diff --git a/flake.nix b/flake.nix index 8db58b9..5a75d48 100755 --- a/flake.nix +++ b/flake.nix @@ -35,6 +35,7 @@ ./modules/nginx.nix ./modules/userdir.nix ./modules/hedgedoc.nix + ./modules/padlist.nix ./modules/postgres.nix ./modules/wiki.nix ./modules/ftp.nix diff --git a/modules/nginx.nix b/modules/nginx.nix index 76a34bc..f320fa9 100644 --- a/modules/nginx.nix +++ b/modules/nginx.nix @@ -1,6 +1,8 @@ { config, pkgs, ... }: { services.nginx = { + + additionalModules = [ pkgs.nginxModules.pam ]; enable = true; recommendedProxySettings = true; recommendedGzipSettings = true; @@ -30,4 +32,8 @@ email = "root@ifsr.de"; }; }; + security.pam.services.nginx.text = '' + auth required ${pkgs.nss_pam_ldapd}/lib/security/pam_ldap.so + account required ${pkgs.nss_pam_ldapd}/lib/security/pam_ldap.so + ''; } diff --git a/modules/padlist.nix b/modules/padlist.nix new file mode 100644 index 0000000..250dd59 --- /dev/null +++ b/modules/padlist.nix @@ -0,0 +1,53 @@ +# php pad lister tool written by jonas +{ pkgs, config, lib, ... }: +let + domain = "list.pad.${config.fsr.domain}"; +in +{ + services.phpfpm.pools.padlist = { + user = "hedgedoc"; + group = "hedgedoc"; + settings = { + "listen.owner" = config.services.nginx.user; + "pm" = "dynamic"; + "pm.max_children" = 32; + "pm.max_requests" = 500; + "pm.start_servers" = 2; + "pm.min_spare_servers" = 2; + "pm.max_spare_servers" = 5; + "php_admin_value[error_log]" = "stderr"; + "php_admin_flag[log_errors]" = true; + "catch_workers_output" = true; + }; + phpEnv."PATH" = lib.makeBinPath [ pkgs.php ]; + }; + + services.nginx = { + virtualHosts.${domain} = { + root = pkgs.callPackage ../pkgs/padlist { }; + enableACME = true; + forceSSL = true; + extraConfig = '' + auth_pam "LDAP Authentication Required"; + auth_pam_service_name "nginx"; + ''; + locations = { + "= /" = { + extraConfig = '' + rewrite ^ /index.php; + ''; + }; + "~ \.php$" = { + extraConfig = '' + try_files $uri =404; + fastcgi_pass unix:${config.services.phpfpm.pools.padlist.socket}; + fastcgi_index index.php; + include ${pkgs.nginx}/conf/fastcgi_params; + include ${pkgs.nginx}/conf/fastcgi.conf; + ''; + }; + }; + }; + }; + +} diff --git a/pkgs/padlist/default.nix b/pkgs/padlist/default.nix new file mode 100644 index 0000000..e3f4640 --- /dev/null +++ b/pkgs/padlist/default.nix @@ -0,0 +1,10 @@ +{ stdenvNoCC, ... }: +stdenvNoCC.mkDerivation { + name = "padlister"; + src = ./.; + phases = [ "unpackPhase" "installPhase" ]; + installPhase = '' + mkdir -p $out + cp -r $src/index.php $out + ''; +} diff --git a/pkgs/padlist/index.php b/pkgs/padlist/index.php new file mode 100644 index 0000000..9a3eb6d --- /dev/null +++ b/pkgs/padlist/index.php @@ -0,0 +1,79 @@ +getMessage(); + die(); +} + +$query = 'SELECT "Notes".title, "Notes"."updatedAt", "Notes"."shortid", "Users".profile FROM "Notes" JOIN "Users" ON "Notes"."ownerId" = "Users".id WHERE permission = \'freely\' OR permission = \'editable\' OR permission = \'limited\' ORDER BY "Notes"."updatedAt" DESC'; +try { + $stmt = $dbh->query($query); + $rows = $stmt->fetchAll(PDO::FETCH_ASSOC); +} catch (PDOException $e) { + echo "Error: " . $e->getMessage(); + die(); +} + +function formatDateString($stringDate) +{ + $datetime = DateTime::createFromFormat('Y-m-d H:i:s.uP', $stringDate); + $formattedDate = $datetime->format('d.m.Y H:i'); + return $formattedDate; +} +?> + + + + + + + + + Pad lister + + + + + +
+

+ + + + + + + + + + + + + + + +
TitelOwnerLast edit
+ + + username ?> + + +
+

+
+ + + \ No newline at end of file