diff options
| author | makefu <github@syntax-fehler.de> | 2023-07-28 22:24:15 +0200 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2023-07-28 22:24:15 +0200 |
| commit | 060a8f28fa1fc648bdf66afb31a5d1efac868837 (patch) | |
| tree | 2b354eacc7897365ee45244fe7a51720e0d0333f /makefu/2configs/deployment | |
| parent | cbfcc890e3b76d942b927809bf981a5fa7289e6a (diff) | |
makefu: move out to own repo, add vacation-note
Diffstat (limited to 'makefu/2configs/deployment')
29 files changed, 0 insertions, 1418 deletions
diff --git a/makefu/2configs/deployment/board.euer.krebsco.de.nix b/makefu/2configs/deployment/board.euer.krebsco.de.nix deleted file mode 100644 index ca617976..00000000 --- a/makefu/2configs/deployment/board.euer.krebsco.de.nix +++ /dev/null @@ -1,15 +0,0 @@ -let - fqdn = "board.euer.krebsco.de"; - port = 13113; -in { - services.restya-board = { - enable = true; - virtualHost.listenPort = port; - }; - services.nginx.virtualHosts."${fqdn}" = { - enableACME = true; - forceSSL = true; - locations."/".proxyPass = "http://localhost:${toString port}"; - }; -} - diff --git a/makefu/2configs/deployment/boot-euer.nix b/makefu/2configs/deployment/boot-euer.nix deleted file mode 100644 index f890ea7a..00000000 --- a/makefu/2configs/deployment/boot-euer.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, lib, pkgs, ... }: -# more than just nginx config but not enough to become a module -with import <stockholm/lib>; -let - hostname = config.krebs.build.host.name; - bootscript = pkgs.writeTextDir "runit" '' - set -euf - cd /root - mkdir -p .ssh - echo "${config.krebs.users.makefu.pubkey}" > .ssh/authorized_keys - chmod 700 -R .ssh - systemctl restart sshd - ''; -in { - - services.nginx = { - enable = mkDefault true; - virtualHosts."boot.euer.krebsco.de" = { - forceSSL = true; - enableACME = true; - locations."/" = { - root = bootscript; - index = "runit"; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/dirctator.nix b/makefu/2configs/deployment/dirctator.nix deleted file mode 100644 index 7303bb41..00000000 --- a/makefu/2configs/deployment/dirctator.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ pkgs, lib, ... }: - -with lib; -let - port = 18872; - runit = pkgs.writeDash "runit" '' - set -xeuf - export PULSE_COOKIE=/var/run/pulse/.config/pulse/cookie - echo "$@" | sed 's/^dirctator://' | ${pkgs.espeak}/bin/espeak -v mb-de7 2>&1 | tee -a /tmp/speak - ''; -in { - services.logstash = { - package = pkgs.logstash5; - enable = true; - inputConfig = '' - irc { - channels => [ "#krebs", "#afra" ] - host => "irc.hackint.org" - nick => "dirctator" - } - ''; - filterConfig = '' - ''; - outputConfig = '' - stdout { codec => rubydebug } - exec { command => "${runit} '%{message}" } - ''; - extraSettings = '' - path.plugins: [ "${pkgs.logstash-output-exec}" ] - ''; - ## NameError: `@path.plugins' is not allowable as an instance variable name - # plugins = [ pkgs.logstash-output-exec ]; - }; -} diff --git a/makefu/2configs/deployment/docker/archiveteam-warrior.nix b/makefu/2configs/deployment/docker/archiveteam-warrior.nix deleted file mode 100644 index 0069e453..00000000 --- a/makefu/2configs/deployment/docker/archiveteam-warrior.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ lib, ... }: -with lib; -let - port = ident: toString (28000 + ident); - instances = [ 1 2 3 4 5 6 7 8 9 ]; -in { - services.nginx.recommendedProxySettings = true; - services.nginx.virtualHosts."warrior.gum.r".locations = let - # TODO location "/" shows all warrior instances - proxy = ident: - { - "/warrior${toString ident}/" = { - proxyPass = "http://localhost:${port ident}/"; - # rewrite ^/info /warrior${toString ident}/info; - extraConfig = '' - sub_filter "http://warrior.gum.r/info" "http://warrior.gum.r/warrior${toString ident}/info"; - sub_filter_once off; - ''; - }; - - }; - in - foldl' mergeAttrs {} (map proxy instances); - virtualisation.oci-containers.containers = let - container = ident: - { "archiveteam-warrior${toString ident}" = { - image = "archiveteam/warrior-dockerfile"; - ports = [ "127.0.0.1:${port ident}:8001" ]; - environment = { - DOWNLOADER = "makefu"; - SELECTED_PROJECT = "auto"; - CONCURRENT_ITEMS = "6"; - WARRIOR_ID = toString ident; - }; - }; - }; - in - foldl' mergeAttrs {} (map container instances); -} diff --git a/makefu/2configs/deployment/feed.euer.krebsco.de/default.nix b/makefu/2configs/deployment/feed.euer.krebsco.de/default.nix deleted file mode 100644 index de072092..00000000 --- a/makefu/2configs/deployment/feed.euer.krebsco.de/default.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ config, lib, pkgs, ... }: -let - filter-file = ./filter.yml; - pkg = with pkgs.python3Packages;buildPythonPackage rec { - version = "d16ce227dc68c9f60f6dd06e6835bab7cdfdf61b"; - pname = "ebk-notify"; - propagatedBuildInputs = [ - docopt - pyyaml - requests - beautifulsoup4 - dateutil - feedgen - ]; - src = pkgs.fetchgit { - url = "http://cgit.euer.krebsco.de/ebk-notify"; - rev = version; - sha256 = "15dlhp17alm01fw7mzdyh2z9zwz8psrs489lxs3hgg1p5wa0kzsp"; - }; - }; - domain = "feed.euer.krebsco.de"; - path = "/var/www/feed.euer.krebsco.de"; -in -{ - systemd.tmpfiles.rules = [ - "d ${path} nginx nogroup - -" - ]; - krebs.secret.files.ebknotify = { - path = "/etc/ebk-notify.yml"; - owner.name = "nginx"; - source-path = "${<secrets/ebk-notify.yml>}"; - }; - systemd.services.ebk-notify = { - startAt = "*:0/10"; - serviceConfig = { - User = "nginx"; # TODO better permission setting - # PrivateTmp = true; - ExecStart = "${pkg}/bin/ebk-notify --atom --outdir ${path} --config /etc/ebk-notify.yml --cache /tmp/ebk-cache.json --filter ${filter-file} --wait 30"; - }; - }; - systemd.timers.ebk-notify.timerConfig.RandomizedDelaySec = "120"; - services.nginx = { - virtualHosts."${domain}" = { - forceSSL = true; - enableACME = true; - locations."/" = { - root = path; - index = "root.atom"; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/feed.euer.krebsco.de/filter.yml b/makefu/2configs/deployment/feed.euer.krebsco.de/filter.yml deleted file mode 100644 index 29e5e714..00000000 --- a/makefu/2configs/deployment/feed.euer.krebsco.de/filter.yml +++ /dev/null @@ -1,32 +0,0 @@ -- name: Free Stuff by Category - zipcode: 70378 - distance: 2 - categoryId: 192 -- name: Kies - zipcode: 70378 - q: grobkies - distance: 2 -- name: pflanzkübel - zipcode: 70378 - q: Pflanzkübel - distance: 3 -- name: Ikea Samla - zipcode: 70378 - q: samla - distance: 5 -- name: Duplo - zipcode: 70378 - q: Duplo - distance: 10 -- name: Baby Gummistiefel - zipcode: 70378 - q: Gummistiefel - distance: 5 -- name: Werkbank - zipcode: 70378 - q: Werkbank - distance: 5 -- name: Einhell - zipcode: 70378 - q: Einhell - distance: 5 diff --git a/makefu/2configs/deployment/gecloudpad/default.nix b/makefu/2configs/deployment/gecloudpad/default.nix deleted file mode 100644 index 8b88626a..00000000 --- a/makefu/2configs/deployment/gecloudpad/default.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ config, lib, pkgs, ... }: -# more than just nginx config but not enough to become a module -let - wsgi-sock = "${workdir}/uwsgi-gecloudpad.sock"; - workdir = config.services.uwsgi.runDir; - gecloudpad = pkgs.python3Packages.callPackage ./gecloudpad.nix {}; - gecloudpad_settings = pkgs.writeText "gecloudpad_settings" '' - BASEURL = "https://etherpad.euer.krebsco.de" - ''; -in { - - services.uwsgi = { - enable = true; - user = "nginx"; - plugins = [ "python3" ]; - instance = { - type = "emperor"; - vassals = { - gecloudpad = { - type = "normal"; - pythonPackages = self: with self; [ gecloudpad ]; - socket = wsgi-sock; - env = ["GECLOUDPAD_SETTINGS=${gecloudpad_settings}"]; - }; - }; - }; - }; - - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."pad.binaergewitter.de" = { - enableACME = true; - forceSSL = true; - locations = { - "/".extraConfig = '' - expires -1; - uwsgi_pass unix://${wsgi-sock}; - uwsgi_param UWSGI_CHDIR ${gecloudpad}/${pkgs.python.sitePackages}; - uwsgi_param UWSGI_MODULE gecloudpad.main; - uwsgi_param UWSGI_CALLABLE app; - include ${pkgs.nginx}/conf/uwsgi_params; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix deleted file mode 100644 index 6f20ff57..00000000 --- a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ lib, pkgs, fetchFromGitHub, ... }: - -with pkgs.python3Packages;buildPythonPackage rec { - name = "gecloudpad-${version}"; - version = "0.2.3"; - - propagatedBuildInputs = [ - flask requests - ]; - - src = fetchFromGitHub { - owner = "binaergewitter"; - repo = "gecloudpad"; - rev = "1399ede4e609f63fbf1c4560979a6b22b924e0c5"; - sha256 = "1w74j5ks7naalzrib87r0adq20ik5x3x5l520apagb7baszn17lb"; - }; - - meta = { - homepage = https://github.com/binaergeiwtter/gecloudpad; - description = "server side for gecloudpad"; - license = lib.licenses.wtfpl; - }; -} - diff --git a/makefu/2configs/deployment/gitlab.nix b/makefu/2configs/deployment/gitlab.nix deleted file mode 100644 index d61f50c1..00000000 --- a/makefu/2configs/deployment/gitlab.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ lib, config, ... }: -let - web-port = 19453; - hostn = "gitlab.makefu.r"; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -in { - - services.gitlab = { - enable = true; - https = false; - port = web-port; - secrets = import <secrets/gitlab/secrets.nix>; - databasePassword = import <secrets/gitlab/dbpw.nix>; - initialRootEmail = "makefu@x.r"; - initialRootPassword = import <secrets/gitlab/rootpw.nix>; - host = hostn; - smtp = { - enable = true; - domain = "r"; - enableStartTLSAuto = false; - port = 25; - }; - }; - - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."${hostn}".locations."/" = { - proxyPass = "http://localhost:${toString web-port}/"; - extraConfig = '' - if ( $server_addr != "${internal-ip}" ) { - return 403; - } - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; - }; - }; -} diff --git a/makefu/2configs/deployment/graphs.nix b/makefu/2configs/deployment/graphs.nix deleted file mode 100644 index 1f6deb1b..00000000 --- a/makefu/2configs/deployment/graphs.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; -let - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; - hn = config.krebs.build.host.name; -in { - krebs.tinc_graphs = { - enable = true; - nginx = { - enable = true; - # TODO: remove hard-coded hostname - complete = { - extraConfig = '' - if ( $server_addr = "${external-ip}" ) { - return 403; - } - ''; - serverAliases = [ - "graph.makefu.r" - "graph.${hn}" "graph.${hn}.r" - ]; - }; - anonymous = { - forceSSL = true; - enableACME = true; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/hound/default.nix b/makefu/2configs/deployment/hound/default.nix deleted file mode 100644 index 0cfb5cde..00000000 --- a/makefu/2configs/deployment/hound/default.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ config, pkgs, ... }: -{ - services.nginx.virtualHosts."wikisearch.krebsco.de" = { - forceSSL = true; - enableACME = true; - locations."/".proxyPass = "http://localhost:6080"; - }; - services.hound = { - enable = true; - listen = "127.0.0.1:6080"; - # package = pkgs.hound.overrideDerivation(oldAttrs: { - # patches = [ ./keep-repo.patch ]; - # }); - config = ''{ - "max-concurrent-indexers" : 2, - "dbpath" : "${config.services.hound.home}/data", - "repos" : { - "nixos-users-wiki": { - "url" : "https://github.com/nixos-users/wiki.wiki.git", - "url-pattern" : { - "base-url" : "{url}/{path}" - } - } - } - }''; - }; - -} diff --git a/makefu/2configs/deployment/mediengewitter.de.nix b/makefu/2configs/deployment/mediengewitter.de.nix deleted file mode 100644 index 7c2073e8..00000000 --- a/makefu/2configs/deployment/mediengewitter.de.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, lib, pkgs, ... }: -# more than just nginx config but not enough to become a module -let - domain = "over.voltage.nz"; -in { - - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."mediengewitter.de" = { - enableACME = true; - forceSSL = true; - locations."/".return = "301 http://${domain}\$request_uri"; - #locations."/" = { - # proxyPass = "http://over.voltage.nz"; - #}; - #locations."/socket.io" = { - # proxyPass = "ws://over.voltage.nz"; - # proxyWebsockets = true; - #}; - }; - }; -} diff --git a/makefu/2configs/deployment/mycube.connector.one.nix b/makefu/2configs/deployment/mycube.connector.one.nix deleted file mode 100644 index aa9ff514..00000000 --- a/makefu/2configs/deployment/mycube.connector.one.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ config, lib, pkgs, ... }: -# more than just nginx config but not enough to become a module -let - hostname = config.krebs.build.host.name; - external-ip = config.krebs.build.host.nets.internet.ip4.addr; - wsgi-sock = "${config.services.uwsgi.runDir}/uwsgi.sock"; -in { - services.redis = { enable = true; }; - systemd.services.redis.serviceConfig.LimitNOFILE=65536; - - services.uwsgi = { - enable = true; - user = "nginx"; - plugins = [ "python2" ]; - instance = { - type = "emperor"; - vassals = { - mycube-flask = { - type = "normal"; - pythonPackages = self: with self; [ pkgs.mycube-flask ]; - socket = wsgi-sock; - }; - }; - }; - }; - - services.nginx = { - enable = lib.mkDefault true; - virtualHosts."mybox.connector.one" = { - locations = { - "/".extraConfig = '' - uwsgi_pass unix://${wsgi-sock}; - uwsgi_param UWSGI_CHDIR ${pkgs.mycube-flask}/${pkgs.python.sitePackages}; - uwsgi_param UWSGI_MODULE mycube.websrv; - uwsgi_param UWSGI_CALLABLE app; - - include ${pkgs.nginx}/conf/uwsgi_params; - ''; - }; - }; - }; -} diff --git a/makefu/2configs/deployment/nixos.wiki/default.nix b/makefu/2configs/deployment/nixos.wiki/default.nix deleted file mode 100644 index cd738ea8..00000000 --- a/makefu/2configs/deployment/nixos.wiki/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = - [ ./mediawiki.nix - ./network.nix - ]; - -} diff --git a/makefu/2configs/deployment/nixos.wiki/mediawiki.module.nix b/makefu/2configs/deployment/nixos.wiki/mediawiki.module.nix deleted file mode 100644 index 24715f81..00000000 --- a/makefu/2configs/deployment/nixos.wiki/mediawiki.module.nix +++ /dev/null @@ -1,481 +0,0 @@ -{ config, pkgs, lib, ... }: - -let - - inherit (lib) mkDefault mkEnableOption mkForce mkIf mkMerge mkOption; - inherit (lib) concatStringsSep literalExample mapAttrsToList optional optionals optionalString types; - - cfg = config.services.mediawiki; - fpm = config.services.phpfpm.pools.mediawiki; - user = "mediawiki"; - group = config.services.httpd.group; - cacheDir = "/var/cache/mediawiki"; - stateDir = "/var/lib/mediawiki"; - - pkg = pkgs.stdenv.mkDerivation rec { - pname = "mediawiki-full"; - version = src.version; - src = cfg.package; - - installPhase = '' - mkdir -p $out - cp -r * $out/ - - rm -rf $out/share/mediawiki/skins/* - rm -rf $out/share/mediawiki/extensions/* - - ${concatStringsSep "\n" (mapAttrsToList (k: v: '' - ln -s ${v} $out/share/mediawiki/skins/${k} - '') cfg.skins)} - - ${concatStringsSep "\n" (mapAttrsToList (k: v: '' - ln -s ${if v != null then v else "$src/share/mediawiki/extensions/${k}"} $out/share/mediawiki/extensions/${k} - '') cfg.extensions)} - ''; - }; - - mediawikiScripts = pkgs.runCommand "mediawiki-scripts" { - buildInputs = [ pkgs.makeWrapper ]; - preferLocalBuild = true; - } '' - mkdir -p $out/bin - for i in changePassword.php createAndPromote.php userOptions.php edit.php nukePage.php update.php; do - makeWrapper ${pkgs.php}/bin/php $out/bin/mediawiki-$(basename $i .php) \ - --set MEDIAWIKI_CONFIG ${mediawikiConfig} \ - --add-flags ${pkg}/share/mediawiki/maintenance/$i - done - ''; - - mediawikiConfig = pkgs.writeText "LocalSettings.php" '' - <?php - # Protect against web entry - if ( !defined( 'MEDIAWIKI' ) ) { - exit; - } - - $wgSitename = "${cfg.name}"; - $wgMetaNamespace = false; - - ## The URL base path to the directory containing the wiki; - ## defaults for all runtime URL paths are based off of this. - ## For more information on customizing the URLs - ## (like /w/index.php/Page_title to /wiki/Page_title) please see: - ## https://www.mediawiki.org/wiki/Manual:Short_URL - $wgScriptPath = "${cfg.basePath}"; - - ## The protocol and server name to use in fully-qualified URLs - #$wgServer = "${if cfg.virtualHost.addSSL || cfg.virtualHost.forceSSL || cfg.virtualHost.onlySSL then "https" else "http"}://${cfg.virtualHost.hostName}"; - #$wgServer = ""; - $wgServer = "http://localhost"; - - ## The URL path to static resources (images, scripts, etc.) - $wgResourceBasePath = $wgScriptPath; - - ## The URL path to the logo. Make sure you change this from the default, - ## or else you'll overwrite your logo when you upgrade! - $wgLogo = "$wgResourceBasePath/resources/assets/wiki.png"; - - ## UPO means: this is also a user preference option - - $wgEnableEmail = true; - $wgEnableUserEmail = true; # UPO - - $wgEmergencyContact = "${if cfg.virtualHost.adminAddr != null then cfg.virtualHost.adminAddr else config.services.httpd.adminAddr}"; - $wgPasswordSender = $wgEmergencyContact; - - $wgEnotifUserTalk = false; # UPO - $wgEnotifWatchlist = false; # UPO - $wgEmailAuthentication = true; - - ## Database settings - $wgDBtype = "${cfg.database.type}"; - $wgDBserver = "${cfg.database.host}:${if cfg.database.socket != null then cfg.database.socket else toString cfg.database.port}"; - $wgDBname = "${cfg.database.name}"; - $wgDBuser = "${cfg.database.user}"; - ${optionalString (cfg.database.passwordFile != null) "$wgDBpassword = file_get_contents(\"${cfg.database.passwordFile}\");"} - - ${optionalString (cfg.database.type == "mysql" && cfg.database.tablePrefix != null) '' - # MySQL specific settings - $wgDBprefix = "${cfg.database.tablePrefix}"; - ''} - - ${optionalString (cfg.database.type == "mysql") '' - # MySQL table options to use during installation or update - $wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=binary"; - ''} - - ## Shared memory settings - $wgMainCacheType = CACHE_NONE; - $wgMemCachedServers = []; - - ${optionalString (cfg.uploadsDir != null) '' - $wgEnableUploads = true; - $wgUploadDirectory = "${cfg.uploadsDir}"; - ''} - - $wgUseImageMagick = true; - $wgImageMagickConvertCommand = "${pkgs.imagemagick}/bin/convert"; - - # InstantCommons allows wiki to use images from https://commons.wikimedia.org - $wgUseInstantCommons = false; - - # Periodically send a pingback to https://www.mediawiki.org/ with basic data - # about this MediaWiki instance. The Wikimedia Foundation shares this data - # with MediaWiki developers to help guide future development efforts. - $wgPingback = true; - - ## If you use ImageMagick (or any other shell command) on a - ## Linux server, this will need to be set to the name of an - ## available UTF-8 locale - $wgShellLocale = "C.UTF-8"; - - ## Set $wgCacheDirectory to a writable directory on the web server - ## to make your wiki go slightly faster. The directory should not - ## be publically accessible from the web. - $wgCacheDirectory = "${cacheDir}"; - - # Site language code, should be one of the list in ./languages/data/Names.php - $wgLanguageCode = "en"; - - $wgSecretKey = file_get_contents("${stateDir}/secret.key"); - - # Changing this will log out all existing sessions. - $wgAuthenticationTokenVersion = ""; - - ## For attaching licensing metadata to pages, and displaying an - ## appropriate copyright notice / icon. GNU Free Documentation - ## License and Creative Commons licenses are supported so far. - $wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright - $wgRightsUrl = ""; - $wgRightsText = ""; - $wgRightsIcon = ""; - - # Path to the GNU diff3 utility. Used for conflict resolution. - $wgDiff = "${pkgs.diffutils}/bin/diff"; - $wgDiff3 = "${pkgs.diffutils}/bin/diff3"; - - # Enabled skins. - ${concatStringsSep "\n" (mapAttrsToList (k: v: "wfLoadSkin('${k}');") cfg.skins)} - - # Enabled extensions. - ${concatStringsSep "\n" (mapAttrsToList (k: v: "wfLoadExtension('${k}');") cfg.extensions)} - - - # End of automatically generated settings. - # Add more configuration options below. - - ${cfg.extraConfig} - ''; - -in -{ - # interface - options = { - services.mediawiki = { - - enable = mkEnableOption "MediaWiki"; - - package = mkOption { - type = types.package; - default = pkgs.mediawiki; - description = "Which MediaWiki package to use."; - }; - - basePath = mkOption { - type = types.str; - default = "/"; - description = "Base path to Wiki"; - }; - - name = mkOption { - default = "MediaWiki"; - example = "Foobar Wiki"; - description = "Name of the wiki."; - }; - - uploadsDir = mkOption { - type = types.nullOr types.path; - default = "${stateDir}/uploads"; - description = '' - This directory is used for uploads of pictures. The directory passed here is automatically - created and permissions adjusted as required. - ''; - }; - - passwordFile = mkOption { - type = types.path; - description = "A file containing the initial password for the admin user."; - example = "/run/keys/mediawiki-password"; - }; - - skins = mkOption { - default = {}; - type = types.attrsOf types.path; - description = '' - Attribute set of paths whose content is copied to the <filename>skins</filename> - subdirectory of the MediaWiki installation in addition to the default skins. - ''; - }; - - extensions = mkOption { - default = {}; - type = types.attrsOf (types.nullOr types.path); - description = '' - Attribute set of paths whose content is copied to the <filename>extensions</filename> - subdirectory of the MediaWiki installation and enabled in configuration. - - Use <literal>null</literal> instead of path to enable extensions that are part of MediaWiki. - ''; - example = literalExample '' - { - Matomo = pkgs.fetchzip { - url = "https://github.com/DaSchTour/matomo-mediawiki-extension/archive/v4.0.1.tar.gz"; - sha256 = "0g5rd3zp0avwlmqagc59cg9bbkn3r7wx7p6yr80s644mj6dlvs1b"; - }; - ParserFunctions = null; - } - ''; - }; - - database = { - type = mkOption { - type = types.enum [ "mysql" "postgres" "sqlite" "mssql" "oracle" ]; - default = "mysql"; - description = "Database engine to use. MySQL/MariaDB is the database of choice by MediaWiki developers."; - }; - - host = mkOption { - type = types.str; - default = "localhost"; - description = "Database host address."; - }; - - port = mkOption { - type = types.port; - default = 3306; - description = "Database host port."; - }; - - name = mkOption { - type = types.str; - default = "mediawiki"; - description = "Database name."; - }; - - user = mkOption { - type = types.str; - default = "mediawiki"; - description = "Database user."; - }; - - passwordFile = mkOption { - type = types.nullOr types.path; - default = null; - example = "/run/keys/mediawiki-dbpassword"; - description = '' - A file containing the password corresponding to - <option>database.user</option>. - ''; - }; - - tablePrefix = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - If you only have access to a single database and wish to install more than - one version of MediaWiki, or have other applications that also use the - database, you can give the table names a unique prefix to stop any naming - conflicts or confusion. - See <link xlink:href='https://www.mediawiki.org/wiki/Manual:$wgDBprefix'/>. - ''; - }; - - socket = mkOption { - type = types.nullOr types.path; - default = if cfg.database.createLocally then "/run/mysqld/mysqld.sock" else null; - defaultText = "/run/mysqld/mysqld.sock"; |