nix config

fix(box): wallabag is working again!!!

+267 -286
+13 -67
hosts/profiles/wallabag/default.nix
··· 1 1 { self, pkgs, config, lib, ... }: 2 2 3 3 { 4 - # age.secrets.wallabag-password.file = "${self}/secrets/wallabag-password.age"; 5 - # age.secrets.wallabag-secret.file = "${self}/secrets/wallabag-secret.age"; 6 - # age.secrets.wallabag-password.owner = "wallabag"; 7 - # age.secrets.wallabag-secret.owner = "wallabag"; 4 + age.secrets.wallabag-password.file = "${self}/secrets/wallabag-password.age"; 5 + age.secrets.wallabag-secret.file = "${self}/secrets/wallabag-secret.age"; 6 + age.secrets.wallabag-password.owner = "wallabag"; 7 + age.secrets.wallabag-secret.owner = "wallabag"; 8 8 services.postgresql = { 9 9 enable = true; 10 10 package = pkgs.postgresql_15; ··· 18 18 } 19 19 ]; 20 20 authentication = '' 21 - local wallabag all md5 21 + local wallabag all peer 22 22 ''; 23 23 }; 24 24 25 25 services.wallabag = { 26 26 enable = true; 27 - hostName = "read.mossnet.lan"; 27 + domain = "read.mossnet.lan"; 28 + virtualHost.enable = true; 28 29 package = pkgs.my-wallabag; 29 - dataDir = "/var/lib/wallabag"; 30 - conf = '' 31 - # This file is a "template" of what your parameters.yml file should look like 32 - parameters: 33 - database_driver: pdo_pgsql 34 - database_host: localhost 35 - database_port: ~ 36 - database_name: wallabag 37 - database_user: wallabag 38 - database_password: wallabag 39 - # For SQLite, database_path should be "%kernel.project_dir%/data/db/wallabag.sqlite" 40 - database_path: ~ 41 - database_table_prefix: wallabag_ 42 - database_socket: null 43 - # with PostgreSQL and SQLite, you must set "utf8" 44 - database_charset: utf8 45 - 46 - domain_name: http://read.mossnet.lan 47 - server_name: "mossnet wallabag instance" 48 - 49 - mailer_dsn: null:// 50 - locale: en 51 - 52 - # A secret key that's used to generate certain security-related tokens 53 - secret: SAFGOECRIlfal89oe6u0(*^dsaaih961 54 - 55 - # two factor stuff 56 - twofactor_auth: false 57 - twofactor_sender: no-reply@wallabag.org 58 - 59 - # fosuser stuff 60 - fosuser_registration: false 61 - fosuser_confirmation: true 62 - 63 - # how long the access token should live in seconds for the API 64 - fos_oauth_server_access_token_lifetime: 3600 65 - # how long the refresh token should life in seconds for the API 66 - fos_oauth_server_refresh_token_lifetime: 1209600 67 - 68 - from_email: ops@sealight.xyz 69 - 70 - rss_limit: 50 71 - 72 - # RabbitMQ processing 73 - rabbitmq_host: localhost 74 - rabbitmq_port: 5672 75 - rabbitmq_user: guest 76 - rabbitmq_password: guest 77 - rabbitmq_prefetch_count: 10 78 - 79 - # Redis processing 80 - redis_scheme: tcp 81 - redis_host: localhost 82 - redis_port: 6379 83 - redis_path: null 84 - redis_password: null 85 - 86 - # sentry logging 87 - sentry_dsn: ~ 88 - ''; 30 + # Systemd now defaults to /var/lib? 31 + # dataDir = "/var/lib/wallabag"; 32 + parameters = { 33 + "env(SECRET_FILE)" = config.age.secrets.wallabag-secret.path; 34 + secret = "%env(file:resolve:SECRET_FILE)%"; 35 + }; 89 36 }; 90 - # networking.firewall.allowedTCPPorts = [ 8080 ]; 91 37 }
+1
modules/nixos/default.nix
··· 9 9 wireguard = import ./wireguard.nix; 10 10 backup = import ./backup.nix; 11 11 ulogger-server = import ./ulogger.nix; 12 + blogg = import ./blogging.nix; 12 13 # microbin = import ./microbin.nix; # includide in 23.11 13 14 }
+198 -206
modules/nixos/wallabag.nix
··· 1 - { config, options, lib, pkgs, ... }: 2 - 3 - with lib; 1 + { config, lib, pkgs, ... }: 4 2 let 5 - cfg = config.services.wallabag; 3 + # Based on https://github.com/wallabag/wallabag/blob/2.6.6/app/config/parameters.yml.dist 4 + settings = { 5 + database_driver = "${cfg.database_type}"; 6 + database_host = null; 7 + database_port = 5432; 8 + database_name = "wallabag"; 9 + database_user = "wallabag"; 10 + database_password = null; 11 + database_path = null; 12 + database_table_prefix = "wallabag_"; 13 + database_socket = "/run/postgresql"; 14 + database_charset = "utf8"; 6 15 7 - poolName = "wallabag"; 16 + domain_name = "http://${cfg.domain}"; 17 + server_name = "Wallabag"; 8 18 9 - configFile = pkgs.writeTextFile { 10 - name = "wallabag-config"; 11 - text = cfg.conf; 12 - destination = "/app/config/parameters.yml"; 13 - }; 19 + # Needs an explicit command since Symfony version used by Wallabag does not yet support the `native` transport 20 + # and the `sendmail` transport does not respect `sendmail_path` configured in `php.ini`. 21 + mailer_dsn = "sendmail://default?command=/run/wrappers/bin/sendmail%%20-t%%20-i"; 14 22 15 - appDir = pkgs.buildEnv { 16 - name = "wallabag-app-dir"; 17 - ignoreCollisions = true; 18 - checkCollisionContents = false; 19 - paths = [ configFile "${cfg.package}" ]; 20 - pathsToLink = [ "/app" "/src" "/translations" ]; 21 - }; 23 + locale = "en"; 22 24 23 - # See there for available commands: 24 - # https://doc.wallabag.org/en/admin/console_commands.html 25 - # A user can be made admin with the fos:user:promote --super <user> command 26 - console = pkgs.writeShellScriptBin "wallabag-console" '' 27 - export WALLABAG_DATA="${cfg.dataDir}" 28 - cd "${cfg.dataDir}" 29 - ${pkgs.php}/bin/php ${cfg.package}/bin/console --env=prod $@ 30 - ''; 25 + # A secret key that's used to generate certain security-related tokens. 26 + # "env(SECRET_FILE)" = "/run/secrets/wallabag"; 27 + # secret = "%env(file:resolve:SECRET_FILE)%"; 31 28 32 - in 33 - { 29 + # two factor stuff 30 + twofactor_auth = false; 31 + twofactor_sender = ""; 34 32 35 - options = { 33 + # fosuser stuff 34 + fosuser_registration = false; 35 + fosuser_confirmation = false; 36 36 37 - services.wallabag = { 38 - enable = mkEnableOption "wallabag"; 37 + # how long the access token should live in seconds for the API 38 + fos_oauth_server_access_token_lifetime = 3600; 39 + # how long the refresh token should life in seconds for the API 40 + fos_oauth_server_refresh_token_lifetime = 1209600; 39 41 40 - user = mkOption { 41 - type = types.str; 42 - default = "nginx"; 43 - description = '' 44 - User account under which both the update daemon and the web-application run. 45 - ''; 46 - }; 42 + from_email = "wallabag@read.mossnet.lan"; 47 43 48 - dataDir = mkOption { 49 - type = types.path; 50 - default = "/var/lib/wallabag"; 51 - description = '' 52 - Data directory. 53 - ''; 54 - }; 44 + # RabbitMQ processing 45 + redis_scheme = "unix"; 46 + redis_host = ""; # Ignored for unix scheme 47 + redis_port = 0; # Ignored for unix scheme 48 + redis_path = config.services.redis.servers.wallabag.unixSocket; 49 + redis_password = null; 55 50 56 - package = mkOption { 57 - type = types.package; 58 - default = pkgs.wallabag; 59 - description = '' 60 - Wallabag package to use. 61 - ''; 62 - }; 51 + # Redis processing 52 + rabbitmq_host = ""; 53 + rabbitmq_port = 0; 54 + rabbitmq_user = ""; 55 + rabbitmq_password = ""; 56 + rabbitmq_prefetch_count = 0; 63 57 64 - hostName = mkOption { 65 - type = types.str; 66 - description = '' 67 - Name of the nginx virtualhost to use and setup. 68 - ''; 69 - }; 58 + # sentry logging 59 + sentry_dsn = null; 60 + } // cfg.parameters; 61 + 62 + php = cfg.php.package.withExtensions ({ enabled, all }: enabled ++ (with all; [ 63 + imagick 64 + tidy 65 + ])); 70 66 71 - poolConfig = mkOption { 72 - type = types.lines; 73 - default = '' 74 - pm = dynamic 75 - pm.max_children = 75 76 - pm.start_servers = 1 77 - pm.min_spare_servers = 1 78 - pm.max_spare_servers = 20 79 - pm.max_requests = 500 80 - catch_workers_output = 1 81 - ''; 82 - description = '' 83 - Options for wallabag's PHP pool. See the documentation on <literal>php-fpm.conf</literal> for details on configuration directives. 84 - ''; 85 - }; 67 + commonServiceConfig = { 68 + CacheDirectory = "wallabag"; 69 + # Stores sessions. 70 + CacheDirectoryMode = "700"; 71 + ConfigurationDirectory = "wallabag"; 72 + LogsDirectory = "wallabag"; 73 + StateDirectory = "wallabag"; 74 + # Stores site-credentials-secret-key.txt. 75 + StateDirectoryMode = "700"; 76 + }; 77 + 78 + cfg = config.services.wallabag; 79 + in { 80 + options.services.wallabag = with lib; { 81 + enable = mkEnableOption (mdDoc "Wallabag read-it-later service"); 82 + 83 + package = mkOption { 84 + type = types.package; 85 + default = pkgs.wallabag; 86 + }; 86 87 87 - conf = mkOption { 88 - type = types.str; 89 - description = '' 90 - Contents of the wallabag configuration file (parameters.yml) 91 - ''; 92 - }; 88 + php.package = mkOption { 89 + type = types.package; 90 + default = pkgs.php; 93 91 }; 94 - }; 95 92 93 + parameters = mkOption { 94 + type = types.attrsOf types.str; 95 + default = {}; 96 + description = mdDoc "Parameters to override from the default. See <https://doc.wallabag.org/en/admin/parameters.html> for values."; 97 + }; 96 98 97 - config = mkIf cfg.enable { 99 + database_type = mkOption { 100 + type = types.enum [ 101 + "pdo_sqlite3" 102 + "pdo_pgsql" 103 + ]; 104 + default = if config.services.postgresql.enable 105 + then "pdo_pgsql" 106 + else "pdo_sqlite3"; 107 + defaultText = '' 108 + if config.services.postgresql.enable 109 + then "pdo_pgsql" 110 + else "pdo_sqlite3" 111 + ''; 112 + description = mdDoc '' 113 + The database engine name. Can be pdo_sqlite3 or pdo_pgsql. 114 + ''; 115 + }; 98 116 99 - services.phpfpm.pools."${poolName}" = { 100 - user = "${cfg.user}"; 101 - group = "nginx"; 102 - phpPackage = pkgs.php; 103 - phpEnv = { 104 - WALLABAG_DATA = cfg.dataDir; 105 - PATH = lib.makeBinPath [pkgs.php]; 106 - }; 107 - settings = { 108 - "listen.owner" = "nginx"; 109 - "listen.group" = "nginx"; 110 - "listen.mode" = "0600"; 111 - "user" = "${cfg.user}"; 112 - "group" = "nginx"; 113 - "pm" = "dynamic"; 114 - "pm.max_children" = "75"; 115 - "pm.min_spare_servers" = "5"; 116 - "pm.max_spare_servers" = "20"; 117 - "pm.max_requests" = "10"; 118 - "catch_workers_output" = "1"; 119 - "php_admin_value[error_log]" = "stderr"; 120 - "php_admin_flag[log_errors]" = true; 117 + domain = mkOption { 118 + type = types.str; 119 + description = "Bare domain name for Wallabag"; 120 + }; 121 + 122 + virtualHost.enable = mkEnableOption (mdDoc "Define nginx virtualhost for Wallabag"); 123 + }; 124 + 125 + config = lib.mkIf cfg.enable { 126 + environment.etc."wallabag/parameters.yml" = { 127 + source = pkgs.writeTextFile { 128 + name = "wallabag-config"; 129 + text = builtins.toJSON { 130 + parameters = settings; 131 + }; 121 132 }; 122 133 }; 123 - services.phpfpm.phpOptions = '' 124 - max_execution_time = 120 125 - ''; 126 134 127 - services.nginx.enable = mkDefault true; 128 - environment.systemPackages = [ console ]; 135 + services.nginx = lib.mkIf cfg.virtualHost.enable { 136 + enable = true; 129 137 130 - # services.nginx.virtualHosts."${cfg.hostName}" = { 131 - # forceSSL = false; 132 - # enableACME = false; 133 - # extraConfig = '' 134 - # error_log /var/log/nginx/wallabag_error.log; 135 - # access_log /var/log/nginx/wallabag_access.log; 136 - # ''; 138 + virtualHosts = { 139 + "${cfg.domain}" = { 140 + root = "${pkgs.wallabag}/web"; 137 141 138 - # root = "${cfg.package}/web"; 139 - # locations."/" = { 140 - # priority = 10; 141 - # tryFiles = "$uri /app.php$is_args$args"; 142 - # }; 143 - # locations."/assets".root = "${cfg.dataDir}/web"; 144 - # locations."~ ^/app\\.php(/|$)" = { 145 - # priority = 100; 146 - # fastcgiParams = { 147 - # SCRIPT_FILENAME = "$realpath_root$fastcgi_script_name"; 148 - # DOCUMENT_ROOT = "$realpath_root"; 149 - # }; 150 - # extraConfig = '' 151 - # fastcgi_pass unix:${config.services.phpfpm.pools."${poolName}".socket}; 152 - # include ${config.services.nginx.package}/conf/fastcgi_params; 153 - # include ${config.services.nginx.package}/conf/fastcgi.conf; 154 - # internal; 155 - # ''; 156 - # }; 157 - # locations."~ \\.php$" = { 158 - # priority = 1000; 159 - # return = "404"; 160 - # }; 161 - # }; 142 + extraConfig = '' 143 + add_header X-Frame-Options SAMEORIGIN; 144 + add_header X-Content-Type-Options nosniff; 145 + add_header X-XSS-Protection "1; mode=block"; 146 + ''; 162 147 148 + locations."/" = { 149 + extraConfig = '' 150 + try_files $uri /app.php$is_args$args; 151 + ''; 152 + }; 163 153 164 - services.nginx.virtualHosts."${cfg.hostName}" = { 165 - enableACME = false; 166 - forceSSL = false; 167 - root = "${cfg.package}/web"; 154 + locations."/assets".root = "${pkgs.wallabag}/app/web"; 168 155 169 - # extraConfig = '' 170 - # add_header X-Frame-Options SAMEORIGIN; 171 - # add_header X-Content-Type-Options nosniff; 172 - # add_header X-XSS-Protection "1; mode=block"; 173 - # ''; 156 + locations."~ ^/app\\.php(/|$)" = { 157 + extraConfig = '' 158 + fastcgi_pass unix:${config.services.phpfpm.pools.wallabag.socket}; 159 + include ${config.services.nginx.package}/conf/fastcgi.conf; 160 + fastcgi_param PATH_INFO $fastcgi_path_info; 161 + fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; 162 + fastcgi_param SCRIPT_FILENAME ${pkgs.wallabag}/web/$fastcgi_script_name; 163 + fastcgi_param DOCUMENT_ROOT ${pkgs.wallabag}/web; 164 + fastcgi_read_timeout 120; 165 + internal; 166 + ''; 167 + }; 174 168 175 - locations."/" = { 176 - tryFiles = "$uri /app.php$is_args$args"; 169 + locations."~ /(?!app)\\.php$" = { 170 + extraConfig = '' 171 + return 404; 172 + ''; 173 + }; 174 + }; 177 175 }; 176 + }; 178 177 179 - locations."/assets".root = "${cfg.dataDir}/web"; 178 + services.phpfpm.pools.wallabag = { 179 + user = config.users.users.wallabag.name; 180 + phpPackage = php; 181 + settings = { 182 + "catch_workers_output" = true; 180 183 181 - locations."~ ^/app\\.php(/|$)" = { 182 - # fastcgiParams = { 183 - # SCRIPT_FILENAME = "$realpath_root$fastcgi_script_name"; 184 - # DOCUMENT_ROOT = "$realpath_root"; 185 - # }; 186 - extraConfig = '' 187 - fastcgi_pass unix:${config.services.phpfpm.pools."${poolName}".socket}; 188 - fastcgi_split_path_info ^(.+\.php)(/.*)$; 189 - include ${pkgs.nginx}/conf/fastcgi_params; 190 - fastcgi_param SCRIPT_FILENAME ${cfg.package}/web/$fastcgi_script_name; 191 - fastcgi_param DOCUMENT_ROOT ${cfg.package}/web; 192 - fastcgi_read_timeout 120; 193 - internal; 194 - ''; 184 + "listen.owner" = config.services.nginx.user; 185 + "listen.group" = "root"; 186 + "pm" = "dynamic"; 187 + "pm.max_children" = 5; 188 + "pm.start_servers" = 2; 189 + "pm.min_spare_servers" = 1; 190 + "pm.max_spare_servers" = 3; 191 + "php_admin_value[error_log]" = "/var/log/wallabag/error.log"; 192 + "php_admin_value[access_log]" = "/var/log/wallabag/access.log"; 193 + "php_admin_flag[log_errors]" = true; 194 + }; 195 + phpOptions = '' 196 + ; Set up $_ENV superglobal. 197 + ; http://php.net/request-order 198 + variables_order = "EGPCS" 199 + # Wallabag will crash on start-up. 200 + # https://github.com/wallabag/wallabag/issues/6042 201 + # error_reporting = E_ALL & ~E_USER_DEPRECATED & ~E_DEPRECATED 202 + ''; 203 + settings = { 204 + # Accept settings from the systemd service. 205 + clear_env = false; 195 206 }; 207 + }; 196 208 197 - locations."~ /(?!app)\\.php$" = { 198 - extraConfig = '' 199 - return 404; 200 - ''; 201 - }; 209 + users.users.wallabag = { 210 + isSystemUser = true; 211 + group = "wallabag"; 202 212 }; 213 + users.groups.wallabag = {}; 214 + services.redis.servers.wallabag = { 215 + enable = true; 216 + user = "wallabag"; 217 + }; 218 + services.rabbitmq.enable = false; 219 + 220 + systemd.services.phpfpm-wallabag.serviceConfig = commonServiceConfig; 203 221 204 222 systemd.services.wallabag-install = { 205 223 description = "Wallabag install service"; 206 224 wantedBy = [ "multi-user.target" ]; 207 225 before = [ "phpfpm-wallabag.service" ]; 208 - after = [ "mysql.service" "postgresql.service" ]; 226 + after = [ "postgresql.service" ]; 209 227 path = with pkgs; [ coreutils php phpPackages.composer ]; 210 228 211 229 serviceConfig = { 212 - User = cfg.user; 230 + User = "wallabag"; 213 231 Type = "oneshot"; 214 - RemainAfterExit = "yes"; 215 - PermissionsStartOnly = true; 216 - }; 217 - 218 - preStart = '' 219 - mkdir -p "${cfg.dataDir}" 220 - chown ${cfg.user}:nginx "${cfg.dataDir}" 221 - ''; 232 + } // commonServiceConfig; 222 233 223 234 script = '' 224 - echo "Setting up wallabag files in ${cfg.dataDir} ..." 225 - cd "${cfg.dataDir}" 226 - 227 - rm -rf var/cache/* 228 - rm -f app src translations 229 - ln -sf ${appDir}/app app 230 - ln -sf ${appDir}/src src 231 - ln -sf ${appDir}/translations translations 232 - ln -sf ${cfg.package}/composer.{json,lock} . 233 - 234 - export WALLABAG_DATA="${cfg.dataDir}" 235 - if [ ! -f installed ]; then 236 - echo "Install file not found, installing ..." 237 - php ${cfg.package}/bin/console --env=prod doctrine:database:create --if-not-exists --no-interaction 238 - php ${cfg.package}/bin/console --env=prod doctrine:migrations:migrate --no-interaction 239 - # Until https://github.com/wallabag/wallabag/issues/3662 is fixed 240 - # yes no | php ${cfg.package}/bin/console --env=prod wallabag:install 241 - touch installed 242 - else 243 - php ${cfg.package}/bin/console --env=prod doctrine:migrations:migrate --no-interaction 244 - fi 245 - php ${cfg.package}/bin/console --env=prod cache:clear 246 - ''; 235 + if [ ! -f "$STATE_DIRECTORY/installed" ]; then 236 + php ${pkgs.wallabag}/bin/console --env=prod wallabag:install 237 + touch "$STATE_DIRECTORY/installed" 238 + else 239 + php ${pkgs.wallabag}/bin/console --env=prod doctrine:migrations:migrate --no-interaction 240 + fi 241 + php ${pkgs.wallabag}/bin/console --env=prod cache:clear 242 + ''; 247 243 }; 248 - }; 249 - 250 - meta = with stdenv.lib; { 251 - maintainers = with maintainers; [ nadrieril ]; 252 244 }; 253 245 }
+9
overlays/default.nix
··· 14 14 buildInputs = prevAttrs.propagatedBuildInputs ++ [ final.python3.pkgs.aiosqlite ]; # We're using sqlite and upstream doesn't package this dependency 15 15 }); 16 16 17 + wallabag = prev.wallabag.overrideAttrs (attrs: { 18 + patches = builtins.filter (patch: builtins.baseNameOf patch != "wallabag-data.patch") attrs.patches ++ [ 19 + # Out of the box, Wallabag wants to write to various subdirectories of the project directory. 20 + # Let’s replace references to such paths with designated systemd locations 21 + # so that the project source can remain immutable. 22 + ../pkgs/wallabag-data.patch 23 + ]; 24 + }); 25 + 17 26 # Need to do server and agent too, maybe 18 27 # woodpecker-cli-next = 19 28 # let
+4
pkgs/default.nix
··· 8 8 kobopatch = pkgs.callPackage ./kobopatch.nix { }; 9 9 my-mautrix-discord = pkgs.callPackage ./mautrix-discord.nix { }; # Handled by matrix-appservices input 10 10 ulogger-server = pkgs.callPackage ./ulogger.nix { }; 11 + # Wallabag is now an overlay 12 + # TODO: we still use the patch from this folder though 11 13 my-wallabag = pkgs.callPackage ./wallabag.nix { }; 12 14 mautrix-slack = pkgs.callPackage ./mautrix-slack.nix { }; 15 + gpodder2go = pkgs.callPackage ./gpodder2go.nix { }; 16 + ghost = pkgs.callPackage ./ghost { }; 13 17 }
+40 -11
pkgs/wallabag-data.patch
··· 1 1 diff --git a/app/AppKernel.php b/app/AppKernel.php 2 - index 61b734e06..d25d1aaa3 100644 2 + index 61b734e06..0902c20fc 100644 3 3 --- a/app/AppKernel.php 4 4 +++ b/app/AppKernel.php 5 - @@ -62,14 +62,19 @@ class AppKernel extends Kernel 6 - return $bundles; 7 - } 5 + @@ -64,12 +64,12 @@ class AppKernel extends Kernel 8 6 9 - + public function getProjectDir() 10 - + { 11 - + return getenv('WALLABAG_DATA') ?: dirname(__DIR__); 12 - + } 13 - + 14 7 public function getCacheDir() 15 8 { 16 9 - return dirname(__DIR__) . '/var/cache/' . $this->getEnvironment(); 17 - + return $this->getProjectDir() . '/var/cache/' . $this->getEnvironment(); 10 + + return getenv('CACHE_DIRECTORY') . '/' . $this->getEnvironment(); 18 11 } 19 12 20 13 public function getLogDir() 21 14 { 22 15 - return dirname(__DIR__) . '/var/logs'; 23 - + return $this->getProjectDir() . '/var/logs'; 16 + + return getenv('LOGS_DIRECTORY'); 24 17 } 25 18 26 19 public function registerContainerConfiguration(LoaderInterface $loader) 20 + diff --git a/app/config/config.yml b/app/config/config.yml 21 + index 7f0a4ca6c..77b5175c8 100644 22 + --- a/app/config/config.yml 23 + +++ b/app/config/config.yml 24 + @@ -1,5 +1,7 @@ 25 + imports: 26 + - - { resource: parameters.yml } 27 + + # Unfortunately, we cannot use %env(string:CONFIGURATION_DIRECTORY)%. Hardcoding the path for simplicity. 28 + + # https://symfony.com/doc/current/service_container/import.html#importing-configuration-with-imports 29 + + - { resource: '/etc/wallabag/parameters.yml' } 30 + - { resource: security.yml } 31 + - { resource: services.yml } 32 + - { resource: wallabag.yml } 33 + @@ -28,7 +30,7 @@ framework: 34 + session: 35 + # handler_id set to null will use default session handler from php.ini 36 + handler_id: session.handler.native_file 37 + - save_path: "%kernel.project_dir%/var/sessions/%kernel.environment%" 38 + + save_path: "%env(string:CACHE_DIRECTORY)%/sessions/%kernel.environment%" 39 + cookie_secure: auto 40 + fragments: ~ 41 + http_method_override: true 42 + diff --git a/app/config/wallabag.yml b/app/config/wallabag.yml 43 + index bd57d6377..8e1cd0970 100644 44 + --- a/app/config/wallabag.yml 45 + +++ b/app/config/wallabag.yml 46 + @@ -35,7 +35,7 @@ wallabag_core: 47 + fetching_error_message: | 48 + wallabag can't retrieve contents for this article. Please <a href="https://doc.wallabag.org/en/user/errors_during_fetching.html#how-can-i-help-to-fix-that">troubleshoot this issue</a>. 49 + api_limit_mass_actions: 10 50 + - encryption_key_path: "%kernel.project_dir%/data/site-credentials-secret-key.txt" 51 + + encryption_key_path: "%env(string:STATE_DIRECTORY)%/site-credentials-secret-key.txt" 52 + default_internal_settings: 53 + - 54 + name: share_public 55 +
+2 -2
pkgs/wallabag.nix
··· 15 15 16 16 let 17 17 pname = "wallabag"; 18 - version = "2.6.8"; 18 + version = "2.6.9"; 19 19 in 20 20 stdenv.mkDerivation { 21 21 inherit pname version; ··· 23 23 # Release tarball includes vendored files 24 24 src = fetchurl { 25 25 url = "https://github.com/wallabag/wallabag/releases/download/${version}/wallabag-${version}.tar.gz"; 26 - hash = "sha256-pmQXafqpd5rTwBIYG9NnwIIPta6Ek7iYaPaHvz1s550="; 26 + hash = "sha256-V4s5/y9fFAmZ+WnUxU03UyRivEihD1ZUKQOOq4TLEKw="; 27 27 }; 28 28 29 29 patches = [