WIP: dokuwiki #10
8 changed files with 86 additions and 4 deletions
|
@ -70,6 +70,7 @@ dualstack // {
|
|||
};
|
||||
docs = public-cof-ips;
|
||||
jurisprudens = public-cof-ips;
|
||||
wiki = public-cof-ips;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
# ./cryptpad.nix
|
||||
./hedgedoc.nix
|
||||
./secrets
|
||||
./wiki.nix
|
||||
# TODO monitoring
|
||||
];
|
||||
|
||||
|
|
|
@ -12,9 +12,9 @@
|
|||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||
},
|
||||
"klubrz-nur": {
|
||||
"branch": "main",
|
||||
"branch": "custom_dokuwiki",
|
||||
"repo": "https://git.rz.ens.wtf/Klub-RZ/nur",
|
||||
"rev": "98911e21fd58f00440dc8a5bd6568f2a349338bd",
|
||||
"rev": "30e5da0c5eeede091c35f64d6a3720fd8e149d87",
|
||||
"type": "git"
|
||||
},
|
||||
"niv": {
|
||||
|
|
|
@ -6,7 +6,7 @@ let
|
|||
in
|
||||
{
|
||||
nixpkgs.config.packageOverrides = {
|
||||
# rz = import rz-src { inherit pkgs; };
|
||||
rz = import rz-src { inherit pkgs; };
|
||||
};
|
||||
|
||||
imports = [
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ ... }:
|
||||
{ config, ... }:
|
||||
{
|
||||
age.secrets.nextcloudAdminPassword = {
|
||||
owner = "nextcloud";
|
||||
|
@ -10,4 +10,9 @@
|
|||
group = "nextcloud";
|
||||
file = ./nextcloudDatabasePasswordFile.age;
|
||||
};
|
||||
age.secrets.wikiKeycloakSecret = {
|
||||
owner = "dokuwiki";
|
||||
group = config.services.nginx.group;
|
||||
file = ./wikiKeycloakSecret.age;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -9,5 +9,6 @@ in
|
|||
{
|
||||
"nextcloudAdminPasswordFile.age".publicKeys = superadmins ++ systems;
|
||||
"nextcloudDatabasePasswordFile.age".publicKeys = superadmins ++ systems;
|
||||
"wikiKeycloakSecret.age".publicKeys = superadmins ++ systems;
|
||||
}
|
||||
|
||||
|
|
0
machines/public-cof/secrets/wikiKeycloakSecret.age
Normal file
0
machines/public-cof/secrets/wikiKeycloakSecret.age
Normal file
74
machines/public-cof/wiki.nix
Normal file
74
machines/public-cof/wiki.nix
Normal file
|
@ -0,0 +1,74 @@
|
|||
{ pkgs, config, ... }:
|
||||
let
|
||||
hostname = "wiki.beta.rz.ens.wtf";
|
||||
keycloakKey = "wiki";
|
||||
keycloakUrl = "https://auth.rz.ens.wtf/auth/realms/ClubReseau/.well-known/openid-configuration/";
|
||||
keycloakSecretFile = config.age.secrets.wikiKeycloakSecret.path;
|
||||
title = "Wiki du KlubRezo";
|
||||
in
|
||||
{
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
services.nginx.virtualHosts."${hostname}" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
};
|
||||
services.dokuwiki.sites."${hostname}" = {
|
||||
enable = true;
|
||||
|
||||
extraConfig = ''
|
||||
$conf['template'] = 'bootstrap3';
|
||||
$conf['license'] = 'cc-by-sa';
|
||||
$conf['title'] = '${title}';
|
||||
$conf['start'] = 'accueil';
|
||||
$conf['lang'] = 'fr';
|
||||
$conf['breadcrumbs'] = 0; // On s'en fiche de l'historique des pages visitées
|
||||
$conf['youarehere'] = true; // Par contre on veut notre position dans la hiérarchie du site
|
||||
// On veut que les liens externes s'ouvrent dans de nouveaux onglets
|
||||
$conf['target'] = array(
|
||||
'extern' => '_tab'
|
||||
);
|
||||
$conf['htmlok'] = 1; // On peut mettre du html dans les pages
|
||||
$conf['sitemap'] = 7;
|
||||
$conf['rss_type'] = 'rss2';
|
||||
$conf['userewrite'] = 1; // Important, sinon on casse tout avec les règles nginx définies par le module nixos
|
||||
$conf['useslash'] = 1;
|
||||
$conf['tpl']['bootstrap3']['showAddNewPage'] = 'logged';
|
||||
$conf['tpl']['bootstrap3']['fluidContainer'] = 0;
|
||||
$conf['htmlmail'] = 0; // On envoie les mails en plain text
|
||||
$conf['authtype'] = 'oauth';
|
||||
$conf['plugin']['oauthkeycloak']['key'] = '${keycloakKey}';
|
||||
$conf['plugin']['oauthkeycloak']['secret'] = file('${keycloakSecretFile}', FILE_IGNORE_NEW_LINES)[0];
|
||||
$conf['plugin']['oauthkeycloak']['openidurl'] = '${keycloakUrl}';
|
||||
$conf['plugin']['oauth']['register-on-auth'] = 1;
|
||||
'';
|
||||
|
||||
pluginsConfig = ''
|
||||
$plugins['authmysql'] = 0;
|
||||
$plugins['popularity'] = 0;
|
||||
$plugins['authpgsql'] = 0;
|
||||
$plugins['authpdo'] = 0;
|
||||
$plugins['authldap'] = 0;
|
||||
$plugins['oauthkeycloak'] = 1;
|
||||
'';
|
||||
|
||||
disableActions = "register";
|
||||
superUser = "@admin";
|
||||
|
||||
aclUse = true;
|
||||
|
||||
# Il faut packager les templates
|
||||
templates = [ pkgs.rz.dokuwikiExtensions.templates.bootstrap3 ];
|
||||
plugins = [
|
||||
pkgs.rz.dokuwikiExtensions.plugins.commonmark
|
||||
pkgs.rz.dokuwikiExtensions.plugins.catlist
|
||||
pkgs.rz.dokuwikiExtensions.plugins.keycloak
|
||||
pkgs.rz.dokuwikiExtensions.plugins.oauth
|
||||
];
|
||||
};
|
||||
services.phpfpm.pools."dokuwiki-${hostname}".phpPackage = pkgs.lib.mkForce ( pkgs.php74.withExtensions (
|
||||
{ all, enabled, ... }:
|
||||
enabled ++ [
|
||||
all.xml #Requis par le template bootstrap3
|
||||
]
|
||||
));
|
||||
}
|
Loading…
Reference in a new issue