10 files changed, 317 insertions, 0 deletions
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index f70c92c..e893b3a 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -126,6 +126,7 @@
        connexionswing_dev = mypkgs.connexionswing_dev.phpFpm.pool;
        connexionswing_prod = mypkgs.connexionswing_prod.phpFpm.pool;
        nextcloud = mypkgs.nextcloud.phpFpm.pool;
+        mantisbt = mypkgs.mantisbt.phpFpm.pool;
      };
    };
@@ -259,6 +260,7 @@
        mypkgs.connexionswing_prod.apache.modules ++
        mypkgs.ympd.apache.modules ++
        mypkgs.git.web.apache.modules ++
+        mypkgs.mantisbt.apache.modules ++
        pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++
        [ "macro" ]);
      extraConfig = builtins.concatStringsSep "\n"
@@ -312,6 +314,7 @@
          documentRoot = mypkgs.git.web.webRoot;
          extraConfig = builtins.concatStringsSep "\n" [
            mypkgs.git.web.apache.vhostConf
+            mypkgs.mantisbt.apache.vhostConf
          ] + ''
            RewriteEngine on
            RewriteCond %{REQUEST_URI}       ^/releases
@@ -416,6 +419,7 @@
      authentication = ''
        local   all     postgres                                ident
        local   all     all                                     md5
+        host    all     all             samehost                md5
        host    all     all             178.33.252.96/32        md5
        host    all     all             188.165.209.148/32      md5
        #host   all     all             all                     pam
diff --git a/virtual/packages.nix b/virtual/packages.nix
index d9656f7..b66ebb2 100644
--- a/virtual/packages.nix
+++ b/virtual/packages.nix
@@ -6,6 +6,7 @@ let
  adminer = import ./packages/adminer.nix;
  ympd = import ./packages/ympd.nix;
  gitweb = import ./packages/gitweb.nix;
+  mantisbt = import ./packages/mantisbt.nix;
 in
  {
    inherit adminer;
@@ -13,5 +14,6 @@ in
    connexionswing_dev  = connexionswing { environment = "dev"; };
    connexionswing_prod = connexionswing { environment = "prod"; };
    inherit nextcloud;
+    inherit mantisbt;
    git = { web = gitweb; };
  }
diff --git a/virtual/packages/mantisbt-patches/bug_report.php.diff b/virtual/packages/mantisbt-patches/bug_report.php.diff
new file mode 100644
index 0000000..a520043
--- /dev/null
+++ b/virtual/packages/mantisbt-patches/bug_report.php.diff
@@ -0,0 +1,20 @@
+--- a/bug_report.php    2018-02-10 21:29:27.000000000 +0100
+++ b/bug_report.php    2018-03-03 15:04:19.622499678 +0100
+@@ -149,6 +149,17 @@
+        access_ensure_project_level( config_get( 'update_bug_assign_threshold' ) );
+ }
+ 
+# begin captcha check for anon user
+if ( current_user_is_anonymous() && get_gd_version() > 0 ) {
+  $f_captcha = gpc_get_string( 'captcha', '' );
+  $f_captcha = utf8_strtolower( trim( $f_captcha ) );
+
+  $t_securimage = new Securimage();
+  if( $t_securimage->check( $f_captcha ) == false ) {
+    trigger_error( ERROR_SIGNUP_NOT_MATCHING_CAPTCHA, ERROR );
+  }
+}
+
+ # if a profile was selected then let's use that information
+ if( 0 != $t_bug_data->profile_id ) {
+        if( profile_is_global( $t_bug_data->profile_id ) ) {
diff --git a/virtual/packages/mantisbt-patches/bug_report_page.php.diff b/virtual/packages/mantisbt-patches/bug_report_page.php.diff
new file mode 100644
index 0000000..80dea91
--- /dev/null
+++ b/virtual/packages/mantisbt-patches/bug_report_page.php.diff
@@ -0,0 +1,53 @@
+--- a/bug_report_page.php       2018-02-10 21:29:27.000000000 +0100
+++ b/bug_report_page.php       2018-03-03 15:04:19.622499678 +0100
+@@ -708,7 +708,50 @@
+                                <span class="lbl padding-6"><?php echo lang_get( 'check_report_more_bugs' ) ?></span>
+                        </label>
+                </td>
+        </tr>
+<?php
+       # captcha image requires GD library and related option to ON
+       if( current_user_is_anonymous() && get_gd_version() > 0 ) {
+               $t_securimage_path = 'vendor/dapphp/securimage';
+               $t_securimage_show = $t_securimage_path . '/securimage_show.php';
+               $t_securimage_play = $t_securimage_path . '/securimage_play.swf?'
+                       . http_build_query( array(
+                               'audio_file' => $t_securimage_path . '/securimage_play.php',
+                               'bgColor1=' => '#fff',
+                               'bgColor2=' => '#fff',
+                               'iconColor=' => '#777',
+                               'borderWidth=' => 1,
+                               'borderColor=' => '#000',
+                       ) );
+?>
+       <tr>
+               <th class="category">CAPTCHA</th>
+               <td>
+
+                               <label for="captcha-field" class="block clearfix">
+                                       <strong><?php echo lang_get( 'signup_captcha_request_label' ); ?></strong>
+                               </label>
+                               <span id="captcha-input" class="input">
+                                       <?php print_captcha_input( 'captcha' ); ?>
+
+                                       <span id="captcha-image" class="captcha-image" style="padding-right:3px;">
+                                               <img src="<?php echo $t_securimage_show; ?>" alt="visual captcha" />
+                                               <ul id="captcha-refresh"><li><a href="#"><?php
+                                                       echo lang_get( 'signup_captcha_refresh' );
+                                               ?></a></li></ul>
+                                       </span>
+
+                                       <object type="application/x-shockwave-flash" width="19" height="19"
+                                               data="<?php echo $t_securimage_play; ?>">
+                                               <param name="movie" value="<?php echo $t_securimage_play; ?>" />
+                                       </object>
+                               </span>
+                </td>
+        </tr>
+<?php
+                       }
+?>
+
+ </table>
+ </div>
+ </div>
diff --git a/virtual/packages/mantisbt-patches/bugnote_add.php.diff b/virtual/packages/mantisbt-patches/bugnote_add.php.diff
new file mode 100644
index 0000000..4509f0a
--- /dev/null
+++ b/virtual/packages/mantisbt-patches/bugnote_add.php.diff
@@ -0,0 +1,20 @@
+--- a/bugnote_add.php   2018-02-10 21:29:27.000000000 +0100
+++ b/bugnote_add.php   2018-03-03 15:13:12.439919511 +0100
+@@ -44,6 +44,17 @@
+ 
+ $t_query = array( 'issue_id' => $f_bug_id );
+ 
+# begin captcha check for anon user
+if ( current_user_is_anonymous() && get_gd_version() > 0 ) {
+  $f_captcha = gpc_get_string( 'captcha', '' );
+  $f_captcha = utf8_strtolower( trim( $f_captcha ) );
+
+  $t_securimage = new Securimage();
+  if( $t_securimage->check( $f_captcha ) == false ) {
+    trigger_error( ERROR_SIGNUP_NOT_MATCHING_CAPTCHA, ERROR );
+  }
+}
+
+ if( count( $f_files ) > 0 && is_blank( $f_text ) && helper_duration_to_minutes( $f_duration ) == 0 ) {
+        $t_payload = array(
+                'files' => helper_array_transpose( $f_files )
diff --git a/virtual/packages/mantisbt-patches/bugnote_add_inc.php.diff b/virtual/packages/mantisbt-patches/bugnote_add_inc.php.diff
new file mode 100644
index 0000000..a8589c7
--- /dev/null
+++ b/virtual/packages/mantisbt-patches/bugnote_add_inc.php.diff
@@ -0,0 +1,52 @@
+--- a/bugnote_add_inc.php       2018-02-10 21:29:27.000000000 +0100
+++ b/bugnote_add_inc.php       2018-03-03 15:14:27.332428557 +0100
+@@ -119,6 +119,49 @@
+                                        <textarea name="bugnote_text" id="bugnote_text" class="<?php echo $t_bugnote_class ?>" rows="7"></textarea>
+                                </td>
+                        </tr>
+<?php
+       # captcha image requires GD library and related option to ON
+       if( current_user_is_anonymous() && get_gd_version() > 0 ) {
+               $t_securimage_path = 'vendor/dapphp/securimage';
+               $t_securimage_show = $t_securimage_path . '/securimage_show.php';
+               $t_securimage_play = $t_securimage_path . '/securimage_play.swf?'
+                       . http_build_query( array(
+                               'audio_file' => $t_securimage_path . '/securimage_play.php',
+                               'bgColor1=' => '#fff',
+                               'bgColor2=' => '#fff',
+                               'iconColor=' => '#777',
+                               'borderWidth=' => 1,
+                               'borderColor=' => '#000',
+                       ) );
+?>
+       <tr>
+               <th class="category">CAPTCHA</th>
+               <td>
+
+                               <label for="captcha-field" class="block clearfix">
+                                       <strong><?php echo lang_get( 'signup_captcha_request_label' ); ?></strong>
+                               </label>
+                               <span id="captcha-input" class="input">
+                                       <?php print_captcha_input( 'captcha' ); ?>
+
+                                       <span id="captcha-image" class="captcha-image" style="padding-right:3px;">
+                                               <img src="<?php echo $t_securimage_show; ?>" alt="visual captcha" />
+                                               <ul id="captcha-refresh"><li><a href="#"><?php
+                                                       echo lang_get( 'signup_captcha_refresh' );
+                                               ?></a></li></ul>
+                                       </span>
+
+                                       <object type="application/x-shockwave-flash" width="19" height="19"
+                                               data="<?php echo $t_securimage_play; ?>">
+                                               <param name="movie" value="<?php echo $t_securimage_play; ?>" />
+                                       </object>
+                               </span>
+                </td>
+        </tr>
+<?php
+                       }
+?>
+
+ 
+ <?php
+        if( config_get( 'time_tracking_enabled' ) ) {
diff --git a/virtual/packages/mantisbt-plugin-slack.json b/virtual/packages/mantisbt-plugin-slack.json
new file mode 100644
index 0000000..54ea38b
--- /dev/null
+++ b/virtual/packages/mantisbt-plugin-slack.json
@@ -0,0 +1,15 @@
+{
+  "tag": "9286d2e-master",
+  "meta": {
+    "name": "mantisbt-plugin-slack",
+    "url": "https://github.com/mantisbt-plugins/Slack",
+    "branch": "master"
+  },
+  "github": {
+    "owner": "mantisbt-plugins",
+    "repo": "Slack",
+    "rev": "9286d2eeeb8a986ed949e378711fef5f0bf182dc",
+    "sha256": "0nn0v4jc967giilkzrppi5svd04m2hnals75xxp0iabcdjnih0mn",
+    "fetchSubmodules": true
+  }
+}
diff --git a/virtual/packages/mantisbt-plugin-source-integration.json b/virtual/packages/mantisbt-plugin-source-integration.json
new file mode 100644
index 0000000..e36a68c
--- /dev/null
+++ b/virtual/packages/mantisbt-plugin-source-integration.json
@@ -0,0 +1,15 @@
+{
+  "tag": "v2.1.5",
+  "meta": {
+    "name": "mantisbt-plugin-source-integration",
+    "url": "https://github.com/mantisbt-plugins/source-integration",
+    "branch": "refs/tags/v2.1.5"
+  },
+  "github": {
+    "owner": "mantisbt-plugins",
+    "repo": "source-integration",
+    "rev": "a48039a20abc50864e0e68c0c843b27058404386",
+    "sha256": "07g6q3hivmnd94r47pp0snk5bv4pa3piwclc9qhj612i4wnsazsk",
+    "fetchSubmodules": true
+  }
+}
diff --git a/virtual/packages/mantisbt-plugin-source-integration_Source.API.php.diff b/virtual/packages/mantisbt-plugin-source-integration_Source.API.php.diff
new file mode 100644
index 0000000..c355144
--- /dev/null
+++ b/virtual/packages/mantisbt-plugin-source-integration_Source.API.php.diff
@@ -0,0 +1,12 @@
+--- b/Source/Source.API.php     2017-09-18 00:50:32.000000000 +0200
+++ a/Source/Source.API.php     2018-03-04 19:00:25.578889039 +0100
+@@ -452,6 +452,9 @@
+        # Allow other plugins to post-process commit data
+        event_signal( 'EVENT_SOURCE_COMMITS', array( $p_changesets ) );
+        event_signal( 'EVENT_SOURCE_FIXED', array( $t_fixed_bugs ) );
+       foreach( $t_fixed_bugs as $t_bug_id => $t_changeset ) {
+          event_signal( 'EVENT_BUG_ACTION', array('RESOLVE', $t_bug_id) );
+        }
+ }
+ 
+ /**
diff --git a/virtual/packages/mantisbt.nix b/virtual/packages/mantisbt.nix
new file mode 100644
index 0000000..f136ea5
--- /dev/null
+++ b/virtual/packages/mantisbt.nix
@@ -0,0 +1,124 @@
+with import ../../libs.nix;
+with nixpkgs_unstable;
+let
+  # FIXME: check that source-integration and slack still work
+  mantisbt = let
+    plugins = {
+      slack = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-slack.json // rec {
+        installPhase = ''
+          sed -i -e "s/return '@' . \\\$username;/return \\\$username;/" Slack.php
+          cp -a . $out
+          '';
+      });
+      source-integration = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-source-integration.json // rec {
+        installPhase = ''
+          mkdir $out
+          patch -p1 < ${./mantisbt-plugin-source-integration_Source.API.php.diff}
+          cp -a Source* $out/
+        '';
+      });
+    };
+  in rec {
+    config = 
+      assert checkEnv "NIXOPS_MANTISBT_DB_PASSWORD";
+      assert checkEnv "NIXOPS_MANTISBT_MASTER_SALT";
+      assert checkEnv "NIXOPS_MANTISBT_LDAP_PASSWORD";
+      pkgs.writeText "config_inc.php" ''
+      <?php
+      $g_hostname              = 'db-1.immae.eu';
+      $g_db_username           = 'mantisbt';
+      $g_db_password           = '${builtins.getEnv "NIXOPS_MANTISBT_DB_PASSWORD"}';
+      $g_database_name         = 'mantisbt';
+      $g_db_type               = 'pgsql';
+      $g_crypto_master_salt    = '${builtins.getEnv "NIXOPS_MANTISBT_MASTER_SALT"}';
+      $g_allow_signup          = OFF;
+      $g_allow_anonymous_login = ON;
+      $g_anonymous_account     = 'anonymous';
+      $g_phpMailer_method       = PHPMAILER_METHOD_SMTP;
+      $g_smtp_host              = 'mail.immae.eu';
+      $g_smtp_username          = ''';
+      $g_smtp_password          = ''';
+      $g_webmaster_email        = 'webmaster@immae.eu';
+      $g_from_email             = 'noreply@immae.eu';
+      $g_return_path_email      = 'webmaster@immae.eu';
+      $g_from_name              = 'Mantis Bug Tracker at immae.eu';
+      $g_email_receive_own      = OFF;
+      # --- LDAP ---
+      $g_login_method = LDAP;
+      $g_ldap_protocol_version = 3;
+      $g_ldap_server = 'ldaps://ldap.immae.eu:636';
+      $g_ldap_root_dn = 'ou=users,dc=immae,dc=eu';
+      $g_ldap_bind_dn = 'cn=mantisbt,ou=services,dc=immae,dc=eu';
+      $g_ldap_bind_passwd = '${builtins.getEnv "NIXOPS_MANTISBT_LDAP_PASSWORD"}';
+      $g_use_ldap_email = ON;
+      $g_use_ldap_realname = ON;
+      $g_ldap_uid_field = 'uid'; 
+      $g_ldap_realname_field = 'cn';
+      $g_ldap_organization = '(memberOf=cn=users,cn=mantisbt,ou=services,dc=immae,dc=eu)';
+      '';
+    webRoot = stdenv.mkDerivation rec {
+      name = "mantisbt-${version}";
+      version = "2.11.1";
+      src = fetchurl {
+        url = "https://downloads.sourceforge.net/project/mantisbt/mantis-stable/${version}/${name}.tar.gz";
+        sha256 = "0jnrqz6r2hf53v0k1lh3il7hlfiphn61r9wgg6mzyywkjxwq07md";
+      };
+      patches = [
+        ./mantisbt-patches/bug_report.php.diff
+        ./mantisbt-patches/bug_report_page.php.diff
+        ./mantisbt-patches/bugnote_add.php.diff
+        ./mantisbt-patches/bugnote_add_inc.php.diff
+        ];
+      installPhase = ''
+        cp -a . $out
+        ln -s ${config} $out/config/config_inc.php
+        ln -s ${plugins.slack} $out/plugins/Slack
+        ln -s ${plugins.source-integration}/Source* $out/plugins/
+      '';
+    };
+    apache = {
+      user = "wwwrun";
+      group = "wwwrun";
+      modules = [ "proxy_fcgi" ];
+      vhostConf = ''
+        Alias /mantisbt "${webRoot}"
+        <Directory "${webRoot}">
+          DirectoryIndex index.php
+          <FilesMatch "\.php$">
+            SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+          </FilesMatch>
+          AllowOverride All
+          Options FollowSymlinks
+          Require all granted
+        </Directory>
+        <Directory "${webRoot}/admin">
+          #Reenable during upgrade
+          Require all denied
+        </Directory>
+        '';
+    };
+    phpFpm = rec {
+      basedir = builtins.concatStringsSep ":" (
+        [ webRoot config ]
+        ++ pkgs.lib.attrsets.mapAttrsToList (name: value: value) plugins);
+      socket = "/var/run/phpfpm/mantisbt.sock";
+      pool = ''
+        listen = ${socket}
+        user = ${apache.user}
+        group = ${apache.group}
+        listen.owner = ${apache.user}
+        listen.group = ${apache.group}
+        pm = ondemand
+        pm.max_children = 60
+        pm.process_idle_timeout = 60
+        php_admin_value[upload_max_filesize] = 5000000
+        php_admin_value[open_basedir] = "${basedir}:/tmp"
+        '';
+    };
+  };
+in 
+  mantisbt

diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix index f70c92c..e893b3a 100644 --- a/virtual/eldiron.nix +++ b/virtual/eldiron.nix
@@ -126,6 +126,7 @@
126	connexionswing_dev = mypkgs.connexionswing_dev.phpFpm.pool;	126	connexionswing_dev = mypkgs.connexionswing_dev.phpFpm.pool;
127	connexionswing_prod = mypkgs.connexionswing_prod.phpFpm.pool;	127	connexionswing_prod = mypkgs.connexionswing_prod.phpFpm.pool;
128	nextcloud = mypkgs.nextcloud.phpFpm.pool;	128	nextcloud = mypkgs.nextcloud.phpFpm.pool;
		129	mantisbt = mypkgs.mantisbt.phpFpm.pool;
129	};	130	};
130	};	131	};
131		132
@@ -259,6 +260,7 @@
259	mypkgs.connexionswing_prod.apache.modules ++	260	mypkgs.connexionswing_prod.apache.modules ++
260	mypkgs.ympd.apache.modules ++	261	mypkgs.ympd.apache.modules ++
261	mypkgs.git.web.apache.modules ++	262	mypkgs.git.web.apache.modules ++
		263	mypkgs.mantisbt.apache.modules ++
262	pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++	264	pkgs.lib.lists.flatten (pkgs.lib.attrsets.mapAttrsToList (n: v: v.modules) apacheConfig) ++
263	[ "macro" ]);	265	[ "macro" ]);
264	extraConfig = builtins.concatStringsSep "\n"	266	extraConfig = builtins.concatStringsSep "\n"
@@ -312,6 +314,7 @@
312	documentRoot = mypkgs.git.web.webRoot;	314	documentRoot = mypkgs.git.web.webRoot;
313	extraConfig = builtins.concatStringsSep "\n" [	315	extraConfig = builtins.concatStringsSep "\n" [
314	mypkgs.git.web.apache.vhostConf	316	mypkgs.git.web.apache.vhostConf
		317	mypkgs.mantisbt.apache.vhostConf
315	] + ''	318	] + ''
316	RewriteEngine on	319	RewriteEngine on
317	RewriteCond %{REQUEST_URI} ^/releases	320	RewriteCond %{REQUEST_URI} ^/releases
@@ -416,6 +419,7 @@
416	authentication = ''	419	authentication = ''
417	local all postgres ident	420	local all postgres ident
418	local all all md5	421	local all all md5
		422	host all all samehost md5
419	host all all 178.33.252.96/32 md5	423	host all all 178.33.252.96/32 md5
420	host all all 188.165.209.148/32 md5	424	host all all 188.165.209.148/32 md5
421	#host all all all pam	425	#host all all all pam


diff --git a/virtual/packages.nix b/virtual/packages.nix index d9656f7..b66ebb2 100644 --- a/virtual/packages.nix +++ b/virtual/packages.nix
@@ -6,6 +6,7 @@ let
6	adminer = import ./packages/adminer.nix;	6	adminer = import ./packages/adminer.nix;
7	ympd = import ./packages/ympd.nix;	7	ympd = import ./packages/ympd.nix;
8	gitweb = import ./packages/gitweb.nix;	8	gitweb = import ./packages/gitweb.nix;
		9	mantisbt = import ./packages/mantisbt.nix;
9	in	10	in
10	{	11	{
11	inherit adminer;	12	inherit adminer;
@@ -13,5 +14,6 @@ in
13	connexionswing_dev = connexionswing { environment = "dev"; };	14	connexionswing_dev = connexionswing { environment = "dev"; };
14	connexionswing_prod = connexionswing { environment = "prod"; };	15	connexionswing_prod = connexionswing { environment = "prod"; };
15	inherit nextcloud;	16	inherit nextcloud;
		17	inherit mantisbt;
16	git = { web = gitweb; };	18	git = { web = gitweb; };
17	}	19	}


diff --git a/virtual/packages/mantisbt-patches/bug_report.php.diff b/virtual/packages/mantisbt-patches/bug_report.php.diff new file mode 100644 index 0000000..a520043 --- /dev/null +++ b/virtual/packages/mantisbt-patches/bug_report.php.diff
@@ -0,0 +1,20 @@
		1	--- a/bug_report.php 2018-02-10 21:29:27.000000000 +0100
		2	+++ b/bug_report.php 2018-03-03 15:04:19.622499678 +0100
		3	@@ -149,6 +149,17 @@
		4	access_ensure_project_level( config_get( 'update_bug_assign_threshold' ) );
		5	}
		6
		7	+# begin captcha check for anon user
		8	+if ( current_user_is_anonymous() && get_gd_version() > 0 ) {
		9	+ $f_captcha = gpc_get_string( 'captcha', '' );
		10	+ $f_captcha = utf8_strtolower( trim( $f_captcha ) );
		11	+
		12	+ $t_securimage = new Securimage();
		13	+ if( $t_securimage->check( $f_captcha ) == false ) {
		14	+ trigger_error( ERROR_SIGNUP_NOT_MATCHING_CAPTCHA, ERROR );
		15	+ }
		16	+}
		17	+
		18	# if a profile was selected then let's use that information
		19	if( 0 != $t_bug_data->profile_id ) {
		20	if( profile_is_global( $t_bug_data->profile_id ) ) {


diff --git a/virtual/packages/mantisbt-patches/bug_report_page.php.diff b/virtual/packages/mantisbt-patches/bug_report_page.php.diff new file mode 100644 index 0000000..80dea91 --- /dev/null +++ b/virtual/packages/mantisbt-patches/bug_report_page.php.diff
@@ -0,0 +1,53 @@
		1	--- a/bug_report_page.php 2018-02-10 21:29:27.000000000 +0100
		2	+++ b/bug_report_page.php 2018-03-03 15:04:19.622499678 +0100
		3	@@ -708,7 +708,50 @@
		4	<span class="lbl padding-6"><?php echo lang_get( 'check_report_more_bugs' ) ?></span>
		5	</label>
		6	</td>
		7	</tr>
		8	+<?php
		9	+ # captcha image requires GD library and related option to ON
		10	+ if( current_user_is_anonymous() && get_gd_version() > 0 ) {
		11	+ $t_securimage_path = 'vendor/dapphp/securimage';
		12	+ $t_securimage_show = $t_securimage_path . '/securimage_show.php';
		13	+ $t_securimage_play = $t_securimage_path . '/securimage_play.swf?'
		14	+ . http_build_query( array(
		15	+ 'audio_file' => $t_securimage_path . '/securimage_play.php',
		16	+ 'bgColor1=' => '#fff',
		17	+ 'bgColor2=' => '#fff',
		18	+ 'iconColor=' => '#777',
		19	+ 'borderWidth=' => 1,
		20	+ 'borderColor=' => '#000',
		21	+ ) );
		22	+?>
		23	+ <tr>
		24	+ <th class="category">CAPTCHA</th>
		25	+ <td>
		26	+
		27	+ <label for="captcha-field" class="block clearfix">
		28	+ <strong><?php echo lang_get( 'signup_captcha_request_label' ); ?></strong>
		29	+ </label>
		30	+ <span id="captcha-input" class="input">
		31	+ <?php print_captcha_input( 'captcha' ); ?>
		32	+
		33	+ <span id="captcha-image" class="captcha-image" style="padding-right:3px;">
		34	+ <img src="<?php echo $t_securimage_show; ?>" alt="visual captcha" />
		35	+ <ul id="captcha-refresh"><li><a href="#"><?php
		36	+ echo lang_get( 'signup_captcha_refresh' );
		37	+ ?></a></li></ul>
		38	+ </span>
		39	+
		40	+ <object type="application/x-shockwave-flash" width="19" height="19"
		41	+ data="<?php echo $t_securimage_play; ?>">
		42	+ <param name="movie" value="<?php echo $t_securimage_play; ?>" />
		43	+ </object>
		44	+ </span>
		45	+ </td>
		46	+ </tr>
		47	+<?php
		48	+ }
		49	+?>
		50	+
		51	</table>
		52	</div>
		53	</div>


diff --git a/virtual/packages/mantisbt-patches/bugnote_add.php.diff b/virtual/packages/mantisbt-patches/bugnote_add.php.diff new file mode 100644 index 0000000..4509f0a --- /dev/null +++ b/virtual/packages/mantisbt-patches/bugnote_add.php.diff
@@ -0,0 +1,20 @@
		1	--- a/bugnote_add.php 2018-02-10 21:29:27.000000000 +0100
		2	+++ b/bugnote_add.php 2018-03-03 15:13:12.439919511 +0100
		3	@@ -44,6 +44,17 @@
		4
		5	$t_query = array( 'issue_id' => $f_bug_id );
		6
		7	+# begin captcha check for anon user
		8	+if ( current_user_is_anonymous() && get_gd_version() > 0 ) {
		9	+ $f_captcha = gpc_get_string( 'captcha', '' );
		10	+ $f_captcha = utf8_strtolower( trim( $f_captcha ) );
		11	+
		12	+ $t_securimage = new Securimage();
		13	+ if( $t_securimage->check( $f_captcha ) == false ) {
		14	+ trigger_error( ERROR_SIGNUP_NOT_MATCHING_CAPTCHA, ERROR );
		15	+ }
		16	+}
		17	+
		18	if( count( $f_files ) > 0 && is_blank( $f_text ) && helper_duration_to_minutes( $f_duration ) == 0 ) {
		19	$t_payload = array(
		20	'files' => helper_array_transpose( $f_files )


diff --git a/virtual/packages/mantisbt-patches/bugnote_add_inc.php.diff b/virtual/packages/mantisbt-patches/bugnote_add_inc.php.diff new file mode 100644 index 0000000..a8589c7 --- /dev/null +++ b/virtual/packages/mantisbt-patches/bugnote_add_inc.php.diff
@@ -0,0 +1,52 @@
		1	--- a/bugnote_add_inc.php 2018-02-10 21:29:27.000000000 +0100
		2	+++ b/bugnote_add_inc.php 2018-03-03 15:14:27.332428557 +0100
		3	@@ -119,6 +119,49 @@
		4	<textarea name="bugnote_text" id="bugnote_text" class="<?php echo $t_bugnote_class ?>" rows="7"></textarea>
		5	</td>
		6	</tr>
		7	+<?php
		8	+ # captcha image requires GD library and related option to ON
		9	+ if( current_user_is_anonymous() && get_gd_version() > 0 ) {
		10	+ $t_securimage_path = 'vendor/dapphp/securimage';
		11	+ $t_securimage_show = $t_securimage_path . '/securimage_show.php';
		12	+ $t_securimage_play = $t_securimage_path . '/securimage_play.swf?'
		13	+ . http_build_query( array(
		14	+ 'audio_file' => $t_securimage_path . '/securimage_play.php',
		15	+ 'bgColor1=' => '#fff',
		16	+ 'bgColor2=' => '#fff',
		17	+ 'iconColor=' => '#777',
		18	+ 'borderWidth=' => 1,
		19	+ 'borderColor=' => '#000',
		20	+ ) );
		21	+?>
		22	+ <tr>
		23	+ <th class="category">CAPTCHA</th>
		24	+ <td>
		25	+
		26	+ <label for="captcha-field" class="block clearfix">
		27	+ <strong><?php echo lang_get( 'signup_captcha_request_label' ); ?></strong>
		28	+ </label>
		29	+ <span id="captcha-input" class="input">
		30	+ <?php print_captcha_input( 'captcha' ); ?>
		31	+
		32	+ <span id="captcha-image" class="captcha-image" style="padding-right:3px;">
		33	+ <img src="<?php echo $t_securimage_show; ?>" alt="visual captcha" />
		34	+ <ul id="captcha-refresh"><li><a href="#"><?php
		35	+ echo lang_get( 'signup_captcha_refresh' );
		36	+ ?></a></li></ul>
		37	+ </span>
		38	+
		39	+ <object type="application/x-shockwave-flash" width="19" height="19"
		40	+ data="<?php echo $t_securimage_play; ?>">
		41	+ <param name="movie" value="<?php echo $t_securimage_play; ?>" />
		42	+ </object>
		43	+ </span>
		44	+ </td>
		45	+ </tr>
		46	+<?php
		47	+ }
		48	+?>
		49	+
		50
		51	<?php
		52	if( config_get( 'time_tracking_enabled' ) ) {


diff --git a/virtual/packages/mantisbt-plugin-slack.json b/virtual/packages/mantisbt-plugin-slack.json new file mode 100644 index 0000000..54ea38b --- /dev/null +++ b/virtual/packages/mantisbt-plugin-slack.json
@@ -0,0 +1,15 @@
		1	{
		2	"tag": "9286d2e-master",
		3	"meta": {
		4	"name": "mantisbt-plugin-slack",
		5	"url": "https://github.com/mantisbt-plugins/Slack",
		6	"branch": "master"
		7	},
		8	"github": {
		9	"owner": "mantisbt-plugins",
		10	"repo": "Slack",
		11	"rev": "9286d2eeeb8a986ed949e378711fef5f0bf182dc",
		12	"sha256": "0nn0v4jc967giilkzrppi5svd04m2hnals75xxp0iabcdjnih0mn",
		13	"fetchSubmodules": true
		14	}
		15	}


diff --git a/virtual/packages/mantisbt-plugin-source-integration.json b/virtual/packages/mantisbt-plugin-source-integration.json new file mode 100644 index 0000000..e36a68c --- /dev/null +++ b/virtual/packages/mantisbt-plugin-source-integration.json
@@ -0,0 +1,15 @@
		1	{
		2	"tag": "v2.1.5",
		3	"meta": {
		4	"name": "mantisbt-plugin-source-integration",
		5	"url": "https://github.com/mantisbt-plugins/source-integration",
		6	"branch": "refs/tags/v2.1.5"
		7	},
		8	"github": {
		9	"owner": "mantisbt-plugins",
		10	"repo": "source-integration",
		11	"rev": "a48039a20abc50864e0e68c0c843b27058404386",
		12	"sha256": "07g6q3hivmnd94r47pp0snk5bv4pa3piwclc9qhj612i4wnsazsk",
		13	"fetchSubmodules": true
		14	}
		15	}


diff --git a/virtual/packages/mantisbt-plugin-source-integration_Source.API.php.diff b/virtual/packages/mantisbt-plugin-source-integration_Source.API.php.diff new file mode 100644 index 0000000..c355144 --- /dev/null +++ b/virtual/packages/mantisbt-plugin-source-integration_Source.API.php.diff
@@ -0,0 +1,12 @@
		1	--- b/Source/Source.API.php 2017-09-18 00:50:32.000000000 +0200
		2	+++ a/Source/Source.API.php 2018-03-04 19:00:25.578889039 +0100
		3	@@ -452,6 +452,9 @@
		4	# Allow other plugins to post-process commit data
		5	event_signal( 'EVENT_SOURCE_COMMITS', array( $p_changesets ) );
		6	event_signal( 'EVENT_SOURCE_FIXED', array( $t_fixed_bugs ) );
		7	+ foreach( $t_fixed_bugs as $t_bug_id => $t_changeset ) {
		8	+ event_signal( 'EVENT_BUG_ACTION', array('RESOLVE', $t_bug_id) );
		9	+ }
		10	}
		11
		12	/**


diff --git a/virtual/packages/mantisbt.nix b/virtual/packages/mantisbt.nix new file mode 100644 index 0000000..f136ea5 --- /dev/null +++ b/virtual/packages/mantisbt.nix
@@ -0,0 +1,124 @@
		1	with import ../../libs.nix;
		2	with nixpkgs_unstable;
		3	let
		4	# FIXME: check that source-integration and slack still work
		5	mantisbt = let
		6	plugins = {
		7	slack = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-slack.json // rec {
		8	installPhase = ''
		9	sed -i -e "s/return '@' . \\\$username;/return \\\$username;/" Slack.php
		10	cp -a . $out
		11	'';
		12	});
		13	source-integration = stdenv.mkDerivation (fetchedGithub ./mantisbt-plugin-source-integration.json // rec {
		14	installPhase = ''
		15	mkdir $out
		16	patch -p1 < ${./mantisbt-plugin-source-integration_Source.API.php.diff}
		17	cp -a Source* $out/
		18	'';
		19	});
		20	};
		21	in rec {
		22	config =
		23	assert checkEnv "NIXOPS_MANTISBT_DB_PASSWORD";
		24	assert checkEnv "NIXOPS_MANTISBT_MASTER_SALT";
		25	assert checkEnv "NIXOPS_MANTISBT_LDAP_PASSWORD";
		26	pkgs.writeText "config_inc.php" ''
		27	<?php
		28	$g_hostname = 'db-1.immae.eu';
		29	$g_db_username = 'mantisbt';
		30	$g_db_password = '${builtins.getEnv "NIXOPS_MANTISBT_DB_PASSWORD"}';
		31	$g_database_name = 'mantisbt';
		32	$g_db_type = 'pgsql';
		33	$g_crypto_master_salt = '${builtins.getEnv "NIXOPS_MANTISBT_MASTER_SALT"}';
		34	$g_allow_signup = OFF;
		35	$g_allow_anonymous_login = ON;
		36	$g_anonymous_account = 'anonymous';
		37
		38	$g_phpMailer_method = PHPMAILER_METHOD_SMTP;
		39	$g_smtp_host = 'mail.immae.eu';
		40	$g_smtp_username = ''';
		41	$g_smtp_password = ''';
		42	$g_webmaster_email = 'webmaster@immae.eu';
		43	$g_from_email = 'noreply@immae.eu';
		44	$g_return_path_email = 'webmaster@immae.eu';
		45	$g_from_name = 'Mantis Bug Tracker at immae.eu';
		46	$g_email_receive_own = OFF;
		47	# --- LDAP ---
		48	$g_login_method = LDAP;
		49	$g_ldap_protocol_version = 3;
		50	$g_ldap_server = 'ldaps://ldap.immae.eu:636';
		51	$g_ldap_root_dn = 'ou=users,dc=immae,dc=eu';
		52	$g_ldap_bind_dn = 'cn=mantisbt,ou=services,dc=immae,dc=eu';
		53	$g_ldap_bind_passwd = '${builtins.getEnv "NIXOPS_MANTISBT_LDAP_PASSWORD"}';
		54	$g_use_ldap_email = ON;
		55	$g_use_ldap_realname = ON;
		56	$g_ldap_uid_field = 'uid';
		57	$g_ldap_realname_field = 'cn';
		58	$g_ldap_organization = '(memberOf=cn=users,cn=mantisbt,ou=services,dc=immae,dc=eu)';
		59	'';
		60	webRoot = stdenv.mkDerivation rec {
		61	name = "mantisbt-${version}";
		62	version = "2.11.1";
		63	src = fetchurl {
		64	url = "https://downloads.sourceforge.net/project/mantisbt/mantis-stable/${version}/${name}.tar.gz";
		65	sha256 = "0jnrqz6r2hf53v0k1lh3il7hlfiphn61r9wgg6mzyywkjxwq07md";
		66	};
		67	patches = [
		68	./mantisbt-patches/bug_report.php.diff
		69	./mantisbt-patches/bug_report_page.php.diff
		70	./mantisbt-patches/bugnote_add.php.diff
		71	./mantisbt-patches/bugnote_add_inc.php.diff
		72	];
		73	installPhase = ''
		74	cp -a . $out
		75	ln -s ${config} $out/config/config_inc.php
		76	ln -s ${plugins.slack} $out/plugins/Slack
		77	ln -s ${plugins.source-integration}/Source* $out/plugins/
		78	'';
		79	};
		80	apache = {
		81	user = "wwwrun";
		82	group = "wwwrun";
		83	modules = [ "proxy_fcgi" ];
		84	vhostConf = ''
		85	Alias /mantisbt "${webRoot}"
		86	<Directory "${webRoot}">
		87	DirectoryIndex index.php
		88	<FilesMatch "\.php$">
		89	SetHandler "proxy:unix:${phpFpm.socket}\|fcgi://localhost"
		90	</FilesMatch>
		91
		92	AllowOverride All
		93	Options FollowSymlinks
		94	Require all granted
		95	</Directory>
		96	<Directory "${webRoot}/admin">
		97	#Reenable during upgrade
		98	Require all denied
		99	</Directory>
		100	'';
		101	};
		102	phpFpm = rec {
		103	basedir = builtins.concatStringsSep ":" (
		104	[ webRoot config ]
		105	++ pkgs.lib.attrsets.mapAttrsToList (name: value: value) plugins);
		106	socket = "/var/run/phpfpm/mantisbt.sock";
		107	pool = ''
		108	listen = ${socket}
		109	user = ${apache.user}
		110	group = ${apache.group}
		111	listen.owner = ${apache.user}
		112	listen.group = ${apache.group}
		113	pm = ondemand
		114	pm.max_children = 60
		115	pm.process_idle_timeout = 60
		116
		117	php_admin_value[upload_max_filesize] = 5000000
		118
		119	php_admin_value[open_basedir] = "${basedir}:/tmp"
		120	'';
		121	};
		122	};
		123	in
		124	mantisbt