aboutsummaryrefslogtreecommitdiff
path: root/nixops/modules/websites/tools
diff options
context:
space:
mode:
Diffstat (limited to 'nixops/modules/websites/tools')
-rw-r--r--nixops/modules/websites/tools/tools/default.nix17
-rw-r--r--nixops/modules/websites/tools/tools/rainloop.nix62
2 files changed, 79 insertions, 0 deletions
diff --git a/nixops/modules/websites/tools/tools/default.nix b/nixops/modules/websites/tools/tools/default.nix
index 076d465..b1fd8f2 100644
--- a/nixops/modules/websites/tools/tools/default.nix
+++ b/nixops/modules/websites/tools/tools/default.nix
@@ -9,6 +9,7 @@ let
9 env = myconfig.env.tools.ttrss; 9 env = myconfig.env.tools.ttrss;
10 }; 10 };
11 roundcubemail = pkgs.callPackage ./roundcubemail.nix { env = myconfig.env.tools.roundcubemail; }; 11 roundcubemail = pkgs.callPackage ./roundcubemail.nix { env = myconfig.env.tools.roundcubemail; };
12 rainloop = pkgs.callPackage ./rainloop.nix {};
12 kanboard = pkgs.callPackage ./kanboard.nix { 13 kanboard = pkgs.callPackage ./kanboard.nix {
13 inherit (mylibs) fetchedGithub; 14 inherit (mylibs) fetchedGithub;
14 env = myconfig.env.tools.kanboard; 15 env = myconfig.env.tools.kanboard;
@@ -40,6 +41,10 @@ in {
40 41
41 config = lib.mkIf cfg.enable { 42 config = lib.mkIf cfg.enable {
42 security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null; 43 security.acme.certs."eldiron".extraDomains."tools.immae.eu" = null;
44 security.acme.certs."eldiron".extraDomains."devtools.immae.eu" = null;
45
46 services.myWebsites.integration.modules =
47 rainloop.apache.modules;
43 48
44 services.myWebsites.tools.modules = 49 services.myWebsites.tools.modules =
45 [ "proxy_fcgi" ] 50 [ "proxy_fcgi" ]
@@ -57,6 +62,15 @@ in {
57 62
58 services.ympd = ympd.config // { enable = true; }; 63 services.ympd = ympd.config // { enable = true; };
59 64
65 services.myWebsites.integration.vhostConfs.devtools = {
66 certName = "eldiron";
67 hosts = ["devtools.immae.eu" ];
68 root = null;
69 extraConfig = [
70 rainloop.apache.vhostConf
71 ];
72 };
73
60 services.myWebsites.tools.vhostConfs.tools = { 74 services.myWebsites.tools.vhostConfs.tools = {
61 certName = "eldiron"; 75 certName = "eldiron";
62 hosts = ["tools.immae.eu" ]; 76 hosts = ["tools.immae.eu" ];
@@ -122,6 +136,7 @@ in {
122 shaarli = shaarli.phpFpm.pool; 136 shaarli = shaarli.phpFpm.pool;
123 dokuwiki = dokuwiki.phpFpm.pool; 137 dokuwiki = dokuwiki.phpFpm.pool;
124 ldap = ldap.phpFpm.pool; 138 ldap = ldap.phpFpm.pool;
139 rainloop = rainloop.phpFpm.pool;
125 kanboard = kanboard.phpFpm.pool; 140 kanboard = kanboard.phpFpm.pool;
126 tools = '' 141 tools = ''
127 listen = /var/run/phpfpm/tools.sock 142 listen = /var/run/phpfpm/tools.sock
@@ -149,6 +164,7 @@ in {
149 rompr = rompr.activationScript; 164 rompr = rompr.activationScript;
150 shaarli = shaarli.activationScript; 165 shaarli = shaarli.activationScript;
151 dokuwiki = dokuwiki.activationScript; 166 dokuwiki = dokuwiki.activationScript;
167 rainloop = rainloop.activationScript;
152 kanboard = kanboard.activationScript; 168 kanboard = kanboard.activationScript;
153 }; 169 };
154 170
@@ -162,6 +178,7 @@ in {
162 ln -s ${ttrss.webRoot} $out/webapps/${ttrss.apache.webappName} 178 ln -s ${ttrss.webRoot} $out/webapps/${ttrss.apache.webappName}
163 ln -s ${wallabag.webRoot} $out/webapps/${wallabag.apache.webappName} 179 ln -s ${wallabag.webRoot} $out/webapps/${wallabag.apache.webappName}
164 ln -s ${yourls.webRoot} $out/webapps/${yourls.apache.webappName} 180 ln -s ${yourls.webRoot} $out/webapps/${yourls.apache.webappName}
181 ln -s ${rainloop.webRoot} $out/webapps/${rainloop.apache.webappName}
165 ln -s ${kanboard.webRoot} $out/webapps/${kanboard.apache.webappName} 182 ln -s ${kanboard.webRoot} $out/webapps/${kanboard.apache.webappName}
166 ''; 183 '';
167 184
diff --git a/nixops/modules/websites/tools/tools/rainloop.nix b/nixops/modules/websites/tools/tools/rainloop.nix
new file mode 100644
index 0000000..7aaa4eb
--- /dev/null
+++ b/nixops/modules/websites/tools/tools/rainloop.nix
@@ -0,0 +1,62 @@
1{ lib, pkgs, writeText, stdenv, fetchurl }:
2rec {
3 varDir = "/var/lib/rainloop";
4 activationScript = {
5 deps = [ "wrappers" ];
6 text = ''
7 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}
8 install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
9 install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/data
10 '';
11 };
12 webRoot = pkgs.rainloop-community.overrideAttrs(old: {
13 installPhase = old.installPhase + ''
14 ln -sf ${varDir}/data $out/data
15 '';
16 });
17 apache = rec {
18 user = "wwwrun";
19 group = "wwwrun";
20 modules = [ "proxy_fcgi" ];
21 webappName = "tools_rainloop";
22 root = "/run/current-system/webapps/${webappName}";
23 vhostConf = ''
24 Alias /rainloop "${root}"
25 <Directory "${root}">
26 DirectoryIndex index.php
27 AllowOverride All
28 Options -FollowSymlinks
29 Require all granted
30
31 <FilesMatch "\.php$">
32 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
33 </FilesMatch>
34 </Directory>
35
36 <DirectoryMatch "${root}/data">
37 Require all denied
38 </DirectoryMatch>
39 '';
40 };
41 phpFpm = rec {
42 basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
43 socket = "/var/run/phpfpm/rainloop.sock";
44 pool = ''
45 listen = ${socket}
46 user = ${apache.user}
47 group = ${apache.group}
48 listen.owner = ${apache.user}
49 listen.group = ${apache.group}
50 pm = ondemand
51 pm.max_children = 60
52 pm.process_idle_timeout = 60
53
54 ; Needed to avoid clashes in browser cookies (same domain)
55 php_value[session.name] = RainloopPHPSESSID
56 php_admin_value[upload_max_filesize] = 200M
57 php_admin_value[post_max_size] = 200M
58 php_admin_value[open_basedir] = "${basedir}:/tmp"
59 php_admin_value[session.save_path] = "${varDir}/phpSessions"
60 '';
61 };
62}