From 6102efd53ded7da57083321ea127bcaaa75bc15d Mon Sep 17 00:00:00 2001
From: Winzlieb <winzlieb@c3d2.de>
Date: Wed, 22 Jun 2022 20:10:39 +0200
Subject: [PATCH] cleanup

---
 Makefile                    |  19 ++
 flake.nix                   |  83 +------
 mediawiki.nix               |   7 -
 module/location-options.nix |  54 ----
 module/mediawiki.nix        | 475 ------------------------------------
 module/vhost-options.nix    | 295 ----------------------
 shell.nix                   |   2 +-
 7 files changed, 32 insertions(+), 903 deletions(-)
 create mode 100644 Makefile
 delete mode 100644 mediawiki.nix
 delete mode 100644 module/location-options.nix
 delete mode 100644 module/mediawiki.nix
 delete mode 100644 module/vhost-options.nix

diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..e22466a
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,19 @@
+nixos-rebuild:
+	sudo nixos-container update mediawiki --flake .#container
+
+nixos-create: 
+	sudo nixos-container create mediawiki --system-path `realpath container` --flake .#container
+
+nixos-update: nixos-stop nixos-rebuild nixos-start
+
+nixos-stop:
+	sudo nixos-container stop mediawiki
+
+nixos-start:
+	sudo nixos-container start mediawiki
+
+nixos-login: nixos-start
+	sudo nixos-container root-login mediawiki
+
+nixos-destroy:
+	sudo nixos-container destroy mediawiki
diff --git a/flake.nix b/flake.nix
index 7d7b6bd..7d50f42 100644
--- a/flake.nix
+++ b/flake.nix
@@ -2,26 +2,11 @@
   inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.05";
 
   outputs = { self, nixpkgs }: {
-
+    
     devShell.x86_64-linux = import ./shell.nix {
       pkgs = import nixpkgs { system =  "x86_64-linux"; };
     };
 
-    defaultPackage.x86_64-linux =
-      let 
-        pkgs = import nixpkgs { system = "x86_64-linux"; };
-        lib = pkgs.lib;
-      in
-        pkgs.mediawiki.overrideAttrs ({ pname, ... }: rec {
-          version = "1.27.0";
-          src = with lib; pkgs.fetchurl {
-          url = "https://releases.wikimedia.org/mediawiki/${versions.majorMinor version}/${pname}-${version}.tar.gz";
-          sha256 = "sha256-x50AMSpLdJkn5PP5YAs7z5/pFKiYt/5PhRjp9Zro0Sg=";
-  };
-
-        });
-      
-
     nixosConfigurations.container =  nixpkgs.lib.nixosSystem {
       system = "x86_64-linux";
       modules =
@@ -36,7 +21,7 @@
           });
         in
         {
-            imports = [ ./module/mediawiki.nix ];
+            #imports = [ ./module/mediawiki.nix ];
             boot.isContainer = true;
 
             # Let 'nixos-version --json' know about the Git revision
@@ -47,11 +32,6 @@
             networking.useDHCP = false;
             networking.firewall.allowedTCPPorts = [ 80 5432 ];
 
-
-            services.mysql = {
-              enable = false;
-            };
-
             services.postgresql =
              let
                  cfg = config.services.mediawiki;
@@ -67,45 +47,19 @@
                 }              
               ];
               authentication = lib.mkForce ''
-    # Generated file; do not edit!
-    # TYPE  DATABASE        USER            ADDRESS                 METHOD
-      local   all             all                                     trust
-      host    all             all             127.0.0.1/32            trust
-      host    all             all             10.233.2.1/32            trust
-      host    all             all             169.254.155.231/32      trust
-      host    all             all             ::1/128                 trust 
+                # TYPE  DATABASE        USER            ADDRESS                 METHOD
+                  local   all             all                                     trust
+                  host    all             all             127.0.0.1/32            trust
+                  host    all             all             10.233.2.1/32            trust
+                  host    all             all             169.254.155.231/32      trust
+                  host    all             all             ::1/128                 trust 
       '';};
 
       system.stateVersion = "22.05";
 
-
-      systemd.services.mediawiki-pg-init =  let
-                 cfg = config.services.mymediawiki;
-                 stateDir = "/var/lib/mediawiki";
-                 pkg = mediaWikiOld;
-                 inherit (lib) concatStringsSep literalExample mapAttrsToList optional optionals optionalString types;
-                 mediawikiConfig = config.services.phpfpm.pools.mediawiki.phpEnv.MEDIAWIKI_CONFIG;
+      services.mediawiki = let
+        cfg = config.services.mediawiki;
       in {
-                enable = true;
-                wantedBy = [ "multi-user.target" ];
-                before = [ "phpfpm-mediawiki.service" ];
-                after = [ "postgresql.service" ];
-                script = ''
-                  if ! test -e "${stateDir}/secret.key"; then
-                    tr -dc A-Za-z0-9 </dev/urandom 2>/dev/null | head -c 64 > ${stateDir}/secret.key
-                  fi
-                  ${pkgs.php}/bin/php ${pkg}/share/mediawiki/maintenance/update.php --conf ${mediawikiConfig} --quick
-                '';
-
-                serviceConfig = {
-                  Type = "oneshot";
-                  User = "mediawiki";
-                  Group = config.services.httpd.group;
-                  PrivateTmp = true;
-                };
-        };
-
-      services.mymediawiki = {
               enable = true;
               package = mediaWikiOld;
               virtualHost = {
@@ -117,12 +71,8 @@
               #      Hector = "${mediaWikiOld}/share/mediawiki/skins/Hector";
               #};
               extraConfig = ''
-
                 $wgShowExceptionDetails = true;
-                $wgDBserver = "/run/postgresql";
-                $wgDBport = "5432";
-                # $wgDBuser = "mediawiki";
-                # $wgDBname = "mediawiki";
+                $wgDBserver = "${cfg.database.socket}";
                 $wgDBmwschema       = "mediawiki";
               '';
               extensions = {
@@ -148,22 +98,13 @@
                 };
               };
               passwordFile = pkgs.writeText "password" "topSecretF0rAll!!!!";
-              #database = {
-              #  type = "mysql";
-              #  createLocally = true;
-              #};
               database = {
                 type = "postgres";
-              #  socket = "/run/postgresql";
-              #  host = "localhost";
-              #  port = 5432;
+                socket = "/run/postgresql";
                 user = "mediawiki";
                 name = "mediawiki";
-                passwordFile = pkgs.writeText "password" "";
-
               };
             };
-
           })
         ];
     };
diff --git a/mediawiki.nix b/mediawiki.nix
deleted file mode 100644
index ddf84b9..0000000
--- a/mediawiki.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ config, pkgs, lib, ... }: {
-     version = "1.27.0";
-     src = with lib; pkgs.fetchurl {
-     url = "https://releases.wikimedia.org/mediawiki/${versions.majorMinor version}/mediawiki-${version}.tar.gz";
-     sha256 = "sha256-x50AMSpLdJkn5PP5YAs7z5/pFKiYt/5PhRjp9Zro0Sg=";
-   };
-}
diff --git a/module/location-options.nix b/module/location-options.nix
deleted file mode 100644
index 8ea88f9..0000000
--- a/module/location-options.nix
+++ /dev/null
@@ -1,54 +0,0 @@
-{ config, lib, name, ... }:
-let
-  inherit (lib) mkOption types;
-in
-{
-  options = {
-
-    proxyPass = mkOption {
-      type = with types; nullOr str;
-      default = null;
-      example = "http://www.example.org/";
-      description = ''
-        Sets up a simple reverse proxy as described by <link xlink:href="https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple" />.
-      '';
-    };
-
-    index = mkOption {
-      type = with types; nullOr str;
-      default = null;
-      example = "index.php index.html";
-      description = ''
-        Adds DirectoryIndex directive. See <link xlink:href="https://httpd.apache.org/docs/2.4/mod/mod_dir.html#directoryindex" />.
-      '';
-    };
-
-    alias = mkOption {
-      type = with types; nullOr path;
-      default = null;
-      example = "/your/alias/directory";
-      description = ''
-        Alias directory for requests. See <link xlink:href="https://httpd.apache.org/docs/2.4/mod/mod_alias.html#alias" />.
-      '';
-    };
-
-    extraConfig = mkOption {
-      type = types.lines;
-      default = "";
-      description = ''
-        These lines go to the end of the location verbatim.
-      '';
-    };
-
-    priority = mkOption {
-      type = types.int;
-      default = 1000;
-      description = ''
-        Order of this location block in relation to the others in the vhost.
-        The semantics are the same as with `lib.mkOrder`. Smaller values have
-        a greater priority.
-      '';
-    };
-
-  };
-}
diff --git a/module/mediawiki.nix b/module/mediawiki.nix
deleted file mode 100644
index 40c715b..0000000
--- a/module/mediawiki.nix
+++ /dev/null
@@ -1,475 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-let
-
-  inherit (lib) mkDefault mkEnableOption mkForce mkIf mkMerge mkOption;
-  inherit (lib) concatStringsSep literalExpression mapAttrsToList optional optionals optionalString types;
-
-  cfg = config.services.mymediawiki;
-  fpm = config.services.phpfpm.pools.mediawiki;
-  user = "mediawiki";
-  group = config.services.httpd.group;
-  cacheDir = "/var/cache/mediawiki";
-  stateDir = "/var/lib/mediawiki";
-
-  pkg = pkgs.stdenv.mkDerivation rec {
-    pname = "mediawiki-full";
-    version = src.version;
-    src = cfg.package;
-
-    installPhase = ''
-      mkdir -p $out
-      cp -r * $out/
-
-      rm -rf $out/share/mediawiki/skins/*
-      rm -rf $out/share/mediawiki/extensions/*
-
-      ${concatStringsSep "\n" (mapAttrsToList (k: v: ''
-        ln -s ${v} $out/share/mediawiki/skins/${k}
-      '') cfg.skins)}
-
-      ${concatStringsSep "\n" (mapAttrsToList (k: v: ''
-        ln -s ${if v != null then v else "$src/share/mediawiki/extensions/${k}"} $out/share/mediawiki/extensions/${k}
-      '') cfg.extensions)}
-    '';
-  };
-
-  mediawikiScripts = pkgs.runCommand "mediawiki-scripts" {
-    buildInputs = [ pkgs.makeWrapper ];
-    preferLocalBuild = true;
-  } ''
-    mkdir -p $out/bin
-    for i in changePassword.php createAndPromote.php userOptions.php edit.php nukePage.php update.php; do
-      makeWrapper ${pkgs.php}/bin/php $out/bin/mediawiki-$(basename $i .php) \
-        --set MEDIAWIKI_CONFIG ${mediawikiConfig} \
-        --add-flags ${pkg}/share/mediawiki/maintenance/$i
-    done
-  '';
-
-  mediawikiConfig = pkgs.writeText "LocalSettings.php" ''
-    <?php
-      # Protect against web entry
-      if ( !defined( 'MEDIAWIKI' ) ) {
-        exit;
-      }
-
-      $wgSitename = "${cfg.name}";
-      $wgMetaNamespace = false;
-
-      ## The URL base path to the directory containing the wiki;
-      ## defaults for all runtime URL paths are based off of this.
-      ## For more information on customizing the URLs
-      ## (like /w/index.php/Page_title to /wiki/Page_title) please see:
-      ## https://www.mediawiki.org/wiki/Manual:Short_URL
-      $wgScriptPath = "";
-
-      ## The protocol and server name to use in fully-qualified URLs
-      $wgServer = "${if cfg.virtualHost.addSSL || cfg.virtualHost.forceSSL || cfg.virtualHost.onlySSL then "https" else "http"}://${cfg.virtualHost.hostName}";
-
-      ## The URL path to static resources (images, scripts, etc.)
-      $wgResourceBasePath = $wgScriptPath;
-
-      ## The URL path to the logo.  Make sure you change this from the default,
-      ## or else you'll overwrite your logo when you upgrade!
-      $wgLogo = "$wgResourceBasePath/resources/assets/wiki.png";
-
-      ## UPO means: this is also a user preference option
-
-      $wgEnableEmail = true;
-      $wgEnableUserEmail = true; # UPO
-
-      $wgEmergencyContact = "${if cfg.virtualHost.adminAddr != null then cfg.virtualHost.adminAddr else config.services.httpd.adminAddr}";
-      $wgPasswordSender = $wgEmergencyContact;
-
-      $wgEnotifUserTalk = false; # UPO
-      $wgEnotifWatchlist = false; # UPO
-      $wgEmailAuthentication = true;
-
-      ## Database settings
-      $wgDBtype = "${cfg.database.type}";
-      $wgDBserver = "${cfg.database.host}:${if cfg.database.socket != null then cfg.database.socket else toString cfg.database.port}";
-      $wgDBname = "${cfg.database.name}";
-      $wgDBuser = "${cfg.database.user}";
-      ${optionalString (cfg.database.passwordFile != null) "$wgDBpassword = file_get_contents(\"${cfg.database.passwordFile}\");"}
-
-      ${optionalString (cfg.database.type == "mysql" && cfg.database.tablePrefix != null) ''
-        # MySQL specific settings
-        $wgDBprefix = "${cfg.database.tablePrefix}";
-      ''}
-
-      ${optionalString (cfg.database.type == "mysql") ''
-        # MySQL table options to use during installation or update
-        $wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=binary";
-      ''}
-
-      ## Shared memory settings
-      $wgMainCacheType = CACHE_NONE;
-      $wgMemCachedServers = [];
-
-      ${optionalString (cfg.uploadsDir != null) ''
-        $wgEnableUploads = true;
-        $wgUploadDirectory = "${cfg.uploadsDir}";
-      ''}
-
-      $wgUseImageMagick = true;
-      $wgImageMagickConvertCommand = "${pkgs.imagemagick}/bin/convert";
-
-      # InstantCommons allows wiki to use images from https://commons.wikimedia.org
-      $wgUseInstantCommons = false;
-
-      # Periodically send a pingback to https://www.mediawiki.org/ with basic data
-      # about this MediaWiki instance. The Wikimedia Foundation shares this data
-      # with MediaWiki developers to help guide future development efforts.
-      $wgPingback = true;
-
-      ## If you use ImageMagick (or any other shell command) on a
-      ## Linux server, this will need to be set to the name of an
-      ## available UTF-8 locale
-      $wgShellLocale = "C.UTF-8";
-
-      ## Set $wgCacheDirectory to a writable directory on the web server
-      ## to make your wiki go slightly faster. The directory should not
-      ## be publically accessible from the web.
-      $wgCacheDirectory = "${cacheDir}";
-
-      # Site language code, should be one of the list in ./languages/data/Names.php
-      $wgLanguageCode = "en";
-
-      $wgSecretKey = file_get_contents("${stateDir}/secret.key");
-
-      # Changing this will log out all existing sessions.
-      $wgAuthenticationTokenVersion = "";
-
-      ## For attaching licensing metadata to pages, and displaying an
-      ## appropriate copyright notice / icon. GNU Free Documentation
-      ## License and Creative Commons licenses are supported so far.
-      $wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright
-      $wgRightsUrl = "";
-      $wgRightsText = "";
-      $wgRightsIcon = "";
-
-      # Path to the GNU diff3 utility. Used for conflict resolution.
-      $wgDiff = "${pkgs.diffutils}/bin/diff";
-      $wgDiff3 = "${pkgs.diffutils}/bin/diff3";
-
-      # Enabled skins.
-      ${concatStringsSep "\n" (mapAttrsToList (k: v: "wfLoadSkin('${k}');") cfg.skins)}
-
-      # Enabled extensions.
-      ${concatStringsSep "\n" (mapAttrsToList (k: v: "wfLoadExtension('${k}');") cfg.extensions)}
-
-
-      # End of automatically generated settings.
-      # Add more configuration options below.
-
-        ${cfg.extraConfig}
-
-      #Hello World
-  '';
-
-in
-{
-  # interface
-  options = {
-    services.mymediawiki = {
-
-      enable = mkEnableOption "MediaWiki";
-
-      package = mkOption {
-        type = types.package;
-        default = pkgs.mediawiki;
-        defaultText = literalExpression "pkgs.mediawiki";
-        description = "Which MediaWiki package to use.";
-      };
-
-      name = mkOption {
-        type = types.str;
-        default = "MediaWiki";
-        example = "Foobar Wiki";
-        description = "Name of the wiki.";
-      };
-
-      uploadsDir = mkOption {
-        type = types.nullOr types.path;
-        default = "${stateDir}/uploads";
-        description = ''
-          This directory is used for uploads of pictures. The directory passed here is automatically
-          created and permissions adjusted as required.
-        '';
-      };
-
-      passwordFile = mkOption {
-        type = types.path;
-        description = "A file containing the initial password for the admin user.";
-        example = "/run/keys/mediawiki-password";
-      };
-
-      skins = mkOption {
-        default = {};
-        type = types.attrsOf types.path;
-        description = ''
-          Attribute set of paths whose content is copied to the <filename>skins</filename>
-          subdirectory of the MediaWiki installation in addition to the default skins.
-        '';
-      };
-
-      extensions = mkOption {
-        default = {};
-        type = types.attrsOf (types.nullOr types.path);
-        description = ''
-          Attribute set of paths whose content is copied to the <filename>extensions</filename>
-          subdirectory of the MediaWiki installation and enabled in configuration.
-
-          Use <literal>null</literal> instead of path to enable extensions that are part of MediaWiki.
-        '';
-        example = literalExpression ''
-          {
-            Matomo = pkgs.fetchzip {
-              url = "https://github.com/DaSchTour/matomo-mediawiki-extension/archive/v4.0.1.tar.gz";
-              sha256 = "0g5rd3zp0avwlmqagc59cg9bbkn3r7wx7p6yr80s644mj6dlvs1b";
-            };
-            ParserFunctions = null;
-          }
-        '';
-      };
-
-      database = {
-        type = mkOption {
-          type = types.enum [ "mysql" "postgres" "sqlite" "mssql" "oracle" ];
-          default = "mysql";
-          description = "Database engine to use. MySQL/MariaDB is the database of choice by MediaWiki developers.";
-        };
-
-        host = mkOption {
-          type = types.str;
-          default = "localhost";
-          description = "Database host address.";
-        };
-
-        port = mkOption {
-          type = types.port;
-          default = 3306;
-          description = "Database host port.";
-        };
-
-        name = mkOption {
-          type = types.str;
-          default = "mediawiki";
-          description = "Database name.";
-        };
-
-        user = mkOption {
-          type = types.str;
-          default = "mediawiki";
-          description = "Database user.";
-        };
-
-        passwordFile = mkOption {
-          type = types.nullOr types.path;
-          default = null;
-          example = "/run/keys/mediawiki-dbpassword";
-          description = ''
-            A file containing the password corresponding to
-            <option>database.user</option>.
-          '';
-        };
-
-        tablePrefix = mkOption {
-          type = types.nullOr types.str;
-          default = null;
-          description = ''
-            If you only have access to a single database and wish to install more than
-            one version of MediaWiki, or have other applications that also use the
-            database, you can give the table names a unique prefix to stop any naming
-            conflicts or confusion.
-            See <link xlink:href='https://www.mediawiki.org/wiki/Manual:$wgDBprefix'/>.
-          '';
-        };
-
-        socket = mkOption {
-          type = types.nullOr types.path;
-          default = if cfg.database.createLocally then "/run/mysqld/mysqld.sock" else null;
-          defaultText = literalExpression "/run/mysqld/mysqld.sock";
-          description = "Path to the unix socket file to use for authentication.";
-        };
-
-        createLocally = mkOption {
-          type = types.bool;
-          default = cfg.database.type == "mysql";
-          defaultText = literalExpression "true";
-          description = ''
-            Create the database and database user locally.
-            This currently only applies if database type "mysql" is selected.
-          '';
-        };
-      };
-
-      virtualHost = mkOption {
-        type = types.submodule (import ./vhost-options.nix);
-        example = literalExpression ''
-          {
-            hostName = "mediawiki.example.org";
-            adminAddr = "webmaster@example.org";
-            forceSSL = true;
-            enableACME = true;
-          }
-        '';
-        description = ''
-          Apache configuration can be done by adapting <option>services.httpd.virtualHosts</option>.
-          See <xref linkend="opt-services.httpd.virtualHosts"/> for further information.
-        '';
-      };
-
-      poolConfig = mkOption {
-        type = with types; attrsOf (oneOf [ str int bool ]);
-        default = {
-          "pm" = "dynamic";
-          "pm.max_children" = 32;
-          "pm.start_servers" = 2;
-          "pm.min_spare_servers" = 2;
-          "pm.max_spare_servers" = 4;
-          "pm.max_requests" = 500;
-        };
-        description = ''
-          Options for the MediaWiki PHP pool. See the documentation on <literal>php-fpm.conf</literal>
-          for details on configuration directives.
-        '';
-      };
-
-      extraConfig = mkOption {
-        type = types.lines;
-        description = ''
-          Any additional text to be appended to MediaWiki's
-          LocalSettings.php configuration file. For configuration
-          settings, see <link xlink:href="https://www.mediawiki.org/wiki/Manual:Configuration_settings"/>.
-        '';
-        default = "";
-        example = ''
-          $wgEnableEmail = false;
-        '';
-      };
-
-    };
-  };
-
-  # implementation
-  config = mkIf cfg.enable {
-
-    assertions = [
-      { assertion = cfg.database.createLocally -> cfg.database.type == "mysql";
-        message = "services.mediawiki.createLocally is currently only supported for database type 'mysql'";
-      }
-      { assertion = cfg.database.createLocally -> cfg.database.user == user;
-        message = "services.mediawiki.database.user must be set to ${user} if services.mediawiki.database.createLocally is set true";
-      }
-      { assertion = cfg.database.createLocally -> cfg.database.socket != null;
-        message = "services.mediawiki.database.socket must be set if services.mediawiki.database.createLocally is set to true";
-      }
-      { assertion = cfg.database.createLocally -> cfg.database.passwordFile == null;
-        message = "a password cannot be specified if services.mediawiki.database.createLocally is set to true";
-      }
-    ];
-
-    services.mymediawiki.skins = {
-      Vector = "${cfg.package}/share/mediawiki/skins/Vector";
-    };
-
-    services.mysql = mkIf cfg.database.createLocally {
-      enable = true;
-      package = mkDefault pkgs.mariadb;
-      ensureDatabases = [ cfg.database.name ];
-      ensureUsers = [
-        { name = cfg.database.user;
-          ensurePermissions = { "${cfg.database.name}.*" = "ALL PRIVILEGES"; };
-        }
-      ];
-    };
-
-    services.phpfpm.pools.mediawiki = {
-      inherit user group;
-      phpEnv.MEDIAWIKI_CONFIG = "${mediawikiConfig}";
-      settings = {
-        "listen.owner" = config.services.httpd.user;
-        "listen.group" = config.services.httpd.group;
-      } // cfg.poolConfig;
-    };
-
-    services.httpd = {
-      enable = true;
-      extraModules = [ "proxy_fcgi" ];
-      virtualHosts.${cfg.virtualHost.hostName} = mkMerge [ cfg.virtualHost {
-        documentRoot = mkForce "${pkg}/share/mediawiki";
-        extraConfig = ''
-          <Directory "${pkg}/share/mediawiki">
-            <FilesMatch "\.php$">
-              <If "-f %{REQUEST_FILENAME}">
-                SetHandler "proxy:unix:${fpm.socket}|fcgi://localhost/"
-              </If>
-            </FilesMatch>
-
-            Require all granted
-            DirectoryIndex index.php
-            AllowOverride All
-          </Directory>
-        '' + optionalString (cfg.uploadsDir != null) ''
-          Alias "/images" "${cfg.uploadsDir}"
-          <Directory "${cfg.uploadsDir}">
-            Require all granted
-          </Directory>
-        '';
-      } ];
-    };
-
-    systemd.tmpfiles.rules = [
-      "d '${stateDir}' 0750 ${user} ${group} - -"
-      "d '${cacheDir}' 0750 ${user} ${group} - -"
-    ] ++ optionals (cfg.uploadsDir != null) [
-      "d '${cfg.uploadsDir}' 0750 ${user} ${group} - -"
-      "Z '${cfg.uploadsDir}' 0750 ${user} ${group} - -"
-    ];
-
-    systemd.services.mediawiki-init = {
-      wantedBy = [ "multi-user.target" ];
-      before = [ "phpfpm-mediawiki.service" ];
-      after = optional cfg.database.createLocally "mysql.service";
-      script = ''
-        if ! test -e "${stateDir}/secret.key"; then
-          tr -dc A-Za-z0-9 </dev/urandom 2>/dev/null | head -c 64 > ${stateDir}/secret.key
-        fi
-
-        echo "exit( wfGetDB( DB_MASTER )->tableExists( 'user' ) ? 1 : 0 );" | \
-        ${pkgs.php}/bin/php ${pkg}/share/mediawiki/maintenance/eval.php --conf ${mediawikiConfig} && \
-        ${pkgs.php}/bin/php ${pkg}/share/mediawiki/maintenance/install.php \
-          --confpath /tmp \
-          --scriptpath / \
-          --dbserver ${cfg.database.host}${optionalString (cfg.database.socket != null) ":${cfg.database.socket}"} \
-          --dbport ${toString cfg.database.port} \
-          --dbname ${cfg.database.name} \
-          ${optionalString (cfg.database.tablePrefix != null) "--dbprefix ${cfg.database.tablePrefix}"} \
-          --dbuser ${cfg.database.user} \
-          ${optionalString (cfg.database.passwordFile != null) "--dbpassfile ${cfg.database.passwordFile}"} \
-          --passfile ${cfg.passwordFile} \
-          ${cfg.name} \
-          admin
-
-        ${pkgs.php}/bin/php ${pkg}/share/mediawiki/maintenance/update.php --conf ${mediawikiConfig} --quick
-      '';
-
-      serviceConfig = {
-        Type = "oneshot";
-        User = user;
-        Group = group;
-        PrivateTmp = true;
-      };
-    };
-
-    systemd.services.httpd.after = optional (cfg.database.createLocally && cfg.database.type == "mysql") "mysql.service";
-
-    users.users.${user} = {
-      group = group;
-      isSystemUser = true;
-    };
-
-    environment.systemPackages = [ mediawikiScripts ];
-  };
-}
diff --git a/module/vhost-options.nix b/module/vhost-options.nix
deleted file mode 100644
index c52ab2c..0000000
--- a/module/vhost-options.nix
+++ /dev/null
@@ -1,295 +0,0 @@
-{ config, lib, name, ... }:
-let
-  inherit (lib) literalExpression mkOption nameValuePair types;
-in
-{
-  options = {
-
-    hostName = mkOption {
-      type = types.str;
-      default = name;
-      description = "Canonical hostname for the server.";
-    };
-
-    serverAliases = mkOption {
-      type = types.listOf types.str;
-      default = [];
-      example = ["www.example.org" "www.example.org:8080" "example.org"];
-      description = ''
-        Additional names of virtual hosts served by this virtual host configuration.
-      '';
-    };
-
-    listen = mkOption {
-      type = with types; listOf (submodule ({
-        options = {
-          port = mkOption {
-            type = types.port;
-            description = "Port to listen on";
-          };
-          ip = mkOption {
-            type = types.str;
-            default = "*";
-            description = "IP to listen on. 0.0.0.0 for IPv4 only, * for all.";
-          };
-          ssl = mkOption {
-            type = types.bool;
-            default = false;
-            description = "Whether to enable SSL (https) support.";
-          };
-        };
-      }));
-      default = [];
-      example = [
-        { ip = "195.154.1.1"; port = 443; ssl = true;}
-        { ip = "192.154.1.1"; port = 80; }
-        { ip = "*"; port = 8080; }
-      ];
-      description = ''
-        Listen addresses and ports for this virtual host.
-        <note>
-        <para>
-          This option overrides <literal>addSSL</literal>, <literal>forceSSL</literal> and <literal>onlySSL</literal>.
-        </para>
-        <para>
-          If you only want to set the addresses manually and not the ports, take a look at <literal>listenAddresses</literal>.
-        </para>
-        </note>
-      '';
-    };
-
-    listenAddresses = mkOption {
-      type = with types; nonEmptyListOf str;
-
-      description = ''
-        Listen addresses for this virtual host.
-        Compared to <literal>listen</literal> this only sets the addreses
-        and the ports are chosen automatically.
-      '';
-      default = [ "*" ];
-      example = [ "127.0.0.1" ];
-    };
-
-    enableSSL = mkOption {
-      type = types.bool;
-      visible = false;
-      default = false;
-    };
-
-    addSSL = mkOption {
-      type = types.bool;
-      default = false;
-      description = ''
-        Whether to enable HTTPS in addition to plain HTTP. This will set defaults for
-        <literal>listen</literal> to listen on all interfaces on the respective default
-        ports (80, 443).
-      '';
-    };
-
-    onlySSL = mkOption {
-      type = types.bool;
-      default = false;
-      description = ''
-        Whether to enable HTTPS and reject plain HTTP connections. This will set
-        defaults for <literal>listen</literal> to listen on all interfaces on port 443.
-      '';
-    };
-
-    forceSSL = mkOption {
-      type = types.bool;
-      default = false;
-      description = ''
-        Whether to add a separate nginx server block that permanently redirects (301)
-        all plain HTTP traffic to HTTPS. This will set defaults for
-        <literal>listen</literal> to listen on all interfaces on the respective default
-        ports (80, 443), where the non-SSL listens are used for the redirect vhosts.
-      '';
-    };
-
-    enableACME = mkOption {
-      type = types.bool;
-      default = false;
-      description = ''
-        Whether to ask Let's Encrypt to sign a certificate for this vhost.
-        Alternately, you can use an existing certificate through <option>useACMEHost</option>.
-      '';
-    };
-
-    useACMEHost = mkOption {
-      type = types.nullOr types.str;
-      default = null;
-      description = ''
-        A host of an existing Let's Encrypt certificate to use.
-        This is useful if you have many subdomains and want to avoid hitting the
-        <link xlink:href="https://letsencrypt.org/docs/rate-limits/">rate limit</link>.
-        Alternately, you can generate a certificate through <option>enableACME</option>.
-        <emphasis>Note that this option does not create any certificates, nor it does add subdomains to existing ones – you will need to create them manually using  <xref linkend="opt-security.acme.certs"/>.</emphasis>
-      '';
-    };
-
-    acmeRoot = mkOption {
-      type = types.nullOr types.str;
-      default = "/var/lib/acme/acme-challenge";
-      description = ''
-        Directory for the acme challenge which is PUBLIC, don't put certs or keys in here.
-        Set to null to inherit from config.security.acme.
-      '';
-    };
-
-    sslServerCert = mkOption {
-      type = types.path;
-      example = "/var/host.cert";
-      description = "Path to server SSL certificate.";
-    };
-
-    sslServerKey = mkOption {
-      type = types.path;
-      example = "/var/host.key";
-      description = "Path to server SSL certificate key.";
-    };
-
-    sslServerChain = mkOption {
-      type = types.nullOr types.path;
-      default = null;
-      example = "/var/ca.pem";
-      description = "Path to server SSL chain file.";
-    };
-
-    http2 = mkOption {
-      type = types.bool;
-      default = true;
-      description = ''
-        Whether to enable HTTP 2. HTTP/2 is supported in all multi-processing modules that come with httpd. <emphasis>However, if you use the prefork mpm, there will
-        be severe restrictions.</emphasis> Refer to <link xlink:href="https://httpd.apache.org/docs/2.4/howto/http2.html#mpm-config"/> for details.
-      '';
-    };
-
-    adminAddr = mkOption {
-      type = types.nullOr types.str;
-      default = null;
-      example = "admin@example.org";
-      description = "E-mail address of the server administrator.";
-    };
-
-    documentRoot = mkOption {
-      type = types.nullOr types.path;
-      default = null;
-      example = "/data/webserver/docs";
-      description = ''
-        The path of Apache's document root directory.  If left undefined,
-        an empty directory in the Nix store will be used as root.
-      '';
-    };
-
-    servedDirs = mkOption {
-      type = types.listOf types.attrs;
-      default = [];
-      example = [
-        { urlPath = "/nix";
-          dir = "/home/eelco/Dev/nix-homepage";
-        }
-      ];
-      description = ''
-        This option provides a simple way to serve static directories.
-      '';
-    };
-
-    servedFiles = mkOption {
-      type = types.listOf types.attrs;
-      default = [];
-      example = [
-        { urlPath = "/foo/bar.png";
-          file = "/home/eelco/some-file.png";
-        }
-      ];
-      description = ''
-        This option provides a simple way to serve individual, static files.
-
-        <note><para>
-          This option has been deprecated and will be removed in a future
-          version of NixOS. You can achieve the same result by making use of
-          the <literal>locations.&lt;name&gt;.alias</literal> option.
-        </para></note>
-      '';
-    };
-
-    extraConfig = mkOption {
-      type = types.lines;
-      default = "";
-      example = ''
-        <Directory /home>
-          Options FollowSymlinks
-          AllowOverride All
-        </Directory>
-      '';
-      description = ''
-        These lines go to httpd.conf verbatim. They will go after
-        directories and directory aliases defined by default.
-      '';
-    };
-
-    enableUserDir = mkOption {
-      type = types.bool;
-      default = false;
-      description = ''
-        Whether to enable serving <filename>~/public_html</filename> as
-        <literal>/~<replaceable>username</replaceable></literal>.
-      '';
-    };
-
-    globalRedirect = mkOption {
-      type = types.nullOr types.str;
-      default = null;
-      example = "http://newserver.example.org/";
-      description = ''
-        If set, all requests for this host are redirected permanently to
-        the given URL.
-      '';
-    };
-
-    logFormat = mkOption {
-      type = types.str;
-      default = "common";
-      example = "combined";
-      description = ''
-        Log format for Apache's log files. Possible values are: combined, common, referer, agent.
-      '';
-    };
-
-    robotsEntries = mkOption {
-      type = types.lines;
-      default = "";
-      example = "Disallow: /foo/";
-      description = ''
-        Specification of pages to be ignored by web crawlers. See <link
-        xlink:href='http://www.robotstxt.org/'/> for details.
-      '';
-    };
-
-    locations = mkOption {
-      type = with types; attrsOf (submodule (import ./location-options.nix));
-      default = {};
-      example = literalExpression ''
-        {
-          "/" = {
-            proxyPass = "http://localhost:3000";
-          };
-          "/foo/bar.png" = {
-            alias = "/home/eelco/some-file.png";
-          };
-        };
-      '';
-      description = ''
-        Declarative location config. See <link
-        xlink:href="https://httpd.apache.org/docs/2.4/mod/core.html#location"/> for details.
-      '';
-    };
-
-  };
-
-  config = {
-
-    locations = builtins.listToAttrs (map (elem: nameValuePair elem.urlPath { alias = elem.file; }) config.servedFiles);
-
-  };
-}
diff --git a/shell.nix b/shell.nix
index 5dd131b..406f86b 100644
--- a/shell.nix
+++ b/shell.nix
@@ -1,4 +1,4 @@
 { pkgs ? import <nixpkgs> {} }:
   pkgs.mkShell {
-    nativeBuildInputs = [ pkgs.postgresql_11 ];
+    nativeBuildInputs = with pkgs;[ postgresql_11 gnumake ];
 }