diff options
| -rw-r--r-- | nixops/modules/websites/tools/tools/default.nix | 2 | ||||
| -rw-r--r-- | nixops/modules/websites/tools/tools/yourls.nix | 191 | ||||
| -rw-r--r-- | pkgs/webapps/default.nix | 8 | ||||
| -rw-r--r-- | pkgs/webapps/yourls/default.nix | 24 | ||||
| -rw-r--r-- | pkgs/webapps/yourls/plugins/ldap/default.nix | 8 | ||||
| -rw-r--r-- | pkgs/webapps/yourls/plugins/ldap/ldap.json (renamed from nixops/modules/websites/tools/tools/yourls-ldap-plugin.json) | 0 | ||||
| -rw-r--r-- | pkgs/webapps/yourls/yourls.json (renamed from nixops/modules/websites/tools/tools/yourls.json) | 0 |
7 files changed, 126 insertions, 107 deletions
diff --git a/nixops/modules/websites/tools/tools/default.nix b/nixops/modules/websites/tools/tools/default.nix index 262e558..746119b 100644 --- a/nixops/modules/websites/tools/tools/default.nix +++ b/nixops/modules/websites/tools/tools/default.nix | |||
| @@ -18,7 +18,7 @@ let | |||
| 18 | }; | 18 | }; |
| 19 | wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; }; | 19 | wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; }; |
| 20 | yourls = pkgs.callPackage ./yourls.nix { | 20 | yourls = pkgs.callPackage ./yourls.nix { |
| 21 | inherit (mylibs) fetchedGithub; | 21 | inherit (pkgs.webapps) yourls yourls-plugins; |
| 22 | env = myconfig.env.tools.yourls; | 22 | env = myconfig.env.tools.yourls; |
| 23 | }; | 23 | }; |
| 24 | rompr = pkgs.callPackage ./rompr.nix { | 24 | rompr = pkgs.callPackage ./rompr.nix { |
diff --git a/nixops/modules/websites/tools/tools/yourls.nix b/nixops/modules/websites/tools/tools/yourls.nix index 470fb7b..df1b3a2 100644 --- a/nixops/modules/websites/tools/tools/yourls.nix +++ b/nixops/modules/websites/tools/tools/yourls.nix | |||
| @@ -1,111 +1,90 @@ | |||
| 1 | { lib, env, writeText, stdenv, fetchedGithub }: | 1 | { env, yourls, yourls-plugins }: |
| 2 | let | 2 | rec { |
| 3 | yourls = let | 3 | activationScript = '' |
| 4 | plugins = { | 4 | install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/yourls |
| 5 | ldap = stdenv.mkDerivation (fetchedGithub ./yourls-ldap-plugin.json // rec { | 5 | ''; |
| 6 | installPhase = '' | 6 | keys = [{ |
| 7 | mkdir -p $out | 7 | dest = "webapps/tools-yourls"; |
| 8 | cp plugin.php $out/ | 8 | user = apache.user; |
| 9 | ''; | 9 | group = apache.group; |
| 10 | }); | 10 | permissions = "0400"; |
| 11 | }; | 11 | text = '' |
| 12 | in rec { | 12 | <?php |
| 13 | activationScript = '' | 13 | define( 'YOURLS_DB_USER', '${env.mysql.user}' ); |
| 14 | install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/yourls | 14 | define( 'YOURLS_DB_PASS', '${env.mysql.password}' ); |
| 15 | ''; | 15 | define( 'YOURLS_DB_NAME', '${env.mysql.database}' ); |
| 16 | keys = [{ | 16 | define( 'YOURLS_DB_HOST', '${env.mysql.host}' ); |
| 17 | dest = "webapps/tools-yourls"; | 17 | define( 'YOURLS_DB_PREFIX', 'yourls_' ); |
| 18 | user = apache.user; | 18 | define( 'YOURLS_SITE', 'https://tools.immae.eu/url' ); |
| 19 | group = apache.group; | 19 | define( 'YOURLS_HOURS_OFFSET', 0 ); |
| 20 | permissions = "0400"; | 20 | define( 'YOURLS_LANG', ''' ); |
| 21 | text = '' | 21 | define( 'YOURLS_UNIQUE_URLS', true ); |
| 22 | <?php | 22 | define( 'YOURLS_PRIVATE', true ); |
| 23 | define( 'YOURLS_DB_USER', '${env.mysql.user}' ); | 23 | define( 'YOURLS_COOKIEKEY', '${env.cookieKey}' ); |
| 24 | define( 'YOURLS_DB_PASS', '${env.mysql.password}' ); | 24 | $yourls_user_passwords = array(); |
| 25 | define( 'YOURLS_DB_NAME', '${env.mysql.database}' ); | 25 | define( 'YOURLS_DEBUG', false ); |
| 26 | define( 'YOURLS_DB_HOST', '${env.mysql.host}' ); | 26 | define( 'YOURLS_URL_CONVERT', 36 ); |
| 27 | define( 'YOURLS_DB_PREFIX', 'yourls_' ); | 27 | $yourls_reserved_URL = array(); |
| 28 | define( 'YOURLS_SITE', 'https://tools.immae.eu/url' ); | 28 | define( 'LDAPAUTH_HOST', 'ldaps://ldap.immae.eu' ); |
| 29 | define( 'YOURLS_HOURS_OFFSET', 0 ); | 29 | define( 'LDAPAUTH_PORT', '636' ); |
| 30 | define( 'YOURLS_LANG', ''' ); | 30 | define( 'LDAPAUTH_BASE', 'dc=immae,dc=eu' ); |
| 31 | define( 'YOURLS_UNIQUE_URLS', true ); | 31 | define( 'LDAPAUTH_SEARCH_USER', 'cn=yourls,ou=services,dc=immae,dc=eu' ); |
| 32 | define( 'YOURLS_PRIVATE', true ); | 32 | define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' ); |
| 33 | define( 'YOURLS_COOKIEKEY', '${env.cookieKey}' ); | ||
| 34 | $yourls_user_passwords = array(); | ||
| 35 | define( 'YOURLS_DEBUG', false ); | ||
| 36 | define( 'YOURLS_URL_CONVERT', 36 ); | ||
| 37 | $yourls_reserved_URL = array(); | ||
| 38 | define( 'LDAPAUTH_HOST', 'ldaps://ldap.immae.eu' ); | ||
| 39 | define( 'LDAPAUTH_PORT', '636' ); | ||
| 40 | define( 'LDAPAUTH_BASE', 'dc=immae,dc=eu' ); | ||
| 41 | define( 'LDAPAUTH_SEARCH_USER', 'cn=yourls,ou=services,dc=immae,dc=eu' ); | ||
| 42 | define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' ); | ||
| 43 | 33 | ||
| 44 | define( 'LDAPAUTH_GROUP_ATTR', 'memberof' ); | 34 | define( 'LDAPAUTH_GROUP_ATTR', 'memberof' ); |
| 45 | define( 'LDAPAUTH_GROUP_REQ', 'cn=admin,cn=yourls,ou=services,dc=immae,dc=eu'); | 35 | define( 'LDAPAUTH_GROUP_REQ', 'cn=admin,cn=yourls,ou=services,dc=immae,dc=eu'); |
| 46 | 36 | ||
| 47 | define( 'LDAPAUTH_USERCACHE_TYPE', 0); | 37 | define( 'LDAPAUTH_USERCACHE_TYPE', 0); |
| 48 | ''; | 38 | ''; |
| 49 | }]; | 39 | }]; |
| 50 | webRoot = stdenv.mkDerivation (fetchedGithub ./yourls.json // rec { | 40 | webRoot = (yourls.override { yourls_config = "/var/secrets/webapps/tools-yourls"; }).withPlugins |
| 51 | installPhase = '' | 41 | (builtins.attrValues yourls-plugins); |
| 52 | mkdir -p $out | 42 | apache = rec { |
| 53 | cp -a */ *.php $out/ | 43 | user = "wwwrun"; |
| 54 | cp sample-robots.txt $out/robots.txt | 44 | group = "wwwrun"; |
| 55 | ln -sf /var/secrets/webapps/tools-yourls $out/includes/config.php | 45 | modules = [ "proxy_fcgi" ]; |
| 56 | ${builtins.concatStringsSep "\n" ( | 46 | webappName = "tools_yourls"; |
| 57 | lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/user/plugins/${name}") plugins | 47 | root = "/run/current-system/webapps/${webappName}"; |
| 58 | )} | 48 | vhostConf = '' |
| 59 | ''; | 49 | Alias /url "${root}" |
| 60 | }); | 50 | <Directory "${root}"> |
| 61 | apache = rec { | 51 | <FilesMatch "\.php$"> |
| 62 | user = "wwwrun"; | 52 | SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" |
| 63 | group = "wwwrun"; | 53 | </FilesMatch> |
| 64 | modules = [ "proxy_fcgi" ]; | ||
| 65 | webappName = "tools_yourls"; | ||
| 66 | root = "/run/current-system/webapps/${webappName}"; | ||
| 67 | vhostConf = '' | ||
| 68 | Alias /url "${root}" | ||
| 69 | <Directory "${root}"> | ||
| 70 | <FilesMatch "\.php$"> | ||
| 71 | SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" | ||
| 72 | </FilesMatch> | ||
| 73 | 54 | ||
| 74 | AllowOverride None | 55 | AllowOverride None |
| 75 | Require all granted | 56 | Require all granted |
| 76 | <IfModule mod_rewrite.c> | 57 | <IfModule mod_rewrite.c> |
| 77 | RewriteEngine On | 58 | RewriteEngine On |
| 78 | RewriteBase /url/ | 59 | RewriteBase /url/ |
| 79 | RewriteCond %{REQUEST_FILENAME} !-f | 60 | RewriteCond %{REQUEST_FILENAME} !-f |
| 80 | RewriteCond %{REQUEST_FILENAME} !-d | 61 | RewriteCond %{REQUEST_FILENAME} !-d |
| 81 | RewriteRule ^.*$ /url/yourls-loader.php [L] | 62 | RewriteRule ^.*$ /url/yourls-loader.php [L] |
| 82 | </IfModule> | 63 | </IfModule> |
| 83 | DirectoryIndex index.php | 64 | DirectoryIndex index.php |
| 84 | </Directory> | 65 | </Directory> |
| 85 | ''; | 66 | ''; |
| 86 | }; | 67 | }; |
| 87 | phpFpm = rec { | 68 | phpFpm = rec { |
| 88 | serviceDeps = [ "mysql.service" "openldap.service" ]; | 69 | serviceDeps = [ "mysql.service" "openldap.service" ]; |
| 89 | basedir = builtins.concatStringsSep ":" ( | 70 | basedir = builtins.concatStringsSep ":" ( |
| 90 | [ webRoot "/var/secrets/webapps/tools-yourls" ] | 71 | [ webRoot "/var/secrets/webapps/tools-yourls" ] |
| 91 | ++ lib.attrsets.mapAttrsToList (name: value: value) plugins); | 72 | ++ webRoot.plugins); |
| 92 | socket = "/var/run/phpfpm/yourls.sock"; | 73 | socket = "/var/run/phpfpm/yourls.sock"; |
| 93 | pool = '' | 74 | pool = '' |
| 94 | listen = ${socket} | 75 | listen = ${socket} |
| 95 | user = ${apache.user} | 76 | user = ${apache.user} |
| 96 | group = ${apache.group} | 77 | group = ${apache.group} |
| 97 | listen.owner = ${apache.user} | 78 | listen.owner = ${apache.user} |
| 98 | listen.group = ${apache.group} | 79 | listen.group = ${apache.group} |
| 99 | pm = ondemand | 80 | pm = ondemand |
| 100 | pm.max_children = 60 | 81 | pm.max_children = 60 |
| 101 | pm.process_idle_timeout = 60 | 82 | pm.process_idle_timeout = 60 |
| 102 | 83 | ||
| 103 | ; Needed to avoid clashes in browser cookies (same domain) | 84 | ; Needed to avoid clashes in browser cookies (same domain) |
| 104 | php_value[session.name] = YourlsPHPSESSID | 85 | php_value[session.name] = YourlsPHPSESSID |
| 105 | php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/yourls" | 86 | php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/yourls" |
| 106 | php_admin_value[session.save_path] = "/var/lib/php/sessions/yourls" | 87 | php_admin_value[session.save_path] = "/var/lib/php/sessions/yourls" |
| 107 | ''; | 88 | ''; |
| 108 | }; | ||
| 109 | }; | 89 | }; |
| 110 | in | 90 | } |
| 111 | yourls | ||
diff --git a/pkgs/webapps/default.nix b/pkgs/webapps/default.nix index 1dde9ca..f9ecd4f 100644 --- a/pkgs/webapps/default.nix +++ b/pkgs/webapps/default.nix | |||
| @@ -49,4 +49,12 @@ rec { | |||
| 49 | 49 | ||
| 50 | phpldapadmin = callPackage ./phpldapadmin {}; | 50 | phpldapadmin = callPackage ./phpldapadmin {}; |
| 51 | rompr = callPackage ./rompr { inherit mylibs; }; | 51 | rompr = callPackage ./rompr { inherit mylibs; }; |
| 52 | |||
| 53 | yourls = callPackage ./yourls { inherit mylibs; }; | ||
| 54 | yourls-with-plugins = yourls.withPlugins (builtins.attrValues yourls-plugins); | ||
| 55 | yourls-plugins = let | ||
| 56 | names = [ "ldap" ]; | ||
| 57 | in | ||
| 58 | lib.attrsets.genAttrs names | ||
| 59 | (name: callPackage (./yourls/plugins + "/${name}") { inherit mylibs; }); | ||
| 52 | } | 60 | } |
diff --git a/pkgs/webapps/yourls/default.nix b/pkgs/webapps/yourls/default.nix new file mode 100644 index 0000000..cc880cd --- /dev/null +++ b/pkgs/webapps/yourls/default.nix | |||
| @@ -0,0 +1,24 @@ | |||
| 1 | { yourls_config ? "/etc/yourls/config.php", mylibs, stdenv }: | ||
| 2 | let | ||
| 3 | withPlugins = plugins: package.overrideAttrs(old: { | ||
| 4 | name = "${old.name}-with-plugins"; | ||
| 5 | installPhase = old.installPhase + | ||
| 6 | builtins.concatStringsSep "\n" ( | ||
| 7 | map (value: "ln -s ${value} $out/user/plugins/${value.pluginName}") plugins | ||
| 8 | ); | ||
| 9 | passthru.plugins = plugins; | ||
| 10 | passthru.withPlugins = morePlugins: old.withPlugins (morePlugins ++ plugins); | ||
| 11 | }); | ||
| 12 | package = stdenv.mkDerivation (mylibs.fetchedGithub ./yourls.json // rec { | ||
| 13 | installPhase = '' | ||
| 14 | mkdir -p $out | ||
| 15 | cp -a */ *.php $out/ | ||
| 16 | cp sample-robots.txt $out/robots.txt | ||
| 17 | ln -sf ${yourls_config} $out/includes/config.php | ||
| 18 | ''; | ||
| 19 | passthru = { | ||
| 20 | plugins = []; | ||
| 21 | inherit withPlugins; | ||
| 22 | }; | ||
| 23 | }); | ||
| 24 | in package | ||
diff --git a/pkgs/webapps/yourls/plugins/ldap/default.nix b/pkgs/webapps/yourls/plugins/ldap/default.nix new file mode 100644 index 0000000..01dc6fb --- /dev/null +++ b/pkgs/webapps/yourls/plugins/ldap/default.nix | |||
| @@ -0,0 +1,8 @@ | |||
| 1 | { stdenv, mylibs }: | ||
| 2 | stdenv.mkDerivation (mylibs.fetchedGithub ./ldap.json // rec { | ||
| 3 | installPhase = '' | ||
| 4 | mkdir -p $out | ||
| 5 | cp plugin.php $out | ||
| 6 | ''; | ||
| 7 | passthru.pluginName = "ldap"; | ||
| 8 | }) | ||
diff --git a/nixops/modules/websites/tools/tools/yourls-ldap-plugin.json b/pkgs/webapps/yourls/plugins/ldap/ldap.json index 9411e4a..9411e4a 100644 --- a/nixops/modules/websites/tools/tools/yourls-ldap-plugin.json +++ b/pkgs/webapps/yourls/plugins/ldap/ldap.json | |||
diff --git a/nixops/modules/websites/tools/tools/yourls.json b/pkgs/webapps/yourls/yourls.json index 0a79b18..0a79b18 100644 --- a/nixops/modules/websites/tools/tools/yourls.json +++ b/pkgs/webapps/yourls/yourls.json | |||