WIP: nixify
This commit is contained in:
parent
a8fb2af3e7
commit
123dd33ea4
11
dist/simplesamlphp-config.php
vendored
11
dist/simplesamlphp-config.php
vendored
@ -1,7 +1,14 @@
|
||||
<?php
|
||||
|
||||
require dirname(dirname(dirname(dirname(__DIR__)))) . '/config.php';
|
||||
echo $SAML_COOKIE_SECURE;
|
||||
# require_once(dirname(dirname(dirname(dirname(__DIR__)))) . DIRECTORY_SEPARATOR . 'config.php');
|
||||
|
||||
/*
|
||||
$config_dir = dirname(__DIR__);
|
||||
while (!file_exists($config_dir . DIRECTORY_SEPARATOR . 'config.php')) {
|
||||
$config_dir = dirname($config_dir);
|
||||
}
|
||||
include $config_dir . DIRECTORY_SEPARATOR . 'config.php';
|
||||
*/
|
||||
|
||||
/**
|
||||
* The configuration of SimpleSAMLphp
|
||||
|
@ -40,6 +40,11 @@ in
|
||||
(attrs: !(attrs ? "type"))
|
||||
(_: option: option // { type = types.either option.type format.lib.types.raw; })
|
||||
{
|
||||
DOOR_SECRET = mkOption {
|
||||
type = types.str;
|
||||
description = mdDoc "Secret for the door sensor API";
|
||||
};
|
||||
|
||||
GALLERY = {
|
||||
DIR = mkOption {
|
||||
type = types.path;
|
||||
@ -89,13 +94,50 @@ in
|
||||
description = mdDoc "Database password. Recommends: null, set in extraConfig";
|
||||
};
|
||||
};
|
||||
|
||||
SAML = {
|
||||
COOKIE_SALT = mkOption {
|
||||
type = types.str;
|
||||
description = mdDoc "Salt for the SAML cookies";
|
||||
};
|
||||
|
||||
COOKIE_SECURE = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = mdDoc "Whether to set the secure flag on the SAML cookies";
|
||||
};
|
||||
|
||||
ADMIN_PASSWORD = mkOption {
|
||||
type = types.str;
|
||||
description = mdDoc "Password for the admin user";
|
||||
};
|
||||
|
||||
TRUSTED_DOMAINS = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ cfg.domainName ];
|
||||
description = mdDoc "List of trusted domains for the SAML service";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = mkIf cfg.enable (let
|
||||
# NOTE: This should absolutely not be necessary, but for some reason this file refuses to import
|
||||
# the toplevel configuration file.
|
||||
# NOTE: Nvm, don't this this was the problem after all?
|
||||
finalPackage = cfg.package.overrideAttrs (_: _: {
|
||||
postInstall = cfg.package.postInstall + ''
|
||||
substituteInPlace $simplesamlphp/config/config.php \
|
||||
--replace '$SAML_COOKIE_SECURE' '${format.lib.valueToString cfg.settings.SAML.COOKIE_SECURE}' \
|
||||
--replace '$SAML_COOKIE_SALT' '${format.lib.valueToString cfg.settings.SAML.COOKIE_SALT}' \
|
||||
--replace '$SAML_ADMIN_PASSWORD' '${format.lib.valueToString cfg.settings.SAML.ADMIN_PASSWORD}' \
|
||||
--replace '$SAML_TRUSTED_DOMAINS' '${format.lib.valueToString cfg.settings.SAML.TRUSTED_DOMAINS}'
|
||||
'';
|
||||
});
|
||||
in {
|
||||
users.users = mkIf (cfg.user == "pvv-nettsiden") {
|
||||
"pvv-nettsiden" = {
|
||||
description = "PVV Website Service User";
|
||||
@ -120,22 +162,28 @@ in
|
||||
enableACME = mkDefault true;
|
||||
locations = {
|
||||
"/" = {
|
||||
root = "${cfg.package}/share/php/pvv-nettsiden/www/";
|
||||
root = "${finalPackage}/share/php/pvv-nettsiden/www/";
|
||||
index = "index.php";
|
||||
};
|
||||
|
||||
"~ \\.php$".extraConfig = ''
|
||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME ${cfg.package}/share/php/pvv-nettsiden/www$fastcgi_script_name;
|
||||
fastcgi_param SCRIPT_FILENAME ${finalPackage}/share/php/pvv-nettsiden/www$fastcgi_script_name;
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools."pvv-nettsiden".socket};
|
||||
'';
|
||||
|
||||
${cfg.settings.GALLERY.SERVER_PATH} = {
|
||||
root = cfg.settings.GALLERY.DIR;
|
||||
extraConfig = ''
|
||||
rewrite ^${cfg.settings.GALLERY.SERVER_PATH}/(.*)$ $1 break;
|
||||
'';
|
||||
};
|
||||
|
||||
${cfg.settings.SLIDESHOW.SERVER_PATH} = {
|
||||
root = cfg.settings.SLIDESHOW.DIR;
|
||||
extraConfig = ''
|
||||
rewrite ^${cfg.settings.SLIDESHOW.SERVER_PATH}/(.*)$ $1 break;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
@ -157,5 +205,5 @@ in
|
||||
"pm.max_requests" = mkDefault 500;
|
||||
};
|
||||
};
|
||||
};
|
||||
});
|
||||
}
|
||||
|
@ -6,9 +6,9 @@ php.buildComposerProject {
|
||||
version = "0.0.1";
|
||||
vendorHash = "sha256-DSn0ifj7Hjjia1SF/1wfziD/IdsiOES8XNDVz3F/cTI=";
|
||||
|
||||
postInstall = ''
|
||||
simplesamlphp="$out/share/php/pvv-nettsiden/vendor/simplesamlphp/simplesamlphp"
|
||||
simplesamlphp = "${placeholder "out"}/share/php/pvv-nettsiden/vendor/simplesamlphp/simplesamlphp";
|
||||
|
||||
postInstall = ''
|
||||
mkdir -p $simplesamlphp/config
|
||||
mkdir -p $simplesamlphp/metadata
|
||||
|
||||
|
@ -2,27 +2,27 @@
|
||||
|
||||
with lib;
|
||||
|
||||
{ }: {
|
||||
{ }: let
|
||||
valueToString = val:
|
||||
if val == null then
|
||||
"null"
|
||||
else if isString val then
|
||||
builtins.toJSON val
|
||||
else if isBool val then
|
||||
boolToString val
|
||||
else if isInt val || isFloat val then
|
||||
toString val
|
||||
else if isList val then
|
||||
"array(${concatMapStringsSep ", " valueToString val})"
|
||||
else if isAttrs val && val ? value && (val._type or "") == "raw" then
|
||||
val.value
|
||||
else if isAttrs val then
|
||||
throw "Found unexpected attrs, that were not created by mkRaw. Have you put attrs in an array?\n${val}"
|
||||
else throw "unsupported :')";
|
||||
in {
|
||||
inherit (pkgs.formats.json { }) type;
|
||||
|
||||
generate = name: value: let
|
||||
valueToString = val:
|
||||
if val == null then
|
||||
"null"
|
||||
else if isString val then
|
||||
builtins.toJSON val
|
||||
else if isBool val then
|
||||
boolToString val
|
||||
else if isInt val || isFloat val then
|
||||
toString val
|
||||
else if isList val then
|
||||
"array(${concatMapStringsSep ", " valueToString val})"
|
||||
else if isAttrs val && val ? value && (val._type or "") == "raw" then
|
||||
val.value
|
||||
else if isAttrs val then
|
||||
throw "Found unexpected attrs, that were not created by mkRaw. Have you put attrs in an array?\n${val}"
|
||||
else throw "unsupported :')";
|
||||
|
||||
flattenStructuredSettings = attrs: let
|
||||
partitionAttrs = pred: attrs: lib.pipe attrs [
|
||||
attrsToList
|
||||
@ -50,6 +50,8 @@ with lib;
|
||||
in pkgs.writeText name content;
|
||||
|
||||
lib = {
|
||||
inherit valueToString;
|
||||
|
||||
mkRaw = value: {
|
||||
inherit value;
|
||||
_type = "raw";
|
||||
|
@ -1,8 +1,6 @@
|
||||
<?php
|
||||
require_once dirname(__DIR__) . implode(DIRECTORY_SEPARATOR, ['', 'inc', 'include.php']);
|
||||
|
||||
echo $DOOR_SECRET;
|
||||
|
||||
$translation = ['I dag', 'I morgen', 'Denne uka', 'Neste uke', 'Denne måneden', 'Neste måned'];
|
||||
$pdo = new \PDO($DB_DSN, $DB_USER, $DB_PASS);
|
||||
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
|
Loading…
Reference in New Issue
Block a user