{ inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.05"; outputs = { self, nixpkgs }: { devShell.x86_64-linux = import ./shell.nix { pkgs = import nixpkgs { system = "x86_64-linux"; }; }; defaultPackage.x86_64-linux = let pkgs = import nixpkgs { system = "x86_64-linux"; }; lib = pkgs.lib; in pkgs.mediawiki.overrideAttrs ({ pname, ... }: rec { version = "1.27.0"; src = with lib; pkgs.fetchurl { url = "https://releases.wikimedia.org/mediawiki/${versions.majorMinor version}/${pname}-${version}.tar.gz"; sha256 = "sha256-x50AMSpLdJkn5PP5YAs7z5/pFKiYt/5PhRjp9Zro0Sg="; }; }); nixosConfigurations.container = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ ({ config, pkgs, lib, ... }: let mediaWikiOld = pkgs.mediawiki.overrideAttrs ({pname, ...}: rec { version = "1.35.6"; src = with lib; pkgs.fetchurl { url = "https://releases.wikimedia.org/mediawiki/${versions.majorMinor version}/${pname}-${version}.tar.gz"; sha256 = "sha256-XIRIclmP7PvXd7C+asN/W4gCeJqQ5Q6UBzp2xtxhkcQ="; }; }); in { imports = [ ./module/mediawiki.nix ]; boot.isContainer = true; # Let 'nixos-version --json' know about the Git revision # of this flake. system.configurationRevision = nixpkgs.lib.mkIf (self ? rev) self.rev; # Network configuration. networking.useDHCP = false; networking.firewall.allowedTCPPorts = [ 80 5432 ]; services.mysql = { enable = false; }; services.postgresql = let cfg = config.services.mediawiki; in { enable = true; enableTCPIP = true; package = pkgs.postgresql_11; ensureDatabases = [ cfg.database.name ]; ensureUsers = [{ name = cfg.database.user; ensurePermissions = { "DATABASE ${cfg.database.name}" = "ALL PRIVILEGES"; }; } ]; authentication = lib.mkForce '' # Generated file; do not edit! # TYPE DATABASE USER ADDRESS METHOD local all all trust host all all 127.0.0.1/32 trust host all all 10.233.2.1/32 trust host all all 169.254.155.231/32 trust host all all ::1/128 trust '';}; system.stateVersion = "22.05"; systemd.services.mediawiki-pg-init = let cfg = config.services.mymediawiki; stateDir = "/var/lib/mediawiki"; pkg = mediaWikiOld; inherit (lib) concatStringsSep literalExample mapAttrsToList optional optionals optionalString types; mediawikiConfig = config.services.phpfpm.pools.mediawiki.phpEnv.MEDIAWIKI_CONFIG; in { enable = true; wantedBy = [ "multi-user.target" ]; before = [ "phpfpm-mediawiki.service" ]; after = [ "postgresql.service" ]; script = '' if ! test -e "${stateDir}/secret.key"; then tr -dc A-Za-z0-9 /dev/null | head -c 64 > ${stateDir}/secret.key fi ${pkgs.php}/bin/php ${pkg}/share/mediawiki/maintenance/update.php --conf ${mediawikiConfig} --quick ''; serviceConfig = { Type = "oneshot"; User = "mediawiki"; Group = config.services.httpd.group; PrivateTmp = true; }; }; services.mymediawiki = { enable = true; package = mediaWikiOld; virtualHost = { hostName = "mediawiki"; adminAddr = "root@example.com"; }; #skins = { # Vector = "${mediaWikiOld}/share/mediawiki/skins/Vector"; # Hector = "${mediaWikiOld}/share/mediawiki/skins/Hector"; #}; extraConfig = '' $wgShowExceptionDetails = true; $wgDBserver = "/run/postgresql"; $wgDBport = "5432"; # $wgDBuser = "mediawiki"; # $wgDBname = "mediawiki"; $wgDBmwschema = "mediawiki"; ''; extensions = { # Interwiki = pkgs.fetchzip { # url = "https://extdist.wmflabs.org/dist/extensions/Interwiki-REL1_36-08fe37f.tar.gz"; # sha256 = "sha256-77uvw/ETPeRNYRcIl2KqowmJ9D9R9wyyltpy5Cu11L4="; # }; # Cite = pkgs.fetchzip { # url = "https://extdist.wmflabs.org/dist/extensions/Cite-REL1_36-77e6710.tar.gz"; # sha256 = "sha256-un6AjbqHre00a2IaEaUZnPPk+gMoet9pc+6mRLfh3I0="; # }; #DynamicPageList = pkgs.fetchzip { # url = "https://extdist.wmflabs.org/dist/extensions/DynamicPageList-REL1_36-6a4424f.tar.gz"; # sha256 = "sha256-HIl4EnUgiZQzUvWFF9e7enyAYWM4e16oRSYXMdtblic="; #}; #Scribunto = pkgs.fetchzip { # url = "https://extdist.wmflabs.org/dist/extensions/Scribunto-REL1_36-cc217d4.tar.gz"; # sha256 = "sha256-chFveLW4GdRmJbUE4Q2e2aEJ52zejpqF5B/YiZZ7L1k="; #}; #Lockdown = pkgs.fetchzip { # url = "https://extdist.wmflabs.org/dist/extensions/Lockdown-REL1_36-1a3d68d.tar.gz"; # sha256 = "sha256-AlJbXsqJfXqj0bU16fwxFSu0lfR+WzJxJiJSKp1keXk="; #}; }; passwordFile = pkgs.writeText "password" "topSecretF0rAll!!!!"; #database = { # type = "mysql"; # createLocally = true; #}; database = { type = "postgres"; # socket = "/run/postgresql"; # host = "localhost"; # port = 5432; user = "mediawiki"; name = "mediawiki"; passwordFile = pkgs.writeText "password" ""; }; }; }) ]; }; }; }