diff options
Diffstat (limited to 'systems/eldiron/websites/tools/yourls.nix')
-rw-r--r-- | systems/eldiron/websites/tools/yourls.nix | 118 |
1 files changed, 118 insertions, 0 deletions
diff --git a/systems/eldiron/websites/tools/yourls.nix b/systems/eldiron/websites/tools/yourls.nix new file mode 100644 index 0000000..9e54b0d --- /dev/null +++ b/systems/eldiron/websites/tools/yourls.nix | |||
@@ -0,0 +1,118 @@ | |||
1 | { env, yourls, yourls-plugins, config }: | ||
2 | rec { | ||
3 | keys."webapps/tools-yourls" = { | ||
4 | user = apache.user; | ||
5 | group = apache.group; | ||
6 | permissions = "0400"; | ||
7 | text = '' | ||
8 | <?php | ||
9 | define( 'YOURLS_DB_USER', '${env.mysql.user}' ); | ||
10 | define( 'YOURLS_DB_PASS', '${env.mysql.password}' ); | ||
11 | define( 'YOURLS_DB_NAME', '${env.mysql.database}' ); | ||
12 | define( 'YOURLS_DB_HOST', '${env.mysql.host}' ); | ||
13 | define( 'YOURLS_DB_PREFIX', 'yourls_' ); | ||
14 | define( 'YOURLS_SITE', 'https://tools.immae.eu/url' ); | ||
15 | define( 'YOURLS_HOURS_OFFSET', 0 ); | ||
16 | define( 'YOURLS_LANG', ''' ); | ||
17 | define( 'YOURLS_UNIQUE_URLS', true ); | ||
18 | define( 'YOURLS_PRIVATE', true ); | ||
19 | define( 'YOURLS_COOKIEKEY', '${env.cookieKey}' ); | ||
20 | $yourls_user_passwords = array(); | ||
21 | define( 'YOURLS_DEBUG', false ); | ||
22 | define( 'YOURLS_URL_CONVERT', 36 ); | ||
23 | $yourls_reserved_URL = array(); | ||
24 | define( 'LDAPAUTH_HOST', 'ldaps://${env.ldap.host}' ); | ||
25 | define( 'LDAPAUTH_PORT', '636' ); | ||
26 | define( 'LDAPAUTH_BASE', '${env.ldap.base}' ); | ||
27 | define( 'LDAPAUTH_SEARCH_USER', '${env.ldap.dn}' ); | ||
28 | define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' ); | ||
29 | |||
30 | define( 'LDAPAUTH_GROUP_ATTR', 'memberof' ); | ||
31 | define( 'LDAPAUTH_GROUP_REQ', 'cn=admin,cn=yourls,ou=services,dc=immae,dc=eu'); | ||
32 | |||
33 | define( 'LDAPAUTH_USERCACHE_TYPE', 0); | ||
34 | ''; | ||
35 | }; | ||
36 | chatonsProperties = { | ||
37 | file.datetime = "2022-08-27T18:00:00"; | ||
38 | service = { | ||
39 | name = "Yourls"; | ||
40 | description = "Your own URL shortener"; | ||
41 | website = "https://tools.immae.eu/url/admin/"; | ||
42 | logo = "https://tools.immae.eu/url/images/favicon.gif"; | ||
43 | status.level = "OK"; | ||
44 | status.description = "OK"; | ||
45 | registration."" = ["MEMBER" "CLIENT"]; | ||
46 | registration.load = "FULL"; | ||
47 | install.type = "PACKAGE"; | ||
48 | }; | ||
49 | software = { | ||
50 | name = "YOURLS"; | ||
51 | website = "http://yourls.org/"; | ||
52 | license.url = "https://github.com/YOURLS/YOURLS/blob/master/LICENSE"; | ||
53 | license.name = "MIT License"; | ||
54 | version = webRoot.version; | ||
55 | source.url = "https://github.com/YOURLS/YOURLS"; | ||
56 | modules = map (a: a.pluginName) webRoot.plugins; | ||
57 | }; | ||
58 | }; | ||
59 | webRoot = (yourls.override { yourls_config = config.secrets.fullPaths."webapps/tools-yourls"; }).withPlugins (p: [p.ldap]); | ||
60 | apache = rec { | ||
61 | user = "wwwrun"; | ||
62 | group = "wwwrun"; | ||
63 | modules = [ "proxy_fcgi" ]; | ||
64 | root = webRoot; | ||
65 | vhostConf = socket: '' | ||
66 | Alias /url "${root}" | ||
67 | <Directory "${root}"> | ||
68 | <FilesMatch "\.php$"> | ||
69 | SetHandler "proxy:unix:${socket}|fcgi://localhost" | ||
70 | </FilesMatch> | ||
71 | |||
72 | AllowOverride None | ||
73 | Require all granted | ||
74 | <IfModule mod_rewrite.c> | ||
75 | RewriteEngine On | ||
76 | RewriteBase /url/ | ||
77 | RewriteCond %{REQUEST_FILENAME} !-f | ||
78 | RewriteCond %{REQUEST_FILENAME} !-d | ||
79 | RewriteRule ^.*$ /url/yourls-loader.php [L] | ||
80 | </IfModule> | ||
81 | DirectoryIndex index.php | ||
82 | </Directory> | ||
83 | ''; | ||
84 | }; | ||
85 | phpFpm = rec { | ||
86 | serviceDeps = [ "mysql.service" "openldap.service" ]; | ||
87 | basedir = builtins.concatStringsSep ":" ( | ||
88 | [ webRoot config.secrets.fullPaths."webapps/tools-yourls" ] | ||
89 | ++ webRoot.plugins); | ||
90 | pool = { | ||
91 | "listen.owner" = apache.user; | ||
92 | "listen.group" = apache.group; | ||
93 | "pm" = "ondemand"; | ||
94 | "pm.max_children" = "60"; | ||
95 | "pm.process_idle_timeout" = "60"; | ||
96 | |||
97 | # Needed to avoid clashes in browser cookies (same domain) | ||
98 | "php_value[session.name]" = "YourlsPHPSESSID"; | ||
99 | "php_admin_value[session.save_handler]" = "redis"; | ||
100 | "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Yourls:'"; | ||
101 | "php_admin_value[open_basedir]" = "${basedir}:/tmp"; | ||
102 | }; | ||
103 | }; | ||
104 | monitoringPlugins = [ "http" ]; | ||
105 | monitoringObjects.service = [ | ||
106 | { | ||
107 | service_description = "yourl website is running on tools.immae.eu"; | ||
108 | host_name = config.hostEnv.fqdn; | ||
109 | use = "external-web-service"; | ||
110 | check_command = ["check_https" "tools.immae.eu" "/url/admin/" "<title>YOURLS"]; | ||
111 | |||
112 | servicegroups = "webstatus-webapps"; | ||
113 | _webstatus_name = "YOURLS"; | ||
114 | _webstatus_url = "https://tools.immae.eu/url/admin/"; | ||
115 | } | ||
116 | |||
117 | ]; | ||
118 | } | ||