114 lines
4.5 KiB
Nix
114 lines
4.5 KiB
Nix
{
|
|
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.05";
|
|
|
|
outputs = { self, nixpkgs }: {
|
|
|
|
devShell.x86_64-linux = import ./shell.nix {
|
|
pkgs = import nixpkgs { system = "x86_64-linux"; };
|
|
};
|
|
|
|
nixosConfigurations.container = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules =
|
|
[ ({ config, pkgs, lib, ... }:
|
|
let
|
|
mediaWikiOld = pkgs.mediawiki.overrideAttrs ({pname, ...}: rec {
|
|
version = "1.38.1";
|
|
src = with lib; pkgs.fetchurl {
|
|
url = "https://releases.wikimedia.org/mediawiki/${versions.majorMinor version}/${pname}-${version}.tar.gz";
|
|
sha256 = "sha256-EXNlUloN7xsgnKUIV9ZXNrYlRbh3p1NIpXqF0SZDezE=";
|
|
};
|
|
});
|
|
in
|
|
{
|
|
#imports = [ ./module/mediawiki.nix ];
|
|
boot.isContainer = true;
|
|
|
|
# Let 'nixos-version --json' know about the Git revision
|
|
# of this flake.
|
|
system.configurationRevision = nixpkgs.lib.mkIf (self ? rev) self.rev;
|
|
|
|
# Network configuration.
|
|
networking.useDHCP = false;
|
|
networking.firewall.allowedTCPPorts = [ 80 5432 ];
|
|
|
|
services.postgresql =
|
|
let
|
|
cfg = config.services.mediawiki;
|
|
in {
|
|
enable = true;
|
|
enableTCPIP = true;
|
|
package = pkgs.postgresql_11;
|
|
ensureDatabases = [ cfg.database.name ];
|
|
|
|
ensureUsers = [{
|
|
name = cfg.database.user;
|
|
ensurePermissions = { "DATABASE ${cfg.database.name}" = "ALL PRIVILEGES"; };
|
|
}
|
|
];
|
|
authentication = lib.mkForce ''
|
|
# TYPE DATABASE USER ADDRESS METHOD
|
|
local all all trust
|
|
host all all 127.0.0.1/32 trust
|
|
host all all 10.233.2.1/32 trust
|
|
host all all 169.254.155.231/32 trust
|
|
host all all ::1/128 trust
|
|
'';};
|
|
|
|
system.stateVersion = "22.05";
|
|
|
|
services.mediawiki = let
|
|
cfg = config.services.mediawiki;
|
|
in {
|
|
enable = true;
|
|
package = mediaWikiOld;
|
|
virtualHost = {
|
|
hostName = "mediawiki";
|
|
adminAddr = "root@example.com";
|
|
};
|
|
#skins = {
|
|
# Vector = "${mediaWikiOld}/share/mediawiki/skins/Vector";
|
|
# Hector = "${mediaWikiOld}/share/mediawiki/skins/Hector";
|
|
#};
|
|
extraConfig = ''
|
|
$wgShowExceptionDetails = true;
|
|
$wgDBserver = "${cfg.database.socket}";
|
|
$wgDBmwschema = "mediawiki";
|
|
'';
|
|
extensions = {
|
|
Interwiki = pkgs.fetchzip {
|
|
url = "https://extdist.wmflabs.org/dist/extensions/Interwiki-REL1_38-223bbf8.tar.gz";
|
|
sha256 = "sha256-A4tQuISJNzzXPXJXv9N1jMat1VuZ7khYzk2jxoUqzIk=";
|
|
};
|
|
Cite = pkgs.fetchzip {
|
|
url = "https://extdist.wmflabs.org/dist/extensions/Cite-REL1_38-7fdd57d.tar.gz";
|
|
sha256 = "sha256-/s9byrAVjky0EeiokUEchG3ICw+Q2T6HLjbzHnl3uVE=";
|
|
};
|
|
#DynamicPageList = pkgs.fetchzip {
|
|
# url = "https://extdist.wmflabs.org/dist/extensions/DynamicPageList-REL1_38-3b7a26d.tar.gz";
|
|
# sha256 = "sha256-WjVLks0Q9hSN2poqbKzTJhvOXog7UHJqjY2WJ4Uc64o=";
|
|
#};
|
|
Scribunto = pkgs.fetchzip {
|
|
url = "https://extdist.wmflabs.org/dist/extensions/Scribunto-REL1_38-bd2f615.tar.gz";
|
|
sha256 = "sha256-e70P8/0CsWWftyh2LhFw/Fv3E34Bl8HIZxVszuUl8Pk=";
|
|
};
|
|
Lockdown = pkgs.fetchzip {
|
|
url = "https://extdist.wmflabs.org/dist/extensions/Lockdown-REL1_38-1915db4.tar.gz";
|
|
sha256 = "sha256-YCYsjh/3g2P8oT6IomP3UWjOoggH7jYjiiix7poOYnA=";
|
|
};
|
|
};
|
|
passwordFile = pkgs.writeText "password" "topSecretF0rAll!!!!";
|
|
database = {
|
|
type = "postgres";
|
|
socket = "/run/postgresql";
|
|
user = "mediawiki";
|
|
name = "mediawiki";
|
|
};
|
|
};
|
|
})
|
|
];
|
|
};
|
|
|
|
};
|
|
}
|