diff options
Diffstat (limited to 'modules/private/websites/tools/tools/yourls.nix')
-rw-r--r-- | modules/private/websites/tools/tools/yourls.nix | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/modules/private/websites/tools/tools/yourls.nix b/modules/private/websites/tools/tools/yourls.nix new file mode 100644 index 0000000..0a8e837 --- /dev/null +++ b/modules/private/websites/tools/tools/yourls.nix | |||
@@ -0,0 +1,93 @@ | |||
1 | { env, yourls, yourls-plugins }: | ||
2 | rec { | ||
3 | activationScript = { | ||
4 | deps = [ "httpd" ]; | ||
5 | text = '' | ||
6 | install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/yourls | ||
7 | ''; | ||
8 | }; | ||
9 | keys = [{ | ||
10 | dest = "webapps/tools-yourls"; | ||
11 | user = apache.user; | ||
12 | group = apache.group; | ||
13 | permissions = "0400"; | ||
14 | text = '' | ||
15 | <?php | ||
16 | define( 'YOURLS_DB_USER', '${env.mysql.user}' ); | ||
17 | define( 'YOURLS_DB_PASS', '${env.mysql.password}' ); | ||
18 | define( 'YOURLS_DB_NAME', '${env.mysql.database}' ); | ||
19 | define( 'YOURLS_DB_HOST', '${env.mysql.host}' ); | ||
20 | define( 'YOURLS_DB_PREFIX', 'yourls_' ); | ||
21 | define( 'YOURLS_SITE', 'https://tools.immae.eu/url' ); | ||
22 | define( 'YOURLS_HOURS_OFFSET', 0 ); | ||
23 | define( 'YOURLS_LANG', ''' ); | ||
24 | define( 'YOURLS_UNIQUE_URLS', true ); | ||
25 | define( 'YOURLS_PRIVATE', true ); | ||
26 | define( 'YOURLS_COOKIEKEY', '${env.cookieKey}' ); | ||
27 | $yourls_user_passwords = array(); | ||
28 | define( 'YOURLS_DEBUG', false ); | ||
29 | define( 'YOURLS_URL_CONVERT', 36 ); | ||
30 | $yourls_reserved_URL = array(); | ||
31 | define( 'LDAPAUTH_HOST', 'ldaps://ldap.immae.eu' ); | ||
32 | define( 'LDAPAUTH_PORT', '636' ); | ||
33 | define( 'LDAPAUTH_BASE', 'dc=immae,dc=eu' ); | ||
34 | define( 'LDAPAUTH_SEARCH_USER', 'cn=yourls,ou=services,dc=immae,dc=eu' ); | ||
35 | define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' ); | ||
36 | |||
37 | define( 'LDAPAUTH_GROUP_ATTR', 'memberof' ); | ||
38 | define( 'LDAPAUTH_GROUP_REQ', 'cn=admin,cn=yourls,ou=services,dc=immae,dc=eu'); | ||
39 | |||
40 | define( 'LDAPAUTH_USERCACHE_TYPE', 0); | ||
41 | ''; | ||
42 | }]; | ||
43 | webRoot = (yourls.override { yourls_config = "/var/secrets/webapps/tools-yourls"; }).withPlugins | ||
44 | (builtins.attrValues yourls-plugins); | ||
45 | apache = rec { | ||
46 | user = "wwwrun"; | ||
47 | group = "wwwrun"; | ||
48 | modules = [ "proxy_fcgi" ]; | ||
49 | webappName = "tools_yourls"; | ||
50 | root = "/run/current-system/webapps/${webappName}"; | ||
51 | vhostConf = '' | ||
52 | Alias /url "${root}" | ||
53 | <Directory "${root}"> | ||
54 | <FilesMatch "\.php$"> | ||
55 | SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost" | ||
56 | </FilesMatch> | ||
57 | |||
58 | AllowOverride None | ||
59 | Require all granted | ||
60 | <IfModule mod_rewrite.c> | ||
61 | RewriteEngine On | ||
62 | RewriteBase /url/ | ||
63 | RewriteCond %{REQUEST_FILENAME} !-f | ||
64 | RewriteCond %{REQUEST_FILENAME} !-d | ||
65 | RewriteRule ^.*$ /url/yourls-loader.php [L] | ||
66 | </IfModule> | ||
67 | DirectoryIndex index.php | ||
68 | </Directory> | ||
69 | ''; | ||
70 | }; | ||
71 | phpFpm = rec { | ||
72 | serviceDeps = [ "mysql.service" "openldap.service" ]; | ||
73 | basedir = builtins.concatStringsSep ":" ( | ||
74 | [ webRoot "/var/secrets/webapps/tools-yourls" ] | ||
75 | ++ webRoot.plugins); | ||
76 | socket = "/var/run/phpfpm/yourls.sock"; | ||
77 | pool = '' | ||
78 | listen = ${socket} | ||
79 | user = ${apache.user} | ||
80 | group = ${apache.group} | ||
81 | listen.owner = ${apache.user} | ||
82 | listen.group = ${apache.group} | ||
83 | pm = ondemand | ||
84 | pm.max_children = 60 | ||
85 | pm.process_idle_timeout = 60 | ||
86 | |||
87 | ; Needed to avoid clashes in browser cookies (same domain) | ||
88 | php_value[session.name] = YourlsPHPSESSID | ||
89 | php_admin_value[open_basedir] = "${basedir}:/tmp:/var/lib/php/sessions/yourls" | ||
90 | php_admin_value[session.save_path] = "/var/lib/php/sessions/yourls" | ||
91 | ''; | ||
92 | }; | ||
93 | } | ||