WIP: nixify

This commit is contained in:
Oystein Kristoffer Tveit 2024-03-24 08:20:54 +01:00
parent ad8ecc4935
commit 321846d2da
3 changed files with 27 additions and 13 deletions

View File

@ -37,7 +37,7 @@ $config = [
* external url, no matter where you come from (direct access or via the * external url, no matter where you come from (direct access or via the
* reverse proxy). * reverse proxy).
*/ */
'baseurlpath' => 'simplesaml/', 'baseurlpath' => '/simplesaml/',
/* /*
* The 'application' configuration array groups a set configuration options * The 'application' configuration array groups a set configuration options

View File

@ -130,7 +130,7 @@ in
# NOTE: Nvm, don't this this was the problem after all? # NOTE: Nvm, don't this this was the problem after all?
finalPackage = cfg.package.overrideAttrs (_: _: { finalPackage = cfg.package.overrideAttrs (_: _: {
postInstall = cfg.package.postInstall + '' postInstall = cfg.package.postInstall + ''
substituteInPlace $simplesamlphp/config/config.php \ substituteInPlace $out/${cfg.package.passthru.simplesamlphpPath}/config/config.php \
--replace '$SAML_COOKIE_SECURE' '${format.lib.valueToString cfg.settings.SAML.COOKIE_SECURE}' \ --replace '$SAML_COOKIE_SECURE' '${format.lib.valueToString cfg.settings.SAML.COOKIE_SECURE}' \
--replace '$SAML_COOKIE_SALT' '${format.lib.valueToString cfg.settings.SAML.COOKIE_SALT}' \ --replace '$SAML_COOKIE_SALT' '${format.lib.valueToString cfg.settings.SAML.COOKIE_SALT}' \
--replace '$SAML_ADMIN_PASSWORD' '${format.lib.valueToString cfg.settings.SAML.ADMIN_PASSWORD}' \ --replace '$SAML_ADMIN_PASSWORD' '${format.lib.valueToString cfg.settings.SAML.ADMIN_PASSWORD}' \
@ -172,6 +172,25 @@ in
fastcgi_pass unix:${config.services.phpfpm.pools."pvv-nettsiden".socket}; fastcgi_pass unix:${config.services.phpfpm.pools."pvv-nettsiden".socket};
''; '';
# based on https://simplesamlphp.org/docs/stable/simplesamlphp-install.html#configuring-nginx
"^~ /simplesaml/" = {
alias = "${finalPackage}/${finalPackage.passthru.simplesamlphpPath}/www/";
index = "index.php";
extraConfig = ''
location ~ ^/simplesaml/(?<phpfile>.+?\.php)(?<pathinfo>/.*)?$ {
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_pass unix:${config.services.phpfpm.pools."pvv-nettsiden".socket};
fastcgi_param SCRIPT_FILENAME ${finalPackage}/${finalPackage.passthru.simplesamlphpPath}/www/$phpfile;
# Must be prepended with the baseurlpath
fastcgi_param SCRIPT_NAME /simplesaml/$phpfile;
fastcgi_param PATH_INFO $pathinfo if_not_empty;
}
'';
};
${cfg.settings.GALLERY.SERVER_PATH} = { ${cfg.settings.GALLERY.SERVER_PATH} = {
root = cfg.settings.GALLERY.DIR; root = cfg.settings.GALLERY.DIR;
extraConfig = '' extraConfig = ''

View File

@ -1,23 +1,18 @@
{ php }: { php }:
php.buildComposerProject { php.buildComposerProject rec {
src = ./..; src = ./..;
pname = "pvv-nettsiden"; pname = "pvv-nettsiden";
version = "0.0.1"; version = "0.0.1";
vendorHash = "sha256-DSn0ifj7Hjjia1SF/1wfziD/IdsiOES8XNDVz3F/cTI="; vendorHash = "sha256-DSn0ifj7Hjjia1SF/1wfziD/IdsiOES8XNDVz3F/cTI=";
simplesamlphp = "${placeholder "out"}/share/php/pvv-nettsiden/vendor/simplesamlphp/simplesamlphp"; passthru.simplesamlphpPath = "share/php/pvv-nettsiden/vendor/simplesamlphp/simplesamlphp";
postInstall = '' postInstall = ''
mkdir -p $simplesamlphp/config install -Dm444 dist/simplesamlphp-config.php $out/${passthru.simplesamlphpPath}/config/config.php
mkdir -p $simplesamlphp/metadata install -Dm444 dist/simplesamlphp-authsources.php $out/${passthru.simplesamlphpPath}/config/authsources.php
install -Dm444 dist/simplesamlphp-idp.php $out/${passthru.simplesamlphpPath}/metadata/saml20-idp-remote.php
cp dist/simplesamlphp-config.php $simplesamlphp/config/config.php install -Dm444 dist/config.source-env.php $out/share/php/pvv-nettsiden/config.php
cp dist/simplesamlphp-authsources.php $simplesamlphp/config/authsources.php
cp dist/simplesamlphp-idp.php $simplesamlphp/metadata/saml20-idp-remote.php
cp dist/config.source-env.php $out/share/php/pvv-nettsiden/config.php
ln -s $simplesamlphp/www $out/share/php/pvv-nettsiden/www/simplesaml
''; '';
} }