumblr_gdpr_ua.json
@@ -0,0 +1,15 @@
		1	{
		2	"tag": "287c584-master",
		3	"meta": {
		4	"name": "ttrss-tumblr_gdpr_ua",
		5	"url": "https://github.com/hkockerbeck/ttrss-tumblr-gdpr-ua",
		6	"branch": "master"
		7	},
		8	"github": {
		9	"owner": "hkockerbeck",
		10	"repo": "ttrss-tumblr-gdpr-ua",
		11	"rev": "287c584e68845d524f920156bff0b2eaa6f65117",
		12	"sha256": "1fviawgcclqky4k4xv1sqzvpb8i74w9f0pclm09m78s8l85wh9py",
		13	"fetchSubmodules": true
		14	}
		15	}


diff --git a/virtual/packages/ttrss.nix b/virtual/packages/ttrss.nix new file mode 100644 index 0000000..f7b0f61 --- /dev/null +++ b/virtual/packages/ttrss.nix
@@ -0,0 +1,182 @@
		1	{ lib, php, checkEnv, writeText, stdenv, fetchedGit, fetchedGithub }:
		2	let
		3	ttrss = let
		4	plugins = {
		5	auth_ldap = stdenv.mkDerivation (fetchedGithub ./ttrss-auth-ldap.json // rec {
		6	installPhase = ''
		7	mkdir $out
		8	cp plugins/auth_ldap/init.php $out
		9	'';
		10	});
		11	af_feedmod = stdenv.mkDerivation (fetchedGithub ./ttrss-af_feedmod.json // rec {
		12	patches = [ ./ttrss-af-feedmod_type_replace.patch ];
		13	installPhase = ''
		14	mkdir $out
		15	cp init.php $out
		16	'';
		17	});
		18	feediron = stdenv.mkDerivation (fetchedGithub ./ttrss-feediron.json // rec {
		19	patches = [ ./ttrss-feediron_json_reformat.patch ];
		20	installPhase = ''
		21	mkdir $out
		22	cp -a . $out
		23	'';
		24	});
		25	ff_instagram = stdenv.mkDerivation (fetchedGithub ./ttrss-ff_instagram.json // rec {
		26	installPhase = ''
		27	mkdir $out
		28	cp -a . $out
		29	'';
		30	});
		31	tumblr_gdpr_ua = stdenv.mkDerivation (fetchedGithub ./ttrss-tumblr_gdpr_ua.json // rec {
		32	installPhase = ''
		33	mkdir $out
		34	cp -a . $out
		35	'';
		36	});
		37	};
		38	in rec {
		39	varDir = "/var/lib/ttrss";
		40	# FIXME: initial sync
		41	activationScript = {
		42	deps = [ "wrappers" ];
		43	text = ''
		44	install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
		45	${varDir}/lock ${varDir}/cache ${varDir}/feed-icons
		46	install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}/cache/export/ \
		47	${varDir}/cache/feeds/ \
		48	${varDir}/cache/images/ \
		49	${varDir}/cache/js/ \
		50	${varDir}/cache/simplepie/ \
		51	${varDir}/cache/upload/
		52	touch ${varDir}/feed-icons/index.html
		53	install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
		54	'';
		55	};
		56	config =
		57	# FIXME: LOG_DESTINATION syslog?
		58	assert checkEnv "NIXOPS_TTRSS_DB_PASSWORD";
		59	assert checkEnv "NIXOPS_TTRSS_LDAP_PASSWORD";
		60	writeText "config.php" ''
		61	<?php
		62
		63	define('PHP_EXECUTABLE', '${php}/bin/php');
		64
		65	define('LOCK_DIRECTORY', 'lock');
		66	define('CACHE_DIR', 'cache');
		67	define('ICONS_DIR', 'feed-icons');
		68	define('ICONS_URL', 'feed-icons');
		69	define('SELF_URL_PATH', 'https://tools.immae.eu/ttrss/');
		70
		71	define('MYSQL_CHARSET', 'UTF8');
		72
		73	define('DB_TYPE', 'pgsql');
		74	define('DB_HOST', 'db-1.immae.eu');
		75	define('DB_USER', 'ttrss');
		76	define('DB_NAME', 'ttrss');
		77	define('DB_PASS', '${builtins.getEnv "NIXOPS_TTRSS_DB_PASSWORD"}');
		78	define('DB_PORT', '5432');
		79
		80	define('AUTH_AUTO_CREATE', true);
		81	define('AUTH_AUTO_LOGIN', true);
		82
		83	define('SINGLE_USER_MODE', false);
		84
		85	define('SIMPLE_UPDATE_MODE', false);
		86	define('CHECK_FOR_UPDATES', true);
		87
		88	define('FORCE_ARTICLE_PURGE', 0);
		89	define('SESSION_COOKIE_LIFETIME', 606024*120);
		90	define('ENABLE_GZIP_OUTPUT', false);
		91
		92	define('PLUGINS', 'auth_ldap, note, instances');
		93
		94	define('LOG_DESTINATION', ''');
		95	define('CONFIG_VERSION', 26);
		96
		97
		98	define('SPHINX_SERVER', 'localhost:9312');
		99	define('SPHINX_INDEX', 'ttrss, delta');
		100
		101	define('ENABLE_REGISTRATION', false);
		102	define('REG_NOTIFY_ADDRESS', 'outils@immae.eu');
		103	define('REG_MAX_USERS', 10);
		104
		105	define('SMTP_SERVER', 'mail.immae.eu:25');
		106	define('SMTP_LOGIN', ''');
		107	define('SMTP_PASSWORD', ''');
		108	define('SMTP_SECURE', 'tls');
		109
		110	define('SMTP_FROM_NAME', 'Tiny Tiny RSS');
		111	define('SMTP_FROM_ADDRESS', 'outils@immae.eu');
		112	define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours');
		113
		114	define('LDAP_AUTH_SERVER_URI', 'ldap://ldap.immae.eu:389/');
		115	define('LDAP_AUTH_USETLS', TRUE);
		116	define('LDAP_AUTH_ALLOW_UNTRUSTED_CERT', TRUE);
		117	define('LDAP_AUTH_BASEDN', 'dc=immae,dc=eu');
		118	define('LDAP_AUTH_ANONYMOUSBEFOREBIND', FALSE);
		119	define('LDAP_AUTH_SEARCHFILTER', '(&(memberOf=cn=users,cn=ttrss,ou=services,dc=immae,dc=eu)(\|(cn=???)(uid=???)(&(uid:dn:=???)(ou=ttrss))))');
		120
		121	define('LDAP_AUTH_BINDDN', 'cn=ttrss,ou=services,dc=immae,dc=eu');
		122	define('LDAP_AUTH_BINDPW', '${builtins.getEnv "NIXOPS_TTRSS_LDAP_PASSWORD"}');
		123	define('LDAP_AUTH_LOGIN_ATTRIB', 'immaeTtrssLogin');
		124
		125	define('LDAP_AUTH_LOG_ATTEMPTS', FALSE);
		126	define('LDAP_AUTH_DEBUG', FALSE);
		127	'';
		128	webRoot = stdenv.mkDerivation (fetchedGit ./tt-rss.json // rec {
		129	buildPhase = ''
		130	rm -rf lock feed-icons cache
		131	ln -sf ../../../../../${varDir}/{lock,feed-icons,cache} .
		132	'';
		133	installPhase = ''
		134	cp -a . $out
		135	ln -s ${config} $out/config.php
		136	${builtins.concatStringsSep "\n" (
		137	lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/plugins/${name}") plugins
		138	)}
		139	'';
		140	});
		141	apache = {
		142	user = "wwwrun";
		143	group = "wwwrun";
		144	modules = [ "proxy_fcgi" ];
		145	vhostConf = ''
		146	Alias /ttrss "${webRoot}"
		147	<Directory "${webRoot}">
		148	DirectoryIndex index.php
		149	<FilesMatch "\.php$">
		150	SetHandler "proxy:unix:${phpFpm.socket}\|fcgi://localhost"
		151	</FilesMatch>
		152
		153	AllowOverride All
		154	Options FollowSymlinks
		155	Require all granted
		156	</Directory>
		157	'';
		158	};
		159	phpFpm = rec {
		160	basedir = builtins.concatStringsSep ":" (
		161	[ webRoot config varDir ]
		162	++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
		163	socket = "/var/run/phpfpm/ttrss.sock";
		164	pool = ''
		165	listen = ${socket}
		166	user = ${apache.user}
		167	group = ${apache.group}
		168	listen.owner = ${apache.user}
		169	listen.group = ${apache.group}
		170	pm = ondemand
		171	pm.max_children = 60
		172	pm.process_idle_timeout = 60
		173
		174	; Needed to avoid clashes in browser cookies (same domain)
		175	php_value[session.name] = TtrssPHPSESSID
		176	php_admin_value[open_basedir] = "${basedir}:/tmp"
		177	php_admin_value[session.save_path] = "${varDir}/phpSessions"
		178	'';
		179	};
		180	};
		181	in
		182	ttrss