infrastructure/machines/public-cof/kanboard.nix
2022-09-17 21:26:46 +02:00

71 lines
3.1 KiB
Nix

{ pkgs, lib, config, ... }:
let
mkKanboardPlugin = { name, url, hash ? null }: pkgs.fetchzip {
inherit name url;
sha256 = if hash == null then lib.fakeHash else hash;
};
plugins = map mkKanboardPlugin [
{ name = "userimport_wgroups"; url = "https://github.com/creecros/userimport_wgroups/releases/download/1.0.0/ImportWithGroup-1.0.0.zip"; hash = "sha256-iLpOxwu/atxd062z7z0T3Mkh5YH7IHmcCqiVZPAJbsA="; }
{ name = "MarkdownPlus"; url = "https://github.com/creecros/MarkdownPlus/releases/download/1.1.0/MarkdownPlus-1.1.0.zip"; hash = "sha256-BMzEaj47NnLvatEgUbKeibiWf9G+B4EFlVYhDNqk+y4="; }
{ name = "MetaMagik"; url = "https://github.com/creecros/MetaMagik/releases/download/1.5.1/MetaMagik-1.5.1.zip"; hash = "sha256-8y8+YvS5MAzRt4VVECQK0vQk6oA4Jbxn+2jWQ8nP3gU="; }
{ name = "OAuth2"; url = "https://github.com/kanboard/plugin-oauth2/releases/download/v1.0.2/OAuth2-1.0.2.zip"; hash = "sha256-L0df8bwPCxHjVOCNiVp+dqVsqJ0CEuJbHzwv5sYprIU="; }
{ name = "KanboardOffline"; url = "https://github.com/ipunkt/KanboardOffline/releases/download/1.0.0/OfflineKanboardPlugin-1.0.0.zip"; hash = "sha256-zYIWKM82Em/ys75XgB/udIGk1+EeScE8jpP2HK2wHGQ="; }
{ name = "HighlightCodeSyntax"; url = "https://github.com/kenlog/HighlightCodeSyntax/releases/download/v1.0.3/HighlightCodeSyntax-v1.0.3.zip"; hash = "sha256-c4bV1gGVNUjHOJKBI6QxsV72mAzcEgjqv8r62ebpPdU="; }
{ name = "Group_assign"; url = "https://github.com/creecros/Group_assign/releases/download/1.7.12/Group_assign-1.7.12.zip"; hash = "sha256-ijI8nIIqsK8Pr1iEfCBUeUD3dlsIfmkOP0xC39JkIAs="; }
];
pluginsDirectory = pkgs.linkFarmFromDrvs "kanboard-plugins" plugins;
kanboardConfig = pkgs.substituteAll {
name = "kanboard-config.php";
src = ./kanboard-config.php;
inherit pluginsDirectory;
};
in
{
services.phpfpm.pools.kanboard = {
user = "kanboard";
group = "kanboard";
settings = {
"listen.group" = "nginx";
"pm" = "static";
"pm.max_children" = 4;
};
};
users.users.kanboard = {
isSystemUser = true;
group = "kanboard";
};
users.groups.kanboard = {};
services.nginx = {
enable = true;
virtualHosts."todo.beta.rz.ens.wtf" = {
enableACME = true;
forceSSL = true;
root = pkgs.buildEnv {
name = "kanboard-configured";
paths = [
(pkgs.runCommand "kanboard-over" {meta.priority = 0;} ''
mkdir -p $out
for f in index.php jsonrpc.php ; do
echo "<?php require('$out/config.php');" > $out/$f
tail -n+2 ${pkgs.kanboard}/share/kanboard/$f \
| sed 's^__DIR__^"${pkgs.kanboard}/share/kanboard"^' >> $out/$f
done
ln -s /var/lib/kanboard $out/data
ln -s ${kanboardConfig} $out/config.php
'')
{ outPath = "${pkgs.kanboard}/share/kanboard"; meta.priority = 10; }
];
};
locations = {
"/".index = "index.php";
"~ \\.php$" = {
tryFiles = "$uri =404";
extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools.kanboard.socket};
'';
};
};
};
};
}