2021-08-12 03:02:26 +02:00
|
|
|
{
|
2022-06-17 13:52:11 +02:00
|
|
|
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.05";
|
2021-08-12 03:02:26 +02:00
|
|
|
|
|
|
|
outputs = { self, nixpkgs }: {
|
|
|
|
|
2021-09-05 19:58:48 +02:00
|
|
|
devShell.x86_64-linux = import ./shell.nix {
|
|
|
|
pkgs = import nixpkgs { system = "x86_64-linux"; };
|
|
|
|
};
|
2021-10-22 08:51:43 +02:00
|
|
|
|
|
|
|
defaultPackage.x86_64-linux =
|
|
|
|
let
|
|
|
|
pkgs = import nixpkgs { system = "x86_64-linux"; };
|
|
|
|
lib = pkgs.lib;
|
|
|
|
in
|
|
|
|
pkgs.mediawiki.overrideAttrs ({ pname, ... }: rec {
|
|
|
|
version = "1.27.0";
|
|
|
|
src = with lib; pkgs.fetchurl {
|
|
|
|
url = "https://releases.wikimedia.org/mediawiki/${versions.majorMinor version}/${pname}-${version}.tar.gz";
|
|
|
|
sha256 = "sha256-x50AMSpLdJkn5PP5YAs7z5/pFKiYt/5PhRjp9Zro0Sg=";
|
|
|
|
};
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
nixosConfigurations.container = nixpkgs.lib.nixosSystem {
|
2021-08-12 03:02:26 +02:00
|
|
|
system = "x86_64-linux";
|
|
|
|
modules =
|
2021-10-22 08:51:43 +02:00
|
|
|
[ ({ config, pkgs, lib, ... }:
|
|
|
|
let
|
|
|
|
mediaWikiOld = pkgs.mediawiki.overrideAttrs ({pname, ...}: rec {
|
2022-06-17 13:58:00 +02:00
|
|
|
version = "1.30.0";
|
2021-10-22 08:51:43 +02:00
|
|
|
src = with lib; pkgs.fetchurl {
|
|
|
|
url = "https://releases.wikimedia.org/mediawiki/${versions.majorMinor version}/${pname}-${version}.tar.gz";
|
2022-06-17 13:58:00 +02:00
|
|
|
sha256 = "sha256-7AHS0bHfN+3cmeRdRLEi5tDG1l2dbcMUCqcjIUMQQDY=";
|
2021-10-22 08:51:43 +02:00
|
|
|
};
|
|
|
|
});
|
|
|
|
in
|
|
|
|
{
|
2022-06-17 13:52:11 +02:00
|
|
|
imports = [ ./module/mediawiki.nix ];
|
2021-08-12 03:02:26 +02:00
|
|
|
boot.isContainer = true;
|
|
|
|
|
|
|
|
# Let 'nixos-version --json' know about the Git revision
|
|
|
|
# of this flake.
|
|
|
|
system.configurationRevision = nixpkgs.lib.mkIf (self ? rev) self.rev;
|
|
|
|
|
|
|
|
# Network configuration.
|
|
|
|
networking.useDHCP = false;
|
2021-09-05 19:58:48 +02:00
|
|
|
networking.firewall.allowedTCPPorts = [ 80 5432 ];
|
|
|
|
|
2022-06-17 13:52:11 +02:00
|
|
|
|
|
|
|
services.mysql = {
|
|
|
|
enable = false;
|
|
|
|
};
|
|
|
|
|
2021-09-05 19:58:48 +02:00
|
|
|
services.postgresql =
|
|
|
|
let
|
|
|
|
cfg = config.services.mediawiki;
|
|
|
|
in {
|
|
|
|
enable = true;
|
|
|
|
enableTCPIP = true;
|
2021-10-22 08:51:43 +02:00
|
|
|
package = pkgs.postgresql_11;
|
2021-09-05 19:58:48 +02:00
|
|
|
ensureDatabases = [ cfg.database.name ];
|
|
|
|
|
|
|
|
ensureUsers = [{
|
|
|
|
name = cfg.database.user;
|
2021-10-22 08:51:43 +02:00
|
|
|
ensurePermissions = { "DATABASE ${cfg.database.name}" = "ALL PRIVILEGES"; };
|
2021-09-05 19:58:48 +02:00
|
|
|
}
|
|
|
|
];
|
|
|
|
authentication = lib.mkForce ''
|
|
|
|
# Generated file; do not edit!
|
|
|
|
# TYPE DATABASE USER ADDRESS METHOD
|
|
|
|
local all all trust
|
|
|
|
host all all 127.0.0.1/32 trust
|
|
|
|
host all all 10.233.2.1/32 trust
|
2022-06-17 13:52:11 +02:00
|
|
|
host all all 169.254.155.231/32 trust
|
2021-09-05 19:58:48 +02:00
|
|
|
host all all ::1/128 trust
|
|
|
|
'';};
|
|
|
|
|
2022-06-17 13:52:11 +02:00
|
|
|
system.stateVersion = "22.05";
|
2021-09-05 19:58:48 +02:00
|
|
|
|
2022-06-17 13:52:11 +02:00
|
|
|
|
|
|
|
systemd.services.mediawiki-pg-init = let
|
|
|
|
cfg = config.services.mymediawiki;
|
2021-09-05 19:58:48 +02:00
|
|
|
stateDir = "/var/lib/mediawiki";
|
2021-10-22 08:51:43 +02:00
|
|
|
pkg = mediaWikiOld;
|
2021-09-05 19:58:48 +02:00
|
|
|
inherit (lib) concatStringsSep literalExample mapAttrsToList optional optionals optionalString types;
|
|
|
|
mediawikiConfig = config.services.phpfpm.pools.mediawiki.phpEnv.MEDIAWIKI_CONFIG;
|
2022-06-17 13:52:11 +02:00
|
|
|
in {
|
2021-10-22 08:51:43 +02:00
|
|
|
enable = true;
|
2021-09-05 19:58:48 +02:00
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
before = [ "phpfpm-mediawiki.service" ];
|
|
|
|
after = [ "postgresql.service" ];
|
|
|
|
script = ''
|
|
|
|
if ! test -e "${stateDir}/secret.key"; then
|
|
|
|
tr -dc A-Za-z0-9 </dev/urandom 2>/dev/null | head -c 64 > ${stateDir}/secret.key
|
|
|
|
fi
|
|
|
|
${pkgs.php}/bin/php ${pkg}/share/mediawiki/maintenance/update.php --conf ${mediawikiConfig} --quick
|
|
|
|
'';
|
|
|
|
|
|
|
|
serviceConfig = {
|
|
|
|
Type = "oneshot";
|
|
|
|
User = "mediawiki";
|
|
|
|
Group = config.services.httpd.group;
|
|
|
|
PrivateTmp = true;
|
|
|
|
};
|
2022-06-17 13:52:11 +02:00
|
|
|
};
|
2021-08-12 03:02:26 +02:00
|
|
|
|
2022-06-17 13:52:11 +02:00
|
|
|
services.mymediawiki = {
|
2021-08-12 03:02:26 +02:00
|
|
|
enable = true;
|
2021-10-22 08:51:43 +02:00
|
|
|
package = mediaWikiOld;
|
2021-09-05 00:48:25 +02:00
|
|
|
virtualHost = {
|
2021-09-05 06:49:41 +02:00
|
|
|
hostName = "mediawiki";
|
2021-09-05 00:48:25 +02:00
|
|
|
adminAddr = "root@example.com";
|
|
|
|
};
|
2022-06-17 13:52:11 +02:00
|
|
|
#skins = {
|
|
|
|
# Vector = "${mediaWikiOld}/share/mediawiki/skins/Vector";
|
|
|
|
# Hector = "${mediaWikiOld}/share/mediawiki/skins/Hector";
|
|
|
|
#};
|
2021-09-05 19:58:48 +02:00
|
|
|
extraConfig = ''
|
2021-10-22 08:51:43 +02:00
|
|
|
|
2021-09-05 19:58:48 +02:00
|
|
|
$wgShowExceptionDetails = true;
|
2022-06-17 13:52:11 +02:00
|
|
|
$wgDBserver = "/run/postgresql";
|
2021-09-05 19:58:48 +02:00
|
|
|
$wgDBport = "5432";
|
2022-06-17 13:52:11 +02:00
|
|
|
# $wgDBuser = "mediawiki";
|
|
|
|
# $wgDBname = "mediawiki";
|
|
|
|
$wgDBmwschema = "mediawiki";
|
2021-09-05 19:58:48 +02:00
|
|
|
'';
|
2021-09-05 06:49:41 +02:00
|
|
|
extensions = {
|
2021-09-05 19:58:48 +02:00
|
|
|
# Interwiki = pkgs.fetchzip {
|
|
|
|
# url = "https://extdist.wmflabs.org/dist/extensions/Interwiki-REL1_36-08fe37f.tar.gz";
|
|
|
|
# sha256 = "sha256-77uvw/ETPeRNYRcIl2KqowmJ9D9R9wyyltpy5Cu11L4=";
|
|
|
|
# };
|
|
|
|
# Cite = pkgs.fetchzip {
|
|
|
|
# url = "https://extdist.wmflabs.org/dist/extensions/Cite-REL1_36-77e6710.tar.gz";
|
|
|
|
# sha256 = "sha256-un6AjbqHre00a2IaEaUZnPPk+gMoet9pc+6mRLfh3I0=";
|
|
|
|
# };
|
2022-06-17 13:52:11 +02:00
|
|
|
#DynamicPageList = pkgs.fetchzip {
|
|
|
|
# url = "https://extdist.wmflabs.org/dist/extensions/DynamicPageList-REL1_36-6a4424f.tar.gz";
|
|
|
|
# sha256 = "sha256-HIl4EnUgiZQzUvWFF9e7enyAYWM4e16oRSYXMdtblic=";
|
|
|
|
#};
|
|
|
|
#Scribunto = pkgs.fetchzip {
|
|
|
|
# url = "https://extdist.wmflabs.org/dist/extensions/Scribunto-REL1_36-cc217d4.tar.gz";
|
|
|
|
# sha256 = "sha256-chFveLW4GdRmJbUE4Q2e2aEJ52zejpqF5B/YiZZ7L1k=";
|
|
|
|
#};
|
|
|
|
#Lockdown = pkgs.fetchzip {
|
|
|
|
# url = "https://extdist.wmflabs.org/dist/extensions/Lockdown-REL1_36-1a3d68d.tar.gz";
|
|
|
|
# sha256 = "sha256-AlJbXsqJfXqj0bU16fwxFSu0lfR+WzJxJiJSKp1keXk=";
|
|
|
|
#};
|
2021-09-05 06:49:41 +02:00
|
|
|
};
|
|
|
|
passwordFile = pkgs.writeText "password" "topSecretF0rAll!!!!";
|
2022-06-17 13:52:11 +02:00
|
|
|
#database = {
|
|
|
|
# type = "mysql";
|
|
|
|
# createLocally = true;
|
|
|
|
#};
|
2021-09-05 19:58:48 +02:00
|
|
|
database = {
|
|
|
|
type = "postgres";
|
2022-06-17 13:52:11 +02:00
|
|
|
# socket = "/run/postgresql";
|
|
|
|
# host = "localhost";
|
|
|
|
# port = 5432;
|
2021-09-05 19:58:48 +02:00
|
|
|
user = "mediawiki";
|
2021-10-22 08:51:43 +02:00
|
|
|
name = "mediawiki";
|
2022-06-17 13:52:11 +02:00
|
|
|
passwordFile = pkgs.writeText "password" "";
|
2021-09-05 19:58:48 +02:00
|
|
|
|
|
|
|
};
|
2021-08-12 03:02:26 +02:00
|
|
|
};
|
2021-09-05 00:48:25 +02:00
|
|
|
|
2021-08-12 03:02:26 +02:00
|
|
|
})
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
};
|
|
|
|
}
|