@ -1,16 +1,21 @@
{ config , lib , pkgs , . . . }:
{ config , pkgs , lib , . . . }:
let
inherit ( lib ) mkDefault mkEnableOption mkForce mkIf mkMerge mkOption types maintainers recursiveUpdate ;
inherit ( lib ) any attrValues concatMapStrings concatMapStringsSep flatten literalExample ;
inherit ( lib ) filterAttrs mapAttrs mapAttrs' mapAttrsToList nameValuePair optional optionalAttrs optionalString ;
inherit ( lib ) mkEnableOption mkForce mkIf mkMerge mkOption optionalAttrs recursiveUpdate types maintainers ;
inherit ( lib ) concatMapStringsSep flatten mapAttrs mapAttrs' mapAttrsToList nameValuePair concatMapStringSep ;
eachSite = config . services . dokuwiki ;
cfg = migrateOldAttrs config . services . dokuwiki ;
eachSite = cfg . sites ;
user = " d o k u w i k i " ;
group = config . services . nginx . group ;
webserver = config . services . ${ cfg . webserver } ;
stateDir = hostName : " / v a r / l i b / d o k u w i k i / ${ hostName } / d a t a " ;
# Migrate config.services.dokuwiki.<hostName> to config.services.dokuwiki.sites.<hostName>
oldSites = filterAttrs ( o : _ : o != " s i t e s " && o != " w e b s e r v e r " ) ;
migrateOldAttrs = cfg : cfg // { sites = cfg . sites // oldSites cfg ; } ;
dokuwikiAclAuthConfig = cfg : pkgs . writeText " a c l . a u t h . p h p " ''
dokuwikiAclAuthConfig = hostName : cfg : pkgs . writeText " a c l . a u t h - ${ hostName } . p h p " ''
# acl.auth.php
# <?php exit()?>
#
@ -19,7 +24,7 @@ let
$ { toString cfg . acl }
'' ;
dokuwikiLocalConfig = cfg : pkgs . writeText " l o c a l . p h p " ''
dokuwikiLocalConfig = hostName : cfg : pkgs . writeText " l o c a l - ${ hostName } . p h p " ''
< ? php
$ conf [ ' savedir' ] = ' $ { cfg . stateDir } ' ;
$ conf [ ' superuser' ] = ' $ { toString cfg . superUser } ' ;
@ -28,11 +33,12 @@ let
$ { toString cfg . extraConfig }
'' ;
dokuwikiPluginsLocalConfig = cfg : pkgs . writeText " p l u g i n s . l o c a l . p h p " ''
dokuwikiPluginsLocalConfig = hostName : cfg : pkgs . writeText " p l u g i n s . l o c a l - ${ hostName } . p h p " ''
< ? php
$ { cfg . pluginsConfig }
'' ;
pkg = hostName : cfg : pkgs . stdenv . mkDerivation rec {
pname = " d o k u w i k i - ${ hostName } " ;
version = src . version ;
@ -43,13 +49,13 @@ let
cp - r * $ out /
# symlink the dokuwiki config
ln - s $ { dokuwikiLocalConfig cfg } $ out/share/dokuwiki/local.php
ln - s $ { dokuwikiLocalConfig hostName cfg } $ out/share/dokuwiki/local.php
# symlink plugins config
ln - s $ { dokuwikiPluginsLocalConfig cfg } $ out/share/dokuwiki/plugins.local.php
ln - s $ { dokuwikiPluginsLocalConfig hostName cfg } $ out/share/dokuwiki/plugins.local.php
# symlink acl
ln - s $ { dokuwikiAclAuthConfig cfg } $ out/share/dokuwiki/acl.auth.php
ln - s $ { dokuwikiAclAuthConfig hostName cfg } $ out/share/dokuwiki/acl.auth.php
# symlink additional plugin(s) and templates(s)
$ { concatMapStringsSep " \n " ( template : " l n - s ${ template } $ o u t / s h a r e / d o k u w i k i / l i b / t p l / ${ template . name } " ) cfg . templates }
@ -57,332 +63,385 @@ let
'' ;
} ;
siteOpts = { config , lib , name , . . . }: {
options = {
enable = mkEnableOption " D o k u W i k i w e b a p p l i c a t i o n . " ;
package = mkOption {
type = types . package ;
default = pkgs . dokuwiki ;
description = " W h i c h d o k u w i k i p a c k a g e t o u s e . " ;
} ;
siteOpts = { config , lib , name , . . . }:
{
options = {
package = mkOption {
type = types . package ;
default = pkgs . dokuwiki ;
description = " W h i c h D o k u W i k i p a c k a g e t o u s e . " ;
} ;
hostName = mkOption {
type = types . str ;
default = " l o c a l h o s t " ;
description = " F Q D N f o r t h e i n s t a n c e . " ;
} ;
stateDir = mkOption {
type = types . path ;
default = " / v a r / l i b / d o k u w i k i / ${ name } / d a t a " ;
description = " L o c a t i o n o f t h e D o k u W ik i s t a t e d i r e c t o r y . " ;
} ;
stateDir = mkOption {
type = types . path ;
default = " / v a r / l i b / d o k u w i k i / ${ name } / d a t a " ;
description = " L o c a t i o n o f t h e d o k u w i k i s t a t e d i r e c t o r y . " ;
} ;
acl = mkOption {
type = types . nullOr types . lines ;
default = null ;
example = " * @ A L L 8 " ;
description = ''
Access Control Lists : see < link xlink:href= " h t t p s : / / w w w . d o k u w i k i . o r g / a c l " / >
Mutually exclusive with services . dokuwiki . aclFile
Set this to a value other than null to take precedence over aclFile option .
Warning : Consider using aclFile instead if you do not
want to store the ACL in the world-readable Nix store .
'' ;
} ;
acl = mkOption {
type = types . nullOr types . lines ;
default = null ;
example = " * @ A L L 8 " ;
description = ''
Access Control Lists : see < link xlink:href= " h t t p s : / / w w w . d o k u w i k i . o r g / a c l " / >
Mutually exclusive with services . dokuwiki . aclFile
Set this to a value other than null to take precedence over aclFile option .
Warning : Consider using aclFile instead if you do not
want to store the ACL in the world-readable Nix store .
'' ;
} ;
aclFile = mkOption {
type = with types ; nullOr str ;
default = if ( config . aclUse && config . acl == null ) then " / v a r / l i b / d o k u w i k i / ${ name } / a c l . a u t h . p h p " else null ;
description = ''
Location of the dokuwiki acl rules . Mutually exclusive with services . dokuwiki . acl
Mutually exclusive with services . dokuwiki . acl which is preferred .
Consult documentation < link xlink:href= " h t t p s : / / w w w . d o k u w i k i . o r g / a c l " / > for further instructions .
Example : < link xlink:href= " h t t p s : / / g i t h u b . c o m / s p l i t b r a i n / d o k u w i k i / b l o b / m a s t e r / c o n f / a c l . a u t h . p h p . d i s t " / >
'' ;
example = " / v a r / l i b / d o k u w i k i / ${ name } / a c l . a u t h . p h p " ;
} ;
aclFile = mkOption {
type = with types ; nullOr str ;
default = if ( config . aclUse && config . acl == null ) then " / v a r / l i b / d o k u w i k i / ${ name } / a c l . a u t h . p h p " else null ;
description = ''
Location of the dokuwiki acl rules . Mutually exclusive with services . dokuwiki . acl
Mutually exclusive with services . dokuwiki . acl which is preferred .
Consult documentation < link xlink:href= " h t t p s : / / w w w . d o k u w i k i . o r g / a c l " / > for further instructions .
Example : < link xlink:href= " h t t p s : / / g i t h u b . c o m / s p l i t b r a i n / d o k u w i k i / b l o b / m a s t e r / c o n f / a c l . a u t h . p h p . d i s t " / >
'' ;
example = " / v a r / l i b / d o k u w i k i / ${ name } / a c l . a u t h . p h p " ;
} ;
aclUse = mkOption {
type = types . bool ;
default = true ;
description = ''
Necessary for users to log in into the system .
Also limits anonymous users . When disabled ,
everyone is able to create and edit content .
'' ;
} ;
aclUse = mkOption {
type = types . bool ;
default = true ;
description = ''
Necessary for users to log in into the system .
Also limits anonymous users . When disabled ,
everyone is able to create and edit content .
'' ;
} ;
pluginsConfig = mkOption {
type = types . lines ;
default = ''
$ plugins [ ' authad' ] = 0 ;
$ plugins [ ' authldap' ] = 0 ;
$ plugins [ ' authmysql' ] = 0 ;
$ plugins [ ' authpgsql' ] = 0 ;
'' ;
description = ''
List of the dokuwiki ( un ) loaded plugins .
'' ;
} ;
pluginsConfig = mkOption {
type = types . lines ;
default = ''
$ plugins [ ' authad' ] = 0 ;
$ plugins [ ' authldap' ] = 0 ;
$ plugins [ ' authmysql' ] = 0 ;
$ plugins [ ' authpgsql' ] = 0 ;
'' ;
description = ''
List of the dokuwiki ( un ) loaded plugins .
'' ;
} ;
superUser = mkOption {
type = types . nullOr types . str ;
default = " @ a d m i n " ;
description = ''
You can set either a username , a list of usernames ( “ admin1 , admin2 ” ) ,
or the name of a group by prepending an @ char to the groupname
Consult documentation < link xlink:href= " h t t p s : / / w w w . d o k u w i k i . o r g / c o n f i g : s u p e r u s e r " / > for further instructions .
'' ;
} ;
superUser = mkOption {
type = types . nullOr types . str ;
default = " @ a d m i n " ;
description = ''
You can set either a username , a list of usernames ( “ admin1 , admin2 ” ) ,
or the name of a group by prepending an @ char to the groupname
Consult documentation < link xlink:href= " h t t p s : / / w w w . d o k u w i k i . o r g / c o n f i g : s u p e r u s e r " / > for further instructions .
'' ;
} ;
usersFile = mkOption {
type = with types ; nullOr str ;
default = if config . aclUse then " / v a r / l i b / d o k u w i k i / ${ name } / u s e r s . a u t h . p h p " else null ;
description = ''
Location of the dokuwiki users file . List of users . Format :
login:passwordhash:Real Name:email:groups,comma,separated
Create passwordHash easily by using:$ mkpasswd -5 password ` pwgen 8 1 `
Example : < link xlink:href= " h t t p s : / / g i t h u b . c o m / s p l i t b r a i n / d o k u w i k i / b l o b / m a s t e r / c o n f / u s e r s . a u t h . p h p . d i s t " / >
'' ;
example = " / v a r / l i b / d o k u w i k i / ${ name } / u s e r s . a u t h . p h p " ;
} ;
usersFile = mkOption {
type = with types ; nullOr str ;
default = if config . aclUse then "/ v a r / l i b / d o k u w i k i / ${ name } / u s e r s . a u t h . p h p " else null ;
description = ''
Location of the dokuwiki users file . List of users . Format :
login:passwordhash:Real Name:email:groups,comma,separated
Create passwordHash easily by using:$ mkpasswd -5 password ` pwgen 8 1 `
Example : < link xlink:href= " h t t p s : / / g i t h u b . c o m / s p l i t b r a i n / d o k u w i k i / b l o b / m a s t e r / c o n f / u s e r s . a u t h . p h p . d i s t " / >
disableActions = mkOption {
type = types . nullOr types . str ;
default = "" ;
example = " s e a r c h , r e g i s t e r " ;
description = ''
Disable individual action modes . Refer to
< link xlink:href= " h t t p s : / / w w w . d o k u w i k i . o r g / c o n f i g : a c t i o n _ m o d e s " / >
for details on supported values .
'' ;
example = " / v a r / l i b / d o k u w i k i / ${ name } / u s e r s . a u t h . p h p " ;
} ;
} ;
disableActions = mkOption {
type = types . nullOr types . str ;
default = " " ;
example = " s e a r c h , r e g i s t e r " ;
description = ''
Disable individual action modes . Refer to
< link xlink:href= " h t t p s : / / w w w . d o k u w i k i . o r g / c o n f i g : a c t i o n _ m o d e s " / >
for details on supported values .
'' ;
} ;
plugins = mkOption {
type = types . listOf types . path ;
default = [ ] ;
description = ''
List of path ( s ) to respective plugin ( s ) which are copied from the ' plugin' directory .
<note> <para> These plugins need to be packaged before use , see example . < /para > < /note >
'' ;
example = ''
# Let's package the icalevents plugin
plugin-icalevents = pkgs . stdenv . mkDerivation {
name = " i c a l e v e n t s " ;
# Download the plugin from the dokuwiki site
src = pkgs . fetchurl {
url = " h t t p s : / / g i t h u b . c o m / r e a l - o r - r a n d o m / d o k u w i k i - p l u g i n - i c a l e v e n t s / r e l e a s e s / d o w n l o a d / 2 0 1 7 - 0 6 - 1 6 / d o k u w i k i - p l u g i n - i c a l e v e n t s - 2 0 1 7 - 0 6 - 1 6 . z i p " ;
sha256 = " e 4 0 e d 7 d d 6 b b e 7 f e 3 3 6 3 b b b e c b 4 d e 4 8 1 d 5 e 4 2 3 8 5 b 5 a 0 f 6 2 f 6 a 6 c e 6 b f 3 a 1 f 9 d f a 8 " ;
} ;
sourceRoot = " . " ;
# We need unzip to build this package
buildInputs = [ pkgs . unzip ] ;
# Installing simply means copying all files to the output directory
installPhase = " m k d i r - p $ o u t ; c p - R * $ o u t / " ;
} ;
extraConfig = mkOption {
type = types . nullOr types . lines ;
default = null ;
example = ''
$ conf [ ' title' ] = ' My Wiki' ;
$ conf [ ' userewrite' ] = 1 ;
'' ;
description = ''
DokuWiki configuration . Refer to
< link xlink:href= " h t t p s : / / w w w . d o k u w i k i . o r g / c o n f i g " / >
for details on supported values .
'' ;
} ;
# And then pass this theme to the plugin list like this:
plugins = [ plugin-icalevents ] ;
'' ;
} ;
plugins = mkOption {
type = types . listOf types . path ;
default = [ ] ;
description = ''
List of path ( s ) to respective plugin ( s ) which are copied from the ' plugin' directory .
<note> <para> These plugins need to be packaged before use , see example . < /para > < /note >
'' ;
example = ''
# Let's package the icalevents plugin
plugin-icalevents = pkgs . stdenv . mkDerivation {
name = " i c a l e v e n t s " ;
# Download the plugin from the dokuwiki site
src = pkgs . fetchurl {
url = " h t t p s : / / g i t h u b . c o m / r e a l - o r - r a n d o m / d o k u w i k i - p l u g i n - i c a l e v e n t s / r e l e a s e s / d o w n l o a d / 2 0 1 7 - 0 6 - 1 6 / d o k u w i k i - p l u g i n - i c a l e v e n t s - 2 0 1 7 - 0 6 - 1 6 . z i p " ;
sha256 = " e 4 0 e d 7 d d 6 b b e 7 f e 3 3 6 3 b b b e c b 4 d e 4 8 1 d 5 e 4 2 3 8 5 b 5 a 0 f 6 2 f 6 a 6 c e 6 b f 3 a 1 f 9 d f a 8 " ;
templates = mkOption {
type = types . listOf types . path ;
default = [ ] ;
description = ''
List of path ( s ) to respective template ( s ) which are copied from the ' tpl' directory .
<note> <para> These templates need to be packaged before use , see example . < /para > < /note >
'' ;
example = ''
# Let's package the bootstrap3 theme
template-bootstrap3 = pkgs . stdenv . mkDerivation {
name = " b o o t s t r a p 3 " ;
# Download the theme from the dokuwiki site
src = pkgs . fetchurl {
url = " h t t p s : / / g i t h u b . c o m / g i t e r l i z z i / d o k u w i k i - t e m p l a t e - b o o t s t r a p 3 / a r c h i v e / v 2 0 1 9 - 0 5 - 2 2 . z i p " ;
sha256 = " 4 d e 5 f f 3 1 d 5 4 d d 6 1 b b c c a f 0 9 2 c 9 e 7 4 c 1 a f 3 a 4 c 5 3 e 0 7 a a 5 9 f 6 0 4 5 7 a 8 f 0 0 c f b 2 3 a 6 " ;
} ;
# We need unzip to build this package
buildInputs = [ pkgs . unzip ] ;
# Installing simply means copying all files to the output directory
installPhase = " m k d i r - p $ o u t ; c p - R * $ o u t / " ;
} ;
sourceRoot = " . " ;
# We need unzip to build this package
nativeBuildInputs = [ pkgs . unzip ] ;
# Installing simply means copying all files to the output directory
installPhase = " m k d i r - p $ o u t ; c p - R * $ o u t / " ;
} ;
# And then pass this theme to the plugin list like this:
plugins = [ plugin-icalevents ] ;
'' ;
} ;
templates = mkOption {
type = types . listOf types . path ;
default = [ ] ;
description = ''
List of path ( s ) to respective template ( s ) which are copied from the ' tpl' directory .
<note> <para> These templates need to be packaged before use , see example . < /para > < /note >
'' ;
example = ''
# Let's package the bootstrap3 theme
template-bootstrap3 = pkgs . stdenv . mkDerivation {
name = " b o o t s t r a p 3 " ;
# Download the theme from the dokuwiki site
src = pkgs . fetchurl {
url = " h t t p s : / / g i t h u b . c o m / g i t e r l i z z i / d o k u w i k i - t e m p l a t e - b o o t s t r a p 3 / a r c h i v e / v 2 0 1 9 - 0 5 - 2 2 . z i p " ;
sha256 = " 4 d e 5 f f 3 1 d 5 4 d d 6 1 b b c c a f 0 9 2 c 9 e 7 4 c 1 a f 3 a 4 c 5 3 e 0 7 a a 5 9 f 6 0 4 5 7 a 8 f 0 0 c f b 2 3 a 6 " ;
} ;
# We need unzip to build this package
nativeBuildInputs = [ pkgs . unzip ] ;
# Installing simply means copying all files to the output directory
installPhase = " m k d i r - p $ o u t ; c p - R * $ o u t / " ;
} ;
# And then pass this theme to the template list like this:
templates = [ template-bootstrap3 ] ;
'' ;
} ;
# And then pass this theme to the template list like this:
templates = [ template-bootstrap3 ] ;
'' ;
} ;
poolConfig = mkOption {
type = with types ; attrsOf ( oneOf [ str int bool ] ) ;
default = {
" p m " = " d y n a m i c " ;
" p m . m a x _ c h i l d r e n " = 32 ;
" p m . s t a r t _ s e r v e r s " = 2 ;
" p m . m i n _ s p a r e _ s e r v e r s " = 2 ;
" p m . m a x _ s p a r e _ s e r v e r s " = 4 ;
" p m . m a x _ r e q u e s t s " = 500 ;
poolConfig = mkOption {
type = with types ; attrsOf ( oneOf [ str int bool ] ) ;
default = {
" p m " = " d y n a m i c " ;
" p m . m a x _ c h i l d r e n " = 32 ;
" p m . s t a r t _ s e r v e r s " = 2 ;
" p m . m i n _ s p a r e _ s e r v e r s " = 2 ;
" p m . m a x _ s p a r e _ s e r v e r s " = 4 ;
" p m . m a x _ r e q u e s t s " = 500 ;
} ;
description = ''
Options for the DokuWiki PHP pool . See the documentation on <literal> php-fpm . conf < /literal >
for details on configuration directives .
'' ;
} ;
description = ''
Options for the dokuwiki PHP pool . See the documentation on <literal> php-fpm . conf < /literal >
for details on configuration directives .
'' ;
} ;
nginx = mkOption {
type = types . submodule (
recursiveUpdate
( import ../web-servers/nginx/vhost-options.nix { inherit config lib ; } ) { }
) ;
default = { } ;
example = {
serverAliases = [
" w i k i . \$ { c o n f i g . n e t w o r k i n g . d o m a i n } "
] ;
# To enable encryption and let let's encrypt take care of certificate
forceSSL = true ;
enableACME = true ;
extraConfig = mkOption {
type = types . nullOr types . lines ;
default = null ;
example = ''
$ conf [ ' title' ] = ' My Wiki' ;
$ conf [ ' userewrite' ] = 1 ;
'' ;
description = ''
DokuWiki configuration . Refer to
< link xlink:href= " h t t p s : / / w w w . d o k u w i k i . o r g / c o n f i g " / >
for details on supported values .
'' ;
} ;
description = ''
With this option , you can customize the nginx virtualHost settings .
'' ;
} ;
} ;
} ;
in
{
# interface
options = {
services . dokuwiki = mkOption {
type = types . attrsOf ( types . submodule siteOpts ) ;
type = types . submodule {
# Used to support old interface
freeformType = types . attrsOf ( types . submodule siteOpts ) ;
# New interface
options . sites = mkOption {
type = types . attrsOf ( types . submodule siteOpts ) ;
default = { } ;
description = " S p e c i f i c a t i o n o f o n e o r m o r e D o k u W i k i s i t e s t o s e r v e " ;
} ;
options . webserver = mkOption {
type = types . enum [ " n g i n x " " c a d d y " ] ;
default = " n g i n x " ;
description = ''
Whether to use nginx or caddy for virtual host management .
Further nginx configuration can be done by adapting <literal> services . nginx . virtualHosts . & lt ; name & gt ; < /literal > .
See < xref linkend = " o p t - s e r v i c e s . n g i n x . v i r t u a l H o s t s " / > for further information .
Further apache2 configuration can be done by adapting <literal> services . httpd . virtualHosts . & lt ; name & gt ; < /literal > .
See < xref linkend = " o p t - s e r v i c e s . h t t p d . v i r t u a l H o s t s " / > for further information .
'' ;
} ;
} ;
default = { } ;
description = " S e p c i f i c a t i o n o f o n e o r m o r e d o k u w i k i s i t e s t o s e r v e . " ;
description = " D o k u W i k i c o n f i g u r a t i o n " ;
} ;
} ;
# implementation
config = mkIf ( eachSite != { } ) {
warnings = mapAttrsToList ( hostName : cfg : mkIf ( cfg . superUser == null ) " N o t s e t t i n g s e r v i c e s . d o k u w i k i . ${ hostName } s u p e r U s e r w i l l i m p a i r y o u r a b i l i t y t o a d m i n i s t e r D o k u W i k i " ) eachSite ;
config = mkIf ( eachSite != { } ) ( mkMerge [ {
assertions = flatten ( mapAttrsToList ( hostName : cfg :
[ {
assertion = cfg . aclUse -> ( cfg . acl != null || cfg . aclFile != null ) ;
message = " E i t h e r s e r v i c e s . d o k u w i k i . ${ hostName } . a c l o r s e r v i c e s . d o k u w i k i . ${ hostName } . a c l F i l e i s m a n d a t o r y i f a c l U s e t r u e " ;
message = " E i t h e r s e r v i c e s . d o k u w i k i . s i t e s . ${ hostName } . a c l o r s e r v i c e s . d o k u w i k i . s i t e s . ${ hostName } . a c l F i l e i s m a n d a t o r y i f a c l U s e t r u e " ;
}
{
assertion = cfg . usersFile != null -> cfg . aclUse != false ;
message = " s e r v i c e s . d o k u w i k i . ${ hostName } . a c l U s e m u s t m u s t b e t r u e i f u s e r s F i l e i s n o t n u l l " ;
message = " s e r v i c e s . d o k u w i k i . s i t e s . ${ hostName } . a c l U s e m u s t m u s t b e t r u e i f u s e r s F i l e i s n o t n u l l " ;
}
] ) eachSite ) ;
warnings = mapAttrsToList ( hostName : _ : '' s e r v i c e s . d o k u w i k i . " ${ hostName } " i s d e p r e c a t e d u s e s e r v i c e s . d o k u w i k i . s i t e s . " ${ hostName } " '' ) ( oldSites cfg ) ;
services . phpfpm . pools = mapAttrs' ( hostName : cfg : (
nameValuePair " d o k u w i k i - ${ hostName } " {
inherit user ;
inherit group ;
group = webserver . group ;
phpEnv = {
DOKUWIKI_LOCAL_CONFIG = " ${ dokuwikiLocalConfig cfg } " ;
DOKUWIKI_PLUGINS_LOCAL_CONFIG = " ${ dokuwikiPluginsLocalConfig cfg } " ;
DOKUWIKI_LOCAL_CONFIG = " ${ dokuwikiLocalConfig hostName cfg } " ;
DOKUWIKI_PLUGINS_LOCAL_CONFIG = " ${ dokuwikiPluginsLocalConfig hostName cfg } " ;
} // optionalAttrs ( cfg . usersFile != null ) {
DOKUWIKI_USERS_AUTH_CONFIG = " ${ cfg . usersFile } " ;
} // optionalAttrs ( cfg . aclUse ) {
DOKUWIKI_ACL_AUTH_CONFIG = if ( cfg . acl != null ) then " ${ dokuwikiAclAuthConfig cfg } " else " ${ toString cfg . aclFile } " ;
DOKUWIKI_ACL_AUTH_CONFIG = if ( cfg . acl != null ) then " ${ dokuwikiAclAuthConfig hostName cfg } " else " ${ toString cfg . aclFile } " ;
} ;
settings = {
" l i s t e n . m o d e " = " 0 6 6 0 " ;
" l i s t e n . o w n e r " = user ;
" l i s t e n . g r o u p " = group ;
" l i s t e n . o w n e r " = webserver . user ;
" l i s t e n . g r o u p " = webserver . group ;
} // cfg . poolConfig ;
} ) ) eachSite ;
services . nginx = {
enable = true ;
virtualHosts = mapAttrs ( hostName : cfg : mkMerge [ cfg . nginx {
root = mkForce " ${ pkg hostName cfg } / s h a r e / d o k u w i k i " ;
extraConfig = lib . optionalString ( cfg . nginx . addSSL || cfg . nginx . forceSSL || cfg . nginx . onlySSL || cfg . nginx . enableACME ) " f a s t c g i _ p a r a m H T T P S o n ; " ;
locations . " ~ / ( c o n f / | b i n / | i n c / | i n s t a l l . p h p ) " = {
extraConfig = " d e n y a l l ; " ;
} ;
}
) ) eachSite ;
locations . " ~ ^ / d a t a / " = {
root = " ${ cfg . stateDir } " ;
extraConfig = " i n t e r n a l ; " ;
} ;
}
locations . " ~ ^ / l i b . * \\ . ( j s | c s s | g i f | p n g | i c o | j p g | j p e g ) $ " = {
extraConfig = " e x p i r e s 3 6 5 d ; " ;
} ;
{
systemd . tmpfiles . rules = flatten ( mapAttrsToList ( hostName : cfg : [
" d ${ stateDir hostName } / a t t i c 0 7 5 0 ${ user } ${ webserver . group } - - "
" d ${ stateDir hostName } / c a c h e 0 7 5 0 ${ user } ${ webserver . group } - - "
" d ${ stateDir hostName } / i n d e x 0 7 5 0 ${ user } ${ webserver . group } - - "
" d ${ stateDir hostName } / l o c k s 0 7 5 0 ${ user } ${ webserver . group } - - "
" d ${ stateDir hostName } / m e d i a 0 7 5 0 ${ user } ${ webserver . group } - - "
" d ${ stateDir hostName } / m e d i a _ a t t i c 0 7 5 0 ${ user } ${ webserver . group } - - "
" d ${ stateDir hostName } / m e d i a _ m e t a 0 7 5 0 ${ user } ${ webserver . group } - - "
" d ${ stateDir hostName } / m e t a 0 7 5 0 ${ user } ${ webserver . group } - - "
" d ${ stateDir hostName } / p a g e s 0 7 5 0 ${ user } ${ webserver . group } - - "
" d ${ stateDir hostName } / t m p 0 7 5 0 ${ user } ${ webserver . group } - - "
] ++ lib . optional ( cfg . aclFile != null ) " C ${ cfg . aclFile } 0 6 4 0 ${ user } ${ webserver . group } - ${ pkg hostName cfg } / s h a r e / d o k u w i k i / c o n f / a c l . a u t h . p h p . d i s t "
++ lib . optional ( cfg . usersFile != null ) " C ${ cfg . usersFile } 0 6 4 0 ${ user } ${ webserver . group } - ${ pkg hostName cfg } / s h a r e / d o k u w i k i / c o n f / u s e r s . a u t h . p h p . d i s t "
) eachSite ) ;
locations . " / " = {
priority = 1 ;
index = " d o k u . p h p " ;
extraConfig = " t r y _ f i l e s $ u r i $ u r i / @ d o k u w i k i ; " ;
} ;
users . users . ${ user } = {
group = webserver . group ;
isSystemUser = true ;
} ;
}
locations . " @ d o k u w i k i " = {
extraConfig = ''
( mkIf ( cfg . webserver == " n g i n x " ) {
services . nginx = {
enable = true ;
virtualHosts = mapAttrs ( hostName : cfg : {
serverName = mkDefault hostName ;
root = " ${ pkg hostName cfg } / s h a r e / d o k u w i k i " ;
locations = {
" ~ / ( c o n f / | b i n / | i n c / | i n s t a l l . p h p ) " = {
extraConfig = " d e n y a l l ; " ;
} ;
" ~ ^ / d a t a / " = {
root = " ${ stateDir hostName } " ;
extraConfig = " i n t e r n a l ; " ;
} ;
" ~ ^ / l i b . * \. ( j s | c s s | g i f | p n g | i c o | j p g | j p e g ) $ " = {
extraConfig = " e x p i r e s 3 6 5 d ; " ;
} ;
" / " = {
priority = 1 ;
index = " d o k u . p h p " ;
extraConfig = '' t r y _ f i l e s $u r i $u r i / @ d o k u w i k i ; '' ;
} ;
" @ d o k u w i k i " = {
extraConfig = ''
# rewrites "doku.php/" out of the URLs if you set the userwrite setting to .htaccess in dokuwiki config page
rewrite ^ /_media / ( . * ) /lib/exe/fetch.php ? media = $ 1 last ;
rewrite ^ /_detail / ( . * ) /lib/exe/detail.php ? media = $ 1 last ;
rewrite ^ /_export / ( [ ^ / ] + ) / ( . * ) /doku.php ? do = export_ $ 1 & id = $ 2 last ;
rewrite ^ / ( . * ) /doku.php ? id = $ 1 & $ args last ;
'' ;
} ;
'' ;
} ;
locations . " ~ \\ . p h p $ " = {
extraConfig = ''
" ~ \\ . p h p $ " = {
extraConfig = ''
try_files $ uri $ uri / /doku.php ;
include $ { pkgs . nginx } /conf/fastcgi_params ;
fastcgi_param SCRIPT_FILENAME $ document_root $ fastcgi_script_name ;
fastcgi_param REDIRECT_STATUS 200 ;
fastcgi_pass unix:$ { config . services . phpfpm . pools . " d o k u w i k i - ${ hostName } " . socket } ;
$ { lib . optionalString ( cfg . nginx . addSSL || cfg . nginx . forceSSL || cfg . nginx . onlySSL || cfg . nginx . enableACME ) " f a s t c g i _ p a r a m H T T P S o n ; " }
'' ;
'' ;
} ;
} ;
} ] ) eachSite ;
} ) eachSite ;
} ;
} )
systemd . tmpfiles . rules = flatten ( mapAttrsToList ( hostName : cfg : [
" d ${ cfg . stateDir } / a t t i c 0 7 5 0 ${ user } ${ group } - - "
" d ${ cfg . stateDir } / c a c h e 0 7 5 0 ${ user } ${ group } - - "
" d ${ cfg . stateDir } / i n d e x 0 7 5 0 ${ user } ${ group } - - "
" d ${ cfg . stateDir } / l o c k s 0 7 5 0 ${ user } ${ group } - - "
" d ${ cfg . stateDir } / m e d i a 0 7 5 0 ${ user } ${ group } - - "
" d ${ cfg . stateDir } / m e d i a _ a t t i c 0 7 5 0 ${ user } ${ group } - - "
" d ${ cfg . stateDir } / m e d i a _ m e t a 0 7 5 0 ${ user } ${ group } - - "
" d ${ cfg . stateDir } / m e t a 0 7 5 0 ${ user } ${ group } - - "
" d ${ cfg . stateDir } / p a g e s 0 7 5 0 ${ user } ${ group } - - "
" d ${ cfg . stateDir } / t m p 0 7 5 0 ${ user } ${ group } - - "
] ++ lib . optional ( cfg . aclFile != null ) " C ${ cfg . aclFile } 0 6 4 0 ${ user } ${ group } - ${ pkg hostName cfg } / s h a r e / d o k u w i k i / c o n f / a c l . a u t h . p h p . d i s t "
++ lib . optional ( cfg . usersFile != null ) " C ${ cfg . usersFile } 0 6 4 0 ${ user } ${ group } - ${ pkg hostName cfg } / s h a r e / d o k u w i k i / c o n f / u s e r s . a u t h . p h p . d i s t "
) eachSite ) ;
( mkIf ( cfg . webserver == " c a d d y " ) {
services . caddy = {
enable = true ;
virtualHosts = mapAttrs' ( hostName : cfg : (
nameValuePair " h t t p : / / ${ hostName } " {
extraConfig = ''
root * $ { pkg hostName cfg } /share/dokuwiki
file_server
users . users . ${ user } = {
group = group ;
isSystemUser = true ;
encode zstd gzip
php_fastcgi unix / $ { config . services . phpfpm . pools . " d o k u w i k i - ${ hostName } " . socket }
@ restrict_files {
path /data /* / c o n f / * / b i n / * / i n c / * / v e n d o r / * / i n s t a l l . p h p
}
respond @ restrict_files 404
@ allow_media {
path_regexp path ^ /_media / ( . * ) $
}
rewrite @ allow_media /lib/exe/fetch.php ? media = / { http . regexp . path .1 }
@ allow_detail {
path /_detail *
}
rewrite @ allow_detail /lib/exe/detail.php ? media = { path }
@ allow_export {
path /_export *
path_regexp export / ( [ ^ / ] + ) / ( . * )
}
rewrite @ allow_export /doku.php ? do = export_ { http . regexp . export .1 } & id = { http . regexp . export .2 }
try_files { path } { path } / /doku.php ? id = { path } & { query }
'' ;
}
) ) eachSite ;
} ;
} ;
} )
meta . maintainers = with maintainers ; [ _1000101 ] ;
] ) ;
meta . maintainers = with maintainers ; [
_1000101
onny
] ;
}