diff options
Diffstat (limited to 'nixos/modules/services/web-servers/apache-httpd')
5 files changed, 416 insertions, 3 deletions
diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index 2b5cba68d45..2885fd39652 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -231,6 +231,9 @@ let ${if cfg.sslServerCert != null then '' SSLCertificateFile ${cfg.sslServerCert} SSLCertificateKeyFile ${cfg.sslServerKey} + ${if cfg.sslServerChain != null then '' + SSLCertificateChainFile ${cfg.sslServerChain} + '' else ""} '' else ""} ${if cfg.enableSSL then '' diff --git a/nixos/modules/services/web-servers/apache-httpd/mediawiki.nix b/nixos/modules/services/web-servers/apache-httpd/mediawiki.nix index c0ed2041639..52d8c89baff 100644 --- a/nixos/modules/services/web-servers/apache-httpd/mediawiki.nix +++ b/nixos/modules/services/web-servers/apache-httpd/mediawiki.nix @@ -83,11 +83,11 @@ let # Unpack Mediawiki and put the config file in its root directory. mediawikiRoot = pkgs.stdenv.mkDerivation rec { - name= "mediawiki-1.23.3"; + name= "mediawiki-1.23.9"; src = pkgs.fetchurl { url = "http://download.wikimedia.org/mediawiki/1.23/${name}.tar.gz"; - sha256 = "0l6798jwjwk2khfnm84mgc65ij53a8pnv30wdnn15ys4ivia4bpf"; + sha256 = "1l7k4g0pgz92yvrfr52w26x740s4362v0gc95pk0i30vn2sp5bql"; }; skins = config.skins; @@ -142,6 +142,7 @@ in RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-f RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-d ${concatMapStringsSep "\n" (u: "RewriteCond %{REQUEST_URI} !^${u.urlPath}") serverInfo.vhostConfig.servedDirs} + ${concatMapStringsSep "\n" (u: "RewriteCond %{REQUEST_URI} !^${u.urlPath}") serverInfo.vhostConfig.servedFiles} RewriteRule ${if config.enableUploads then "!^/images" else "^.*\$" diff --git a/nixos/modules/services/web-servers/apache-httpd/moodle.nix b/nixos/modules/services/web-servers/apache-httpd/moodle.nix new file mode 100644 index 00000000000..84c8281ecd8 --- /dev/null +++ b/nixos/modules/services/web-servers/apache-httpd/moodle.nix @@ -0,0 +1,193 @@ +{ config, lib, pkgs, serverInfo, php, ... }: + +with lib; + +let + + httpd = serverInfo.serverConfig.package; + + version24 = !versionOlder httpd.version "2.4"; + + allGranted = if version24 then '' + Require all granted + '' else '' + Order allow,deny + Allow from all + ''; + + moodleConfig = pkgs.writeText "config.php" + '' + <?php + unset($CFG); + global $CFG; + $CFG = new stdClass(); + $CFG->dbtype = '${config.dbType}'; + $CFG->dblibrary = 'native'; + $CFG->dbhost = '${config.dbHost}'; + $CFG->dbname = '${config.dbName}'; + $CFG->dbuser = '${config.dbUser}'; + $CFG->dbpass = '${config.dbPassword}'; + $CFG->prefix = '${config.dbPrefix}'; + $CFG->dboptions = array( + 'dbpersist' => false, + 'dbsocket' => false, + 'dbport' => "${config.dbPort}", + ); + $CFG->wwwroot = '${config.wwwRoot}'; + $CFG->dataroot = '${config.dataRoot}'; + $CFG->directorypermissions = 02777; + $CFG->admin = 'admin'; + ${optionalString (config.debug.noEmailEver == true) '' + $CFG->noemailever = true; + ''} + + ${config.extraConfig} + require_once(dirname(__FILE__) . '/lib/setup.php'); // Do not edit + ''; + # Unpack Moodle and put the config file in its root directory. + moodleRoot = pkgs.stdenv.mkDerivation rec { + name= "moodle-2.8.5"; + + src = pkgs.fetchurl { + url = "https://download.moodle.org/stable28/${name}.tgz"; + sha256 = "1a159a193010cddedce10ee009184502e6f732e4d7c85167d8597fe5dff9e190"; + }; + + buildPhase = + '' + ''; + + installPhase = + '' + mkdir -p $out + cp -r * $out + cp ${moodleConfig} $out/config.php + ''; + }; + +in + +{ + + extraConfig = + '' + # this should be config.urlPrefix instead of / + Alias / ${moodleRoot}/ + <Directory ${moodleRoot}> + DirectoryIndex index.php + </Directory> + ''; + + documentRoot = moodleRoot; # TODO: fix this, should be config.urlPrefix + + enablePHP = true; + + options = { + + id = mkOption { + default = "main"; + description = '' + A unique identifier necessary to keep multiple Moodle server + instances on the same machine apart. + ''; + }; + + dbType = mkOption { + default = "postgres"; + example = "mysql"; + description = "Database type."; + }; + + dbName = mkOption { + default = "moodle"; + description = "Name of the database that holds the Moodle data."; + }; + + dbHost = mkOption { + default = "localhost"; + example = "10.0.2.2"; + description = '' + The location of the database server. + ''; + }; + + dbPort = mkOption { + default = ""; # use the default port + example = "12345"; + description = '' + The port that is used to connect to the database server. + ''; + }; + + dbUser = mkOption { + default = "moodle"; + description = "The user name for accessing the database."; + }; + + dbPassword = mkOption { + default = ""; + example = "password"; + description = '' + The password of the database user. Warning: this is stored in + cleartext in the Nix store! + ''; + }; + + dbPrefix = mkOption { + default = "mdl_"; + example = "my_other_mdl_"; + description = '' + A prefix for each table, if multiple moodles should run in a single database. + ''; + }; + + wwwRoot = mkOption { + type = types.string; + example = "http://my.machine.com/my-moodle"; + description = '' + The full web address where moodle has been installed. + ''; + }; + + dataRoot = mkOption { + default = "/var/lib/moodledata"; + example = "/var/lib/moodledata"; + description = '' + The data directory for moodle. Needs to be writable! + ''; + type = types.path; + }; + + + extraConfig = mkOption { + default = ""; + example = + '' + ''; + description = '' + Any additional text to be appended to Moodle's + configuration file. This is a PHP script. + ''; + }; + + debug = { + noEmailEver = mkOption { + default = false; + example = "true"; + description = '' + Set this to true to prevent Moodle from ever sending any email. + ''; + }; + }; + }; + + startupScript = pkgs.writeScript "moodle_startup.sh" '' + echo "Checking for existence of ${config.dataRoot}" + if [ ! -e "${config.dataRoot}" ] + then + mkdir -p "${config.dataRoot}" + chown ${serverInfo.serverConfig.user}.${serverInfo.serverConfig.group} "${config.dataRoot}" + fi + ''; + +} diff --git a/nixos/modules/services/web-servers/apache-httpd/per-server-options.nix b/nixos/modules/services/web-servers/apache-httpd/per-server-options.nix index 76f55a63e32..5abcc5e7490 100644 --- a/nixos/modules/services/web-servers/apache-httpd/per-server-options.nix +++ b/nixos/modules/services/web-servers/apache-httpd/per-server-options.nix @@ -56,6 +56,13 @@ with lib; description = "Path to server SSL certificate key."; }; + sslServerChain = mkOption { + type = types.nullOr types.path; + default = null; + example = "/var/ca.pem"; + description = "Path to server SSL chain file."; + }; + adminAddr = mkOption ({ type = types.nullOr types.str; example = "admin@example.org"; @@ -90,7 +97,7 @@ with lib; default = []; example = [ { urlPath = "/foo/bar.png"; - dir = "/home/eelco/some-file.png"; + files = "/home/eelco/some-file.png"; } ]; description = '' diff --git a/nixos/modules/services/web-servers/apache-httpd/wordpress.nix b/nixos/modules/services/web-servers/apache-httpd/wordpress.nix new file mode 100644 index 00000000000..01b6cfc62af --- /dev/null +++ b/nixos/modules/services/web-servers/apache-httpd/wordpress.nix @@ -0,0 +1,209 @@ +{ config, lib, pkgs, serverInfo, php, ... }: + +with lib; + +let + # https://wordpress.org/plugins/postgresql-for-wordpress/ + # Wordpress plugin 'postgresql-for-wordpress' installation example + postgresqlForWordpressPlugin = pkgs.stdenv.mkDerivation { + name = "postgresql-for-wordpress-plugin"; + # Download the theme from the wordpress site + src = pkgs.fetchurl { + url = https://downloads.wordpress.org/plugin/postgresql-for-wordpress.1.3.1.zip; + sha256 = "f11a5d76af884c7bec2bc653ed5bd29d3ede9a8657bd67ab7824e329e5d809e8"; + }; + # We need unzip to build this package + buildInputs = [ pkgs.unzip ]; + # Installing simply means copying all files to the output directory + installPhase = "mkdir -p $out; cp -R * $out/"; + }; + + # Our bare-bones wp-config.php file using the above settings + wordpressConfig = pkgs.writeText "wp-config.php" '' + <?php + define('DB_NAME', '${config.dbName}'); + define('DB_USER', '${config.dbUser}'); + define('DB_PASSWORD', '${config.dbPassword}'); + define('DB_HOST', '${config.dbHost}'); + define('DB_CHARSET', 'utf8'); + $table_prefix = '${config.tablePrefix}'; + if ( !defined('ABSPATH') ) + define('ABSPATH', dirname(__FILE__) . '/'); + require_once(ABSPATH . 'wp-settings.php'); + ${config.extraConfig} + ''; + + # .htaccess to support pretty URLs + htaccess = pkgs.writeText "htaccess" '' + <IfModule mod_rewrite.c> + RewriteEngine On + RewriteBase / + RewriteCond %{REQUEST_FILENAME} !-f + RewriteCond %{REQUEST_FILENAME} !-d + RewriteRule . /index.php [L] + </IfModule> + ''; + + # The wordpress package itself + wordpressRoot = pkgs.stdenv.mkDerivation rec { + name = "wordpress"; + # Fetch directly from the wordpress site, want to upgrade? + # Just change the version URL and update the hash + src = pkgs.fetchurl { + url = http://wordpress.org/wordpress-4.1.1.tar.gz; + sha256 = "1s9y0i9ms3m6dswb9gqrr95plnx6imahc07fyhvrp5g35f6c12k1"; + }; + installPhase = '' + mkdir -p $out + # Copy all the wordpress files we downloaded + cp -R * $out/ + # We'll symlink the wordpress config + ln -s ${wordpressConfig} $out/wp-config.php + # As well as our custom .htaccess + ln -s ${htaccess} $out/.htaccess + # And the uploads directory + ln -s ${config.wordpressUploads} $out/wp-content/uploads + # And the theme(s) + ${concatMapStrings (theme: "ln -s ${theme} $out/wp-content/themes/${theme.name}\n") config.themes} + # And the plugin(s) + # remove bundled plugin(s) coming with wordpress + rm -Rf $out/wp-content/plugins/akismet + # install plugins + ${concatMapStrings (plugin: "ln -s ${plugin} $out/wp-content/plugins/${plugin.name}\n") (config.plugins ++ [ postgresqlForWordpressPlugin]) } + ''; + }; + +in + +{ + + # And some httpd extraConfig to make things work nicely + extraConfig = '' + <Directory ${wordpressRoot}> + DirectoryIndex index.php + Allow from * + Options FollowSymLinks + AllowOverride All + </Directory> + ''; + + enablePHP = true; + + options = { + dbHost = mkOption { + default = "localhost"; + description = "The location of the database server."; + example = "localhost"; + }; + dbName = mkOption { + default = "wordpress"; + description = "Name of the database that holds the Wordpress data."; + example = "localhost"; + }; + dbUser = mkOption { + default = "wordpress"; + description = "The dbUser, read the username, for the database."; + example = "wordpress"; + }; + dbPassword = mkOption { + default = "wordpress"; + description = "The password to the respective dbUser."; + example = "wordpress"; + }; + tablePrefix = mkOption { + default = "wp_"; + description = '' + The $table_prefix is the value placed in the front of your database tables. Change the value if you want to use something other than wp_ for your database prefix. Typically this is changed if you are installing multiple WordPress blogs in the same database. See <link xlink:href='http://codex.wordpress.org/Editing_wp-config.php#table_prefix'/>. + ''; + }; + wordpressUploads = mkOption { + default = "/data/uploads"; + description = '' + This directory is used for uploads of pictures and must be accessible (read: owned) by the httpd running user. The directory passed here is automatically created and permissions are given to the httpd running user. + ''; + }; + plugins = mkOption { + default = []; + type = types.listOf types.path; + description = + '' + List of path(s) to respective plugin(s) which are symlinked from the 'plugins' directory. Note: These plugins need to be packaged before use. + ''; + example = '' + # Wordpress plugin 'akismet' installation example + akismetPlugin = pkgs.stdenv.mkDerivation { + name = "akismet-plugin"; + # Download the theme from the wordpress site + src = pkgs.fetchurl { + url = https://downloads.wordpress.org/plugin/akismet.3.1.zip; + sha256 = "1i4k7qyzna08822ncaz5l00wwxkwcdg4j9h3z2g0ay23q640pclg"; + }; + # We need unzip to build this package + buildInputs = [ pkgs.unzip ]; + # Installing simply means copying all files to the output directory + installPhase = "mkdir -p $out; cp -R * $out/"; + }; + + And then pass this theme to the themes list like this: + plugins = [ akismetPlugin ]; + ''; + }; + themes = mkOption { + default = []; + type = types.listOf types.path; + description = + '' + List of path(s) to respective theme(s) which are symlinked from the 'theme' directory. Note: These themes need to be packaged before use. + ''; + example = '' + # For shits and giggles, let's package the responsive theme + responsiveTheme = pkgs.stdenv.mkDerivation { + name = "responsive-theme"; + # Download the theme from the wordpress site + src = pkgs.fetchurl { + url = http://wordpress.org/themes/download/responsive.1.9.7.6.zip; + sha256 = "06i26xlc5kdnx903b1gfvnysx49fb4kh4pixn89qii3a30fgd8r8"; + }; + # We need unzip to build this package + buildInputs = [ pkgs.unzip ]; + # Installing simply means copying all files to the output directory + installPhase = "mkdir -p $out; cp -R * $out/"; + }; + + And then pass this theme to the themes list like this: + themes = [ responsiveTheme ]; + ''; + }; + extraConfig = mkOption { + default = ""; + example = + '' + define( 'AUTOSAVE_INTERVAL', 60 ); // Seconds + ''; + description = '' + Any additional text to be appended to Wordpress's wp-config.php + configuration file. This is a PHP script. For configuration + settings, see <link xlink:href='http://codex.wordpress.org/Editing_wp-config.php'/>. + ''; + }; + }; + + documentRoot = wordpressRoot; + + startupScript = pkgs.writeScript "init-wordpress.sh" '' + #!/bin/sh + mkdir -p ${config.wordpressUploads} + chown ${serverInfo.serverConfig.user} ${config.wordpressUploads} + + # we should use systemd dependencies here + #waitForUnit("network-interfaces.target"); + if [ ! -d ${serverInfo.fullConfig.services.mysql.dataDir}/${config.dbName} ]; then + # Wait until MySQL is up + while [ ! -e /var/run/mysql/mysqld.pid ]; do + sleep 1 + done + ${pkgs.mysql}/bin/mysql -e 'CREATE DATABASE ${config.dbName};' + ${pkgs.mysql}/bin/mysql -e 'GRANT ALL ON ${config.dbName}.* TO ${config.dbUser}@localhost IDENTIFIED BY "${config.dbPassword}";' + fi + ''; +} |