pyrox.dev / nixpkgs
lol
fork atom

nixos/anuko-time-tracker: improve module options

* Remove unsafe dbinstall.php script
* Make Nginx virtualhost configurable

Michael Smith 65585d6c d594de67

+56 -22
+56 -22
nixos/modules/services/web-apps/anuko-time-tracker.nix
··· 42 42 mkdir -p $out 43 43 cp -r * $out/ 44 44 45 + # Link config file 45 46 ln -s ${configFile} $out/WEB-INF/config.php 46 47 47 48 # Link writable templates_c directory 48 49 rm -rf $out/WEB-INF/templates_c 49 50 ln -s ${cfg.dataDir}/templates_c $out/WEB-INF/templates_c 50 51 51 - # ln -fs ${cfg.dataDir}/templates_c $out/WEB-INF/templates_c 52 + # Remove unsafe dbinstall.php 53 + rm -f $out/dbinstall.php 52 54 ''; 53 55 }; 54 56 in ··· 105 107 ''; 106 108 }; 107 109 110 + hostname = lib.mkOption { 111 + type = lib.types.str; 112 + default = 113 + if config.networking.domain != null 114 + then config.networking.fqdn 115 + else config.networking.hostName; 116 + defaultText = lib.literalExpression "config.networking.fqdn"; 117 + example = "anuko.example.com"; 118 + description = lib.mdDoc '' 119 + The hostname to serve Anuko Time Tracker on. 120 + ''; 121 + }; 122 + 123 + nginx = lib.mkOption { 124 + type = lib.types.submodule ( 125 + lib.recursiveUpdate 126 + (import ../web-servers/nginx/vhost-options.nix { inherit config lib; }) {} 127 + ); 128 + default = {}; 129 + example = lib.literalExpression '' 130 + { 131 + serverAliases = [ 132 + "anuko.''${config.networking.domain}" 133 + ]; 134 + 135 + # To enable encryption and let let's encrypt take care of certificate 136 + forceSSL = true; 137 + enableACME = true; 138 + } 139 + ''; 140 + description = lib.mdDoc '' 141 + With this option, you can customize the Nginx virtualHost settings. 142 + ''; 143 + }; 144 + 108 145 dataDir = lib.mkOption { 109 146 type = lib.types.str; 110 147 default = "/var/lib/anuko-time-tracker"; ··· 116 153 type = lib.types.str; 117 154 default = "anuko_time_tracker"; 118 155 description = lib.mdDoc "User under which Anuko Time Tracker runs."; 119 - }; 120 - 121 - virtualHost = lib.mkOption { 122 - type = lib.types.nullOr lib.types.str; 123 - default = "localhost"; 124 - description = lib.mdDoc '' 125 - Name of the nginx virtualhost to use and setup. If null, do not setup 126 - any virtualhost. 127 - ''; 128 156 }; 129 157 130 158 settings = { ··· 286 314 }; 287 315 }; 288 316 289 - services.nginx = lib.mkIf (cfg.virtualHost != null) { 290 - enable = true; 291 - virtualHosts = { 292 - "${cfg.virtualHost}" = { 317 + services.nginx = { 318 + enable = lib.mkDefault true; 319 + recommendedTlsSettings = true; 320 + recommendedOptimisation = true; 321 + recommendedGzipSettings = true; 322 + virtualHosts."${cfg.hostname}" = lib.mkMerge [ 323 + cfg.nginx 324 + { 293 325 root = lib.mkForce "${package}"; 294 - locations."/".index = "index.php"; 295 - locations."~ [^/]\\.php(/|$)" = { 296 - extraConfig = '' 297 - fastcgi_split_path_info ^(.+?\.php)(/.*)$; 298 - fastcgi_pass unix:${config.services.phpfpm.pools.anuko-time-tracker.socket}; 299 - ''; 326 + locations = { 327 + "/".index = "index.php"; 328 + "~ [^/]\\.php(/|$)" = { 329 + extraConfig = '' 330 + fastcgi_split_path_info ^(.+?\.php)(/.*)$; 331 + fastcgi_pass unix:${config.services.phpfpm.pools.anuko-time-tracker.socket}; 332 + ''; 333 + }; 300 334 }; 301 - }; 302 - }; 335 + } 336 + ]; 303 337 }; 304 338 305 339 services.mysql = lib.mkIf cfg.database.createLocally {