4 files changed, 141 insertions, 1 deletions
diff --git a/virtual/modules/websites/tools/tools/default.nix b/virtual/modules/websites/tools/tools/default.nix
index 294959c..7fb4974 100644
--- a/virtual/modules/websites/tools/tools/default.nix
+++ b/virtual/modules/websites/tools/tools/default.nix
@@ -8,6 +8,10 @@ let
    };
    roundcubemail = pkgs.callPackage ./roundcubemail.nix { env = myconfig.env.tools.roundcubemail; };
    wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; };
+    yourls = pkgs.callPackage ./yourls.nix {
+      inherit (mylibs) fetchedGithub;
+      env = myconfig.env.tools.yourls;
+    };
    cfg = config.services.myWebsites.tools.tools;
 in {
@@ -23,7 +27,8 @@ in {
      ++ ympd.apache.modules
      ++ ttrss.apache.modules
      ++ roundcubemail.apache.modules
-      ++ wallabag.apache.modules;
+      ++ wallabag.apache.modules
+      ++ yourls.apache.modules;
    services.ympd = ympd.config // { enable = false; };
@@ -37,6 +42,7 @@ in {
        ttrss.apache.vhostConf
        roundcubemail.apache.vhostConf
        wallabag.apache.vhostConf
+        yourls.apache.vhostConf
      ];
    };
@@ -45,12 +51,14 @@ in {
      ttrss = ttrss.phpFpm.pool;
      roundcubemail = roundcubemail.phpFpm.pool;
      wallabag = wallabag.phpFpm.pool;
+      yourls = yourls.phpFpm.pool;
    };
    system.activationScripts = {
      ttrss = ttrss.activationScript;
      roundcubemail = roundcubemail.activationScript;
      wallabag = wallabag.activationScript;
+      yourls = yourls.activationScript;
    };
    systemd.services.tt-rss = {
diff --git a/virtual/modules/websites/tools/tools/yourls-ldap-plugin.json b/virtual/modules/websites/tools/tools/yourls-ldap-plugin.json
new file mode 100644
index 0000000..9411e4a
--- /dev/null
+++ b/virtual/modules/websites/tools/tools/yourls-ldap-plugin.json
@@ -0,0 +1,15 @@
+{
+  "tag": "2a3cb03-master",
+  "meta": {
+    "name": "yourls-ldap-plugin",
+    "url": "https://github.com/k3a/yourls-ldap-plugin",
+    "branch": "master"
+  },
+  "github": {
+    "owner": "k3a",
+    "repo": "yourls-ldap-plugin",
+    "rev": "2a3cb0334b8a6b81b284a7196e614bbd2b2b1615",
+    "sha256": "0cchbnli77d295lzf7kjmn4dcxj2bmdqa9qc3f8l8qgmp4n5n0gh",
+    "fetchSubmodules": true
+  }
+}
diff --git a/virtual/modules/websites/tools/tools/yourls.json b/virtual/modules/websites/tools/tools/yourls.json
new file mode 100644
index 0000000..0a79b18
--- /dev/null
+++ b/virtual/modules/websites/tools/tools/yourls.json
@@ -0,0 +1,15 @@
+{
+  "tag": "1.7.3",
+  "meta": {
+    "name": "yourls",
+    "url": "https://github.com/YOURLS/YOURLS",
+    "branch": "refs/tags/1.7.3"
+  },
+  "github": {
+    "owner": "YOURLS",
+    "repo": "YOURLS",
+    "rev": "077018822d3594229daa8343310d0b40804b9ddc",
+    "sha256": "1av6h619rwqn0yn0kjn2s2h3gmrhmxaaa9hd5ns4ralxgg731imd",
+    "fetchSubmodules": true
+  }
+}
diff --git a/virtual/modules/websites/tools/tools/yourls.nix b/virtual/modules/websites/tools/tools/yourls.nix
new file mode 100644
index 0000000..b97dac9
--- /dev/null
+++ b/virtual/modules/websites/tools/tools/yourls.nix
@@ -0,0 +1,102 @@
+{ lib, env, writeText, stdenv, fetchedGithub }:
+let
+  yourls = let
+    plugins = {
+      ldap = stdenv.mkDerivation (fetchedGithub ./yourls-ldap-plugin.json // rec {
+        installPhase = ''
+          mkdir -p $out
+          cp plugin.php $out/
+          '';
+      });
+    };
+  in rec {
+    activationScript = ''
+      install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/yourls
+    '';
+    config = writeText "config.php" ''
+        <?php
+        define( 'YOURLS_DB_USER', '${env.mysql.user}' );
+        define( 'YOURLS_DB_PASS', '${env.mysql.password}' );
+        define( 'YOURLS_DB_NAME', '${env.mysql.database}' );
+        define( 'YOURLS_DB_HOST', 'db-1.immae.eu' );
+        define( 'YOURLS_DB_PREFIX', 'yourls_' );
+        define( 'YOURLS_SITE', 'http://tools.immae.eu/url' );
+        define( 'YOURLS_HOURS_OFFSET', 0 ); 
+        define( 'YOURLS_LANG', ''' ); 
+        define( 'YOURLS_UNIQUE_URLS', true );
+        define( 'YOURLS_PRIVATE', true );
+        define( 'YOURLS_COOKIEKEY', '${env.cookieKey}' );
+        $yourls_user_passwords = array();
+        define( 'YOURLS_DEBUG', false );
+        define( 'YOURLS_URL_CONVERT', 36 );
+        $yourls_reserved_URL = array();
+        define( 'LDAPAUTH_HOST', 'ldaps://ldap.immae.eu' );
+        define( 'LDAPAUTH_PORT', '636' );
+        define( 'LDAPAUTH_BASE', 'dc=immae,dc=eu' );
+        define( 'LDAPAUTH_SEARCH_USER', 'cn=yourls,ou=services,dc=immae,dc=eu' );
+        define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' );
+        define( 'LDAPAUTH_GROUP_ATTR', 'memberof' );
+        define( 'LDAPAUTH_GROUP_REQ', 'cn=admin,cn=yourls,ou=services,dc=immae,dc=eu');
+        define( 'LDAPAUTH_USERCACHE_TYPE', 0);
+      '';
+    webRoot = stdenv.mkDerivation (fetchedGithub ./yourls.json // rec {
+      installPhase = ''
+        mkdir -p $out
+        cp -a */ *.php $out/
+        cp sample-robots.txt $out/robots.txt
+        ln -sf ${config} $out/includes/config.php
+        ${builtins.concatStringsSep "\n" (
+          lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/user/plugins/${name}") plugins
+        )}
+      '';
+    });
+    apache = {
+      user = "wwwrun";
+      group = "wwwrun";
+      modules = [ "proxy_fcgi" ];
+      vhostConf = ''
+        Alias /url "${webRoot}"
+        <Directory "${webRoot}">
+          <FilesMatch "\.php$">
+            SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+          </FilesMatch>
+          AllowOverride None
+          Require all granted
+          <IfModule mod_rewrite.c>
+            RewriteEngine On
+            RewriteBase /url/
+            RewriteCond %{REQUEST_FILENAME} !-f
+            RewriteCond %{REQUEST_FILENAME} !-d
+            RewriteRule ^.*$ /url/yourls-loader.php [L]
+          </IfModule>
+          DirectoryIndex index.php
+        </Directory>
+        '';
+    };
+    phpFpm = rec {
+      basedir = builtins.concatStringsSep ":" (
+        [ webRoot config ]
+        ++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
+      socket = "/var/run/phpfpm/yourls.sock";
+      pool = ''
+        listen = ${socket}
+        user = ${apache.user}
+        group = ${apache.group}
+        listen.owner = ${apache.user}
+        listen.group = ${apache.group}
+        pm = ondemand
+        pm.max_children = 60
+        pm.process_idle_timeout = 60
+        ; Needed to avoid clashes in browser cookies (same domain)
+        php_value[session.name] = YourlsPHPSESSID
+        php_admin_value[open_basedir] = "${basedir}:/tmp"
+        php_admin_value[session.save_path] = "/var/lib/php/sessions/yourls"
+        '';
+    };
+  };
+in 
+  yourls

diff --git a/virtual/modules/websites/tools/tools/default.nix b/virtual/modules/websites/tools/tools/default.nix index 294959c..7fb4974 100644 --- a/virtual/modules/websites/tools/tools/default.nix +++ b/virtual/modules/websites/tools/tools/default.nix
@@ -8,6 +8,10 @@ let
8	};	8	};
9	roundcubemail = pkgs.callPackage ./roundcubemail.nix { env = myconfig.env.tools.roundcubemail; };	9	roundcubemail = pkgs.callPackage ./roundcubemail.nix { env = myconfig.env.tools.roundcubemail; };
10	wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; };	10	wallabag = pkgs.callPackage ./wallabag.nix { env = myconfig.env.tools.wallabag; };
		11	yourls = pkgs.callPackage ./yourls.nix {
		12	inherit (mylibs) fetchedGithub;
		13	env = myconfig.env.tools.yourls;
		14	};
11		15
12	cfg = config.services.myWebsites.tools.tools;	16	cfg = config.services.myWebsites.tools.tools;
13	in {	17	in {
@@ -23,7 +27,8 @@ in {
23	++ ympd.apache.modules	27	++ ympd.apache.modules
24	++ ttrss.apache.modules	28	++ ttrss.apache.modules
25	++ roundcubemail.apache.modules	29	++ roundcubemail.apache.modules
26	++ wallabag.apache.modules;	30	++ wallabag.apache.modules
		31	++ yourls.apache.modules;
27		32
28	services.ympd = ympd.config // { enable = false; };	33	services.ympd = ympd.config // { enable = false; };
29		34
@@ -37,6 +42,7 @@ in {
37	ttrss.apache.vhostConf	42	ttrss.apache.vhostConf
38	roundcubemail.apache.vhostConf	43	roundcubemail.apache.vhostConf
39	wallabag.apache.vhostConf	44	wallabag.apache.vhostConf
		45	yourls.apache.vhostConf
40	];	46	];
41	};	47	};
42		48
@@ -45,12 +51,14 @@ in {
45	ttrss = ttrss.phpFpm.pool;	51	ttrss = ttrss.phpFpm.pool;
46	roundcubemail = roundcubemail.phpFpm.pool;	52	roundcubemail = roundcubemail.phpFpm.pool;
47	wallabag = wallabag.phpFpm.pool;	53	wallabag = wallabag.phpFpm.pool;
		54	yourls = yourls.phpFpm.pool;
48	};	55	};
49		56
50	system.activationScripts = {	57	system.activationScripts = {
51	ttrss = ttrss.activationScript;	58	ttrss = ttrss.activationScript;
52	roundcubemail = roundcubemail.activationScript;	59	roundcubemail = roundcubemail.activationScript;
53	wallabag = wallabag.activationScript;	60	wallabag = wallabag.activationScript;
		61	yourls = yourls.activationScript;
54	};	62	};
55		63
56	systemd.services.tt-rss = {	64	systemd.services.tt-rss = {


diff --git a/virtual/modules/websites/tools/tools/yourls-ldap-plugin.json b/virtual/modules/websites/tools/tools/yourls-ldap-plugin.json new file mode 100644 index 0000000..9411e4a --- /dev/null +++ b/virtual/modules/websites/tools/tools/yourls-ldap-plugin.json
@@ -0,0 +1,15 @@
		1	{
		2	"tag": "2a3cb03-master",
		3	"meta": {
		4	"name": "yourls-ldap-plugin",
		5	"url": "https://github.com/k3a/yourls-ldap-plugin",
		6	"branch": "master"
		7	},
		8	"github": {
		9	"owner": "k3a",
		10	"repo": "yourls-ldap-plugin",
		11	"rev": "2a3cb0334b8a6b81b284a7196e614bbd2b2b1615",
		12	"sha256": "0cchbnli77d295lzf7kjmn4dcxj2bmdqa9qc3f8l8qgmp4n5n0gh",
		13	"fetchSubmodules": true
		14	}
		15	}


diff --git a/virtual/modules/websites/tools/tools/yourls.json b/virtual/modules/websites/tools/tools/yourls.json new file mode 100644 index 0000000..0a79b18 --- /dev/null +++ b/virtual/modules/websites/tools/tools/yourls.json
@@ -0,0 +1,15 @@
		1	{
		2	"tag": "1.7.3",
		3	"meta": {
		4	"name": "yourls",
		5	"url": "https://github.com/YOURLS/YOURLS",
		6	"branch": "refs/tags/1.7.3"
		7	},
		8	"github": {
		9	"owner": "YOURLS",
		10	"repo": "YOURLS",
		11	"rev": "077018822d3594229daa8343310d0b40804b9ddc",
		12	"sha256": "1av6h619rwqn0yn0kjn2s2h3gmrhmxaaa9hd5ns4ralxgg731imd",
		13	"fetchSubmodules": true
		14	}
		15	}


diff --git a/virtual/modules/websites/tools/tools/yourls.nix b/virtual/modules/websites/tools/tools/yourls.nix new file mode 100644 index 0000000..b97dac9 --- /dev/null +++ b/virtual/modules/websites/tools/tools/yourls.nix
@@ -0,0 +1,102 @@
		1	{ lib, env, writeText, stdenv, fetchedGithub }:
		2	let
		3	yourls = let
		4	plugins = {
		5	ldap = stdenv.mkDerivation (fetchedGithub ./yourls-ldap-plugin.json // rec {
		6	installPhase = ''
		7	mkdir -p $out
		8	cp plugin.php $out/
		9	'';
		10	});
		11	};
		12	in rec {
		13	activationScript = ''
		14	install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/yourls
		15	'';
		16	config = writeText "config.php" ''
		17	<?php
		18	define( 'YOURLS_DB_USER', '${env.mysql.user}' );
		19	define( 'YOURLS_DB_PASS', '${env.mysql.password}' );
		20	define( 'YOURLS_DB_NAME', '${env.mysql.database}' );
		21	define( 'YOURLS_DB_HOST', 'db-1.immae.eu' );
		22	define( 'YOURLS_DB_PREFIX', 'yourls_' );
		23	define( 'YOURLS_SITE', 'http://tools.immae.eu/url' );
		24	define( 'YOURLS_HOURS_OFFSET', 0 );
		25	define( 'YOURLS_LANG', ''' );
		26	define( 'YOURLS_UNIQUE_URLS', true );
		27	define( 'YOURLS_PRIVATE', true );
		28	define( 'YOURLS_COOKIEKEY', '${env.cookieKey}' );
		29	$yourls_user_passwords = array();
		30	define( 'YOURLS_DEBUG', false );
		31	define( 'YOURLS_URL_CONVERT', 36 );
		32	$yourls_reserved_URL = array();
		33	define( 'LDAPAUTH_HOST', 'ldaps://ldap.immae.eu' );
		34	define( 'LDAPAUTH_PORT', '636' );
		35	define( 'LDAPAUTH_BASE', 'dc=immae,dc=eu' );
		36	define( 'LDAPAUTH_SEARCH_USER', 'cn=yourls,ou=services,dc=immae,dc=eu' );
		37	define( 'LDAPAUTH_SEARCH_PASS', '${env.ldap.password}' );
		38
		39	define( 'LDAPAUTH_GROUP_ATTR', 'memberof' );
		40	define( 'LDAPAUTH_GROUP_REQ', 'cn=admin,cn=yourls,ou=services,dc=immae,dc=eu');
		41
		42	define( 'LDAPAUTH_USERCACHE_TYPE', 0);
		43	'';
		44	webRoot = stdenv.mkDerivation (fetchedGithub ./yourls.json // rec {
		45	installPhase = ''
		46	mkdir -p $out
		47	cp -a / .php $out/
		48	cp sample-robots.txt $out/robots.txt
		49	ln -sf ${config} $out/includes/config.php
		50	${builtins.concatStringsSep "\n" (
		51	lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/user/plugins/${name}") plugins
		52	)}
		53	'';
		54	});
		55	apache = {
		56	user = "wwwrun";
		57	group = "wwwrun";
		58	modules = [ "proxy_fcgi" ];
		59	vhostConf = ''
		60	Alias /url "${webRoot}"
		61	<Directory "${webRoot}">
		62	<FilesMatch "\.php$">
		63	SetHandler "proxy:unix:${phpFpm.socket}\|fcgi://localhost"
		64	</FilesMatch>
		65
		66	AllowOverride None
		67	Require all granted
		68	<IfModule mod_rewrite.c>
		69	RewriteEngine On
		70	RewriteBase /url/
		71	RewriteCond %{REQUEST_FILENAME} !-f
		72	RewriteCond %{REQUEST_FILENAME} !-d
		73	RewriteRule ^.*$ /url/yourls-loader.php [L]
		74	</IfModule>
		75	DirectoryIndex index.php
		76	</Directory>
		77	'';
		78	};
		79	phpFpm = rec {
		80	basedir = builtins.concatStringsSep ":" (
		81	[ webRoot config ]
		82	++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
		83	socket = "/var/run/phpfpm/yourls.sock";
		84	pool = ''
		85	listen = ${socket}
		86	user = ${apache.user}
		87	group = ${apache.group}
		88	listen.owner = ${apache.user}
		89	listen.group = ${apache.group}
		90	pm = ondemand
		91	pm.max_children = 60
		92	pm.process_idle_timeout = 60
		93
		94	; Needed to avoid clashes in browser cookies (same domain)
		95	php_value[session.name] = YourlsPHPSESSID
		96	php_admin_value[open_basedir] = "${basedir}:/tmp"
		97	php_admin_value[session.save_path] = "/var/lib/php/sessions/yourls"
		98	'';
		99	};
		100	};
		101	in
		102	yourls