1 files changed, 102 insertions, 0 deletions
diff --git a/systems/eldiron/websites/tools/shaarli.nix b/systems/eldiron/websites/tools/shaarli.nix
new file mode 100644
index 0000000..35f1edb
--- /dev/null
+++ b/systems/eldiron/websites/tools/shaarli.nix
@@ -0,0 +1,102 @@
+{ lib, env, stdenv, fetchurl, shaarli, config }:
+let
+  varDir = "/var/lib/shaarli";
+in rec {
+  activationScript = ''
+    install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
+      ${varDir}/cache ${varDir}/pagecache ${varDir}/tmp ${varDir}/data
+    '';
+  webRoot = shaarli.override { inherit varDir; };
+  apache = rec {
+    user = "wwwrun";
+    group = "wwwrun";
+    modules =  [ "proxy_fcgi" "rewrite" "env" ];
+    root = webRoot;
+    vhostConf = socket: ''
+      Alias /Shaarli "${root}"
+      Include ${config.secrets.fullPaths."webapps/tools-shaarli"}
+      <Location /Shaarli>
+        Header set Access-Control-Allow-Origin "*"
+        Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
+        Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Accept-Encoding"
+      </Location>
+      <Directory "${root}">
+        DirectoryIndex index.php index.htm index.html
+        Options Indexes FollowSymLinks MultiViews Includes
+        AllowOverride All
+        Require all granted
+        <FilesMatch "\.php$">
+          SetHandler "proxy:unix:${socket}|fcgi://localhost"
+        </FilesMatch>
+      </Directory>
+      '';
+  };
+  chatonsProperties = {
+    file.datetime = "2022-08-21T22:50:00";
+    service = {
+      name = "Shaarli";
+      description = "The personal, minimalist, super-fast, database free, bookmarking service - community repo";
+      website = "https://tools.immae.eu/Shaarli/";
+      logo = "https://tools.immae.eu/Shaarli/tpl/default/img/apple-touch-icon.png";
+      status.level = "OK";
+      status.description = "OK";
+      registration."" = ["MEMBER" "CLIENT"];
+      registration.load = "OPEN";
+      install.type = "PACKAGE";
+    };
+    software = {
+      name = "Shaarli";
+      website = "https://shaarli.readthedocs.io/";
+      license.url = "https://github.com/shaarli/Shaarli/blob/master/COPYING";
+      license.name = "GNU General Public License Version 3";
+      version = webRoot.version;
+      source.url = "https://github.com/shaarli/Shaarli";
+      modules = "ldap-connection-patch";
+    };
+  };
+  keys."webapps/tools-shaarli" = {
+    user = apache.user;
+    group = apache.group;
+    permissions = "0400";
+    text = ''
+      SetEnv SHAARLI_LDAP_PASSWORD "${env.ldap.password}"
+      SetEnv SHAARLI_LDAP_DN       "${env.ldap.dn}"
+      SetEnv SHAARLI_LDAP_HOST     "ldaps://${env.ldap.host}"
+      SetEnv SHAARLI_LDAP_BASE     "${env.ldap.base}"
+      SetEnv SHAARLI_LDAP_FILTER   "${env.ldap.filter}"
+      '';
+  };
+  phpFpm = rec {
+    serviceDeps = [ "openldap.service" ];
+    basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
+    pool = {
+      "listen.owner" = apache.user;
+      "listen.group" = apache.group;
+      "pm" = "ondemand";
+      "pm.max_children" = "60";
+      "pm.process_idle_timeout" = "60";
+      # Needed to avoid clashes in browser cookies (same domain)
+      "php_value[session.name]" = "ShaarliPHPSESSID";
+      "php_admin_value[open_basedir]" = "${basedir}:/tmp";
+      "php_admin_value[session.save_handler]" = "redis";
+      "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Shaarli:'";
+      "php_admin_value[upload_max_filesize]" = "200M";
+      "php_admin_value[post_max_size]" = "200M";
+    };
+  };
+  monitoringPlugins = [ "http" ];
+  monitoringObjects.service = [
+    {
+      service_description = "shaarli website is running on tools.immae.eu";
+      host_name = config.hostEnv.fqdn;
+      use = "external-web-service";
+      check_command = ["check_https" "tools.immae.eu" "/Shaarli/immae" "<title>Immae"];
+      servicegroups = "webstatus-webapps";
+      _webstatus_name = "Shaarli";
+      _webstatus_url = "https://tools.immae.eu/Shaarli/";
+    }
+  ];
+}

diff --git a/systems/eldiron/websites/tools/shaarli.nix b/systems/eldiron/websites/tools/shaarli.nix new file mode 100644 index 0000000..35f1edb --- /dev/null +++ b/systems/eldiron/websites/tools/shaarli.nix
@@ -0,0 +1,102 @@
	1	{ lib, env, stdenv, fetchurl, shaarli, config }:
	2	let
	3	varDir = "/var/lib/shaarli";
	4	in rec {
	5	activationScript = ''
	6	install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
	7	${varDir}/cache ${varDir}/pagecache ${varDir}/tmp ${varDir}/data
	8	'';
	9	webRoot = shaarli.override { inherit varDir; };
	10	apache = rec {
	11	user = "wwwrun";
	12	group = "wwwrun";
	13	modules = [ "proxy_fcgi" "rewrite" "env" ];
	14	root = webRoot;
	15	vhostConf = socket: ''
	16	Alias /Shaarli "${root}"
	17
	18	Include ${config.secrets.fullPaths."webapps/tools-shaarli"}
	19	<Location /Shaarli>
	20	Header set Access-Control-Allow-Origin "*"
	21	Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
	22	Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Accept-Encoding"
	23	</Location>
	24	<Directory "${root}">
	25	DirectoryIndex index.php index.htm index.html
	26	Options Indexes FollowSymLinks MultiViews Includes
	27	AllowOverride All
	28	Require all granted
	29	<FilesMatch "\.php$">
	30	SetHandler "proxy:unix:${socket}\|fcgi://localhost"
	31	</FilesMatch>
	32	</Directory>
	33	'';
	34	};
	35	chatonsProperties = {
	36	file.datetime = "2022-08-21T22:50:00";
	37	service = {
	38	name = "Shaarli";
	39	description = "The personal, minimalist, super-fast, database free, bookmarking service - community repo";
	40	website = "https://tools.immae.eu/Shaarli/";
	41	logo = "https://tools.immae.eu/Shaarli/tpl/default/img/apple-touch-icon.png";
	42	status.level = "OK";
	43	status.description = "OK";
	44	registration."" = ["MEMBER" "CLIENT"];
	45	registration.load = "OPEN";
	46	install.type = "PACKAGE";
	47	};
	48	software = {
	49	name = "Shaarli";
	50	website = "https://shaarli.readthedocs.io/";
	51	license.url = "https://github.com/shaarli/Shaarli/blob/master/COPYING";
	52	license.name = "GNU General Public License Version 3";
	53	version = webRoot.version;
	54	source.url = "https://github.com/shaarli/Shaarli";
	55	modules = "ldap-connection-patch";
	56	};
	57	};
	58	keys."webapps/tools-shaarli" = {
	59	user = apache.user;
	60	group = apache.group;
	61	permissions = "0400";
	62	text = ''
	63	SetEnv SHAARLI_LDAP_PASSWORD "${env.ldap.password}"
	64	SetEnv SHAARLI_LDAP_DN "${env.ldap.dn}"
	65	SetEnv SHAARLI_LDAP_HOST "ldaps://${env.ldap.host}"
	66	SetEnv SHAARLI_LDAP_BASE "${env.ldap.base}"
	67	SetEnv SHAARLI_LDAP_FILTER "${env.ldap.filter}"
	68	'';
	69	};
	70	phpFpm = rec {
	71	serviceDeps = [ "openldap.service" ];
	72	basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
	73	pool = {
	74	"listen.owner" = apache.user;
	75	"listen.group" = apache.group;
	76	"pm" = "ondemand";
	77	"pm.max_children" = "60";
	78	"pm.process_idle_timeout" = "60";
	79
	80	# Needed to avoid clashes in browser cookies (same domain)
	81	"php_value[session.name]" = "ShaarliPHPSESSID";
	82	"php_admin_value[open_basedir]" = "${basedir}:/tmp";
	83	"php_admin_value[session.save_handler]" = "redis";
	84	"php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Shaarli:'";
	85	"php_admin_value[upload_max_filesize]" = "200M";
	86	"php_admin_value[post_max_size]" = "200M";
	87	};
	88	};
	89	monitoringPlugins = [ "http" ];
	90	monitoringObjects.service = [
	91	{
	92	service_description = "shaarli website is running on tools.immae.eu";
	93	host_name = config.hostEnv.fqdn;
	94	use = "external-web-service";
	95	check_command = ["check_https" "tools.immae.eu" "/Shaarli/immae" "<title>Immae"];
	96
	97	servicegroups = "webstatus-webapps";
	98	_webstatus_name = "Shaarli";
	99	_webstatus_url = "https://tools.immae.eu/Shaarli/";
	100	}
	101	];
	102	}