kalipso/ep3-bs.nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add mail support

Browse Source
This commit is contained in:
kalipso
2023-03-21 01:11:34 +01:00
parent bec8f91848
commit 467f4d4de9
1 changed files with 124 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files

234
ep3-bs.nix
View File

@@ -4,6 +4,8 @@ with lib;
let
cfg = config.services.ep3-bs;
useSmtp = cfg.mail.type == "smtp" || cfg.mail.type == "smtp-tls";
ep3-bs-pkg =
with pkgs;
@@ -49,16 +51,16 @@ let
'port' => null,
),
'mail' => array(
'type' => 'sendmail', // or 'smtp' or 'smtp-tls' (or 'file', to not send, but save to file (data/mails/))
'address' => 'info@test.de',
'type' => '${cfg.mail.type}', // or 'smtp' or 'smtp-tls' (or 'file', to not send, but save to file (data/mails/))
'address' => '${cfg.mail.address}',
// Make sure 'bookings.example.com' matches the hosting domain when using type 'sendmail'
'host' => '?', // for 'smtp' type only, otherwise remove or leave as is
'user' => '?', // for 'smtp' type only, otherwise remove or leave as is
'pw' => '?', // for 'smtp' type only, otherwise remove or leave as is
'host' => '${cfg.mail.host}', // for 'smtp' type only, otherwise remove or leave as is
'user' => '${cfg.mail.user}', // for 'smtp' type only, otherwise remove or leave as is
'pw' => '${cfg.mail.password}', // for 'smtp' type only, otherwise remove or leave as is
'port' => 'auto', // for 'smtp' type only, otherwise remove or leave as is
'auth' => 'plain', // for 'smtp' type only, change this to 'login' if you have problems with SMTP authentication
'port' => '${cfg.mail.port}', // for 'smtp' type only, otherwise remove or leave as is
'auth' => '${cfg.mail.auth}', // for 'smtp' type only, change this to 'login' if you have problems with SMTP authentication
),
'i18n' => array(
'choice' => array(
@@ -83,41 +85,20 @@ let
init_ep3bs = pkgs.writeScriptBin "init_ep3bs" ''
#!${pkgs.stdenv.shell}
mkdir /tmp
#TODO: dont do this
rm -rf ${cfg.stateDir}/*
echo "echoing name: $(whoami)"
echo "path of ep3bs: ${ep3-bs-pkg}"
cp -r ${ep3-bs-pkg}/* ${cfg.stateDir}
chmod -R 0770 ${cfg.stateDir}
mkdir ${cfg.stateDir}/vendor
mkdir ${cfg.stateDir}/vendor/symfony
chmod -R 777 ${cfg.stateDir}
cd ${cfg.stateDir}
${pkgs.php81Packages.composer}/bin/composer install --ignore-platform-reqs
chmod -R 777 ${cfg.stateDir}
${pkgs.php81Packages.composer}/bin/composer install --ignore-platform-reqs
cp ${cfg.stateDir}/config/init.php.dist ${cfg.stateDir}/config/init.php
echo "path of cfg file: ${configFile}"
cp -f ${configFile} ${cfg.stateDir}/config/autoload/local.php
rm ${cfg.stateDir}/config/autoload/local.php.dist
mv ${cfg.stateDir}/public/.htaccess_original ${cfg.stateDir}/public/.htaccess
${pkgs.php81}/bin/php ${cfg.stateDir}/public/setup.php
#TODO: rm setup
rm ${cfg.stateDir}/data/cache/*
chmod -R 777 ${cfg.stateDir}
if [ -d "${cfg.stateDir}" ]; then
echo "${cfg.stateDir} already exists. Not doing anything..."
exit 0
fi
touch "${cfg.stateDir}/.is_initialized"
'';
in
{
@@ -132,7 +113,13 @@ in
user = mkOption {
type = types.str;
default = "ep3-bs";
description = lib.mdDoc "User account under which ep3-bs runs.";
description = lib.mdDoc "User for ep3-bs.";
};
group = mkOption {
type = types.str;
default = "ep3-bs";
description = lib.mdDoc "Group for ep3-bs.";
};
extraConfig = mkOption {
@@ -147,6 +134,56 @@ in
description = lib.mdDoc "ep3-bs data directory.";
};
mail = mkOption {
description = "mail stuff";
default = {};
type = with types; submodule {
options = {
type = mkOption {
type = types.enum [ "smtp" "smtp-tls" "sendmail" "file" ];
default = "sendmail";
description = lib.mdDoc ''
The way mails are send.
When set to smtp or smtp-tls it is necessary to set:
host, user, password, port and auth."
'';
};
address = mkOption {
type = types.str;
default = "";
description = lib.mDoc "Address to send mails from.";
};
host = mkOption {
type = types.str;
default = "?";
};
user = mkOption {
type = types.str;
default = "?";
};
password = mkOption {
type = types.str;
default = "?";
};
port = mkOption {
type = types.str;
default = "auto";
};
auth = mkOption {
type = types.enum [ "plain" "login" ];
default = "plain";
};
};
};
};
database = {
host = mkOption {
type = types.str;
@@ -154,17 +191,6 @@ in
description = lib.mdDoc "Database host address.";
};
#port = mkOption {
# type = types.port;
# default = if !usePostgresql then 3306 else pg.port;
# defaultText = literalExpression ''
# if config.${opt.database.type} != "postgresql"
# then 3306
# else config.${options.services.postgresql.port}
# '';
# description = lib.mdDoc "Database host port.";
#};
name = mkOption {
type = types.str;
default = "ep3bsdb";
@@ -206,37 +232,51 @@ in
};
};
imports = [
{
environment.systemPackages = with pkgs; [
php81
php81Packages.composer
php81Extensions.intl
git
];
networking.firewall.allowedTCPPorts = [ 80 ];
}
];
config = mkIf cfg.enable
{
#TODO: do some shit in prestart -> set everything up
#start apache with document root pointing towards
systemd.tmpfiles.rules = [
"d '${cfg.stateDir}' 777 ${cfg.user} ep3-bs - -"
"d '${cfg.stateDir}/config' 777 ${cfg.user} ep3-bs - -"
"d '${cfg.stateDir}/config/autoload' 777 ${cfg.user} ep3-bs - -"
"d '${cfg.stateDir}/vendor' 777 ${cfg.user} ep3-bs - -"
"d '${cfg.stateDir}/vendor/symfony' 777 ${cfg.user} ep3-bs - -"
"Z '${cfg.stateDir}' 777 ${cfg.user} ep3-bs - -"
environment.systemPackages = with pkgs; [
php81
php81Packages.composer
php81Extensions.intl
git
];
networking.firewall.allowedTCPPorts = [ 80 ];
assertions = [
{
assertion = !(cfg.mail.type != "file" && cfg.mail.address == "");
message = ''
You need to specify mail.address.
If you dont want to send email set mail.type to "file".
'';
}
{
assertion = if useSmtp then cfg.mail.host != "?" else true;
message = ''
You need to specify mail.host when using mail.type "smtp" or "smtp-tls".
'';
}
{
assertion = if useSmtp then cfg.mail.user != "?" else true;
message = ''
You need to specify mail.user when using mail.type "smtp" or "smtp-tls".
'';
}
{
assertion = if useSmtp then cfg.mail.password != "?" else true;
message = ''
You need to specify mail.password when using mail.type "smtp" or "smtp-tls".
'';
}
];
services.httpd = {
enable = mkDefault true;
user = mkDefault "${cfg.user}";
enablePHP = true;
phpPackage = pkgs.php81;
phpPackage = mkDefault pkgs.php81;
adminAddr = mkDefault "alice@example.org";
extraModules = [
"rewrite"
@@ -261,7 +301,6 @@ in
enable = mkDefault true;
package = mkDefault pkgs.mariadb;
#GRANT ALL PRIVILEGES ON DATABASE ${cfg.database.name} TO '${cfg.database.user}'@'localhost';
initialScript = pkgs.writeText "mysqlInitScript" ''
CREATE USER '${cfg.database.user}'@localhost IDENTIFIED BY '${cfg.database.password}';
CREATE DATABASE ${cfg.database.name};
@@ -277,67 +316,42 @@ in
#];
};
systemd.services.ep3-bs = {
description = "ep3-bs";
after = [ "network.target" "mysql.service" ];
systemd.services.ep3-bs-init = {
description = "Initialize ep3-bs Data Directory";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
#TODO: here somehow the ep3-bs package should be listed?
path = [ ];
preStart = ''
mkdir -m 0770 -p "${cfg.stateDir}"
chown "${cfg.user}:${cfg.group}" "${cfg.stateDir}"
'';
unitConfig.ConditionPathExists = "!${cfg.stateDir}/.is_initialized";
serviceConfig = {
Type = "oneshot";
User = "root";
Group = "ep3-bs";
WorkingDirectory = cfg.stateDir;
User = cfg.user;
Group = cfg.group;
PermissionsStartOnly = true;
PrivateNetwork = false;
PrivateDevices = false;
PrivateTmp = true;
ExecStart = "${init_ep3bs}/bin/init_ep3bs";
# Runtime directory and mode
RuntimeDirectory = "ep3-bs";
RuntimeDirectoryMode = "0755";
# Access write directories
ReadWritePaths = [ cfg.stateDir ];
UMask = "777";
# Capabilities
#CapabilityBoundingSet = "";
## Security
#NoNewPrivileges = true;
## Sandboxing
#ProtectSystem = "strict";
#ProtectHome = true;
#PrivateTmp = true;
#PrivateDevices = true;
#PrivateUsers = true;
#ProtectHostname = true;
#ProtectClock = true;
#ProtectKernelTunables = true;
#ProtectKernelModules = true;
#ProtectKernelLogs = true;
#ProtectControlGroups = true;
#RestrictAddressFamilies = [ "AF_UNIX AF_INET AF_INET6" ];
#LockPersonality = true;
#MemoryDenyWriteExecute = true;
#RestrictRealtime = true;
#RestrictSUIDSGID = true;
#PrivateMounts = true;
## System Call Filtering
#SystemCallArchitectures = "native";
#SystemCallFilter = "~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @setuid @swap";
};
environment = {
USER = cfg.user;
HOME = cfg.stateDir;
EP3-BS_WORK_DIR = cfg.stateDir;
};
};
users.users = mkIf (cfg.user == "ep3-bs") {
ep3-bs = {
description = "ep3-bs Service";
description = "ep3-bs Service User";
home = cfg.stateDir;
useDefaultShell = true;
group = "ep3-bs";
isSystemUser = true;
isNormalUser = true;
};
};