WIP: nixify
This commit is contained in:
parent
a8fb2af3e7
commit
123dd33ea4
11
dist/simplesamlphp-config.php
vendored
11
dist/simplesamlphp-config.php
vendored
@ -1,7 +1,14 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
require dirname(dirname(dirname(dirname(__DIR__)))) . '/config.php';
|
# require_once(dirname(dirname(dirname(dirname(__DIR__)))) . DIRECTORY_SEPARATOR . 'config.php');
|
||||||
echo $SAML_COOKIE_SECURE;
|
|
||||||
|
/*
|
||||||
|
$config_dir = dirname(__DIR__);
|
||||||
|
while (!file_exists($config_dir . DIRECTORY_SEPARATOR . 'config.php')) {
|
||||||
|
$config_dir = dirname($config_dir);
|
||||||
|
}
|
||||||
|
include $config_dir . DIRECTORY_SEPARATOR . 'config.php';
|
||||||
|
*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The configuration of SimpleSAMLphp
|
* The configuration of SimpleSAMLphp
|
||||||
|
@ -40,6 +40,11 @@ in
|
|||||||
(attrs: !(attrs ? "type"))
|
(attrs: !(attrs ? "type"))
|
||||||
(_: option: option // { type = types.either option.type format.lib.types.raw; })
|
(_: option: option // { type = types.either option.type format.lib.types.raw; })
|
||||||
{
|
{
|
||||||
|
DOOR_SECRET = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
description = mdDoc "Secret for the door sensor API";
|
||||||
|
};
|
||||||
|
|
||||||
GALLERY = {
|
GALLERY = {
|
||||||
DIR = mkOption {
|
DIR = mkOption {
|
||||||
type = types.path;
|
type = types.path;
|
||||||
@ -89,13 +94,50 @@ in
|
|||||||
description = mdDoc "Database password. Recommends: null, set in extraConfig";
|
description = mdDoc "Database password. Recommends: null, set in extraConfig";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
SAML = {
|
||||||
|
COOKIE_SALT = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
description = mdDoc "Salt for the SAML cookies";
|
||||||
|
};
|
||||||
|
|
||||||
|
COOKIE_SECURE = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = true;
|
||||||
|
description = mdDoc "Whether to set the secure flag on the SAML cookies";
|
||||||
|
};
|
||||||
|
|
||||||
|
ADMIN_PASSWORD = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
description = mdDoc "Password for the admin user";
|
||||||
|
};
|
||||||
|
|
||||||
|
TRUSTED_DOMAINS = mkOption {
|
||||||
|
type = types.listOf types.str;
|
||||||
|
default = [ cfg.domainName ];
|
||||||
|
description = mdDoc "List of trusted domains for the SAML service";
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable (let
|
||||||
|
# NOTE: This should absolutely not be necessary, but for some reason this file refuses to import
|
||||||
|
# the toplevel configuration file.
|
||||||
|
# NOTE: Nvm, don't this this was the problem after all?
|
||||||
|
finalPackage = cfg.package.overrideAttrs (_: _: {
|
||||||
|
postInstall = cfg.package.postInstall + ''
|
||||||
|
substituteInPlace $simplesamlphp/config/config.php \
|
||||||
|
--replace '$SAML_COOKIE_SECURE' '${format.lib.valueToString cfg.settings.SAML.COOKIE_SECURE}' \
|
||||||
|
--replace '$SAML_COOKIE_SALT' '${format.lib.valueToString cfg.settings.SAML.COOKIE_SALT}' \
|
||||||
|
--replace '$SAML_ADMIN_PASSWORD' '${format.lib.valueToString cfg.settings.SAML.ADMIN_PASSWORD}' \
|
||||||
|
--replace '$SAML_TRUSTED_DOMAINS' '${format.lib.valueToString cfg.settings.SAML.TRUSTED_DOMAINS}'
|
||||||
|
'';
|
||||||
|
});
|
||||||
|
in {
|
||||||
users.users = mkIf (cfg.user == "pvv-nettsiden") {
|
users.users = mkIf (cfg.user == "pvv-nettsiden") {
|
||||||
"pvv-nettsiden" = {
|
"pvv-nettsiden" = {
|
||||||
description = "PVV Website Service User";
|
description = "PVV Website Service User";
|
||||||
@ -120,22 +162,28 @@ in
|
|||||||
enableACME = mkDefault true;
|
enableACME = mkDefault true;
|
||||||
locations = {
|
locations = {
|
||||||
"/" = {
|
"/" = {
|
||||||
root = "${cfg.package}/share/php/pvv-nettsiden/www/";
|
root = "${finalPackage}/share/php/pvv-nettsiden/www/";
|
||||||
index = "index.php";
|
index = "index.php";
|
||||||
};
|
};
|
||||||
|
|
||||||
"~ \\.php$".extraConfig = ''
|
"~ \\.php$".extraConfig = ''
|
||||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||||
fastcgi_param SCRIPT_FILENAME ${cfg.package}/share/php/pvv-nettsiden/www$fastcgi_script_name;
|
fastcgi_param SCRIPT_FILENAME ${finalPackage}/share/php/pvv-nettsiden/www$fastcgi_script_name;
|
||||||
fastcgi_pass unix:${config.services.phpfpm.pools."pvv-nettsiden".socket};
|
fastcgi_pass unix:${config.services.phpfpm.pools."pvv-nettsiden".socket};
|
||||||
'';
|
'';
|
||||||
|
|
||||||
${cfg.settings.GALLERY.SERVER_PATH} = {
|
${cfg.settings.GALLERY.SERVER_PATH} = {
|
||||||
root = cfg.settings.GALLERY.DIR;
|
root = cfg.settings.GALLERY.DIR;
|
||||||
|
extraConfig = ''
|
||||||
|
rewrite ^${cfg.settings.GALLERY.SERVER_PATH}/(.*)$ $1 break;
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
${cfg.settings.SLIDESHOW.SERVER_PATH} = {
|
${cfg.settings.SLIDESHOW.SERVER_PATH} = {
|
||||||
root = cfg.settings.SLIDESHOW.DIR;
|
root = cfg.settings.SLIDESHOW.DIR;
|
||||||
|
extraConfig = ''
|
||||||
|
rewrite ^${cfg.settings.SLIDESHOW.SERVER_PATH}/(.*)$ $1 break;
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -157,5 +205,5 @@ in
|
|||||||
"pm.max_requests" = mkDefault 500;
|
"pm.max_requests" = mkDefault 500;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
});
|
||||||
}
|
}
|
||||||
|
@ -6,9 +6,9 @@ php.buildComposerProject {
|
|||||||
version = "0.0.1";
|
version = "0.0.1";
|
||||||
vendorHash = "sha256-DSn0ifj7Hjjia1SF/1wfziD/IdsiOES8XNDVz3F/cTI=";
|
vendorHash = "sha256-DSn0ifj7Hjjia1SF/1wfziD/IdsiOES8XNDVz3F/cTI=";
|
||||||
|
|
||||||
postInstall = ''
|
simplesamlphp = "${placeholder "out"}/share/php/pvv-nettsiden/vendor/simplesamlphp/simplesamlphp";
|
||||||
simplesamlphp="$out/share/php/pvv-nettsiden/vendor/simplesamlphp/simplesamlphp"
|
|
||||||
|
|
||||||
|
postInstall = ''
|
||||||
mkdir -p $simplesamlphp/config
|
mkdir -p $simplesamlphp/config
|
||||||
mkdir -p $simplesamlphp/metadata
|
mkdir -p $simplesamlphp/metadata
|
||||||
|
|
||||||
|
@ -2,27 +2,27 @@
|
|||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
{ }: {
|
{ }: let
|
||||||
|
valueToString = val:
|
||||||
|
if val == null then
|
||||||
|
"null"
|
||||||
|
else if isString val then
|
||||||
|
builtins.toJSON val
|
||||||
|
else if isBool val then
|
||||||
|
boolToString val
|
||||||
|
else if isInt val || isFloat val then
|
||||||
|
toString val
|
||||||
|
else if isList val then
|
||||||
|
"array(${concatMapStringsSep ", " valueToString val})"
|
||||||
|
else if isAttrs val && val ? value && (val._type or "") == "raw" then
|
||||||
|
val.value
|
||||||
|
else if isAttrs val then
|
||||||
|
throw "Found unexpected attrs, that were not created by mkRaw. Have you put attrs in an array?\n${val}"
|
||||||
|
else throw "unsupported :')";
|
||||||
|
in {
|
||||||
inherit (pkgs.formats.json { }) type;
|
inherit (pkgs.formats.json { }) type;
|
||||||
|
|
||||||
generate = name: value: let
|
generate = name: value: let
|
||||||
valueToString = val:
|
|
||||||
if val == null then
|
|
||||||
"null"
|
|
||||||
else if isString val then
|
|
||||||
builtins.toJSON val
|
|
||||||
else if isBool val then
|
|
||||||
boolToString val
|
|
||||||
else if isInt val || isFloat val then
|
|
||||||
toString val
|
|
||||||
else if isList val then
|
|
||||||
"array(${concatMapStringsSep ", " valueToString val})"
|
|
||||||
else if isAttrs val && val ? value && (val._type or "") == "raw" then
|
|
||||||
val.value
|
|
||||||
else if isAttrs val then
|
|
||||||
throw "Found unexpected attrs, that were not created by mkRaw. Have you put attrs in an array?\n${val}"
|
|
||||||
else throw "unsupported :')";
|
|
||||||
|
|
||||||
flattenStructuredSettings = attrs: let
|
flattenStructuredSettings = attrs: let
|
||||||
partitionAttrs = pred: attrs: lib.pipe attrs [
|
partitionAttrs = pred: attrs: lib.pipe attrs [
|
||||||
attrsToList
|
attrsToList
|
||||||
@ -50,6 +50,8 @@ with lib;
|
|||||||
in pkgs.writeText name content;
|
in pkgs.writeText name content;
|
||||||
|
|
||||||
lib = {
|
lib = {
|
||||||
|
inherit valueToString;
|
||||||
|
|
||||||
mkRaw = value: {
|
mkRaw = value: {
|
||||||
inherit value;
|
inherit value;
|
||||||
_type = "raw";
|
_type = "raw";
|
||||||
|
@ -1,8 +1,6 @@
|
|||||||
<?php
|
<?php
|
||||||
require_once dirname(__DIR__) . implode(DIRECTORY_SEPARATOR, ['', 'inc', 'include.php']);
|
require_once dirname(__DIR__) . implode(DIRECTORY_SEPARATOR, ['', 'inc', 'include.php']);
|
||||||
|
|
||||||
echo $DOOR_SECRET;
|
|
||||||
|
|
||||||
$translation = ['I dag', 'I morgen', 'Denne uka', 'Neste uke', 'Denne måneden', 'Neste måned'];
|
$translation = ['I dag', 'I morgen', 'Denne uka', 'Neste uke', 'Denne måneden', 'Neste måned'];
|
||||||
$pdo = new \PDO($DB_DSN, $DB_USER, $DB_PASS);
|
$pdo = new \PDO($DB_DSN, $DB_USER, $DB_PASS);
|
||||||
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||||
|
Loading…
Reference in New Issue
Block a user