commit 4af0426bba3ea43ee54743e7064cdc4947d0b367 · pyrox.dev/nixpkgs

+31 -2

nixos/modules/services/web-apps/limesurvey.nix

···

       34
       34
        
         options.services.limesurvey = {

     

       35
       35
        
           enable = mkEnableOption (lib.mdDoc "Limesurvey web application");

     

       36
       36
        
       

     

       37
       37
       +
           encryptionKey = mkOption {

     

       38
       38
       +
             type = types.str;

     

       39
       39
       +
             default = "E17687FC77CEE247F0E22BB3ECF27FDE8BEC310A892347EC13013ABA11AA7EB5";

     

       40
       40
       +
             description = lib.mdDoc ''

     

       41
       41
       +
               This is a 32-byte key used to encrypt variables in the database.

     

       42
       42
       +
               You _must_ change this from the default value.

     

       43
       43
       +
             '';

     

       44
       44
       +
           };

     

       45
       45
       +
       

     

       46
       46
       +
           encryptionNonce = mkOption {

     

       47
       47
       +
             type = types.str;

     

       48
       48
       +
             default = "1ACC8555619929DB91310BE848025A427B0F364A884FFA77";

     

       49
       49
       +
             description = lib.mdDoc ''

     

       50
       50
       +
               This is a 24-byte nonce used to encrypt variables in the database.

     

       51
       51
       +
               You _must_ change this from the default value.

     

       52
       52
       +
             '';

     

       53
       53
       +
           };

     

       54
       54
       +
       

     

       37
       55
        
           database = {

     

       38
       56
        
             type = mkOption {

     

       39
       57
        
               type = types.enum [ "mysql" "pgsql" "odbc" "mssql" ];

     

       40
       58
        
               example = "pgsql";

     

       41
       59
        
               default = "mysql";

     

       42
       60
        
               description = lib.mdDoc "Database engine to use.";

     

       61
       61
       +
             };

     

       62
       62
       +
       

     

       63
       63
       +
             dbEngine = mkOption {

     

       64
       64
       +
               type = types.enum [ "MyISAM" "InnoDB" ];

     

       65
       65
       +
               default = "InnoDB";

     

       66
       66
       +
               description = lib.mdDoc "Database storage engine to use.";

     

       43
       67
        
             };

     

       44
       68
        
       

     

       45
       69
        
             host = mkOption {

     
···

       180
       204
        
             config = {

     

       181
       205
        
               tempdir = "${stateDir}/tmp";

     

       182
       206
        
               uploaddir = "${stateDir}/upload";

     

       207
       207
       +
               encryptionnonce = cfg.encryptionNonce;

     

       208
       208
       +
               encryptionsecretboxkey = cfg.encryptionKey;

     

       183
       209
        
               force_ssl = mkIf (cfg.virtualHost.addSSL || cfg.virtualHost.forceSSL || cfg.virtualHost.onlySSL) "on";

     

       184
       210
        
               config.defaultlang = "en";

     

       185
       211
        
             };

     
···

       200
       226
        
       

     

       201
       227
        
           services.phpfpm.pools.limesurvey = {

     

       202
       228
        
             inherit user group;

     

       229
       229
       +
             phpPackage = pkgs.php80;

     

       230
       230
       +
             phpEnv.DBENGINE = "${cfg.database.dbEngine}";

     

       203
       231
        
             phpEnv.LIMESURVEY_CONFIG = "${limesurveyConfig}";

     

       204
       232
        
             settings = {

     

       205
       233
        
               "listen.owner" = config.services.httpd.user;

     
···

       256
       284
        
             wantedBy = [ "multi-user.target" ];

     

       257
       285
        
             before = [ "phpfpm-limesurvey.service" ];

     

       258
       286
        
             after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";

     

       287
       287
       +
             environment.DBENGINE = "${cfg.database.dbEngine}";

     

       259
       288
        
             environment.LIMESURVEY_CONFIG = limesurveyConfig;

     

       260
       289
        
             script = ''

     

       261
       290
        
               # update or install the database as required

     

       262
       262
       -
               ${pkgs.php}/bin/php ${pkg}/share/limesurvey/application/commands/console.php updatedb || \

     

       263
       263
       -
               ${pkgs.php}/bin/php ${pkg}/share/limesurvey/application/commands/console.php install admin password admin admin@example.com verbose

     

       291
       291
       +
               ${pkgs.php80}/bin/php ${pkg}/share/limesurvey/application/commands/console.php updatedb || \

     

       292
       292
       +
               ${pkgs.php80}/bin/php ${pkg}/share/limesurvey/application/commands/console.php install admin password admin admin@example.com verbose

     

       264
       293
        
             '';

     

       265
       294
        
             serviceConfig = {

     

       266
       295
        
               User = user;

+2 -6

pkgs/servers/limesurvey/default.nix

···

       2
       2
        
       

     

       3
       3
        
       stdenv.mkDerivation rec {

     

       4
       4
        
         pname = "limesurvey";

     

       5
       5
       -
         version = "3.27.33+220125";

     

       5
       5
       +
         version = "5.6.9+230306";

     

       6
       6
        
       

     

       7
       7
        
         src = fetchFromGitHub {

     

       8
       8
        
           owner = "LimeSurvey";

     

       9
       9
        
           repo = "LimeSurvey";

     

       10
       10
        
           rev = version;

     

       11
       11
       -
           sha256 = "sha256-iwTsn+glh8fwt1IaH9iDKDhEAnx1s1zvv1dmsdzUk8g=";

     

       11
       11
       +
           hash = "sha256-FBcpP9Zb4flr1AZlocRW8xx9UCXJAU9aaGXcWQE6iWc=";

     

       12
       12
        
         };

     

       13
       13
        
       

     

       14
       14
        
         phpConfig = writeText "config.php" ''

     
···

       37
       37
        
           homepage = "https://www.limesurvey.org";

     

       38
       38
        
           maintainers = with maintainers; [offline];

     

       39
       39
        
           platforms = with platforms; unix;

     

       40
       40
       -
           knownVulnerabilities = [

     

       41
       41
       -
             "CVE-2022-48008"

     

       42
       42
       -
             "CVE-2022-48010"

     

       43
       43
       -
           ];

     

       44
       40
        
         };

     

       45
       41
        
       }