aboutsummaryrefslogtreecommitdiff
path: root/nixops
diff options
context:
space:
mode:
Diffstat (limited to 'nixops')
-rw-r--r--nixops/modules/websites/tools/tools/default.nix2
-rw-r--r--nixops/modules/websites/tools/tools/tt-rss.json14
-rw-r--r--nixops/modules/websites/tools/tools/ttrss-af-feedmod_type_replace.patch12
-rw-r--r--nixops/modules/websites/tools/tools/ttrss-af_feedmod.json15
-rw-r--r--nixops/modules/websites/tools/tools/ttrss-auth-ldap.json15
-rw-r--r--nixops/modules/websites/tools/tools/ttrss-feediron.json15
-rw-r--r--nixops/modules/websites/tools/tools/ttrss-feediron_json_reformat.patch18
-rw-r--r--nixops/modules/websites/tools/tools/ttrss-ff_instagram.json15
-rw-r--r--nixops/modules/websites/tools/tools/ttrss-tumblr_gdpr_ua.json15
-rw-r--r--nixops/modules/websites/tools/tools/ttrss.nix304
10 files changed, 128 insertions, 297 deletions
diff --git a/nixops/modules/websites/tools/tools/default.nix b/nixops/modules/websites/tools/tools/default.nix
index 433927e..22588fb 100644
--- a/nixops/modules/websites/tools/tools/default.nix
+++ b/nixops/modules/websites/tools/tools/default.nix
@@ -5,7 +5,7 @@ let
5 env = myconfig.env.tools.ympd; 5 env = myconfig.env.tools.ympd;
6 }; 6 };
7 ttrss = pkgs.callPackage ./ttrss.nix { 7 ttrss = pkgs.callPackage ./ttrss.nix {
8 inherit (mylibs) fetchedGithub fetchedGit; 8 inherit (pkgs.webapps) ttrss ttrss-plugins;
9 env = myconfig.env.tools.ttrss; 9 env = myconfig.env.tools.ttrss;
10 }; 10 };
11 roundcubemail = pkgs.callPackage ./roundcubemail.nix { 11 roundcubemail = pkgs.callPackage ./roundcubemail.nix {
diff --git a/nixops/modules/websites/tools/tools/tt-rss.json b/nixops/modules/websites/tools/tools/tt-rss.json
deleted file mode 100644
index e2731b0..0000000
--- a/nixops/modules/websites/tools/tools/tt-rss.json
+++ /dev/null
@@ -1,14 +0,0 @@
1{
2 "tag": "986ca25-master",
3 "meta": {
4 "name": "tt-rss",
5 "url": "https://git.tt-rss.org/fox/tt-rss.git",
6 "branch": "master"
7 },
8 "git": {
9 "url": "https://git.tt-rss.org/fox/tt-rss.git",
10 "rev": "986ca251f995f7754a0470d3e0c44538a545081f",
11 "sha256": "0xkafkh7l9zazm5d6snlq03kdfxfhkb4c8fdsb32wn8b9bhdzf5s",
12 "fetchSubmodules": true
13 }
14}
diff --git a/nixops/modules/websites/tools/tools/ttrss-af-feedmod_type_replace.patch b/nixops/modules/websites/tools/tools/ttrss-af-feedmod_type_replace.patch
deleted file mode 100644
index d622577..0000000
--- a/nixops/modules/websites/tools/tools/ttrss-af-feedmod_type_replace.patch
+++ /dev/null
@@ -1,12 +0,0 @@
1--- a/init.php 2014-06-16 14:21:06.995480038 +0200
2+++ b/init.php 2014-06-16 14:22:00.151027654 +0200
3@@ -147,6 +147,9 @@
4 }
5 }
6 break;
7+ case 'replace':
8+ $article['content'] = preg_replace("/".$config['pattern']."/",$config['replacement'],$article['content']);
9+ break;
10
11 default:
12 // unknown type or invalid config
diff --git a/nixops/modules/websites/tools/tools/ttrss-af_feedmod.json b/nixops/modules/websites/tools/tools/ttrss-af_feedmod.json
deleted file mode 100644
index e57fcce..0000000
--- a/nixops/modules/websites/tools/tools/ttrss-af_feedmod.json
+++ /dev/null
@@ -1,15 +0,0 @@
1{
2 "tag": "0ea2092-master",
3 "meta": {
4 "name": "ttrss-af_feedmod",
5 "url": "https://github.com/mbirth/ttrss_plugin-af_feedmod",
6 "branch": "master"
7 },
8 "github": {
9 "owner": "mbirth",
10 "repo": "ttrss_plugin-af_feedmod",
11 "rev": "0ea2092dd34067ecd898802cfca3570023d1ecfe",
12 "sha256": "02ibf47zcrsc2rr45wsix8gxyyf371davj8n8i0gj1zdq95klvnv",
13 "fetchSubmodules": true
14 }
15}
diff --git a/nixops/modules/websites/tools/tools/ttrss-auth-ldap.json b/nixops/modules/websites/tools/tools/ttrss-auth-ldap.json
deleted file mode 100644
index c8aaab5..0000000
--- a/nixops/modules/websites/tools/tools/ttrss-auth-ldap.json
+++ /dev/null
@@ -1,15 +0,0 @@
1{
2 "tag": "4d751b0-master",
3 "meta": {
4 "name": "ttrss-auth-ldap",
5 "url": "https://github.com/hydrian/TTRSS-Auth-LDAP",
6 "branch": "master"
7 },
8 "github": {
9 "owner": "hydrian",
10 "repo": "TTRSS-Auth-LDAP",
11 "rev": "4d751b095c29a8dbe2dc7bb07777742956136e94",
12 "sha256": "0b9fl86acrzpcv41r7pj3bl8b3n72hpkdywzx9zjyfqv5pskxyim",
13 "fetchSubmodules": true
14 }
15}
diff --git a/nixops/modules/websites/tools/tools/ttrss-feediron.json b/nixops/modules/websites/tools/tools/ttrss-feediron.json
deleted file mode 100644
index 5dbec92..0000000
--- a/nixops/modules/websites/tools/tools/ttrss-feediron.json
+++ /dev/null
@@ -1,15 +0,0 @@
1{
2 "tag": "407168c-master",
3 "meta": {
4 "name": "ttrss-feediron",
5 "url": "https://github.com/m42e/ttrss_plugin-feediron",
6 "branch": "master"
7 },
8 "github": {
9 "owner": "m42e",
10 "repo": "ttrss_plugin-feediron",
11 "rev": "407168c628880b5ced572cc549db6d50e866d3c8",
12 "sha256": "17b95ifpcph6m03hjd1mhi8gi1hw9yd3fnffmw66fqr5c9l3zd9r",
13 "fetchSubmodules": true
14 }
15}
diff --git a/nixops/modules/websites/tools/tools/ttrss-feediron_json_reformat.patch b/nixops/modules/websites/tools/tools/ttrss-feediron_json_reformat.patch
deleted file mode 100644
index e1c44d9..0000000
--- a/nixops/modules/websites/tools/tools/ttrss-feediron_json_reformat.patch
+++ /dev/null
@@ -1,18 +0,0 @@
1diff --git a/init.php b/init.php
2index 3c0f2f9..1aad146 100644
3--- a/init.php
4+++ b/init.php
5@@ -600,10 +600,11 @@ class Feediron extends Plugin implements IHandler
6 return false;
7 }
8
9- $this->host->set($this, 'json_conf', Feediron_Json::format($json_conf));
10+ $new_conf = json_encode(json_decode($json_conf), JSON_PRETTY_PRINT);
11+ $this->host->set($this, 'json_conf', $new_conf);
12 $json_reply['success'] = true;
13 $json_reply['message'] = __('Configuration saved.');
14- $json_reply['json_conf'] = Feediron_Json::format($json_conf);
15+ $json_reply['json_conf'] = $new_conf;
16 echo json_encode($json_reply);
17 }
18
diff --git a/nixops/modules/websites/tools/tools/ttrss-ff_instagram.json b/nixops/modules/websites/tools/tools/ttrss-ff_instagram.json
deleted file mode 100644
index 1f241b9..0000000
--- a/nixops/modules/websites/tools/tools/ttrss-ff_instagram.json
+++ /dev/null
@@ -1,15 +0,0 @@
1{
2 "tag": "0366ffb-master",
3 "meta": {
4 "name": "ttrss-ff_instagram",
5 "url": "https://github.com/wltb/ff_instagram",
6 "branch": "master"
7 },
8 "github": {
9 "owner": "wltb",
10 "repo": "ff_instagram",
11 "rev": "0366ffb18c4d490c8fbfba2f5f3367a5af23cfe8",
12 "sha256": "0vvzl6wi6jmrqknsfddvckjgsgfizz1d923d1nyrpzjfn6bda1vk",
13 "fetchSubmodules": true
14 }
15}
diff --git a/nixops/modules/websites/tools/tools/ttrss-tumblr_gdpr_ua.json b/nixops/modules/websites/tools/tools/ttrss-tumblr_gdpr_ua.json
deleted file mode 100644
index eafbcfe..0000000
--- a/nixops/modules/websites/tools/tools/ttrss-tumblr_gdpr_ua.json
+++ /dev/null
@@ -1,15 +0,0 @@
1{
2 "tag": "287c584-master",
3 "meta": {
4 "name": "ttrss-tumblr_gdpr_ua",
5 "url": "https://github.com/hkockerbeck/ttrss-tumblr-gdpr-ua",
6 "branch": "master"
7 },
8 "github": {
9 "owner": "hkockerbeck",
10 "repo": "ttrss-tumblr-gdpr-ua",
11 "rev": "287c584e68845d524f920156bff0b2eaa6f65117",
12 "sha256": "1fviawgcclqky4k4xv1sqzvpb8i74w9f0pclm09m78s8l85wh9py",
13 "fetchSubmodules": true
14 }
15}
diff --git a/nixops/modules/websites/tools/tools/ttrss.nix b/nixops/modules/websites/tools/tools/ttrss.nix
index e6cad56..05c8cab 100644
--- a/nixops/modules/websites/tools/tools/ttrss.nix
+++ b/nixops/modules/websites/tools/tools/ttrss.nix
@@ -1,181 +1,131 @@
1{ lib, php, env, writeText, stdenv, fetchedGit, fetchedGithub }: 1{ php, env, ttrss, ttrss-plugins }:
2let 2rec {
3 ttrss = let 3 varDir = "/var/lib/ttrss";
4 plugins = { 4 activationScript = {
5 auth_ldap = stdenv.mkDerivation (fetchedGithub ./ttrss-auth-ldap.json // rec { 5 deps = [ "wrappers" ];
6 installPhase = '' 6 text = ''
7 mkdir $out 7 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
8 cp plugins/auth_ldap/init.php $out 8 ${varDir}/lock ${varDir}/cache ${varDir}/feed-icons
9 ''; 9 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}/cache/export/ \
10 }); 10 ${varDir}/cache/feeds/ \
11 af_feedmod = stdenv.mkDerivation (fetchedGithub ./ttrss-af_feedmod.json // rec { 11 ${varDir}/cache/images/ \
12 patches = [ ./ttrss-af-feedmod_type_replace.patch ]; 12 ${varDir}/cache/js/ \
13 installPhase = '' 13 ${varDir}/cache/simplepie/ \
14 mkdir $out 14 ${varDir}/cache/upload/
15 cp init.php $out 15 touch ${varDir}/feed-icons/index.html
16 ''; 16 install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
17 }); 17 '';
18 feediron = stdenv.mkDerivation (fetchedGithub ./ttrss-feediron.json // rec { 18 };
19 patches = [ ./ttrss-feediron_json_reformat.patch ]; 19 keys = [{
20 installPhase = '' 20 dest = "webapps/tools-ttrss";
21 mkdir $out 21 user = apache.user;
22 cp -a . $out 22 group = apache.group;
23 ''; 23 permissions = "0400";
24 }); 24 text = ''
25 ff_instagram = stdenv.mkDerivation (fetchedGithub ./ttrss-ff_instagram.json // rec { 25 <?php
26 installPhase = '' 26
27 mkdir $out 27 define('PHP_EXECUTABLE', '${php}/bin/php');
28 cp -a . $out 28
29 ''; 29 define('LOCK_DIRECTORY', 'lock');
30 }); 30 define('CACHE_DIR', 'cache');
31 tumblr_gdpr_ua = stdenv.mkDerivation (fetchedGithub ./ttrss-tumblr_gdpr_ua.json // rec { 31 define('ICONS_DIR', 'feed-icons');
32 installPhase = '' 32 define('ICONS_URL', 'feed-icons');
33 mkdir $out 33 define('SELF_URL_PATH', 'https://tools.immae.eu/ttrss/');
34 cp -a . $out 34
35 ''; 35 define('MYSQL_CHARSET', 'UTF8');
36 }); 36
37 }; 37 define('DB_TYPE', 'pgsql');
38 in rec { 38 define('DB_HOST', '${env.postgresql.socket}');
39 varDir = "/var/lib/ttrss"; 39 define('DB_USER', '${env.postgresql.user}');
40 activationScript = { 40 define('DB_NAME', '${env.postgresql.database}');
41 deps = [ "wrappers" ]; 41 define('DB_PASS', '${env.postgresql.password}');
42 text = '' 42 define('DB_PORT', '${env.postgresql.port}');
43 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \ 43
44 ${varDir}/lock ${varDir}/cache ${varDir}/feed-icons 44 define('AUTH_AUTO_CREATE', true);
45 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}/cache/export/ \ 45 define('AUTH_AUTO_LOGIN', true);
46 ${varDir}/cache/feeds/ \ 46
47 ${varDir}/cache/images/ \ 47 define('SINGLE_USER_MODE', false);
48 ${varDir}/cache/js/ \ 48
49 ${varDir}/cache/simplepie/ \ 49 define('SIMPLE_UPDATE_MODE', false);
50 ${varDir}/cache/upload/ 50 define('CHECK_FOR_UPDATES', true);
51 touch ${varDir}/feed-icons/index.html 51
52 install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions 52 define('FORCE_ARTICLE_PURGE', 0);
53 define('SESSION_COOKIE_LIFETIME', 60*60*24*120);
54 define('ENABLE_GZIP_OUTPUT', false);
55
56 define('PLUGINS', 'auth_ldap, note, instances');
57
58 define('LOG_DESTINATION', ''');
59 define('CONFIG_VERSION', 26);
60
61
62 define('SPHINX_SERVER', 'localhost:9312');
63 define('SPHINX_INDEX', 'ttrss, delta');
64
65 define('ENABLE_REGISTRATION', false);
66 define('REG_NOTIFY_ADDRESS', 'ttrss@tools.immae.eu');
67 define('REG_MAX_USERS', 10);
68
69 define('SMTP_FROM_NAME', 'Tiny Tiny RSS');
70 define('SMTP_FROM_ADDRESS', 'ttrss@tools.immae.eu');
71 define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours');
72
73 define('LDAP_AUTH_SERVER_URI', 'ldap://ldap.immae.eu:389/');
74 define('LDAP_AUTH_USETLS', TRUE);
75 define('LDAP_AUTH_ALLOW_UNTRUSTED_CERT', TRUE);
76 define('LDAP_AUTH_BASEDN', 'dc=immae,dc=eu');
77 define('LDAP_AUTH_ANONYMOUSBEFOREBIND', FALSE);
78 define('LDAP_AUTH_SEARCHFILTER', '(&(memberOf=cn=users,cn=ttrss,ou=services,dc=immae,dc=eu)(|(cn=???)(uid=???)(&(uid:dn:=???)(ou=ttrss))))');
79
80 define('LDAP_AUTH_BINDDN', 'cn=ttrss,ou=services,dc=immae,dc=eu');
81 define('LDAP_AUTH_BINDPW', '${env.ldap.password}');
82 define('LDAP_AUTH_LOGIN_ATTRIB', 'immaeTtrssLogin');
83
84 define('LDAP_AUTH_LOG_ATTEMPTS', FALSE);
85 define('LDAP_AUTH_DEBUG', FALSE);
53 ''; 86 '';
54 }; 87 }];
55 keys = [{ 88 webRoot = (ttrss.override { ttrss_config = "/var/secrets/webapps/tools-ttrss"; }).withPlugins (builtins.attrValues ttrss-plugins);
56 dest = "webapps/tools-ttrss"; 89 apache = rec {
57 user = apache.user; 90 user = "wwwrun";
58 group = apache.group; 91 group = "wwwrun";
59 permissions = "0400"; 92 modules = [ "proxy_fcgi" ];
60 text = '' 93 webappName = "tools_ttrss";
61 <?php 94 root = "/run/current-system/webapps/${webappName}";
62 95 vhostConf = ''
63 define('PHP_EXECUTABLE', '${php}/bin/php'); 96 Alias /ttrss "${root}"
64 97 <Directory "${root}">
65 define('LOCK_DIRECTORY', 'lock'); 98 DirectoryIndex index.php
66 define('CACHE_DIR', 'cache'); 99 <FilesMatch "\.php$">
67 define('ICONS_DIR', 'feed-icons'); 100 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
68 define('ICONS_URL', 'feed-icons'); 101 </FilesMatch>
69 define('SELF_URL_PATH', 'https://tools.immae.eu/ttrss/'); 102
70 103 AllowOverride All
71 define('MYSQL_CHARSET', 'UTF8'); 104 Options FollowSymlinks
72 105 Require all granted
73 define('DB_TYPE', 'pgsql'); 106 </Directory>
74 define('DB_HOST', '${env.postgresql.socket}');
75 define('DB_USER', '${env.postgresql.user}');
76 define('DB_NAME', '${env.postgresql.database}');
77 define('DB_PASS', '${env.postgresql.password}');
78 define('DB_PORT', '${env.postgresql.port}');
79
80 define('AUTH_AUTO_CREATE', true);
81 define('AUTH_AUTO_LOGIN', true);
82
83 define('SINGLE_USER_MODE', false);
84
85 define('SIMPLE_UPDATE_MODE', false);
86 define('CHECK_FOR_UPDATES', true);
87
88 define('FORCE_ARTICLE_PURGE', 0);
89 define('SESSION_COOKIE_LIFETIME', 60*60*24*120);
90 define('ENABLE_GZIP_OUTPUT', false);
91
92 define('PLUGINS', 'auth_ldap, note, instances');
93
94 define('LOG_DESTINATION', ''');
95 define('CONFIG_VERSION', 26);
96
97
98 define('SPHINX_SERVER', 'localhost:9312');
99 define('SPHINX_INDEX', 'ttrss, delta');
100
101 define('ENABLE_REGISTRATION', false);
102 define('REG_NOTIFY_ADDRESS', 'ttrss@tools.immae.eu');
103 define('REG_MAX_USERS', 10);
104
105 define('SMTP_FROM_NAME', 'Tiny Tiny RSS');
106 define('SMTP_FROM_ADDRESS', 'ttrss@tools.immae.eu');
107 define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours');
108
109 define('LDAP_AUTH_SERVER_URI', 'ldap://ldap.immae.eu:389/');
110 define('LDAP_AUTH_USETLS', TRUE);
111 define('LDAP_AUTH_ALLOW_UNTRUSTED_CERT', TRUE);
112 define('LDAP_AUTH_BASEDN', 'dc=immae,dc=eu');
113 define('LDAP_AUTH_ANONYMOUSBEFOREBIND', FALSE);
114 define('LDAP_AUTH_SEARCHFILTER', '(&(memberOf=cn=users,cn=ttrss,ou=services,dc=immae,dc=eu)(|(cn=???)(uid=???)(&(uid:dn:=???)(ou=ttrss))))');
115
116 define('LDAP_AUTH_BINDDN', 'cn=ttrss,ou=services,dc=immae,dc=eu');
117 define('LDAP_AUTH_BINDPW', '${env.ldap.password}');
118 define('LDAP_AUTH_LOGIN_ATTRIB', 'immaeTtrssLogin');
119
120 define('LDAP_AUTH_LOG_ATTEMPTS', FALSE);
121 define('LDAP_AUTH_DEBUG', FALSE);
122 '';
123 }];
124 webRoot = stdenv.mkDerivation (fetchedGit ./tt-rss.json // rec {
125 buildPhase = ''
126 rm -rf lock feed-icons cache
127 ln -sf ${varDir}/{lock,feed-icons,cache} .
128 ''; 107 '';
129 installPhase = '' 108 };
130 cp -a . $out 109 phpFpm = rec {
131 ln -s /var/secrets/webapps/tools-ttrss $out/config.php 110 serviceDeps = [ "postgresql.service" "openldap.service" ];
132 ${builtins.concatStringsSep "\n" ( 111 basedir = builtins.concatStringsSep ":" (
133 lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/plugins/${name}") plugins 112 [ webRoot "/var/secrets/webapps/tools-ttrss" varDir ]
134 )} 113 ++ webRoot.plugins);
114 socket = "/var/run/phpfpm/ttrss.sock";
115 pool = ''
116 listen = ${socket}
117 user = ${apache.user}
118 group = ${apache.group}
119 listen.owner = ${apache.user}
120 listen.group = ${apache.group}
121 pm = ondemand
122 pm.max_children = 60
123 pm.process_idle_timeout = 60
124
125 ; Needed to avoid clashes in browser cookies (same domain)
126 php_value[session.name] = TtrssPHPSESSID
127 php_admin_value[open_basedir] = "${basedir}:/tmp"
128 php_admin_value[session.save_path] = "${varDir}/phpSessions"
135 ''; 129 '';
136 });
137 apache = rec {
138 user = "wwwrun";
139 group = "wwwrun";
140 modules = [ "proxy_fcgi" ];
141 webappName = "tools_ttrss";
142 root = "/run/current-system/webapps/${webappName}";
143 vhostConf = ''
144 Alias /ttrss "${root}"
145 <Directory "${root}">
146 DirectoryIndex index.php
147 <FilesMatch "\.php$">
148 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
149 </FilesMatch>
150
151 AllowOverride All
152 Options FollowSymlinks
153 Require all granted
154 </Directory>
155 '';
156 };
157 phpFpm = rec {
158 serviceDeps = [ "postgresql.service" "openldap.service" ];
159 basedir = builtins.concatStringsSep ":" (
160 [ webRoot "/var/secrets/webapps/tools-ttrss" varDir ]
161 ++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
162 socket = "/var/run/phpfpm/ttrss.sock";
163 pool = ''
164 listen = ${socket}
165 user = ${apache.user}
166 group = ${apache.group}
167 listen.owner = ${apache.user}
168 listen.group = ${apache.group}
169 pm = ondemand
170 pm.max_children = 60
171 pm.process_idle_timeout = 60
172
173 ; Needed to avoid clashes in browser cookies (same domain)
174 php_value[session.name] = TtrssPHPSESSID
175 php_admin_value[open_basedir] = "${basedir}:/tmp"
176 php_admin_value[session.save_path] = "${varDir}/phpSessions"
177 '';
178 };
179 }; 130 };
180in 131}
181 ttrss