WIP: nixify

2024-03-24 08:20:54 +01:00 · 2024-03-24 08:20:54 +01:00 · 8db658122e
parent a8fb2af3e7
commit 8db658122e
5 changed files with 48 additions and 28 deletions
--- a/dist/simplesamlphp-config.php
+++ b/dist/simplesamlphp-config.php
@ -1,7 +1,14 @@
 <?php

-require dirname(dirname(dirname(dirname(__DIR__)))) . '/config.php';
-echo $SAML_COOKIE_SECURE;
+# require_once(dirname(dirname(dirname(dirname(__DIR__)))) . DIRECTORY_SEPARATOR . 'config.php');
+
+/*
+$config_dir = dirname(__DIR__);
+while (!file_exists($config_dir . DIRECTORY_SEPARATOR . 'config.php')) {
+	$config_dir = dirname($config_dir);
+}
+include $config_dir . DIRECTORY_SEPARATOR . 'config.php';
+*/

 /**
 * The configuration of SimpleSAMLphp
--- a/nix/module.nix
+++ b/nix/module.nix
@ -95,7 +95,20 @@ in
  };


-  config = mkIf cfg.enable {
+  config = mkIf cfg.enable (let
+    # NOTE: This should absolutely not be necessary, but for some reason this file refuses to import
+    #       the toplevel configuration file.
+    # NOTE: Nvm, don't this this was the problem after all?
+    finalPackage = cfg.package.overrideAttrs (_: _: {
+      postInstall = cfg.package.postInstall + ''
+        substituteInPlace $simplesamlphp/config/config.php \
+          --replace '$SAML_COOKIE_SECURE' '${format.lib.valueToString cfg.settings.SAML.COOKIE_SECURE}' \
+          --replace '$SAML_COOKIE_SALT' '${format.lib.valueToString cfg.settings.SAML.COOKIE_SALT}' \
+          --replace '$SAML_ADMIN_PASSWORD' '${format.lib.valueToString cfg.settings.SAML.ADMIN_PASSWORD}' \
+          --replace '$SAML_TRUSTED_DOMAINS' '${format.lib.valueToString cfg.settings.SAML.TRUSTED_DOMAINS}'
+      '';
+    });
+  in {
    users.users = mkIf (cfg.user == "pvv-nettsiden") {
      "pvv-nettsiden" = {
        description = "PVV Website Service User";
@ -120,13 +133,13 @@ in
        enableACME = mkDefault true;
        locations = {
          "/" = {
-            root = "${cfg.package}/share/php/pvv-nettsiden/www/";
+            root = "${finalPackage}/share/php/pvv-nettsiden/www/";
            index = "index.php";
          };

          "~ \\.php$".extraConfig = ''
            include ${pkgs.nginx}/conf/fastcgi_params;
-            fastcgi_param SCRIPT_FILENAME ${cfg.package}/share/php/pvv-nettsiden/www$fastcgi_script_name;
+            fastcgi_param SCRIPT_FILENAME ${finalPackage}/share/php/pvv-nettsiden/www$fastcgi_script_name;
            fastcgi_pass unix:${config.services.phpfpm.pools."pvv-nettsiden".socket};
          '';

@ -157,5 +170,5 @@ in
        "pm.max_requests" = mkDefault 500;
      };
    };
-  };
+  });
 }
--- a/nix/package.nix
+++ b/nix/package.nix
@ -6,9 +6,9 @@ php.buildComposerProject {
  version = "0.0.1";
  vendorHash = "sha256-DSn0ifj7Hjjia1SF/1wfziD/IdsiOES8XNDVz3F/cTI=";

-  postInstall = ''
-    simplesamlphp="$out/share/php/pvv-nettsiden/vendor/simplesamlphp/simplesamlphp"
+  simplesamlphp = "${placeholder "out"}/share/php/pvv-nettsiden/vendor/simplesamlphp/simplesamlphp";

+  postInstall = ''
    mkdir -p $simplesamlphp/config
    mkdir -p $simplesamlphp/metadata

--- a/nix/php-generator.nix
+++ b/nix/php-generator.nix
@ -2,27 +2,27 @@

 with lib;

-{ }: {
+{ }: let
+  valueToString = val:
+    if val == null then
+      "null"
+    else if isString val then
+       builtins.toJSON val
+    else if isBool val then
+      boolToString val
+    else if isInt val || isFloat val then
+      toString val
+    else if isList val then
+      "array(${concatMapStringsSep ", " valueToString val})"
+    else if isAttrs val && val ? value && (val._type or "") == "raw" then
+      val.value
+    else if isAttrs val then
+      throw "Found unexpected attrs, that were not created by mkRaw. Have you put attrs in an array?\n${val}"
+    else throw "unsupported :')";
+in {
  inherit (pkgs.formats.json { }) type;

  generate = name: value: let
-    valueToString = val:
-      if val == null then
-        "null"
-      else if isString val then
-         builtins.toJSON val
-      else if isBool val then
-        boolToString val
-      else if isInt val || isFloat val then
-        toString val
-      else if isList val then
-        "array(${concatMapStringsSep ", " valueToString val})"
-      else if isAttrs val && val ? value && (val._type or "") == "raw" then
-        val.value
-      else if isAttrs val then
-        throw "Found unexpected attrs, that were not created by mkRaw. Have you put attrs in an array?\n${val}"
-      else throw "unsupported :')";
-
    flattenStructuredSettings = attrs: let
      partitionAttrs = pred: attrs: lib.pipe attrs [
        attrsToList
@ -50,6 +50,8 @@ with lib;
  in pkgs.writeText name content;

  lib = {
+    inherit valueToString;
+
    mkRaw = value: {
      inherit value;
      _type = "raw";
--- a/www/index.php
+++ b/www/index.php
@ -1,8 +1,6 @@
 <?php
 require_once dirname(__DIR__) . implode(DIRECTORY_SEPARATOR, ['', 'inc', 'include.php']);

-echo $DOOR_SECRET;
-
 $translation = ['I dag', 'I morgen', 'Denne uka', 'Neste uke', 'Denne måneden', 'Neste måned'];
 $pdo = new \PDO($DB_DSN, $DB_USER, $DB_PASS);
 $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);